Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrading plugin dependencies to include 'Critical' severity #25

Merged
merged 24 commits into from
Dec 31, 2024
Merged

Upgrading plugin dependencies to include 'Critical' severity #25

Show file tree
Hide file tree
Changes from 20 commits
Commits
Show all changes
24 commits
Select commit Hold shift + click to select a range
1231208
started refactoring the code for ide-plugins-common v1.6.1 with
kerenr-jfrog Oct 30, 2024
733f9ae
progress in refactoring the code
kerenr-jfrog Nov 13, 2024
821bb1f
progress in code refactor
kerenr-jfrog Nov 24, 2024
43c2aeb
refactor - progress - changed implementation
kerenr-jfrog Nov 25, 2024
589d27d
Delete .metadata directory
kerenr-jfrog Nov 26, 2024
0756fb8
Delete .idea directory
kerenr-jfrog Nov 26, 2024
6fe31dc
no build errors
kerenr-jfrog Nov 27, 2024
1c800a3
connected to Xray server successfully
kerenr-jfrog Nov 28, 2024
74ceacb
scan is working - critical severity is shown
kerenr-jfrog Dec 1, 2024
2045a21
updated default exclusions
kerenr-jfrog Dec 2, 2024
702411c
progress
kerenr-jfrog Dec 3, 2024
f0b735c
maven scan repaired
kerenr-jfrog Dec 22, 2024
1a050be
gradle scan works for basic project
kerenr-jfrog Dec 22, 2024
a1a9950
add try-catch for gradle and npm scans
kerenr-jfrog Dec 23, 2024
8d30cd3
updated severity icons
kerenr-jfrog Dec 24, 2024
316fd07
revert .classpath file
kerenr-jfrog Dec 24, 2024
23023ce
change tycho version to 1.6.0
kerenr-jfrog Dec 24, 2024
75a1e73
tycho v1.3.0
kerenr-jfrog Dec 24, 2024
7c6a123
remove comment
kerenr-jfrog Dec 25, 2024
ea528b9
fixes from cr
kerenr-jfrog Dec 26, 2024
0df8825
fixes from CR
kerenr-jfrog Dec 26, 2024
e8d1e4a
CR fixes
kerenr-jfrog Dec 29, 2024
7ddae20
CR fixes
kerenr-jfrog Dec 29, 2024
02cbd22
final fixes from CR
kerenr-jfrog Dec 31, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion bundle/.classpath
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,4 +13,4 @@
<classpathentry kind="src" path="src/main/java"/>
<classpathentry exported="true" kind="lib" path="lib/ide-plugins-common.jar"/>
<classpathentry kind="output" path="target/classes"/>
</classpath>
</classpath>
Binary file added bundle/icons/critical.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified bundle/icons/default.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified bundle/icons/high.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified bundle/icons/low.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified bundle/icons/medium.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified bundle/icons/normal.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file modified bundle/icons/unknown.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
2 changes: 1 addition & 1 deletion bundle/pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@
</repositories>

<properties>
<ide-plugins-common-version>1.1.1</ide-plugins-common-version>
<ide-plugins-common-version>1.6.1</ide-plugins-common-version>
</properties>

<build>
Expand Down
3 changes: 3 additions & 0 deletions bundle/src/main/java/com/jfrog/ide/eclipse/configuration/PreferenceConstants.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,4 +17,7 @@ public class PreferenceConstants {
public static final String GRADLE_PLUGIN_QUALIFIER = "org.eclipse.buildship.core";
public static final String GRADLE_DISTRIBUTION = "gradle.distribution";

// Default exluded paths pattern
public static final String DEFAULT_EXCLUSIONS = "**/*{.git,test,node_modules,target}*";
kerenr-jfrog marked this conversation as resolved.
Show resolved Hide resolved

}
26 changes: 20 additions & 6 deletions bundle/src/main/java/com/jfrog/ide/eclipse/configuration/TestConnectionButton.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,13 +12,13 @@
import org.eclipse.swt.widgets.Button;
import org.eclipse.swt.widgets.Composite;
import org.eclipse.swt.widgets.Label;
import org.jfrog.client.http.model.ProxyConfig;
import org.osgi.framework.FrameworkUtil;

import com.jfrog.ide.common.utils.XrayConnectionUtils;
import com.jfrog.xray.client.Xray;
import com.jfrog.xray.client.impl.XrayClient;
import com.jfrog.xray.client.impl.XrayClientBuilder;
import com.jfrog.xray.client.services.system.Version;
import com.jfrog.ide.eclipse.log.Logger;

/**
* Button in the configuration panel for testing connection with Xray.
Expand Down Expand Up @@ -79,16 +79,30 @@ protected void doStore() {
public int getNumberOfControls() {
return 1;
}

private Xray createXrayClient() {
String url = urlEditor.getStringValue();
String xrayUrl = url.endsWith("/") ? url + "xray" : url + "/xray";
XrayServerConfigImpl serverConfig = XrayServerConfigImpl.getInstance();

return (Xray) new XrayClientBuilder()
.setUrl(xrayUrl)
.setUserName(usernameEditor.getStringValue())
.setPassword(passwordEditor.getStringValue())
.setUserAgent(USER_AGENT)
.setInsecureTls(false)
.setSslContext(serverConfig.getSslContext())
.setProxyConfiguration(serverConfig.getProxyConfForTargetUrl(xrayUrl))
.setLog(Logger.getInstance())
.build();
}

private class ButtonSelection extends SelectionAdapter {
@Override
public void widgetSelected(SelectionEvent e) {
try {
connectionResults.setText("Connecting to Xray...");
String url = urlEditor.getStringValue();
ProxyConfig proxyConfig = XrayServerConfigImpl.getInstance().getProxyConfForTargetUrl(url);
Xray xrayClient = XrayClient.create(url, usernameEditor.getStringValue(),
passwordEditor.getStringValue(), USER_AGENT, false, proxyConfig);
Xray xrayClient = createXrayClient();
Version xrayVersion = xrayClient.system().version();

if (!XrayConnectionUtils.isXrayVersionSupported(xrayVersion)) {
Expand Down
55 changes: 46 additions & 9 deletions bundle/src/main/java/com/jfrog/ide/eclipse/configuration/XrayServerConfigImpl.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,22 +4,24 @@

import java.net.URI;

import javax.net.ssl.SSLContext;

import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
import org.eclipse.core.internal.net.ProxyManager;
import org.eclipse.core.net.proxy.IProxyData;
import org.eclipse.core.net.proxy.IProxyService;
import org.eclipse.core.runtime.Platform;
import org.eclipse.core.runtime.preferences.IPreferencesService;
import org.jfrog.client.http.model.ProxyConfig;
import org.jfrog.build.client.ProxyConfiguration;

import com.jfrog.ide.common.configuration.XrayServerConfig;
import com.jfrog.ide.common.configuration.ServerConfig;

/**
* @author yahavi
*/
@SuppressWarnings("restriction")
public class XrayServerConfigImpl implements XrayServerConfig {
public class XrayServerConfigImpl implements ServerConfig {

private static XrayServerConfigImpl instance;
private IPreferencesService service = Platform.getPreferencesService();
Expand Down Expand Up @@ -51,21 +53,56 @@ private String getValue(String key) {
}

@Override
public ProxyConfig getProxyConfForTargetUrl(String xrayUrl) {
public ProxyConfiguration getProxyConfForTargetUrl(String xrayUrl) {
xrayUrl = StringUtils.defaultIfBlank(xrayUrl, getUrl());
IProxyService service = ProxyManager.getProxyManager();
IProxyData[] proxyData = service.select(URI.create(xrayUrl));
if (ArrayUtils.isEmpty(proxyData)) {
return null;
}

ProxyConfig proxyConfig = new ProxyConfig();
proxyConfig.setHost(trim(proxyData[0].getHost()));
proxyConfig.setPort(proxyData[0].getPort());
ProxyConfiguration proxyConfig = new ProxyConfiguration();
proxyConfig.host = trim(proxyData[0].getHost());
proxyConfig.port = proxyData[0].getPort();
if (proxyData[0].isRequiresAuthentication()) {
proxyConfig.setUsername(trim(proxyData[0].getUserId()));
proxyConfig.setPassword(proxyData[0].getPassword());
proxyConfig.username = trim(proxyData[0].getUserId());
proxyConfig.password = proxyData[0].getPassword();
}
return proxyConfig;
}

@Override
kerenr-jfrog marked this conversation as resolved.
Show resolved Hide resolved
public String getXrayUrl() {
String url = getUrl();
String xrayUrl = url.endsWith("/") ? url + "xray" : url + "/xray";
return xrayUrl;
}

@Override
public String getArtifactoryUrl() {
String url = getUrl();
String artifactoryUrl = url.endsWith("/") ? url + "artifactory" : url + "/artifactory";
return artifactoryUrl;
}

@Override
public int getConnectionRetries() {
return 0;
}

@Override
public int getConnectionTimeout() {
return 0;
}

@Override
public SSLContext getSslContext() {
return null;
}

@Override
public boolean isInsecureTls() {
return false;
}

}
53 changes: 18 additions & 35 deletions bundle/src/main/java/com/jfrog/ide/eclipse/scan/GradleScanManager.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@
import java.util.Set;

import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;
import org.eclipse.buildship.core.GradleDistribution;
import org.eclipse.core.resources.IProject;
import org.eclipse.core.runtime.CoreException;
Expand All @@ -23,20 +22,23 @@
import org.gradle.tooling.ProgressEvent;
import org.gradle.tooling.ProgressListener;
import org.gradle.tooling.ProjectConnection;
import org.jfrog.build.extractor.scan.DependenciesTree;
import org.jfrog.build.extractor.scan.DependencyTree;
import org.jfrog.build.extractor.scan.GeneralInfo;

import com.fasterxml.jackson.databind.ObjectMapper;
import com.google.common.collect.Sets;
import com.jfrog.ide.common.scan.ComponentPrefix;
import com.jfrog.ide.common.gradle.GradleTreeBuilder;
import com.jfrog.ide.eclipse.configuration.PreferenceConstants;
import com.jfrog.ide.eclipse.log.Logger;
import com.jfrog.ide.eclipse.utils.GradleArtifact;

public class GradleScanManager extends ScanManager {

private static final String TASK_NAME = "generateDependenciesGraphAsJson";
public static final String GRADLE_INIT_SCRIPT = "dependencies.gradle";
public static final String GRADLESCRIPTDIR = "gradleScript";
private final GradleTreeBuilder gradleTreeBuilder;

private static ObjectMapper objectMapper = new ObjectMapper();
private GradleArtifact gradleArtifact;
Expand All @@ -45,6 +47,7 @@ public class GradleScanManager extends ScanManager {
public GradleScanManager(IProject project) throws IOException {
super(project, ComponentPrefix.GAV);
getLog().info("Found Gradle project: " + getProjectName());
gradleTreeBuilder = new GradleTreeBuilder(project.getLocation().toFile().toPath(), System.getenv());
}

public static boolean isApplicable(IProject project) {
Expand All @@ -57,39 +60,17 @@ public static boolean isApplicable(IProject project) {

@Override
void refreshDependencies(IProgressMonitor monitor) throws IOException {
kerenr-jfrog marked this conversation as resolved.
Show resolved Hide resolved
this.monitor = monitor;
String rootProjectDir = project.getLocation().toPortableString();
if (project.getLocation().toFile().isDirectory()) {
rootProjectDir = project.getLocation().addTrailingSeparator().toPortableString();
}

String gradleFileNameFullPath = "/gradle/" + GRADLE_INIT_SCRIPT;
ClassLoader classLoader = GradleScanManager.class.getClassLoader();
// classLoader.getResourceAsStream(gradleFileNameFullPath) will work on all the
// OSes
try (InputStream res = classLoader.getResourceAsStream(gradleFileNameFullPath)) {
String gradleFile = createGradleFile(res);
if (StringUtils.isBlank(gradleFile)) {
getLog().warn("Gradle init script wasn't created.");
return;
}
generateDependenciesGraphAsJsonTask(rootProjectDir, gradleFile);
parseJsonResult();
}
}

@Override
void buildTree() {
DependenciesTree rootNode = new DependenciesTree(getProjectName());
GeneralInfo generalInfo = new GeneralInfo();
generalInfo.groupId(gradleArtifact.getGroupId()).artifactId(gradleArtifact.getArtifactId())
.version(gradleArtifact.getVersion());
rootNode.setGeneralInfo(generalInfo);
GradleArtifact[] dependencies = gradleArtifact.getDependencies();
if (ArrayUtils.isNotEmpty(dependencies)) {
populateDependenciesTree(rootNode, dependencies);
void buildTree() throws IOException {
try {
setScanResults(gradleTreeBuilder.buildTree(getLog()));
}
catch (IOException ex) {
Logger.getInstance().error("Could not scan project: " + getProjectName() + ". Reason is: " + ex.getMessage());
kerenr-jfrog marked this conversation as resolved.
Show resolved Hide resolved
}
setScanResults(rootNode);

}

public GradleArtifact getGradleArtifact() {
Expand All @@ -108,14 +89,16 @@ private String getComponentId(GradleArtifact gradleArtifact) {
}

/**
* Populate root modules DependenciesTree with issues, licenses and general info
* Populate root modules DependencyTree with issues, licenses and general info
* from the scan cache.
*/
private void populateDependenciesTree(DependenciesTree scanTreeNode, GradleArtifact[] gradleArtifacts) {
@SuppressWarnings("unused")
private void populateDependenciesTree(DependencyTree scanTreeNode, GradleArtifact[] gradleArtifacts) {
for (GradleArtifact artifact : gradleArtifacts) {
String componentId = getComponentId(artifact);
DependenciesTree child = new DependenciesTree(componentId);
child.setGeneralInfo(new GeneralInfo(componentId, "", "", "Maven"));
DependencyTree child = new DependencyTree(componentId);
String componentName = artifact.getArtifactId();
child.setGeneralInfo(new GeneralInfo(componentId, componentName, "", "Gradle"));
kerenr-jfrog marked this conversation as resolved.
Show resolved Hide resolved
scanTreeNode.add(child);
populateDependenciesTree(child, artifact.getDependencies());
}
Expand Down
24 changes: 16 additions & 8 deletions bundle/src/main/java/com/jfrog/ide/eclipse/scan/MavenScanManager.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,9 +16,11 @@
import org.eclipse.m2e.core.project.IMavenProjectFacade;
import org.eclipse.m2e.core.project.MavenProjectChangedEvent;
import org.eclipse.swt.widgets.Composite;
import org.jfrog.build.extractor.scan.DependenciesTree;
import org.jfrog.build.extractor.scan.DependencyTree;
import org.jfrog.build.extractor.scan.GeneralInfo;
import org.jfrog.build.extractor.scan.Scope;

import com.google.common.collect.Sets;
import com.jfrog.ide.common.scan.ComponentPrefix;
import com.jfrog.ide.eclipse.log.Logger;
import com.jfrog.ide.eclipse.scheduling.ScanJob;
Expand All @@ -38,6 +40,7 @@ public MavenScanManager(IProject project, Composite parent) throws IOException {
super(project, ComponentPrefix.GAV);
getLog().info("Found Maven project: " + getProjectName());
this.parent = parent;

}

public static boolean isApplicable(IProject project) {
Expand Down Expand Up @@ -67,23 +70,28 @@ void buildTree() throws CoreException {
if (mavenProject == null) {
return;
}
DependenciesTree rootNode = new DependenciesTree(mavenProject.getName());
DependencyTree rootNode = new DependencyTree(mavenProject.getName());
populateScanTreeNode(rootNode, mavenDependenciesRoot);
kerenr-jfrog marked this conversation as resolved.
Show resolved Hide resolved
GeneralInfo generalInfo = new GeneralInfo().groupId(mavenProject.getGroupId())
.artifactId(mavenProject.getArtifactId()).version(mavenProject.getVersion());
rootNode.setGeneralInfo(generalInfo);
populateScanTreeNode(rootNode, mavenDependenciesRoot);
setScanResults(rootNode);
setScanResults(rootNode);
}

/**
* Populate root modules DependenciesTree with issues, licenses and general info
* Populate root modules DependencyTree with issues, licenses and general info
* from the scan cache.
*/
private void populateScanTreeNode(DependenciesTree scanTreeNode, DependencyNode dependencyNode) {
private void populateScanTreeNode(DependencyTree scanTreeNode, DependencyNode dependencyNode) {
dependencyNode.getChildren().forEach(dependencyChild -> {
String componentId = getComponentId(dependencyChild);
DependenciesTree child = new DependenciesTree(componentId);
child.setGeneralInfo(new GeneralInfo(componentId, "", "", "Maven"));
DependencyTree child = new DependencyTree(componentId);
String componentName = dependencyChild.getArtifact().getArtifactId();
child.setGeneralInfo(new GeneralInfo(componentId, componentName, "", "Maven"));
// set dependency scope
String componentScope = dependencyChild.getDependency().getScope();
child.setScopes(Sets.newHashSet(new Scope(componentScope)));

scanTreeNode.add(child);
populateScanTreeNode(child, dependencyChild);
});
Expand Down
11 changes: 9 additions & 2 deletions bundle/src/main/java/com/jfrog/ide/eclipse/scan/NpmScanManager.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@
import com.fasterxml.jackson.core.JsonProcessingException;
import com.jfrog.ide.common.npm.NpmTreeBuilder;
import com.jfrog.ide.common.scan.ComponentPrefix;
import com.jfrog.ide.eclipse.log.Logger;

/**
* @author yahavi
Expand All @@ -20,7 +21,7 @@ public class NpmScanManager extends ScanManager {
NpmScanManager(IProject project) throws IOException {
super(project, ComponentPrefix.NPM);
getLog().info("Found npm project: " + getProjectName());
npmTreeBuilder = new NpmTreeBuilder(project.getFullPath().toFile().toPath());
npmTreeBuilder = new NpmTreeBuilder(project.getFullPath().toFile().toPath(), System.getenv());
}

@Override
Expand All @@ -29,6 +30,12 @@ void refreshDependencies(IProgressMonitor monitor) throws IOException {

@Override
void buildTree() throws CoreException, JsonProcessingException, IOException {
setScanResults(npmTreeBuilder.buildTree(getLog()));
try {
setScanResults(npmTreeBuilder.buildTree(getLog(), false));
kerenr-jfrog marked this conversation as resolved.
Show resolved Hide resolved
}
catch (IOException ex) {
Logger.getInstance().error("Could not scan project: " + getProjectName() + ". Reason is: " + ex.getMessage());
kerenr-jfrog marked this conversation as resolved.
Show resolved Hide resolved
}
}

}
13 changes: 7 additions & 6 deletions bundle/src/main/java/com/jfrog/ide/eclipse/scan/ScanManager.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
import org.eclipse.core.runtime.ICoreRunnable;
import org.eclipse.core.runtime.IProgressMonitor;
import org.eclipse.swt.widgets.Composite;
import org.jfrog.build.extractor.scan.DependenciesTree;
import org.jfrog.build.extractor.scan.DependencyTree;

import com.fasterxml.jackson.core.JsonProcessingException;
import com.jfrog.ide.common.filter.FilterManager;
Expand All @@ -38,8 +38,7 @@ public abstract class ScanManager extends ScanManagerBase {
IProject project;

ScanManager(IProject project, ComponentPrefix prefix) throws IOException {
super(HOME_PATH.resolve("cache"), project.getName(), Logger.getInstance(), XrayServerConfigImpl.getInstance(),
prefix);
super(HOME_PATH.resolve("cache"), project.getName(), Logger.getInstance(), XrayServerConfigImpl.getInstance(), prefix);
this.project = project;
Files.createDirectories(HOME_PATH);
}
Expand Down Expand Up @@ -131,10 +130,12 @@ public void run(IProgressMonitor monitor) throws CoreException {

private void setScanResults() {
FilterManager filterManager = FilterManagerSingleton.getInstance();
if (!getScanResults().isLeaf()) {
addFilterManagerLicenses(filterManager);
DependencyTree scanResults = getScanResults();

if (!scanResults.isLeaf()) {
filterManager.collectsFiltersInformation(scanResults);
}
DependenciesTree scanResults = getScanResults();

issuesTree.addScanResults(getProjectName(), scanResults);
licensesTree.addScanResults(getProjectName(), scanResults);
if (isDisposed()) {
Expand Down
Loading
Loading