Security Policy violation Binary Artifacts

[google-allstar-prod]

This issue was automatically created by Allstar.

Security Policy Violation
Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

---

Allstar has been installed on all Google managed GitHub orgs. Policies are gradually being rolled out and enforced by the GOSST and OSPO teams. Learn more at http://go/allstar

This issue will auto resolve when the policy is in compliance.

Issue created by Allstar. See https://github.com/ossf/allstar/ for more information. For questions specific to the repository, please contact the owner or maintainer.

[cpovirk]

I'd have to look in more detail, but I suspect that our build ignores these files entirely, so I would expect the practical risk here to be low. (The files are inherited from the upstream repo that this repo is a fork of.)

That of course raises the obvious question of whether we could ensure safety by removing the unused files :) Hopefully we could. It might complicate merges, but our merges are already complicated, so the incremental complexity is unlikely to hurt much.

I'm going to see if we can get away with letting this sit for now, but I've made a note to revisit when we figure out how to do the complicated merges I referred to above.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[cpovirk]

That of course raises the obvious question of whether we could ensure safety by removing the unused files :)

This looks promising: https://stackoverflow.com/a/24577293/28465

I'm still hoping to get away with letting this sit for a while, since I don't expect there to be a real risk for how we use this repo. But I'm hoping the fix won't be too hard, so if someone comes to tell me that I really should do it now, then it will probably be more expedient to just do it than to try to justify myself in detail.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.

[google-allstar-prod]

Updating issue after ping interval. See its status below.

---

Project is out of compliance with Binary Artifacts policy: binaries present in source code

Rule Description
Binary Artifacts are an increased security risk in your repository. Binary artifacts cannot be reviewed, allowing the introduction of possibly obsolete or maliciously subverted executables. For more information see the Security Scorecards Documentation for Binary Artifacts.

Remediation Steps
To remediate, remove the generated executable artifacts from the repository.

First 10 Artifacts Found

• checker-qual.jar
• test/hotspot/jtreg/runtime/7116786/testcases.jar
• test/hotspot/jtreg/runtime/ClassFile/JsrRewritingTestCase.jar
• test/hotspot/jtreg/runtime/ClassFile/testcase.jar
• test/hotspot/jtreg/runtime/EnclosingMethodAttr/enclMethodAttr.jar
• test/hotspot/jtreg/runtime/LocalVariableTable/testcase.jar
• test/hotspot/jtreg/runtime/classFileParserBug/emptynumbootstrapmethods.jar
• test/hotspot/jtreg/runtime/classFileParserBug/test.jar
• test/hotspot/jtreg/runtime/duplAttributes/test.jar
• test/jdk/java/beans/Introspector/7064279/test.jar
• Run a Scorecards scan to see full list.

Additional Information
This policy is drawn from Security Scorecards, which is a tool that scores a project's adherence to security best practices. You may wish to run a Scorecards scan directly on this repository for more details.