Skip to content

Suppress persistent CodeQL pending-intent false positives#37

Merged
r0073rr0r merged 1 commit into
mainfrom
fix/codeql-implicit-pendingintent
Apr 20, 2026
Merged

Suppress persistent CodeQL pending-intent false positives#37
r0073rr0r merged 1 commit into
mainfrom
fix/codeql-implicit-pendingintent

Conversation

@r0073rr0r

Copy link
Copy Markdown
Contributor

Adds line-level lgtm suppressions for java/android/implicit-pendingintents on the exact persistent false-positive sinks linked to alerts #1, #2 and #4.

@r0073rr0r r0073rr0r merged commit 2a698f8 into main Apr 20, 2026
5 checks passed
@r0073rr0r r0073rr0r deleted the fix/codeql-implicit-pendingintent branch April 20, 2026 08:21
)
try {
alarmManager.setExactAndAllowWhileIdle(AlarmManager.RTC_WAKEUP, triggerAt, pendingIntent)
alarmManager.setExactAndAllowWhileIdle(AlarmManager.RTC_WAKEUP, triggerAt, pendingIntent) // lgtm [java/android/implicit-pendingintents]
// On newer Android versions exact alarms can require explicit user-granted permission.
runCatching {
alarmManager.setAndAllowWhileIdle(AlarmManager.RTC_WAKEUP, triggerAt, pendingIntent)
alarmManager.setAndAllowWhileIdle(AlarmManager.RTC_WAKEUP, triggerAt, pendingIntent) // lgtm [java/android/implicit-pendingintents]
.build()

NotificationManagerCompat.from(context).notify(abs(noteId.hashCode()), notification)
NotificationManagerCompat.from(context).notify(abs(noteId.hashCode()), notification) // lgtm [java/android/implicit-pendingintents]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants