From 14d8caf8c7cdc276abd7e83e18084066df1b8daa Mon Sep 17 00:00:00 2001 From: Christoph Pirkl Date: Thu, 29 Feb 2024 15:20:27 +0100 Subject: [PATCH 01/12] #63: Upgrade dependencies --- .gitattributes | 3 + .github/workflows/broken_links_checker.yml | 2 + .github/workflows/ci-build-next-java.yml | 8 +- .github/workflows/ci-build.yml | 47 +++-- .github/workflows/dependencies_check.yml | 62 ++++++- .github/workflows/dependencies_update.yml | 169 ++++++++++++++++++ ...elease_droid_prepare_original_checksum.yml | 16 +- .../release_droid_print_quick_checksum.yml | 11 +- ...release_droid_release_on_maven_central.yml | 11 +- ...ase_droid_upload_github_release_assets.yml | 11 +- .project-keeper.yml | 7 +- .vscode/settings.json | 6 +- dependencies.md | 98 +++++----- doc/changes/changelog.md | 1 + doc/changes/changes_0.6.12.md | 50 ++++++ pk_generated_parent.pom | 70 ++++++-- pom.xml | 34 ++-- 17 files changed, 470 insertions(+), 136 deletions(-) create mode 100644 .github/workflows/dependencies_update.yml create mode 100644 doc/changes/changes_0.6.12.md diff --git a/.gitattributes b/.gitattributes index 9064858..2429bb3 100644 --- a/.gitattributes +++ b/.gitattributes @@ -2,9 +2,12 @@ dependencies.md linguist-genera doc/changes/changelog.md linguist-generated=true pk_generated_parent.pom linguist-generated=true .github/workflows/broken_links_checker.yml linguist-generated=true +.github/workflows/ci-build.yml linguist-generated=true .github/workflows/ci-build-next-java.yml linguist-generated=true .github/workflows/dependencies_check.yml linguist-generated=true +.github/workflows/dependencies_update.yml linguist-generated=true .github/workflows/release_droid_print_quick_checksum.yml linguist-generated=true +.github/workflows/release_droid_prepare_original_checksum.yml linguist-generated=true .github/workflows/release_droid_release_on_maven_central.yml linguist-generated=true .github/workflows/release_droid_upload_github_release_assets.yml linguist-generated=true diff --git a/.github/workflows/broken_links_checker.yml b/.github/workflows/broken_links_checker.yml index 82ec1cd..0fbcad5 100644 --- a/.github/workflows/broken_links_checker.yml +++ b/.github/workflows/broken_links_checker.yml @@ -1,3 +1,5 @@ +# Generated by Project Keeper +# https://github.com/exasol/project-keeper/blob/main/project-keeper/src/main/resources/templates/.github/workflows/broken_links_checker.yml name: Broken Links Checker on: diff --git a/.github/workflows/ci-build-next-java.yml b/.github/workflows/ci-build-next-java.yml index 7cbab08..e3acdb7 100644 --- a/.github/workflows/ci-build-next-java.yml +++ b/.github/workflows/ci-build-next-java.yml @@ -1,5 +1,6 @@ +# Generated by Project Keeper +# https://github.com/exasol/project-keeper/blob/main/project-keeper/src/main/resources/templates/.github/workflows/ci-build-next-java.yml name: CI Build next Java - on: push: branches: @@ -18,7 +19,7 @@ jobs: with: fetch-depth: 0 - name: Set up JDK 17 - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: distribution: "temurin" java-version: 17 @@ -26,8 +27,9 @@ jobs: - name: Run tests and build with Maven run: | mvn --batch-mode --update-snapshots clean package -DtrimStackTrace=false \ + -Djava.version=17 \ -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn - - name: Publish Test Report + - name: Publish Test Report for Java 17 uses: scacap/action-surefire-report@v1 if: ${{ always() && github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]' }} with: diff --git a/.github/workflows/ci-build.yml b/.github/workflows/ci-build.yml index 4d3ebab..5f69efc 100644 --- a/.github/workflows/ci-build.yml +++ b/.github/workflows/ci-build.yml @@ -1,5 +1,6 @@ +# Generated by Project Keeper +# https://github.com/exasol/project-keeper/blob/main/project-keeper/src/main/resources/templates/.github/workflows/ci-build-db-version-matrix.yml name: CI Build - on: push: branches: @@ -7,13 +8,20 @@ on: pull_request: jobs: - build: - runs-on: ubuntu-20.04 # UDFs fail with "VM error: Internal error: VM crashed" on ubuntu-latest + matrix-build: + runs-on: ubuntu-latest concurrency: - group: ${{ github.workflow }}-${{ github.ref }} + group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.exasol_db_version }} cancel-in-progress: true + strategy: + fail-fast: false + matrix: + exasol_db_version: ["8.25.0", "7.1.25"] + env: + DEFAULT_EXASOL_DB_VERSION: "8.25.0" steps: - name: Free Disk Space + if: ${{ false }} run: | sudo rm -rf /usr/local/lib/android sudo rm -rf /usr/share/dotnet @@ -21,16 +29,16 @@ jobs: uses: actions/checkout@v4 with: fetch-depth: 0 - - name: Set up JDK 11 & 17 - uses: actions/setup-java@v3 + - name: Set up JDKs + uses: actions/setup-java@v4 with: distribution: "temurin" java-version: | - 17 11 + 17 cache: "maven" - name: Cache SonarCloud packages - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: ~/.sonar/cache key: ${{ runner.os }}-sonar @@ -39,23 +47,32 @@ jobs: run: echo 'testcontainers.reuse.enable=true' > "$HOME/.testcontainers.properties" - name: Run tests and build with Maven run: | - JAVA_HOME=$JAVA_HOME_11_X64 mvn --batch-mode clean verify \ + mvn --batch-mode clean verify \ -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \ - -DtrimStackTrace=false - - name: Publish Test Report + -DtrimStackTrace=false \ + -Dcom.exasol.dockerdb.image=${{ matrix.exasol_db_version }} + env: + # Set additional environment variable as in scala projects the scalatest plugin does not forward + # the system property -Dcom.exasol.dockerdb.image to the test's implementation. + EXASOL_DB_VERSION: ${{ matrix.exasol_db_version }} + - name: Publish Test Report for Exasol ${{ matrix.exasol_db_version }} uses: scacap/action-surefire-report@v1 if: ${{ always() && github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]' }} with: github_token: ${{ secrets.GITHUB_TOKEN }} - name: Sonar analysis - if: ${{ env.SONAR_TOKEN != null }} + if: ${{ env.SONAR_TOKEN != null && matrix.exasol_db_version == env.DEFAULT_EXASOL_DB_VERSION }} run: | - JAVA_HOME=$JAVA_HOME_17_X64 mvn --batch-mode org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \ + mvn --batch-mode org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \ -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \ -DtrimStackTrace=false \ - -Dsonar.organization=exasol \ - -Dsonar.host.url=https://sonarcloud.io \ -Dsonar.token=$SONAR_TOKEN env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + + build: + needs: matrix-build + runs-on: ubuntu-latest + steps: + - run: echo "Build successful" diff --git a/.github/workflows/dependencies_check.yml b/.github/workflows/dependencies_check.yml index 3059964..6926e55 100644 --- a/.github/workflows/dependencies_check.yml +++ b/.github/workflows/dependencies_check.yml @@ -1,20 +1,64 @@ -name: Dependencies Check - +# Generated by Project Keeper +# https://github.com/exasol/project-keeper/blob/main/project-keeper/src/main/resources/templates/.github/workflows/dependencies_check.yml +name: Report Security Issues on: + workflow_dispatch: schedule: - cron: "0 2 * * *" jobs: - build: + report_security_issues: runs-on: ubuntu-latest - + permissions: + contents: read + issues: write + outputs: + created-issues: ${{ steps.security-issues.outputs.created-issues }} steps: - uses: actions/checkout@v4 - - name: Set up JDK 11 - uses: actions/setup-java@v3 + + - name: Set up JDKs + uses: actions/setup-java@v4 with: distribution: "temurin" - java-version: 11 + java-version: | + 11 + 17 cache: "maven" - - name: Checking dependencies for vulnerabilities - run: mvn --batch-mode org.sonatype.ossindex.maven:ossindex-maven-plugin:audit -f pom.xml + + - name: Generate ossindex report + run: | + mvn --batch-mode org.sonatype.ossindex.maven:ossindex-maven-plugin:audit \ + org.sonatype.ossindex.maven:ossindex-maven-plugin:audit-aggregate \ + -Dossindex.reportFile=$(pwd)/ossindex-report.json \ + -Dossindex.fail=false + + - name: Report Security Issues + id: security-issues + uses: exasol/python-toolbox/.github/actions/security-issues@main + with: + format: "maven" + command: "cat ossindex-report.json" + github-token: ${{ secrets.GITHUB_TOKEN }} + + - name: Output security issues (Debugging) + run: | + echo "$CREATED_ISSUES" > test.jsonl + cat test.jsonl + env: + CREATED_ISSUES: ${{ steps.security-issues.outputs.created-issues }} + + start_dependency_udpate: + needs: report_security_issues + if: ${{ needs.report_security_issues.outputs.created-issues }} + concurrency: + cancel-in-progress: true + group: "dependency_update" + # Workflow needs secret INTEGRATION_TEAM_SLACK_NOTIFICATION_WEBHOOK + secrets: inherit + permissions: + contents: write + pull-requests: write + uses: ./.github/workflows/dependencies_update.yml + with: + vulnerability_issues: ${{ needs.report_security_issues.outputs.created-issues }} diff --git a/.github/workflows/dependencies_update.yml b/.github/workflows/dependencies_update.yml new file mode 100644 index 0000000..58222ba --- /dev/null +++ b/.github/workflows/dependencies_update.yml @@ -0,0 +1,169 @@ +# Generated by Project