22860792264

Committed 09 Mar 2026 03:25PM UTC coverage: 70.268% (-0.2%) from 70.481%

Build # 22860792264

Build Type

push

github

Committed by

web-flow

Commit Message

#404: #1713: advanced logging (#1714)

Co-authored-by: Kian <adasd>
Co-authored-by: KianRolf <kian.loroff@capgemini.com>
Co-authored-by: jan-vcapgemini <59438728+jan-vcapgemini@users.noreply.github.com>
Co-authored-by: jan-vcapgemini <jan-vincent.hoelzle@capgemini.com>

Coverage Stats

4068 of 6386 branches covered (63.7%)

Branch coverage included in aggregate %.

10604 of 14494 relevant lines covered (73.16%)

3.08 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

76.92

cli/src/main/java/com/devonfw/tools/ide/url/model/file/json/ToolSecurity.java

package com.devonfw.tools.ide.url.model.file.json;

import java.io.BufferedReader;
import java.nio.file.Files;
import java.nio.file.Path;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Map;
import java.util.TreeMap;
import java.util.function.Predicate;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import com.devonfw.tools.ide.json.JsonMapping;
import com.devonfw.tools.ide.json.JsonObject;
import com.devonfw.tools.ide.security.ToolVulnerabilities;
import com.devonfw.tools.ide.variable.IdeVariables;
import com.devonfw.tools.ide.version.VersionIdentifier;
import com.devonfw.tools.ide.version.VersionRange;
import com.fasterxml.jackson.databind.ObjectMapper;

/**
 * Container representing data from the "security.json" file with all {@link Cve CVE}s of a specific tool.
 *
 * @see com.devonfw.tools.ide.url.model.file.UrlSecurityFile
 */
public class ToolSecurity implements JsonObject {

  private static final Logger LOG = LoggerFactory.getLogger(ToolSecurity.class);

  static final String PROPERTY_ISSUES = "issues";

  private static final ObjectMapper MAPPER = JsonMapping.create();

  private static final ToolSecurity EMPTY = new ToolSecurity(Map.of());

  private final Map<String, Cve> cveMap;

  private final Collection<Cve> issues;

  /**
   * The constructor.
   */
  public ToolSecurity() {
    this(new TreeMap<>());
  }

  /**
   * The constructor.
   *
   * @param issues the list of {@link Cve}s.
   */
  public ToolSecurity(List<Cve> issues) {
    this();
    setIssues(issues);
  }

  private ToolSecurity(Map<String, Cve> cveMap) {
    super();
    this.cveMap = cveMap;
    this.issues = Collections.unmodifiableCollection(this.cveMap.values());
  }

  /**
   * @return the {@link Collection} of {@link Cve}s.
   */
  public Collection<Cve> getIssues() {
    return this.issues;
  }

  /**
   * @param issues the list of {@link Cve}s.
   */
  public void setIssues(List<Cve> issues) {

    this.cveMap.clear();
    for (Cve issue : issues) {
      addIssue(issue);
    }
  }

  /**
   * @param issue the {@link Cve} to add.
   * @return {@code true} if this {@link ToolSecurity} was modified (issue added or merged), {@code false} otherwise ({@link Cve} was already contained).
   */
  public boolean addIssue(Cve issue) {

    Cve newIssue = issue;
    String id = issue.id();
    Cve existingIssue = this.cveMap.get(id);
    if (existingIssue != null) {
      newIssue = existingIssue.merge(issue);
      if (newIssue.equals(existingIssue)) {
        return false;
      }
    }
    this.cveMap.put(id, newIssue);
    return true;
  }

  /**
   * Clears all issues.
   */
  public void clearIssues() {
    this.cveMap.clear();
  }

