• Home
  • Features
  • Pricing
  • Docs
  • Announcements
  • Sign In

devonfw / IDEasy / 28869352089

07 Jul 2026 01:19PM UTC coverage: 72.075% (+0.009%) from 72.066%
28869352089

Pull #2128

github

web-flow
Merge 144db54d3 into 2cf3f5070
Pull Request #2128: #2123: configure Checkstyle suppression for legitimate System.out usages

4858 of 7434 branches covered (65.35%)

Branch coverage included in aggregate %.

12435 of 16559 relevant lines covered (75.1%)

3.18 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

11.11
cli/src/main/java/com/devonfw/tools/ide/url/model/file/UrlSecurityFile.java
1
package com.devonfw.tools.ide.url.model.file;
2

3
import java.io.BufferedWriter;
4
import java.nio.file.Files;
5
import java.util.Collection;
6
import java.util.List;
7
import java.util.Objects;
8

9
import org.jline.utils.Log;
10

11
import com.devonfw.tools.ide.context.IdeContext;
12
import com.devonfw.tools.ide.json.JsonMapping;
13
import com.devonfw.tools.ide.url.model.file.json.Cve;
14
import com.devonfw.tools.ide.url.model.file.json.ToolSecurity;
15
import com.devonfw.tools.ide.url.model.folder.AbstractUrlToolOrEdition;
16
import com.devonfw.tools.ide.url.model.folder.UrlEdition;
17
import com.devonfw.tools.ide.version.VersionIdentifier;
18
import com.devonfw.tools.ide.version.VersionRange;
19
import com.fasterxml.jackson.databind.ObjectMapper;
20

21
/**
22
 * {@link UrlFile} with the security information for an {@link UrlEdition}.
23
 */
24
public class UrlSecurityFile extends AbstractUrlFile<AbstractUrlToolOrEdition<?, ?>> {
25

26
  /** {@link #getName() Name} of security file. */
27
  public static final String SECURITY_JSON = "security.json";
28

29
  private static final ObjectMapper MAPPER = JsonMapping.create();
3✔
30

31
  private ToolSecurity security;
32

33
  /**
34
   * The constructor.
35
   *
36
   * @param parent the {@link #getParent() parent folder}.
37
   */
38
  public UrlSecurityFile(AbstractUrlToolOrEdition<?, ?> parent) {
39

40
    super(parent, SECURITY_JSON);
4✔
41
  }
1✔
42

43
  /**
44
   * Sets the security information for this {@link UrlSecurityFile}.
45
   *
46
   * @param security the {@link ToolSecurity} object containing security information to be set.
47
   */
48
  public void setSecurity(ToolSecurity security) {
49
    this.security = security;
×
50
    this.modified = true;
×
51
  }
×
52

53
  /**
54
   * @return the content of the CVE map of the security.json file
55
   */
56
  public ToolSecurity getSecurity() {
57

58
    if (this.security == null) {
3✔
59
      return ToolSecurity.getEmpty();
2✔
60
    }
61
    return this.security;
3✔
62
  }
63

64
  @Override
65
  protected void doLoad() {
66
    this.security = ToolSecurity.of(getPath());
5✔
67
  }
1✔
68

69
  @Override
70
  public void doSave() {
71

72
    if ((this.security == null || this.security.getIssues().isEmpty()) && !Files.exists(getPath())) {
×
73
      Log.debug("Skipping save for {} (no warnings and file doesn't exist)", getPath());
×
74
      return;
×
75
    }
76

77
    try (BufferedWriter writer = Files.newBufferedWriter(getPath())) {
×
78
      MAPPER.writeValue(writer, this.security);
×
79
    } catch (Exception e) {
×
80
      throw new IllegalStateException("Failed to save file " + getPath(), e);
×
81
    }
×
82

83
  }
×
84

85
  /**
86
   * Adds a new CVE warning with detailed information, such as severity, CVE ID and a versionRange.
87
   *
88
   * @param cve the {@link Cve} to add.
89
   */
90
  public void addCve(Cve cve) {
91
    if (this.security == null || this.security == ToolSecurity.getEmpty()) {
×
92
      this.security = new ToolSecurity();
×
93
    }
94
    boolean securityModified = this.security.addIssue(cve);
×
95
    if (securityModified) {
×
96
      this.modified = true;
×
97
    }
98
  }
×
99

100

101
  /**
102
   * Clears all security warnings from this {@link UrlSecurityFile}.
103
   */
104
  public void clearSecurityWarnings() {
105
    if (this.security != null) {
×
106
      this.security.clearIssues();
×
107
      this.modified = true;
×
108
    }
109
  }
×
110

111

112
  /**
113
   * Checks if a security warning exists for a given version. Optionally, warnings affecting all versions can be ignored.
114
   *
115
   * @param version the {@link VersionIdentifier} of the version to check for security warnings.
116
   * @param ignoreWarningsThatAffectAllVersions {@code true} to ignore warnings that affect all versions, {@code false} to include them.
117
   * @param context the {@link IdeContext} providing contextual information (can be {@code null}).
118
   * @param edition the {@link UrlEdition} to check for security warnings.
119
   * @return {@code true} if a security warning exists for the given version, {@code false} otherwise.
120
   */
121

122
  public boolean contains(VersionIdentifier version, boolean ignoreWarningsThatAffectAllVersions, IdeContext context,
123
      UrlEdition edition) {
124

125
    List<VersionIdentifier> sortedVersions = List.of();
×
126
    if (ignoreWarningsThatAffectAllVersions) {
×
127
      sortedVersions = Objects.requireNonNull(context).getUrls().getSortedVersions(
×
128
          edition.getName(), edition.getName(), null);
×
129
    }
130

131
    Collection<Cve> issues = this.security != null ? this.security.getIssues() : List.of();
×
132

133
    for (Cve cve : issues) {
×
134
      for (VersionRange versionRange : cve.versions()) {
×
135
        if (ignoreWarningsThatAffectAllVersions) {
×
136
          boolean includesOldestVersion = versionRange.getMin() == null
×
137
              || versionRange.contains(sortedVersions.getLast());
×
138
          boolean includesNewestVersion = versionRange.getMax() == null
×
139
              || versionRange.contains(sortedVersions.getFirst());
×
140
          if (includesOldestVersion && includesNewestVersion) {
×
141
            continue;
×
142
          }
143
        }
144
        if (versionRange.contains(version)) {
×
145
          return true;
×
146
        }
147
      }
×
148
    }
×
149
    return false;
×
150
  }
151

152

153
  /**
154
   * Checks if a security warning exists for a given version.
155
   *
156
   * @param version the {@link VersionIdentifier} of the version to check for security warnings.
157
   * @return {@code true} if a security warning exists for the given version, {@code false} otherwise.
158
   */
159
  public boolean contains(VersionIdentifier version) {
160

161
    return contains(version, false, null, null);
×
162
  }
163

164

165
}
STATUS · Troubleshooting · Open an Issue · Sales · Support · CAREERS · ENTERPRISE · START FREE · SCHEDULE DEMO
ANNOUNCEMENTS · TWITTER · TOS & SLA · Supported CI Services · What's a CI service? · Automated Testing

© 2026 Coveralls, Inc