19803060516

Committed 30 Nov 2025 06:26PM UTC coverage: 69.793% (+0.09%) from 69.705%

Build # 19803060516

Build Type

push

github

Committed by

web-flow

Commit Message

#1621: fix build security.json (#1623)

Run Details

3811 of 5993 branches covered (63.59%)

Branch coverage included in aggregate %.

9793 of 13499 relevant lines covered (72.55%)

3.15 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

11.11

cli/src/main/java/com/devonfw/tools/ide/url/model/file/UrlSecurityFile.java

package com.devonfw.tools.ide.url.model.file;

import java.io.BufferedWriter;
import java.nio.file.Files;
import java.util.Collection;
import java.util.List;
import java.util.Objects;

import com.devonfw.tools.ide.context.IdeContext;
import com.devonfw.tools.ide.json.JsonMapping;
import com.devonfw.tools.ide.url.model.file.json.Cve;
import com.devonfw.tools.ide.url.model.file.json.ToolSecurity;
import com.devonfw.tools.ide.url.model.folder.AbstractUrlToolOrEdition;
import com.devonfw.tools.ide.url.model.folder.UrlEdition;
import com.devonfw.tools.ide.version.VersionIdentifier;
import com.devonfw.tools.ide.version.VersionRange;
import com.fasterxml.jackson.databind.ObjectMapper;

/**
 * {@link UrlFile} with the security information for an {@link UrlEdition}.
 */
public class UrlSecurityFile extends AbstractUrlFile<AbstractUrlToolOrEdition<?, ?>> {

  /** {@link #getName() Name} of security file. */
  public static final String SECURITY_JSON = "security.json";

  private static final ObjectMapper MAPPER = JsonMapping.create();

  private ToolSecurity security;

  /**
   * The constructor.
   *
   * @param parent the {@link #getParent() parent folder}.
   */
  public UrlSecurityFile(AbstractUrlToolOrEdition<?, ?> parent) {

    super(parent, SECURITY_JSON);
  }

  /**
   * Sets the security information for this {@link UrlSecurityFile}.
   *
   * @param security the {@link ToolSecurity} object containing security information to be set.
   */
  public void setSecurity(ToolSecurity security) {
    this.security = security;
    this.modified = true;
  }

  /**
   * @return the content of the CVE map of the security.json file
   */
  public ToolSecurity getSecurity() {

    if (this.security == null) {
      return ToolSecurity.getEmpty();
    }
    return this.security;
  }

  @Override
  protected void doLoad() {
    this.security = ToolSecurity.of(getPath());
  }

  @Override
  public void doSave() {

    if ((this.security == null || this.security.getIssues().isEmpty()) && !Files.exists(getPath())) {
      System.out.println("Skipping save for " + getPath() + " (no warnings and file doesn't exist)");
      return;
    }

    try (BufferedWriter writer = Files.newBufferedWriter(getPath())) {
      MAPPER.writeValue(writer, this.security);
    } catch (Exception e) {
      throw new IllegalStateException("Failed to save file " + getPath(), e);
    }

  }

  /**
   * Adds a new CVE warning with detailed information, such as severity, CVE ID and a versionRange.
   *
   * @param cve the {@link Cve} to add.
   */
  public void addCve(Cve cve) {
    if (this.security == null || this.security == ToolSecurity.getEmpty()) {
      this.security = new ToolSecurity();
    }
    boolean securityModified = this.security.addIssue(cve);
    if (securityModified) {
      this.modified = true;
    }
  }


  /**
   * Clears all security warnings from this {@link UrlSecurityFile}.
   */
  public void clearSecurityWarnings() {
    if (this.security != null) {
      this.security.clearIssues();
      this.modified = true;
    }
  }