  /**
   * Finds all {@link Cve}s for the given {@link VersionIdentifier} that also match the given {@link Predicate}.
   *
   * @param version the {@link VersionIdentifier} to check.
   * @param predicate the {@link Predicate} deciding which matching {@link Cve}s are {@link Predicate#test(Object) accepted}.
   * @return all {@link Cve}s for the given {@link VersionIdentifier}.
   */
  public ToolVulnerabilities findCves(VersionIdentifier version, Predicate<Cve> predicate) {
    List<Cve> cvesOfVersion = new ArrayList<>();
    for (Cve cve : this.issues) {
      for (VersionRange range : cve.versions()) {
        if (range.contains(version)) {
          if (predicate.test(cve)) {
            cvesOfVersion.add(cve);
          } else {
            LOG.info("Ignoring CVE {} with severity {}", cve.id(), cve.severity());
          }
        }
      }
    }
    return ToolVulnerabilities.of(cvesOfVersion);
  }

  /**
   * Finds all {@link Cve}s for the given {@link VersionIdentifier} and {@code minSeverity}.
   *
   * @param version the {@link VersionIdentifier} to check.
   * @param minSeverity the {@link IdeVariables#CVE_MIN_SEVERITY minimum severity}.
   * @return the {@link ToolVulnerabilities} for the given {@link VersionIdentifier}.
   */
  public ToolVulnerabilities findCves(VersionIdentifier version, double minSeverity) {
    return findCves(version, cve -> cve.severity() >= minSeverity);
  }

  /**
   * @param file the {@link Path} to the JSON file to load.
   * @return the loaded {@link ToolSecurity} or the {@link #getEmpty() empty instance} if given {@link Path} does not exist.
   */
  public static ToolSecurity of(Path file) {

    if (Files.exists(file)) {
      try (BufferedReader reader = Files.newBufferedReader(file)) {
        return MAPPER.readValue(reader, ToolSecurity.class);
      } catch (Exception e) {
        throw new IllegalStateException("Failed to load " + file, e);
      }
    } else {
      return EMPTY;
    }
  }

  /**
   * @return the empty instance of {@link ToolSecurity}.
   */
  public static ToolSecurity getEmpty() {

    return EMPTY;
  }
}

1	package com.devonfw.tools.ide.url.model.file.json;
2
3	import java.io.BufferedReader;
4	import java.nio.file.Files;
5	import java.nio.file.Path;
6	import java.util.ArrayList;
7	import java.util.Collection;
8	import java.util.Collections;
9	import java.util.List;
10	import java.util.Map;
11	import java.util.TreeMap;
12	import java.util.function.Predicate;
13
14	import org.slf4j.Logger;
15	import org.slf4j.LoggerFactory;
16
17	import com.devonfw.tools.ide.json.JsonMapping;
18	import com.devonfw.tools.ide.json.JsonObject;
19	import com.devonfw.tools.ide.security.ToolVulnerabilities;
20	import com.devonfw.tools.ide.variable.IdeVariables;
21	import com.devonfw.tools.ide.version.VersionIdentifier;
22	import com.devonfw.tools.ide.version.VersionRange;
23	import com.fasterxml.jackson.databind.ObjectMapper;
24
25	/**
26	* Container representing data from the "security.json" file with all {@link Cve CVE}s of a specific tool.
27	*
28	* @see com.devonfw.tools.ide.url.model.file.UrlSecurityFile
29	*/
30	public class ToolSecurity implements JsonObject {
31
32	private static final Logger LOG = LoggerFactory.getLogger(ToolSecurity.class);	3✔
33
34	static final String PROPERTY_ISSUES = "issues";
35
36	private static final ObjectMapper MAPPER = JsonMapping.create();	2✔
37
38	private static final ToolSecurity EMPTY = new ToolSecurity(Map.of());	6✔
39
40	private final Map<String, Cve> cveMap;
41
42	private final Collection<Cve> issues;
43
44	/**
45	* The constructor.
46	*/
47	public ToolSecurity() {
48	this(new TreeMap<>());	5✔
49	}	1✔
50
51	/**
52	* The constructor.
53	*
54	* @param issues the list of {@link Cve}s.
55	*/
56	public ToolSecurity(List<Cve> issues) {
57	this();	2✔
58	setIssues(issues);	3✔
59	}	1✔
60
61	private ToolSecurity(Map<String, Cve> cveMap) {
62	super();	2✔
63	this.cveMap = cveMap;	3✔
64	this.issues = Collections.unmodifiableCollection(this.cveMap.values());	6✔
65	}	1✔
66
67	/**
68	* @return the {@link Collection} of {@link Cve}s.
69	*/
70	public Collection<Cve> getIssues() {
71	return this.issues;	3✔
72	}
73
74	/**
75	* @param issues the list of {@link Cve}s.
76	*/
77	public void setIssues(List<Cve> issues) {
78
79	this.cveMap.clear();	3✔
80	for (Cve issue : issues) {	10✔
81	addIssue(issue);	4✔
82	}	1✔
83	}	1✔
84
85	/**
86	* @param issue the {@link Cve} to add.
87	* @return {@code true} if this {@link ToolSecurity} was modified (issue added or merged), {@code false} otherwise ({@link Cve} was already contained).
88	*/
89	public boolean addIssue(Cve issue) {
90
91	Cve newIssue = issue;	2✔
92	String id = issue.id();	3✔
93	Cve existingIssue = this.cveMap.get(id);	6✔
94	if (existingIssue != null) {	2!
95	newIssue = existingIssue.merge(issue);	×
96	if (newIssue.equals(existingIssue)) {	×
97	return false;	×
98	}
99	}
100	this.cveMap.put(id, newIssue);	6✔
101	return true;	2✔
102	}
103
104	/**
105	* Clears all issues.
106	*/
107	public void clearIssues() {
108	this.cveMap.clear();	×
109	}	×
110
111	/**
112	* Finds all {@link Cve}s for the given {@link VersionIdentifier} that also match the given {@link Predicate}.
113	*
114	* @param version the {@link VersionIdentifier} to check.
115	* @param predicate the {@link Predicate} deciding which matching {@link Cve}s are {@link Predicate#test(Object) accepted}.
116	* @return all {@link Cve}s for the given {@link VersionIdentifier}.
117	*/
118	public ToolVulnerabilities findCves(VersionIdentifier version, Predicate<Cve> predicate) {
119	List<Cve> cvesOfVersion = new ArrayList<>();	4✔
120	for (Cve cve : this.issues) {	11✔
121	for (VersionRange range : cve.versions()) {	11✔
122	if (range.contains(version)) {	4✔
123	if (predicate.test(cve)) {	4!
124	cvesOfVersion.add(cve);	5✔
125	} else {
126	LOG.info("Ignoring CVE {} with severity {}", cve.id(), cve.severity());	×
127	}
128	}
129	}	1✔
130	}	1✔
131	return ToolVulnerabilities.of(cvesOfVersion);	3✔
132	}
133
134	/**
135	* Finds all {@link Cve}s for the given {@link VersionIdentifier} and {@code minSeverity}.
136	*
137	* @param version the {@link VersionIdentifier} to check.
138	* @param minSeverity the {@link IdeVariables#CVE_MIN_SEVERITY minimum severity}.
139	* @return the {@link ToolVulnerabilities} for the given {@link VersionIdentifier}.
140	*/
141	public ToolVulnerabilities findCves(VersionIdentifier version, double minSeverity) {
142	return findCves(version, cve -> cve.severity() >= minSeverity);	14!
143	}
144
145	/**
146	* @param file the {@link Path} to the JSON file to load.
147	* @return the loaded {@link ToolSecurity} or the {@link #getEmpty() empty instance} if given {@link Path} does not exist.
148	*/
149	public static ToolSecurity of(Path file) {
150
151	if (Files.exists(file)) {	5!
152	try (BufferedReader reader = Files.newBufferedReader(file)) {	3✔
153	return MAPPER.readValue(reader, ToolSecurity.class);	8✔
154	} catch (Exception e) {	×
155	throw new IllegalStateException("Failed to load " + file, e);	×
156	}
157	} else {
158	return EMPTY;	×
159	}
160	}
161
162	/**
163	* @return the empty instance of {@link ToolSecurity}.
164	*/
165	public static ToolSecurity getEmpty() {
166
167	return EMPTY;	2✔
168	}
169	}

devonfw / IDEasy / 22860792264

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous