Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Audit Maven - use maven-dep-tree plugin #1023

Merged
merged 37 commits into from
Nov 19, 2023
Merged

Audit Maven - use maven-dep-tree plugin #1023

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
37 commits
Select commit Hold shift + click to select a range
fdeb9ae
init commit
omerzi Nov 9, 2023
f8ca081
Merge remote-tracking branch 'upstream/dev' into mvn-dep-tree
omerzi Nov 9, 2023
faf177c
Merge branch 'dev' into mvn-dep-tree
omerzi Nov 9, 2023
b2a782d
fix static analysis
omerzi Nov 9, 2023
9ba6866
Merge remote-tracking branch 'origin/mvn-dep-tree' into mvn-dep-tree
omerzi Nov 9, 2023
80c03df
fix static analysis
omerzi Nov 9, 2023
b6d73a0
fix gradle test
omerzi Nov 9, 2023
485ebdc
fix gradle test
omerzi Nov 9, 2023
63d1f76
Update jars
omerzi Nov 13, 2023
1511903
Merge remote-tracking branch 'origin/mvn-dep-tree' into mvn-dep-tree
omerzi Nov 13, 2023
7fbe7d0
Merge remote-tracking branch 'upstream/dev' into mvn-dep-tree
omerzi Nov 13, 2023
b60d643
Merge remote-tracking branch 'upstream/dev' into mvn-dep-tree
omerzi Nov 13, 2023
fd84b8e
Merge remote-tracking branch 'origin/mvn-dep-tree' into mvn-dep-tree
omerzi Nov 13, 2023
3e56246
Merge remote-tracking branch 'upstream/dev' into mvn-dep-tree
omerzi Nov 14, 2023
be4c85f
Merge remote-tracking branch 'upstream/dev' into mvn-dep-tree
omerzi Nov 14, 2023
7267cb6
Merge remote-tracking branch 'origin/mvn-dep-tree' into mvn-dep-tree
omerzi Nov 14, 2023
e246bac
Merge branch 'dev' into mvn-dep-tree
omerzi Nov 14, 2023
14a6c86
update
omerzi Nov 14, 2023
bb193b3
Merge remote-tracking branch 'origin/mvn-dep-tree' into mvn-dep-tree
omerzi Nov 14, 2023
9a5913d
update
omerzi Nov 14, 2023
fbe63dc
update
omerzi Nov 14, 2023
33ef16c
added test
omerzi Nov 14, 2023
79fed67
added test
omerzi Nov 14, 2023
3be15cf
added test
omerzi Nov 14, 2023
49562d5
added test
omerzi Nov 14, 2023
9218f07
added test
omerzi Nov 14, 2023
451f53d
CR + improvements
omerzi Nov 15, 2023
9c7f366
fix test
omerzi Nov 15, 2023
48aaccd
fix test
omerzi Nov 15, 2023
5edcb17
fix test
omerzi Nov 15, 2023
0c8020b
Merge branch 'dev' into mvn-dep-tree
omerzi Nov 15, 2023
53390b0
Merge remote-tracking branch 'upstream/dev' into mvn-dep-tree
omerzi Nov 16, 2023
5fdbb8f
CR
omerzi Nov 19, 2023
198ed60
CR
omerzi Nov 19, 2023
2409fe7
CR
omerzi Nov 19, 2023
44bca20
CR
omerzi Nov 19, 2023
f701fad
CR
omerzi Nov 19, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
fix test
  • Loading branch information
@omerzi
omerzi committed Nov 15, 2023
commit 48aaccd9a07a5e85c960b5353eaa21abe1f6df26
15 changes: 2 additions & 13 deletions xray/commands/audit/sca/java/mvn.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,9 +23,6 @@ const (
TreeCmd = "tree"
ProjectsCmd = "projects"
settingsXmlFile = "settings.xml"
basicAuthServerXmlPath = "resources/basic-auth-server.xml"
tokenAuthServerXmlPath = "resources/token-auth-server.xml"
errReadServerXml = "encountered an error while attempting to read from %s while constructing the settings.xml for the 'mvn-dep-tree' command:\n%w"
)

//go:embed resources/settings.xml
Expand Down Expand Up @@ -164,11 +161,7 @@ func (mdt *MavenDepTreeManager) getSettingsXmlServerAuthentication() (string, er
if password == "" {
password = token
}
basicAuthServerXml, err := os.ReadFile(basicAuthServerXmlPath)
if err != nil {
return "", errorutils.CheckErrorf(errReadServerXml, basicAuthServerXmlPath, err)
}
authString := fmt.Sprintf(string(basicAuthServerXml), base64.StdEncoding.EncodeToString([]byte(username+":"+password)))
authString := "Basic " + base64.StdEncoding.EncodeToString([]byte(username+":"+password))
return authString, nil
}

Expand All @@ -177,10 +170,6 @@ func (mdt *MavenDepTreeManager) getSettingsXmlServerAuthentication() (string, er
return "", errorutils.CheckErrorf(errorMessage)
}

tokenAuthServerXml, err := os.ReadFile(tokenAuthServerXmlPath)
if err != nil {
return "", errorutils.CheckErrorf(errReadServerXml, tokenAuthServerXmlPath, err)
}
authString := fmt.Sprintf(string(tokenAuthServerXml), token)
authString := "Bearer " + token
return authString, nil
}
60 changes: 30 additions & 30 deletions xray/commands/audit/sca/java/mvn_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -133,16 +133,16 @@ func TestCreateSettingsXmlWithConfiguredArtifactory(t *testing.T) {
xmlns="http://maven.apache.org/SETTINGS/1.2.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<server>
<id>artifactory</id>
<configuration>
<httpHeaders>
<property>
<name>Authorization</name>
<value>Basic dGVzdFVzZXI6dGVzdFBhc3M=</value>
</property>
</httpHeaders>
</configuration>
</server>
<id>artifactory</id>
<configuration>
<httpHeaders>
<property>
<name>Authorization</name>
<value>Basic dGVzdFVzZXI6dGVzdFBhc3M=</value>
</property>
</httpHeaders>
</configuration>
</server>
<mirrors>
<mirror>
<id>artifactory</id>
Expand All @@ -166,16 +166,16 @@ func TestCreateSettingsXmlWithConfiguredArtifactory(t *testing.T) {
xmlns="http://maven.apache.org/SETTINGS/1.2.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<server>
<id>artifactory</id>
<configuration>
<httpHeaders>
<property>
<name>Authorization</name>
<value>Basic dGVzdFVzZXI6YWNjZXNzVG9rZW4=</value>
</property>
</httpHeaders>
</configuration>
</server>
<id>artifactory</id>
<configuration>
<httpHeaders>
<property>
<name>Authorization</name>
<value>Basic dGVzdFVzZXI6YWNjZXNzVG9rZW4=</value>
</property>
</httpHeaders>
</configuration>
</server>
<mirrors>
<mirror>
<id>artifactory</id>
Expand All @@ -198,16 +198,16 @@ func TestCreateSettingsXmlWithConfiguredArtifactory(t *testing.T) {
xmlns="http://maven.apache.org/SETTINGS/1.2.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<server>
<id>artifactory</id>
<configuration>
<httpHeaders>
<property>
<name>Authorization</name>
<value>Bearer accessToken</value>
</property>
</httpHeaders>
</configuration>
</server>
<id>artifactory</id>
<configuration>
<httpHeaders>
<property>
<name>Authorization</name>
<value>Bearer accessToken</value>
</property>
</httpHeaders>
</configuration>
</server>
<mirrors>
<mirror>
<id>artifactory</id>
Expand Down
11 changes: 0 additions & 11 deletions xray/commands/audit/sca/java/resources/basic-auth-server.xml
View file
Open in desktop

This file was deleted.

12 changes: 11 additions & 1 deletion xray/commands/audit/sca/java/resources/settings.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,17 @@
<settings xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.2.0 http://maven.apache.org/xsd/settings-1.2.0.xsd"
xmlns="http://maven.apache.org/SETTINGS/1.2.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
%s
<server>
<id>artifactory</id>
<configuration>
<httpHeaders>
<property>
<name>Authorization</name>
<value>%s</value>
</property>
</httpHeaders>
</configuration>
</server>
<mirrors>
<mirror>
<id>artifactory</id>
Expand Down
11 changes: 0 additions & 11 deletions xray/commands/audit/sca/java/resources/token-auth-server.xml
View file
Open in desktop

This file was deleted.

Loading