  /**
   * Checks if a security warning exists for a given version. Optionally, warnings affecting all versions can be ignored.
   *
   * @param version the {@link VersionIdentifier} of the version to check for security warnings.
   * @param ignoreWarningsThatAffectAllVersions {@code true} to ignore warnings that affect all versions, {@code false} to include them.
   * @param context the {@link IdeContext} providing contextual information (can be {@code null}).
   * @param edition the {@link UrlEdition} to check for security warnings.
   * @return {@code true} if a security warning exists for the given version, {@code false} otherwise.
   */

  public boolean contains(VersionIdentifier version, boolean ignoreWarningsThatAffectAllVersions, IdeContext context,
      UrlEdition edition) {

    List<VersionIdentifier> sortedVersions = List.of();
    if (ignoreWarningsThatAffectAllVersions) {
      sortedVersions = Objects.requireNonNull(context).getUrls().getSortedVersions(
          edition.getName(), edition.getName(), null);
    }

    Collection<Cve> issues = this.security != null ? this.security.getIssues() : List.of();

    for (Cve cve : issues) {
      for (VersionRange versionRange : cve.versions()) {
        if (ignoreWarningsThatAffectAllVersions) {
          boolean includesOldestVersion = versionRange.getMin() == null
              || versionRange.contains(sortedVersions.getLast());
          boolean includesNewestVersion = versionRange.getMax() == null
              || versionRange.contains(sortedVersions.getFirst());
          if (includesOldestVersion && includesNewestVersion) {
            continue;
          }
        }
        if (versionRange.contains(version)) {
          return true;
        }
      }
    }
    return false;
  }


  /**
   * Checks if a security warning exists for a given version.
   *
   * @param version the {@link VersionIdentifier} of the version to check for security warnings.
   * @return {@code true} if a security warning exists for the given version, {@code false} otherwise.
   */
  public boolean contains(VersionIdentifier version) {

    return contains(version, false, null, null);
  }


}



1	package com.devonfw.tools.ide.url.model.file;
2
3	import java.io.BufferedWriter;
4	import java.nio.file.Files;
5	import java.util.Collection;
6	import java.util.List;
7	import java.util.Objects;
8
9	import com.devonfw.tools.ide.context.IdeContext;
10	import com.devonfw.tools.ide.json.JsonMapping;
11	import com.devonfw.tools.ide.url.model.file.json.Cve;
12	import com.devonfw.tools.ide.url.model.file.json.ToolSecurity;
13	import com.devonfw.tools.ide.url.model.folder.AbstractUrlToolOrEdition;
14	import com.devonfw.tools.ide.url.model.folder.UrlEdition;
15	import com.devonfw.tools.ide.version.VersionIdentifier;
16	import com.devonfw.tools.ide.version.VersionRange;
17	import com.fasterxml.jackson.databind.ObjectMapper;
18
19	/**
20	* {@link UrlFile} with the security information for an {@link UrlEdition}.
21	*/
22	public class UrlSecurityFile extends AbstractUrlFile<AbstractUrlToolOrEdition<?, ?>> {
23
24	/** {@link #getName() Name} of security file. */
25	public static final String SECURITY_JSON = "security.json";
26
27	private static final ObjectMapper MAPPER = JsonMapping.create();	3✔
28
29	private ToolSecurity security;
30
31	/**
32	* The constructor.
33	*
34	* @param parent the {@link #getParent() parent folder}.
35	*/
36	public UrlSecurityFile(AbstractUrlToolOrEdition<?, ?> parent) {
37
38	super(parent, SECURITY_JSON);	4✔
39	}	1✔
40
41	/**
42	* Sets the security information for this {@link UrlSecurityFile}.
43	*
44	* @param security the {@link ToolSecurity} object containing security information to be set.
45	*/
46	public void setSecurity(ToolSecurity security) {
47	this.security = security;	×
48	this.modified = true;	×
49	}	×
50
51	/**
52	* @return the content of the CVE map of the security.json file
53	*/
54	public ToolSecurity getSecurity() {
55
56	if (this.security == null) {	3✔
57	return ToolSecurity.getEmpty();	2✔
58	}
59	return this.security;	3✔
60	}
61
62	@Override
63	protected void doLoad() {
64	this.security = ToolSecurity.of(getPath());	5✔
65	}	1✔
66
67	@Override
68	public void doSave() {
69
70	if ((this.security == null \|\| this.security.getIssues().isEmpty()) && !Files.exists(getPath())) {	×
71	System.out.println("Skipping save for " + getPath() + " (no warnings and file doesn't exist)");	×
72	return;	×
73	}
74
75	try (BufferedWriter writer = Files.newBufferedWriter(getPath())) {	×
76	MAPPER.writeValue(writer, this.security);	×
77	} catch (Exception e) {	×
78	throw new IllegalStateException("Failed to save file " + getPath(), e);	×
79	}	×
80
81	}	×
82
83	/**
84	* Adds a new CVE warning with detailed information, such as severity, CVE ID and a versionRange.
85	*
86	* @param cve the {@link Cve} to add.
87	*/
88	public void addCve(Cve cve) {
89	if (this.security == null \|\| this.security == ToolSecurity.getEmpty()) {	×
90	this.security = new ToolSecurity();	×
91	}
92	boolean securityModified = this.security.addIssue(cve);	×
93	if (securityModified) {	×
94	this.modified = true;	×
95	}
96	}	×
97
98
99	/**
100	* Clears all security warnings from this {@link UrlSecurityFile}.
101	*/
102	public void clearSecurityWarnings() {
103	if (this.security != null) {	×
104	this.security.clearIssues();	×
105	this.modified = true;	×
106	}
107	}	×
108
109
110	/**
111	* Checks if a security warning exists for a given version. Optionally, warnings affecting all versions can be ignored.
112	*
113	* @param version the {@link VersionIdentifier} of the version to check for security warnings.
114	* @param ignoreWarningsThatAffectAllVersions {@code true} to ignore warnings that affect all versions, {@code false} to include them.
115	* @param context the {@link IdeContext} providing contextual information (can be {@code null}).
116	* @param edition the {@link UrlEdition} to check for security warnings.
117	* @return {@code true} if a security warning exists for the given version, {@code false} otherwise.
118	*/
119
120	public boolean contains(VersionIdentifier version, boolean ignoreWarningsThatAffectAllVersions, IdeContext context,
121	UrlEdition edition) {
122
123	List<VersionIdentifier> sortedVersions = List.of();	×
124	if (ignoreWarningsThatAffectAllVersions) {	×
125	sortedVersions = Objects.requireNonNull(context).getUrls().getSortedVersions(	×
126	edition.getName(), edition.getName(), null);	×
127	}
128
129	Collection<Cve> issues = this.security != null ? this.security.getIssues() : List.of();	×
130
131	for (Cve cve : issues) {	×
132	for (VersionRange versionRange : cve.versions()) {	×
133	if (ignoreWarningsThatAffectAllVersions) {	×
134	boolean includesOldestVersion = versionRange.getMin() == null	×
135	\|\| versionRange.contains(sortedVersions.getLast());	×
136	boolean includesNewestVersion = versionRange.getMax() == null	×
137	\|\| versionRange.contains(sortedVersions.getFirst());	×
138	if (includesOldestVersion && includesNewestVersion) {	×
139	continue;	×
140	}
141	}
142	if (versionRange.contains(version)) {	×
143	return true;	×
144	}
145	}	×
146	}	×
147	return false;	×
148	}
149
150
151	/**
152	* Checks if a security warning exists for a given version.
153	*
154	* @param version the {@link VersionIdentifier} of the version to check for security warnings.
155	* @return {@code true} if a security warning exists for the given version, {@code false} otherwise.
156	*/
157	public boolean contains(VersionIdentifier version) {
158
159	return contains(version, false, null, null);	×
160	}
161
162
163	}
164
165

devonfw / IDEasy / 19803060516

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous