# This file was generated from template 'codesonar/presets/owasp2025.conf.in' # # Configuration settings required by one or more OWASP Top 10, 2025 checks. # # This part of this file was generated from 'cso_wcmanifest.py' # # At least one of the classes enabled by this preset requires unnormalized C ASTs RETAIN_UNNORMALIZED_C_AST = Yes # OWASP-2025:A01: Broken Access Control # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Accessing File in Permissive Mode (Java)" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="Actual Parameter Element may be null (C#)" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="Actual Parameter Element may be null (Java)" # OWASP-2025:A04: Cryptographic Failures # OWASP-2025:A05: Injection WARNING_FILTER += allow class="Android Message Injection (Java)" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A04: Cryptographic Failures # OWASP-2025:A05: Injection WARNING_FILTER += allow class="Android URL Injection (Java)" # OWASP-2025:A07: Authentication Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Anonymous LDAP Authentication (C#)" # OWASP-2025:A07: Authentication Failures # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Anonymous LDAP Authentication (Java)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Arctangent Domain Error" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Argument Too High" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Argument Too Low" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Arguments Out of Order (Pylint)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Array Parameter Empty (Java)" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Array Parameter Mismatch" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Bad Except Order (Pylint)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Bad Exception Cause (Pylint)" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Bad Open Mode (Pylint)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Bad Thread Instantiation (Pylint)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Bare Except (Pylint)" # OWASP-2025:A08: Software or Data Integrity Failures # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Bidirectional Unicode (Pylint)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Binary Op Exception (Pylint)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Branch Into Handler" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Branch Into try Block" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Broad Exception Caught (Pylint)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Broad Exception Raised (Pylint)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Broad Throws Clause (Java)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Call Might Return Null (C#)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Call Might Return Null (Java)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Catching Non Exception (Pylint)" # OWASP-2025:A01: Broken Access Control WARNING_FILTER += allow class="Certificate Added to Root Store (C#)" # OWASP-2025:A01: Broken Access Control WARNING_FILTER += allow class="Certificate Added to Root Store (Java)" # OWASP-2025:A02: Security Misconfiguration # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Class Enables Debug Features (C#)" # OWASP-2025:A02: Security Misconfiguration # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Class Enables Debug Features (Java)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Ada # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Code Injection (Ada)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Code Injection (C#)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Code Injection (Java)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Command Injection" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Ada # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Command Injection (Ada)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Command Injection (C#)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Command Injection (Java)" # OWASP-2025:A01: Broken Access Control WARNING_FILTER += allow class="Commented-out Code" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Confusing With Statement (Pylint)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Continue in Finally (Pylint)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Ada # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Cross Site Scripting (Ada)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Cross Site Scripting (C#)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Cross Site Scripting (Java)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Cross Site Scripting In Error Message Web Page (C#)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Cross Site Scripting In Error Message Web Page (Java)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Cryptographic Algorithm with Risky Default Cipher (C#)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Cryptographic Algorithm with Risky Default Cipher (Java)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Cryptographic Algorithm with Weak Cipher (C#)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Cryptographic Algorithm with Weak Cipher (Java)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Cryptographic Algorithm with Weak Hash (C#)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Cryptographic Algorithm with Weak Hash (Java)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="DLL Injection (C#)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="DLL Injection (Java)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="DOS Injection (C#)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="DOS Injection (Java)" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Data Race" # OWASP-2025:A02: Security Misconfiguration # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Debug Call (C#)" # OWASP-2025:A02: Security Misconfiguration # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Debug Call (Java)" # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A09: Security Logging and Alerting Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Debug Warning (C#)" # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A09: Security Logging and Alerting Failures # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Debug Warning (Java)" # OWASP-2025:A04: Cryptographic Failures WARNING_FILTER += allow class="Default Initialization of Random Number Generator" # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Deprecated Cryptography Provider (C#)" # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Deprecated Cryptography Provider (Java)" # OWASP-2025:A03: Software Supply Chain Failures # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Deprecated Method (Pylint)" # OWASP-2025:A03: Software Supply Chain Failures # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Deprecated Module (Pylint)" # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A04: Cryptographic Failures WARNING_FILTER += allow class="Deprecated Transfer Protocol (C#)" # OWASP-2025:A02: Security Misconfiguration # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A04: Cryptographic Failures WARNING_FILTER += allow class="Deprecated Transfer Protocol (Java)" # OWASP-2025:A08: Software or Data Integrity Failures WARNING_FILTER += allow class="Deserializable Class (Java)" # OWASP-2025:A08: Software or Data Integrity Failures WARNING_FILTER += allow class="Deserializing Non-Serializable Class (Java)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Dict Iter Missing Items (Pylint)" # OWASP-2025:A05: Injection WARNING_FILTER += allow class="Disabled Input Validation (C#)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Division By Zero" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Ada # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Division By Zero (Ada)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Duplicate Except (Pylint)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Empty Catch Block (detekt)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Empty Exception Handler (C#)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Empty Exception Handler (Java)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Encryption without Padding" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Eval Used (Pylint)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Ada # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Exception Always Raised (Ada)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Exception Information Disclosure (C#)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Exception Information Disclosure (Java)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Exception Raised in Unexpected Location (detekt)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Exec Used (Pylint)" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="Field Element may be null (deep) (C#)" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="Field Element may be null (deep) (Java)" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="Field may be null (deep) (C#)" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="Field may be null (deep) (Java)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="File System Race Condition" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Float Division By Zero" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Ada # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Float Division By Zero (Ada)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Floating Point Domain Error" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Floating Point Range Error" # OWASP-2025:A03: Software Supply Chain Failures # This check is enabled by default for the language(s) Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Forbidden Import (detekt)" # OWASP-2025:A03: Software Supply Chain Failures # This check is enabled by default for the language(s) Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Forbidden Method Call (detekt)" # OWASP-2025:A02: Security Misconfiguration # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Forgotten Debug Statement (Pylint)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Format Needs Mapping (Pylint)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Format String Injection" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Format String Injection (C#)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Format String Injection (Java)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Format String Type Error" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Fragment Injection (Java)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Function Call Has No Effect" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Gamma on Zero" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Generic Exception Handler (C#)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Generic Exception Handler (Java)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="GlobalHandle on GMEM_FIXED Memory" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="GlobalLock on GMEM_FIXED Memory" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="GlobalUnlock on GMEM_FIXED Memory" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A02: Security Misconfiguration # OWASP-2025:A07: Authentication Failures # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Hardcoded Authentication" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A02: Security Misconfiguration # OWASP-2025:A04: Cryptographic Failures # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Hardcoded Crypto Key" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A02: Security Misconfiguration # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Hardcoded Crypto Salt" # OWASP-2025:A04: Cryptographic Failures # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Hardcoded Cryptographic Key (C#)" # OWASP-2025:A04: Cryptographic Failures # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Hardcoded Cryptographic Key (Java)" # OWASP-2025:A02: Security Misconfiguration # OWASP-2025:A08: Software or Data Integrity Failures WARNING_FILTER += allow class="Hardcoded DNS Name" # OWASP-2025:A02: Security Misconfiguration # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Hardcoded Filename (C#)" # OWASP-2025:A02: Security Misconfiguration # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Hardcoded Filename (Java)" # OWASP-2025:A02: Security Misconfiguration WARNING_FILTER += allow class="Hardcoded IP Address (C#)" # OWASP-2025:A02: Security Misconfiguration WARNING_FILTER += allow class="Hardcoded IP Address (Java)" # OWASP-2025:A06: Insecure Design # OWASP-2025:A07: Authentication Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Hardcoded Password (C#)" # OWASP-2025:A06: Insecure Design # OWASP-2025:A07: Authentication Failures # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Hardcoded Password (Java)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Hardcoded Random Seed (C#)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Hardcoded Random Seed (Java)" # OWASP-2025:A02: Security Misconfiguration # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Hardcoded Seed in PRNG" # OWASP-2025:A07: Authentication Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Hostname in Condition (C#)" # OWASP-2025:A07: Authentication Failures # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Hostname in Condition (Java)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Ignored Return Value" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Ignored Return Value (C#)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Ignored Return Value (Java)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Ignored Return Value (detekt)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Ignored Return Value for Pure Function (C#)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Ignored Return Value for Pure Function (Java)" # OWASP-2025:A04: Cryptographic Failures WARNING_FILTER += allow class="Inadequate Salt (C#)" # OWASP-2025:A04: Cryptographic Failures WARNING_FILTER += allow class="Inadequate Salt (Java)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Inappropriate Exception Handler (C#)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Inappropriate Exception Handler (Java)" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Incorrect Privilege Assignment" # OWASP-2025:A02: Security Misconfiguration # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Insecure Cookie (C#)" # OWASP-2025:A02: Security Misconfiguration # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Insecure Cookie (Java)" # OWASP-2025:A04: Cryptographic Failures # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Insecure Key Derivation (C#)" # OWASP-2025:A04: Cryptographic Failures # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Insecure Key Derivation (Java)" # OWASP-2025:A04: Cryptographic Failures # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Insecure Random Number Generator (C#)" # OWASP-2025:A04: Cryptographic Failures # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Insecure Random Number Generator (Java)" # OWASP-2025:A02: Security Misconfiguration # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Insecure XSLT Execution (C#)" # OWASP-2025:A02: Security Misconfiguration # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Insecure XSLT Execution (Java)" # OWASP-2025:A07: Authentication Failures # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Insecure verifier Override for Hostname (Java)" # OWASP-2025:A07: Authentication Failures # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Insecure verify Override for Certificate (Java)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Instance of Check for Exception (detekt)" # OWASP-2025:A08: Software or Data Integrity Failures # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Invalid Character Backspace (Pylint)" # OWASP-2025:A08: Software or Data Integrity Failures # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Invalid Character Carriage Return (Pylint)" # OWASP-2025:A08: Software or Data Integrity Failures # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Invalid Character Esc (Pylint)" # OWASP-2025:A08: Software or Data Integrity Failures # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Invalid Character Nul (Pylint)" # OWASP-2025:A08: Software or Data Integrity Failures # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Invalid Character Sub (Pylint)" # OWASP-2025:A08: Software or Data Integrity Failures # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Invalid Character Zero Width Space (Pylint)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Invalid Envvar Value (Pylint)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Invalid Unary Operand Type (Pylint)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Isinstance Second Argument Not Valid Type (Pylint)" # OWASP-2025:A01: Broken Access Control # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="JavaScript Enabled (Java)" # OWASP-2025:A01: Broken Access Control # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="JavaScript File Access from File URLs (Java)" # OWASP-2025:A01: Broken Access Control # This check is enabled by default for the language(s) Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="KDoc References Non Public Property (detekt)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Keyword Arg Before Vararg (Pylint)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Kwarg Superseded By Positional Arg (Pylint)" # OWASP-2025:A07: Authentication Failures # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="LDAP Authentication Disabled (Java)" # OWASP-2025:A05: Injection # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="LDAP Injection" # OWASP-2025:A04: Cryptographic Failures # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Legacy Random Generator (C#)" # OWASP-2025:A04: Cryptographic Failures # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Legacy Random Generator (Java)" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Library Function Override" # OWASP-2025:A05: Injection # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Library Injection" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="LocalHandle on LMEM_FIXED Memory" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="LocalLock on LMEM_FIXED Memory" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="LocalUnlock on LMEM_FIXED Memory" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Logarithm on Negative Value" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Logarithm on Zero" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Logging Format Truncated (Pylint)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Logging Too Few Args (Pylint)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Logging Too Many Args (Pylint)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Logging Unsupported Format (Pylint)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Lost Exception (Pylint)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="MAX_PATH Exceeded" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="Malformed switch Statement" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Masked by Default Handler" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Masked by Handler" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Method Disables Security Setting (C#)" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Method Disables Security Setting (Java)" # OWASP-2025:A02: Security Misconfiguration # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Method Enables Debug Features (C#)" # OWASP-2025:A02: Security Misconfiguration # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Method Enables Debug Features (Java)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Method Names Differ Only in Case (C#)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Method Names Differ Only in Case (Java)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Method Should Not Return null (C#)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Method Should Not Return null (Java)" # OWASP-2025:A05: Injection WARNING_FILTER += allow class="Method Should be final (C#)" # OWASP-2025:A05: Injection WARNING_FILTER += allow class="Method Should be final (Java)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Misplaced Format Function (Pylint)" # OWASP-2025:A07: Authentication Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Missing Authentication Annotation (C#)" # OWASP-2025:A07: Authentication Failures # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Missing Authentication Annotation (Java)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Missing Call to super (Java)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Missing Format Argument Key (Pylint)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Missing Format Attribute (Pylint)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Missing Format String Key (Pylint)" # OWASP-2025:A01: Broken Access Control # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Missing JavaScript Entry Point (Java)" # OWASP-2025:A01: Broken Access Control # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Missing JavaScript Execution (Java)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Missing Kwoa (Pylint)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Missing Required Cryptographic Step (C#)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Missing Required Cryptographic Step (Java)" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="Missing break" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="Missing default" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Missing synchronized Statement (Java)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Negative Character Value" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Negative file descriptor" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="No Value for Parameter (Pylint)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Non-overriding Method Signature (C#)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Non-overriding Method Signature (Java)" # OWASP-2025:A09: Security Logging and Alerting Failures WARNING_FILTER += allow class="Not Enough Assertions" # OWASP-2025:A02: Security Misconfiguration # This check is enabled by default for the language(s) Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Not Implemented Declaration (detekt)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Not a Mapping (Pylint)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Not an Iterable (Pylint)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Notimplemented Raised (Pylint)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Null Check on Mutable Property (detekt)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Null Parameter Dereference (C#)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Null Parameter Dereference (Java)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Null Pointer Dereference" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Ada # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Null Pointer Dereference (Ada)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Null Pointer Dereference (C#)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Null Pointer Dereference (Java)" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="Null Pointer Dereference (deep) (C#)" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="Null Pointer Dereference (deep) (Java)" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Null Security Descriptor" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Nullable to String Call (detekt)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Ada # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="OS Command Injection (Ada)" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Open Redirect (C#)" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Open Redirect (Java)" # OWASP-2025:A06: Insecure Design # OWASP-2025:A07: Authentication Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Password in Property File (C#)" # OWASP-2025:A06: Insecure Design # OWASP-2025:A07: Authentication Failures # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Password in Property File (Java)" # OWASP-2025:A01: Broken Access Control # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Permissive File Mode (Java)" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A04: Cryptographic Failures # OWASP-2025:A06: Insecure Design # OWASP-2025:A07: Authentication Failures # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Plaintext Storage of Password" # OWASP-2025:A04: Cryptographic Failures # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Plaintext Transmission of Password" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Positional Only Arguments Expected (Pylint)" # OWASP-2025:A02: Security Misconfiguration # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Possible XML External Entity Reference (C#)" # OWASP-2025:A02: Security Misconfiguration # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Possible XML External Entity Reference (Java)" # OWASP-2025:A08: Software or Data Integrity Failures # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Potential LDAP Poisoning (Java)" # OWASP-2025:A08: Software or Data Integrity Failures WARNING_FILTER += allow class="Potential Timebomb" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Predictable Seed in PRNG" # OWASP-2025:A03: Software Supply Chain Failures # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Preferred Module (Pylint)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Raises FE_INVALID" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Raising Bad Type (Pylint)" # OWASP-2025:A06: Insecure Design # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Raising Format Tuple (Pylint)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Raising Non Exception (Pylint)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Redundant Keyword Arg (Pylint)" # OWASP-2025:A08: Software or Data Integrity Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Reflection Bypasses Member Accessibility (C#)" # OWASP-2025:A08: Software or Data Integrity Failures # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Reflection Bypasses Member Accessibility (Java)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Reflection Injection (C#)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Reflection Injection (Java)" # OWASP-2025:A08: Software or Data Integrity Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Reflection Modifies Member Accessibility (C#)" # OWASP-2025:A08: Software or Data Integrity Failures # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Reflection Modifies Member Accessibility (Java)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Repeated Keyword (Pylint)" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="Return Value may Contain null Element (C#)" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="Return Value may Contain null Element (Java)" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="Return Value may be null (C#)" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="Return Value may be null (Java)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Return null Array (C#)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Return null Array (Java)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Return null Boolean (Java)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Return null Optional (Java)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Risky Cipher Algorithm (C#)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Risky Cipher Algorithm (Java)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Risky Cipher Field (C#)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Risky Cipher Field (Java)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Risky Cryptographic Algorithm (C#)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Risky Cryptographic Algorithm (Java)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Risky Cryptographic Field (C#)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Risky Cryptographic Field (Java)" # OWASP-2025:A01: Broken Access Control # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Risky JavaScript Interface (Java)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="SQL Injection" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Ada # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="SQL Injection (Ada)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="SQL Injection (C#)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="SQL Injection (Java)" # OWASP-2025:A01: Broken Access Control WARNING_FILTER += allow class="Security Annotation Conflict (C#)" # OWASP-2025:A01: Broken Access Control WARNING_FILTER += allow class="Security Annotation Conflict (Java)" # OWASP-2025:A01: Broken Access Control WARNING_FILTER += allow class="Sensitive Data Cached (Java)" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Sensitive Data Written to External Storage (Java)" # OWASP-2025:A01: Broken Access Control WARNING_FILTER += allow class="Sensitive Data Written to Local File (Java)" # OWASP-2025:A08: Software or Data Integrity Failures WARNING_FILTER += allow class="Serialization Not Disabled (Java)" # OWASP-2025:A05: Injection WARNING_FILTER += allow class="Static Field Too Visible (Java)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Super Without Brackets (Pylint)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Suspend Fun Swallowed Cancellation (detekt)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Swallowed Exception (detekt)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Synchronization on Interned String (Java)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Synchronization on static (Java)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted @Trusted Value (C#)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted @Trusted Value (Java)" # OWASP-2025:A05: Injection WARNING_FILTER += allow class="Tainted Allocation Size" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Allocation Size (C#)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Allocation Size (Java)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Buffer Access" # OWASP-2025:A05: Injection # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Bundle (C#)" # OWASP-2025:A05: Injection # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Bundle (Java)" # OWASP-2025:A02: Security Misconfiguration # OWASP-2025:A05: Injection WARNING_FILTER += allow class="Tainted Configuration Setting" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Control (C#)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Control (Java)" # OWASP-2025:A05: Injection # OWASP-2025:A08: Software or Data Integrity Failures # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Data in Vulnerable Method (Java)" # OWASP-2025:A05: Injection # OWASP-2025:A08: Software or Data Integrity Failures # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Environment Variable" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Expression Evaluation (C#)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Expression Evaluation (Java)" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A05: Injection # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Tainted Filename" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A05: Injection # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Ada # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Filename (Ada)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted HTTP Response (C#)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted HTTP Response (Java)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Hardware Device Property (C#)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Hardware Device Property (Java)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted LDAP Attribute (C#)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted LDAP Attribute (Java)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted LDAP Filter (C#)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted LDAP Filter (Java)" # OWASP-2025:A05: Injection # OWASP-2025:A09: Security Logging and Alerting Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Log (C#)" # OWASP-2025:A05: Injection # OWASP-2025:A09: Security Logging and Alerting Failures # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Log (Java)" # OWASP-2025:A04: Cryptographic Failures # OWASP-2025:A05: Injection # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Message (C#)" # OWASP-2025:A04: Cryptographic Failures # OWASP-2025:A05: Injection # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Message (Java)" # OWASP-2025:A05: Injection WARNING_FILTER += allow class="Tainted Network Address" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Network Address (C#)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Network Address (Java)" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A05: Injection # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Path (C#)" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A05: Injection # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Path (Java)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Regular Expression (C#)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Regular Expression (Java)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Resource (C#)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Resource (Java)" # OWASP-2025:A05: Injection # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Session (C#)" # OWASP-2025:A05: Injection # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Session (Java)" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted URL (C#)" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted URL (Java)" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A05: Injection WARNING_FILTER += allow class="Tainted Write" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted XAML (C#)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted XAML (Java)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted XML (C#)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted XML (Java)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Xpath (C#)" # OWASP-2025:A05: Injection # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Tainted Xpath (Java)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Throwing Exception From Finally (detekt)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Throwing Exception in Main (detekt)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Throwing New Instance of Same Exception (detekt)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Throws Count (detekt)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Too Few Format Args (Pylint)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Too Generic Exception Caught (detekt)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Too Generic Exception Thrown (detekt)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Too Many Format Args (Pylint)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Too Many Function Args (Pylint)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Truncated Format String (Pylint)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Try Except Raise (Pylint)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Type Mismatch" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="Unchecked Parameter Dereference" language=c # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Unchecked Parameter Dereference (C#)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Unchecked Parameter Dereference (Java)" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="Unchecked Parameter Dereference (deep) (C#)" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="Unchecked Parameter Dereference (deep) (Java)" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="Unchecked Parameter Element Dereference (deep) (C#)" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="Unchecked Parameter Element Dereference (deep) (Java)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Undefined Power of Zero" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Unexpected Keyword Arg (Pylint)" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Unguarded Field (Java)" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Unguarded Method (Java)" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Unguarded Parameter (Java)" # OWASP-2025:A01: Broken Access Control # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Universal JavaScript Access to File URLs (Java)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Unreasonable Size Argument" # OWASP-2025:A04: Cryptographic Failures # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Unsafe Base64 Encoding (C#)" # OWASP-2025:A04: Cryptographic Failures # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Unsafe Base64 Encoding (Java)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Unsafe Call on Nullable Type (detekt)" # OWASP-2025:A07: Authentication Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Unsafe Session Expiration Time (C#)" # OWASP-2025:A07: Authentication Failures # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Unsafe Session Expiration Time (Java)" # OWASP-2025:A05: Injection WARNING_FILTER += allow class="Untrusted Library Load" # OWASP-2025:A05: Injection # OWASP-2025:A08: Software or Data Integrity Failures WARNING_FILTER += allow class="Untrusted Network Host" # OWASP-2025:A05: Injection # OWASP-2025:A08: Software or Data Integrity Failures WARNING_FILTER += allow class="Untrusted Network Port" # OWASP-2025:A05: Injection WARNING_FILTER += allow class="Untrusted Process Creation" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of Function" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of Function" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of Exception Handling Function" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of " # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of Input/Output Macro" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of Allocator/Deallocator" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of " # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of Time/Date Function" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of Input/Output" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of Input/Output Macro" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of AddAccessAllowedAce" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of AddAccessDeniedAce" # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of AfxLoadLibrary" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of AfxParseURL" # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of CoLoadLibrary" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of Condition Variable Signal" # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of CreateFile" # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of CreateProcess" # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of CreateThread" # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of FormatMessage" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use of GetTempFileName" # OWASP-2025:A01: Broken Access Control # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use of Hardware ID (Java)" # OWASP-2025:A04: Cryptographic Failures WARNING_FILTER += allow class="Use of Hash without a Salt (C#)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use of Hash without a Salt (Java)" # OWASP-2025:A07: Authentication Failures # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use of Insecure verify for Certificate (Java)" # OWASP-2025:A07: Authentication Failures # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use of Insecure verify for Hostname (Java)" # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of LoadLibrary" # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of LoadModule" # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of MoveFile" # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of OemToAnsi" # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of OemToChar" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of SHCreateProcessAsUserW" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use of Same Seed (C#)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) Java # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use of Same Seed (Java)" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of ShellExecute" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of StrCatChainW" # OWASP-2025:A04: Cryptographic Failures # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use of Weak Cryptographic Algorithm" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of WinExec" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of _exec" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of _spawn" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of abort" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of atof" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of atoi" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of atol" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of atoll" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of bsearch" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of catopen" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of chroot" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A04: Cryptographic Failures # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use of crypt" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of cuserid" # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use of drem" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of execlp" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of execvp" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of exit" # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use of gamma" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of getenv" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of getlogin" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of getopt" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of getpass" # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use of gets" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of getwd" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of longjmp" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of memset" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of mkstemp" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use of mktemp" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of popen" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of pthread_kill" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of putenv" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of qsort" # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A04: Cryptographic Failures # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of rand" # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A04: Cryptographic Failures # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of rand48 Function" # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A04: Cryptographic Failures # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of random" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of realloc" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of realpath" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of recvmsg" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of setjmp" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of setuid" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of signal" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of strcat" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of strchr" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of strcmp" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of strcoll" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of strcpy" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of strcspn" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of strlen" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of strpbrk" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of strrchr" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of strspn" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of strstr" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of strtok" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of strtrns" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of syslog" # OWASP-2025:A05: Injection # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of system" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of t_open" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use of tmpfile" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of tmpfile_s" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++, x86, x86_64 # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Use of tmpnam" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of tmpnam_s" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of ttyname" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Use of vfork" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="Useless null Test of Return Value (C#)" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="Useless null Test of Return Value (Java)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Weak Cryptographic Value (C#)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Weak Cryptographic Value (Java)" # OWASP-2025:A01: Broken Access Control # OWASP-2025:A03: Software Supply Chain Failures # OWASP-2025:A04: Cryptographic Failures # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="Weak Cryptography" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Weak Hash Algorithm (C#)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Weak Hash Algorithm (Java)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Weak Hash Algorithm Field (C#)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Weak Hash Algorithm Field (Java)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Weak Initialization Vector Field (C#)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Weak Initialization Vector Field (Java)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) C# # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Weak Initialization Vector Value (C#)" # OWASP-2025:A04: Cryptographic Failures # This check is enabled by default for the language(s) Java, Kotlin # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Weak Initialization Vector Value (Java)" # OWASP-2025:A10: Mishandling of Exceptional Conditions # This check is enabled by default for the language(s) Python # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="Wrong Exception Operation (Pylint)" # OWASP-2025:A06: Insecure Design WARNING_FILTER += allow class="chroot without chdir" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="cosh on High Number" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="cosh on Low Number" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="null Passed to Method (deep) (C#)" # OWASP-2025:A10: Mishandling of Exceptional Conditions WARNING_FILTER += allow class="null Passed to Method (deep) (Java)" # OWASP-2025:A06: Insecure Design # This check is enabled by default for the language(s) C, C++ # It may remain in effect even if the following line is commented out. WARNING_FILTER += allow class="sqrt on Negative Value" # # The remainder of this file was generated from template 'codesonar/presets/owasp2025.conf.in' #