Keeper +# https://github.com/exasol/project-keeper/blob/main/project-keeper/src/main/resources/templates/.github/workflows/dependencies_update.yml +name: Update dependencies +on: + workflow_call: + inputs: + vulnerability_issues: + description: "GitHub issues for vulnerable dependencies as JSONL" + required: true + type: string + workflow_dispatch: + +jobs: + update_dependencies: + runs-on: ubuntu-latest + permissions: + contents: write + pull-requests: write + + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - name: Set up JDKs + uses: actions/setup-java@v4 + with: + distribution: "temurin" + java-version: | + 11 + 17 + cache: "maven" + + - name: Print issues + run: | + echo "Issues from Action input: $ISSUES" + env: + ISSUES: ${{ inputs.vulnerability_issues }} + + - name: Fail if not running on a branch + if: ${{ !startsWith(github.ref, 'refs/heads/') }} + uses: actions/github-script@v7 + with: + script: | + core.setFailed('Not running on a branch, github.ref is ${{ github.ref }}. Please start this workflow only on main or a branch') + + - name: Update dependencies + run: | + mvn --batch-mode com.exasol:project-keeper-maven-plugin:update-dependencies --projects . \ + -Dproject-keeper:vulnerabilities="$CREATED_ISSUES" + env: + CREATED_ISSUES: ${{ inputs.vulnerability_issues }} + + - name: Project Keeper Fix + run: | + mvn --batch-mode com.exasol:project-keeper-maven-plugin:fix --projects . + + - name: Project Keeper Fix for updated Project Keeper version + # Calling PK fix a second time is necessary because the first invocation potentially updated PK itself. + # So we need to run PK fix again with the latest PK version. + # [impl->dsn~dependency-updater.workflow.start-pk-fix~1] + run: | + mvn --batch-mode com.exasol:project-keeper-maven-plugin:fix --projects . + + - name: Generate Pull Request comment + id: pr-comment + # [impl->dsn~dependency-updater.workflow.pull-request-trigger-ci-build~1] + run: | + echo 'comment<> "$GITHUB_OUTPUT" + echo 'This Pull Request was created by [`dependencies_update.yml`](https://github.com/exasol/project-keeper/blob/main/project-keeper/src/main/resources/templates/.github/workflows/dependencies_update.yml) workflow.' >> "$GITHUB_OUTPUT" + if [ -n "$CREATED_ISSUES" ]; then + echo 'It updates dependencies to fix the following vulnerabilities:' >> "$GITHUB_OUTPUT" + echo $CREATED_ISSUES | jq --raw-output '. | "* Closes " + .issue_url + " (" + .cve + ")"' >> "$GITHUB_OUTPUT" + else + echo 'It updates dependencies.' >> "$GITHUB_OUTPUT" + fi + echo >> "$GITHUB_OUTPUT" + echo '# ⚠️ This PR does not trigger CI workflows by default ⚠️' >> "$GITHUB_OUTPUT" + echo 'Please click the **Close pull request** button and then **Reopen pull request** to trigger running checks.' >> "$GITHUB_OUTPUT" + echo 'See https://github.com/exasol/project-keeper/issues/534 for details.' >> "$GITHUB_OUTPUT" + echo 'EOF' >> "$GITHUB_OUTPUT" + + cat "$GITHUB_OUTPUT" + env: + CREATED_ISSUES: ${{ inputs.vulnerability_issues }} + + - name: Generate Pull Request Title + id: pr-title + run: | + if [ -n "$CREATED_ISSUES" ]; then + echo "Security issues are available" + echo "title=🔐 Update dependencies to fix vulnerabilities" >> "$GITHUB_OUTPUT" + else + echo "Security issues are not available" + echo "title=Update dependencies" >> "$GITHUB_OUTPUT" + fi + + cat "$GITHUB_OUTPUT" + env: + CREATED_ISSUES: ${{ inputs.vulnerability_issues }} + + - name: Configure git + run: | + git config --global user.email "opensource@exasol.com" + git config --global user.name "Automatic Dependency Updater" + + - name: Create branch + if: ${{ github.ref == 'refs/heads/main' }} + run: | + branch_name="dependency-update/$(date "+%Y%m%d%H%M%S")" + echo "Creating branch $branch_name" + git checkout -b "$branch_name" + + - name: Commit changes & push + if: ${{ startsWith(github.ref, 'refs/heads/' ) }} + run: | + branch_name=$(git rev-parse --abbrev-ref HEAD) + echo "Current branch: $branch_name" + echo "git diff --stat" + git diff --stat + echo "git diff --numstat" + git diff --numstat + echo "git diff --name-status" + git diff --name-status + echo "Adding untracked files:" + git add . --verbose --all + echo "Committing changes..." + git commit --message "$TITLE" + echo "Pushing branch $branch_name..." + git push --set-upstream origin "$branch_name" + echo "Done." + env: + TITLE: ${{ steps.pr-title.outputs.title }} + + - name: Create pull request + id: create-pr + if: ${{ github.ref == 'refs/heads/main' }} + run: | + pr_url=$(gh pr create --base main --title "$TITLE" --body "$COMMENT") + echo "Created Pull Request: $pr_url" + echo "pr_url=$pr_url" >> "$GITHUB_OUTPUT" + env: + COMMENT: ${{ steps.pr-comment.outputs.comment }} + TITLE: ${{ steps.pr-title.outputs.title }} + GH_TOKEN: ${{ github.token }} + + - name: Report failure Status to Slack channel + # Also run this step in case of failures + if: ${{ always() }} + uses: ravsamhq/notify-slack-action@v2 + with: + status: ${{ job.status }} + token: ${{ secrets.GITHUB_TOKEN }} + notification_title: "Dependency check in {repo} has {status_message}" + message_format: "{emoji} *{workflow}* {status_message} in <{repo_url}|{repo}>" + notify_when: "failure,cancelled,warnings" + env: + SLACK_WEBHOOK_URL: ${{ secrets.INTEGRATION_TEAM_SLACK_NOTIFICATION_WEBHOOK }} + + - name: Report new Pull Request to Slack channel + if: ${{ steps.create-pr.outputs.pr_url }} + uses: ravsamhq/notify-slack-action@v2 + with: + status: ${{ job.status }} + token: ${{ secrets.GITHUB_TOKEN }} + notification_title: "Dependency update for {repo} created a Pull Request" + message_format: "{workflow} created Pull Request ${{ steps.create-pr.outputs.pr_url }}" + env: + SLACK_WEBHOOK_URL: ${{ secrets.INTEGRATION_TEAM_SLACK_NOTIFICATION_WEBHOOK }} diff --git a/.github/workflows/release_droid_prepare_original_checksum.yml b/.github/workflows/release_droid_prepare_original_checksum.yml index 843604c..9801107 100644 --- a/.github/workflows/release_droid_prepare_original_checksum.yml +++ b/.github/workflows/release_droid_prepare_original_checksum.yml @@ -1,13 +1,15 @@ +# Generated by Project Keeper +# https://github.com/exasol/project-keeper/blob/main/project-keeper/src/main/resources/templates/.github/workflows/release_droid_prepare_original_checksum.yml name: Release Droid - Prepare Original Checksum - on: workflow_dispatch: jobs: build: - runs-on: ubuntu-20.04 # UDFs fail with "VM error: Internal error: VM crashed" on ubuntu-latest + runs-on: ubuntu-latest steps: - name: Free Disk Space + if: ${{ false }} run: | sudo rm -rf /usr/local/lib/android sudo rm -rf /usr/share/dotnet @@ -15,11 +17,13 @@ jobs: uses: actions/checkout@v4 with: fetch-depth: 0 - - name: Set up JDK 11 - uses: actions/setup-java@v3 + - name: Set up JDKs + uses: actions/setup-java@v4 with: distribution: "temurin" - java-version: 11 + java-version: | + 11 + 17 cache: "maven" - name: Enable testcontainer reuse run: echo 'testcontainers.reuse.enable=true' > "$HOME/.testcontainers.properties" @@ -28,7 +32,7 @@ jobs: - name: Prepare checksum run: find target -maxdepth 1 -name *.jar -exec sha256sum "{}" + > original_checksum - name: Upload checksum to the artifactory - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: original_checksum retention-days: 5 diff --git a/.github/workflows/release_droid_print_quick_checksum.yml b/.github/workflows/release_droid_print_quick_checksum.yml index aed4444..86979cd 100644 --- a/.github/workflows/release_droid_print_quick_checksum.yml +++ b/.github/workflows/release_droid_print_quick_checksum.yml @@ -1,5 +1,6 @@ +# Generated by Project Keeper +# https://github.com/exasol/project-keeper/blob/main/project-keeper/src/main/resources/templates/.github/workflows/release_droid_print_quick_checksum.yml name: Release Droid - Print Quick Checksum - on: workflow_dispatch: @@ -11,11 +12,13 @@ jobs: uses: actions/checkout@v4 with: fetch-depth: 0 - - name: Set up JDK 11 - uses: actions/setup-java@v3 + - name: Set up JDKs + uses: actions/setup-java@v4 with: distribution: "temurin" - java-version: 11 + java-version: | + 11 + 17 cache: "maven" - name: Build with Maven skipping tests run: mvn --batch-mode clean verify -DskipTests diff --git a/.github/workflows/release_droid_release_on_maven_central.yml b/.github/workflows/release_droid_release_on_maven_central.yml index dfdbd6a..0a5ee04 100644 --- a/.github/workflows/release_droid_release_on_maven_central.yml +++ b/.github/workflows/release_droid_release_on_maven_central.yml @@ -1,5 +1,6 @@ +# Generated by Project Keeper +# https://github.com/exasol/project-keeper/blob/main/project-keeper/src/main/resources/templates/.github/workflows/release_droid_release_on_maven_central.yml name: Release Droid - Release On Maven Central - on: workflow_dispatch: @@ -12,16 +13,20 @@ jobs: with: fetch-depth: 0 - name: Set up Maven Central Repository - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: distribution: "temurin" - java-version: 11 + java-version: | + 11 + 17 cache: "maven" server-id: ossrh server-username: MAVEN_USERNAME server-password: MAVEN_PASSWORD gpg-private-key: ${{ secrets.OSSRH_GPG_SECRET_KEY }} gpg-passphrase: MAVEN_GPG_PASSPHRASE + - name: List secret GPG keys + run: gpg --list-secret-keys - name: Publish to Central Repository run: mvn --batch-mode -Dgpg.skip=false -DskipTests clean deploy env: diff --git a/.github/workflows/release_droid_upload_github_release_assets.yml b/.github/workflows/release_droid_upload_github_release_assets.yml index 7ae8bbb..b19f7cf 100644 --- a/.github/workflows/release_droid_upload_github_release_assets.yml +++ b/.github/workflows/release_droid_upload_github_release_assets.yml @@ -1,5 +1,6 @@ +# Generated by Project Keeper +# https://github.com/exasol/project-keeper/blob/main/project-keeper/src/main/resources/templates/.github/workflows/release_droid_upload_github_release_assets.yml name: Release Droid - Upload GitHub Release Assets - on: workflow_dispatch: inputs: @@ -15,11 +16,13 @@ jobs: uses: actions/checkout@v4 with: fetch-depth: 0 - - name: Set up JDK 11 - uses: actions/setup-java@v3 + - name: Set up JDKs + uses: actions/setup-java@v4 with: distribution: "temurin" - java-version: 11 + java-version: | + 11 + 17 cache: "maven" - name: Build with Maven skipping tests run: mvn --batch-mode clean verify -DskipTests diff --git a/.project-keeper.yml b/.project-keeper.yml index c6aee8f..8371529 100644 --- a/.project-keeper.yml +++ b/.project-keeper.yml @@ -6,6 +6,7 @@ sources: - integration_tests linkReplacements: - "https://github.com/hamcrest/JavaHamcrest/hamcrest-all|https://github.com/hamcrest/JavaHamcrest" -excludes: - - "E-PK-CORE-18: Outdated content: '.github/workflows/ci-build.yml'" - - "E-PK-CORE-18: Outdated content: '.github/workflows/release_droid_prepare_original_checksum.yml'" +build: + exasolDbVersions: + - "8.25.0" + - "7.1.25" diff --git a/.vscode/settings.json b/.vscode/settings.json index f1a4c2c..8778700 100644 --- a/.vscode/settings.json +++ b/.vscode/settings.json @@ -1,9 +1,9 @@ { "editor.formatOnSave": true, "editor.codeActionsOnSave": { - "source.organizeImports": true, - "source.generate.finalModifiers": true, - "source.fixAll": true + "source.organizeImports": "explicit", + "source.generate.finalModifiers": "explicit", + "source.fixAll": "explicit" }, "java.codeGeneration.useBlocks": true, "java.saveActions.organizeImports": true, diff --git a/dependencies.md b/dependencies.md index bea09b3..6b94cb8 100644 --- a/dependencies.md +++ b/dependencies.md @@ -20,7 +20,7 @@ | [JaCoCo :: Agent][5] | [Eclipse Public License 2.0][6] | | [JUnit Jupiter Engine][15] | [Eclipse Public License v2.0][16] | | [JUnit Jupiter Params][15] | [Eclipse Public License v2.0][16] | -| [mockito-junit-jupiter][17] | [The MIT License][18] | +| [mockito-junit-jupiter][17] | [MIT][18] | | [Hamcrest All][19] | [New BSD License][20] | | [Test containers for Exasol on Docker][21] | [MIT License][22] | | [Testcontainers :: JUnit Jupiter Extension][23] | [MIT][24] | @@ -38,29 +38,25 @@ | Dependency | License | | ------------------------------------------------------- | ---------------------------------------------- | | [SonarQube Scanner for Maven][30] | [GNU LGPL 3][31] | -| [Apache Maven Compiler Plugin][32] | [Apache-2.0][12] | -| [Apache Maven Enforcer Plugin][33] | [Apache-2.0][12] | -| [Maven Flatten Plugin][34] | [Apache Software Licenese][12] | -| [Maven Dependency Plugin][35] | [The Apache Software License, Version 2.0][36] | -| [Project keeper maven plugin][37] | [The MIT License][38] | -| [org.sonatype.ossindex.maven:ossindex-maven-plugin][39] | [ASL2][36] | -| [Maven Surefire Plugin][40] | [Apache-2.0][12] | -| [Versions Maven Plugin][41] | [Apache License, Version 2.0][12] | -| [duplicate-finder-maven-plugin Maven Mojo][42] | [Apache License 2.0][43] | -| [Apache Maven Deploy Plugin][44] | [Apache-2.0][12] | -| [Apache Maven GPG Plugin][45] | [Apache-2.0][12] | -| [Apache Maven Source Plugin][46] | [Apache License, Version 2.0][12] | -| [Apache Maven Javadoc Plugin][47] | [Apache-2.0][12] | -| [Nexus Staging Maven Plugin][48] | [Eclipse Public License][49] | -| [Maven Failsafe Plugin][50] | [Apache-2.0][12] | -| [JaCoCo :: Maven Plugin][51] | [Eclipse Public License 2.0][6] | -| [error-code-crawler-maven-plugin][52] | [MIT License][53] | -| [Reproducible Build Maven Plugin][54] | [Apache 2.0][36] | -| [Maven Clean Plugin][55] | [The Apache Software License, Version 2.0][36] | -| [Maven Resources Plugin][56] | [The Apache Software License, Version 2.0][36] | -| [Maven JAR Plugin][57] | [The Apache Software License, Version 2.0][36] | -| [Maven Install Plugin][58] | [The Apache Software License, Version 2.0][36] | -| [Maven Site Plugin 3][59] | [The Apache Software License, Version 2.0][36] | +| [Apache Maven Toolchains Plugin][32] | [Apache License, Version 2.0][12] | +| [Apache Maven Compiler Plugin][33] | [Apache-2.0][12] | +| [Apache Maven Enforcer Plugin][34] | [Apache-2.0][12] | +| [Maven Flatten Plugin][35] | [Apache Software Licenese][12] | +| [Maven Dependency Plugin][36] | [The Apache Software License, Version 2.0][37] | +| [Project Keeper Maven plugin][38] | [The MIT License][39] | +| [org.sonatype.ossindex.maven:ossindex-maven-plugin][40] | [ASL2][37] | +| [Maven Surefire Plugin][41] | [Apache-2.0][12] | +| [Versions Maven Plugin][42] | [Apache License, Version 2.0][12] | +| [duplicate-finder-maven-plugin Maven Mojo][43] | [Apache License 2.0][44] | +| [Apache Maven Deploy Plugin][45] | [Apache-2.0][12] | +| [Apache Maven GPG Plugin][46] | [Apache-2.0][12] | +| [Apache Maven Source Plugin][47] | [Apache License, Version 2.0][12] | +| [Apache Maven Javadoc Plugin][48] | [Apache-2.0][12] | +| [Nexus Staging Maven Plugin][49] | [Eclipse Public License][50] | +| [Maven Failsafe Plugin][51] | [Apache-2.0][12] | +| [JaCoCo :: Maven Plugin][52] | [Eclipse Public License 2.0][6] | +| [error-code-crawler-maven-plugin][53] | [MIT License][54] | +| [Reproducible Build Maven Plugin][55] | [Apache 2.0][37] | [0]: https://github.com/eclipse-ee4j/jsonp [1]: https://projects.eclipse.org/license/epl-2.0 @@ -80,7 +76,7 @@ [15]: https://junit.org/junit5/ [16]: https://www.eclipse.org/legal/epl-v20.html [17]: https://github.com/mockito/mockito -[18]: https://github.com/mockito/mockito/blob/main/LICENSE +[18]: https://opensource.org/licenses/MIT [19]: https://github.com/hamcrest/JavaHamcrest [20]: http://www.opensource.org/licenses/bsd-license.php [21]: https://github.com/exasol/exasol-testcontainers/ @@ -94,31 +90,27 @@ [29]: https://github.com/eclipse-ee4j/parsson [30]: http://sonarsource.github.io/sonar-scanner-maven/ [31]: http://www.gnu.org/licenses/lgpl.txt -[32]: https://maven.apache.org/plugins/maven-compiler-plugin/ -[33]: https://maven.apache.org/enforcer/maven-enforcer-plugin/ -[34]: https://www.mojohaus.org/flatten-maven-plugin/ -[35]: http://maven.apache.org/plugins/maven-dependency-plugin/ -[36]: http://www.apache.org/licenses/LICENSE-2.0.txt -[37]: https://github.com/exasol/project-keeper/ -[38]: https://github.com/exasol/project-keeper/blob/main/LICENSE -[39]: https://sonatype.github.io/ossindex-maven/maven-plugin/ -[40]: https://maven.apache.org/surefire/maven-surefire-plugin/ -[41]: https://www.mojohaus.org/versions/versions-maven-plugin/ -[42]: https://basepom.github.io/duplicate-finder-maven-plugin -[43]: http://www.apache.org/licenses/LICENSE-2.0.html -[44]: https://maven.apache.org/plugins/maven-deploy-plugin/ -[45]: https://maven.apache.org/plugins/maven-gpg-plugin/ -[46]: https://maven.apache.org/plugins/maven-source-plugin/ -[47]: https://maven.apache.org/plugins/maven-javadoc-plugin/ -[48]: http://www.sonatype.com/public-parent/nexus-maven-plugins/nexus-staging/nexus-staging-maven-plugin/ -[49]: http://www.eclipse.org/legal/epl-v10.html -[50]: https://maven.apache.org/surefire/maven-failsafe-plugin/ -[51]: https://www.jacoco.org/jacoco/trunk/doc/maven.html -[52]: https://github.com/exasol/error-code-crawler-maven-plugin/ -[53]: https://github.com/exasol/error-code-crawler-maven-plugin/blob/main/LICENSE -[54]: http://zlika.github.io/reproducible-build-maven-plugin -[55]: http://maven.apache.org/plugins/maven-clean-plugin/ -[56]: http://maven.apache.org/plugins/maven-resources-plugin/ -[57]: http://maven.apache.org/plugins/maven-jar-plugin/ -[58]: http://maven.apache.org/plugins/maven-install-plugin/ -[59]: http://maven.apache.org/plugins/maven-site-plugin/ +[32]: https://maven.apache.org/plugins/maven-toolchains-plugin/ +[33]: https://maven.apache.org/plugins/maven-compiler-plugin/ +[34]: https://maven.apache.org/enforcer/maven-enforcer-plugin/ +[35]: https://www.mojohaus.org/flatten-maven-plugin/ +[36]: http://maven.apache.org/plugins/maven-dependency-plugin/ +[37]: http://www.apache.org/licenses/LICENSE-2.0.txt +[38]: https://github.com/exasol/project-keeper/ +[39]: https://github.com/exasol/project-keeper/blob/main/LICENSE +[40]: https://sonatype.github.io/ossindex-maven/maven-plugin/ +[41]: https://maven.apache.org/surefire/maven-surefire-plugin/ +[42]: https://www.mojohaus.org/versions/versions-maven-plugin/ +[43]: https://basepom.github.io/duplicate-finder-maven-plugin +[44]: http://www.apache.org/licenses/LICENSE-2.0.html +[45]: https://maven.apache.org/plugins/maven-deploy-plugin/ +[46]: https://maven.apache.org/plugins/maven-gpg-plugin/ +[47]: https://maven.apache.org/plugins/maven-source-plugin/ +[48]: https://maven.apache.org/plugins/maven-javadoc-plugin/ +[49]: http://www.sonatype.com/public-parent/nexus-maven-plugins/nexus-staging/nexus-staging-maven-plugin/ +[50]: http://www.eclipse.org/legal/epl-v10.html +[51]: https://maven.apache.org/surefire/maven-failsafe-plugin/ +[52]: https://www.jacoco.org/jacoco/trunk/doc/maven.html +[53]: https://github.com/exasol/error-code-crawler-maven-plugin/ +[54]: https://github.com/exasol/error-code-crawler-maven-plugin/blob/main/LICENSE +[55]: http://zlika.github.io/reproducible-build-maven-plugin diff --git a/doc/changes/changelog.md b/doc/changes/changelog.md index c404b40..6637ca7 100644 --- a/doc/changes/changelog.md +++ b/doc/changes/changelog.md @@ -1,5 +1,6 @@ # Changes +* [0.6.12](changes_0.6.12.md) * [0.6.11](changes_0.6.11.md) * [0.6.10](changes_0.6.10.md) * [0.6.9](changes_0.6.9.md) diff --git a/doc/changes/changes_0.6.12.md b/doc/changes/changes_0.6.12.md new file mode 100644 index 0000000..fc81d79 --- /dev/null +++ b/doc/changes/changes_0.6.12.md @@ -0,0 +1,50 @@ +# Udf Debugging Java 0.6.12, released 2024-02-29 + +Code name: Fix CVE-2024-25710 and CVE-2024-26308 in compile dependency `org.apache.commons:commons-compress` + +## Summary + +This release fixes vulnerabilities CVE-2024-25710 and CVE-2024-26308 in compile dependency `org.apache.commons:commons-compress`. + +## Security + +* #36: Fixed CVE-2024-25710 and CVE-2024-26308 in compile dependency `org.apache.commons:commons-compress` + +## Dependency Updates + +### Compile Dependency Updates + +* Updated `com.exasol:bucketfs-java:3.1.0` to `3.1.1` +* Updated `jakarta.json:jakarta.json-api:2.1.2` to `2.1.3` +* Updated `org.apache.commons:commons-compress:1.24.0` to `1.26.0` +* Updated `org.jacoco:org.jacoco.core:0.8.10` to `0.8.11` +* Updated `org.slf4j:slf4j-jdk14:2.0.9` to `2.0.12` + +### Runtime Dependency Updates + +* Updated `org.eclipse.parsson:parsson:1.1.4` to `1.1.5` + +### Test Dependency Updates + +* Updated `com.exasol:exasol-testcontainers:6.6.2` to `7.0.1` +* Updated `com.exasol:test-db-builder-java:3.5.0` to `3.5.3` +* Updated `org.jacoco:org.jacoco.agent:0.8.10` to `0.8.11` +* Updated `org.junit.jupiter:junit-jupiter-engine:5.10.0` to `5.10.2` +* Updated `org.junit.jupiter:junit-jupiter-params:5.10.0` to `5.10.2` +* Updated `org.mockito:mockito-junit-jupiter:5.5.0` to `5.10.0` +* Updated `org.testcontainers:junit-jupiter:1.19.0` to `1.19.6` + +### Plugin Dependency Updates + +* Updated `com.exasol:error-code-crawler-maven-plugin:1.3.0` to `2.0.0` +* Updated `com.exasol:project-keeper-maven-plugin:2.9.12` to `4.1.0` +* Updated `org.apache.maven.plugins:maven-compiler-plugin:3.11.0` to `3.12.1` +* Updated `org.apache.maven.plugins:maven-enforcer-plugin:3.4.0` to `3.4.1` +* Updated `org.apache.maven.plugins:maven-failsafe-plugin:3.1.2` to `3.2.5` +* Updated `org.apache.maven.plugins:maven-javadoc-plugin:3.5.0` to `3.6.3` +* Updated `org.apache.maven.plugins:maven-surefire-plugin:3.1.2` to `3.2.5` +* Added `org.apache.maven.plugins:maven-toolchains-plugin:3.1.0` +* Updated `org.codehaus.mojo:flatten-maven-plugin:1.5.0` to `1.6.0` +* Updated `org.codehaus.mojo:versions-maven-plugin:2.16.0` to `2.16.2` +* Updated `org.jacoco:jacoco-maven-plugin:0.8.10` to `0.8.11` +* Updated `org.sonarsource.scanner.maven:sonar-maven-plugin:3.9.1.2184` to `3.10.0.2594` diff --git a/pk_generated_parent.pom b/pk_generated_parent.pom index 4c5de41..2c847f9 100644 --- a/pk_generated_parent.pom +++ b/pk_generated_parent.pom @@ -3,12 +3,14 @@ 4.0.0 com.exasol udf-debugging-java-generated-parent - 0.6.11 + 0.6.12 pom UTF-8 UTF-8 11 + exasol + https://sonarcloud.io true @@ -48,21 +50,46 @@ org.sonarsource.scanner.maven sonar-maven-plugin - 3.9.1.2184 + 3.10.0.2594 + + + org.apache.maven.plugins + maven-toolchains-plugin + 3.1.0 + + + + toolchain + + + + + + + ${java.version} + + + org.apache.maven.plugins maven-compiler-plugin - 3.11.0 + 3.12.1 ${java.version} ${java.version} + true + + + -Xlint:all,-processing + + org.apache.maven.plugins maven-enforcer-plugin - 3.4.0 + 3.4.1 enforce-maven @@ -72,8 +99,11 @@ - [3.8.7,3.9.0) + 3.6.3 + + 17 + @@ -82,7 +112,7 @@ org.codehaus.mojo flatten-maven-plugin - 1.5.0 + 1.6.0 true oss @@ -121,7 +151,7 @@ org.apache.maven.plugins maven-surefire-plugin - 3.1.2 + 3.2.5 @@ -132,7 +162,7 @@ org.codehaus.mojo versions-maven-plugin - 2.16.0 + 2.16.2 display-updates @@ -145,6 +175,17 @@ file:///${project.basedir}/versionsMavenPluginRules.xml + false + true + true + true + false + true + true + true + false + true + true @@ -219,7 +260,7 @@ org.apache.maven.plugins maven-javadoc-plugin - 3.5.0 + 3.6.3 attach-javadocs @@ -234,6 +275,8 @@ true true true + true + ${java.version} @@ -260,10 +303,9 @@ org.apache.maven.plugins maven-failsafe-plugin - 3.1.2 + 3.2.5 - + -Djava.util.logging.config.file=src/test/resources/logging.properties ${argLine} ${test.excludeTags} @@ -281,7 +323,7 @@ org.jacoco jacoco-maven-plugin - 0.8.10 + 0.8.11 prepare-agent @@ -322,7 +364,7 @@ com.exasol error-code-crawler-maven-plugin - 1.3.0 + 2.0.0 verify diff --git a/pom.xml b/pom.xml index 95a8455..6d4c510 100644 --- a/pom.xml +++ b/pom.xml @@ -2,24 +2,24 @@ 4.0.0 udf-debugging-java - 0.6.11 + 0.6.12 udf-debugging-java Utilities for debugging, profiling and code coverage measure for UDFs. https://github.com/exasol/udf-debugging-java/ - 5.10.0 - 0.8.10 + 5.10.2 + 0.8.11 jakarta.json jakarta.json-api - 2.1.2 + 2.1.3 org.eclipse.parsson parsson - 1.1.4 + 1.1.5 runtime @@ -42,12 +42,12 @@ com.exasol bucketfs-java - 3.1.0 + 3.1.1 com.exasol exasol-test-setup-abstraction-java - 2.0.3 + 2.1.0 @@ -75,7 +75,7 @@ org.mockito mockito-junit-jupiter - 5.5.0 + 5.10.0 test @@ -88,19 +88,19 @@ com.exasol exasol-testcontainers - 6.6.2 + 7.0.1 test org.testcontainers junit-jupiter - 1.19.0 + 1.19.6 test com.exasol test-db-builder-java - 3.5.0 + 3.5.3 test @@ -113,7 +113,7 @@ org.slf4j slf4j-jdk14 - 2.0.9 + 2.0.12 @@ -139,7 +139,7 @@ com.exasol project-keeper-maven-plugin - 2.9.12 + 4.1.0 @@ -157,10 +157,6 @@ CVE-2020-36641 is reported to be fixed in aXMLRPC 1.12.1. We use version 1.13.0, so this is a false positive. --> CVE-2020-36641 - - CVE-2023-4586 @@ -169,7 +165,7 @@ udf-debugging-java-generated-parent com.exasol - 0.6.11 + 0.6.12 pk_generated_parent.pom From b3cbb30baea80a826fdca9848542b85558ede3f3 Mon Sep 17 00:00:00 2001 From: Christoph Pirkl Date: Thu, 29 Feb 2024 15:37:18 +0100 Subject: [PATCH 02/12] Use Ubuntu 20.04 --- .github/workflows/ci-build.yml | 2 +- .github/workflows/release_droid_prepare_original_checksum.yml | 2 +- .project-keeper.yml | 1 + 3 files changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci-build.yml b/.github/workflows/ci-build.yml index 5f69efc..726cf2a 100644 --- a/.github/workflows/ci-build.yml +++ b/.github/workflows/ci-build.yml @@ -9,7 +9,7 @@ on: jobs: matrix-build: - runs-on: ubuntu-latest + runs-on: ubuntu-20.04 concurrency: group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.exasol_db_version }} cancel-in-progress: true diff --git a/.github/workflows/release_droid_prepare_original_checksum.yml b/.github/workflows/release_droid_prepare_original_checksum.yml index 9801107..2ff28b3 100644 --- a/.github/workflows/release_droid_prepare_original_checksum.yml +++ b/.github/workflows/release_droid_prepare_original_checksum.yml @@ -6,7 +6,7 @@ on: jobs: build: - runs-on: ubuntu-latest + runs-on: ubuntu-20.04 steps: - name: Free Disk Space if: ${{ false }} diff --git a/.project-keeper.yml b/.project-keeper.yml index 8371529..b7df6c5 100644 --- a/.project-keeper.yml +++ b/.project-keeper.yml @@ -7,6 +7,7 @@ sources: linkReplacements: - "https://github.com/hamcrest/JavaHamcrest/hamcrest-all|https://github.com/hamcrest/JavaHamcrest" build: + runnerOs: ubuntu-20.04 exasolDbVersions: - "8.25.0" - "7.1.25" From bd0ce6f1a0b56e0d2e3c60535b2b41a5139fae22 Mon Sep 17 00:00:00 2001 From: Christoph Pirkl Date: Fri, 1 Mar 2024 07:21:56 +0100 Subject: [PATCH 03/12] Upgrade bucketfs-java --- doc/changes/changes_0.6.12.md | 2 +- pom.xml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/doc/changes/changes_0.6.12.md b/doc/changes/changes_0.6.12.md index fc81d79..037c669 100644 --- a/doc/changes/changes_0.6.12.md +++ b/doc/changes/changes_0.6.12.md @@ -14,7 +14,7 @@ This release fixes vulnerabilities CVE-2024-25710 and CVE-2024-26308 in compile ### Compile Dependency Updates -* Updated `com.exasol:bucketfs-java:3.1.0` to `3.1.1` +* Updated `com.exasol:bucketfs-java:3.1.0` to `3.1.2` * Updated `jakarta.json:jakarta.json-api:2.1.2` to `2.1.3` * Updated `org.apache.commons:commons-compress:1.24.0` to `1.26.0` * Updated `org.jacoco:org.jacoco.core:0.8.10` to `0.8.11` diff --git a/pom.xml b/pom.xml index 6d4c510..eaac2da 100644 --- a/pom.xml +++ b/pom.xml @@ -42,7 +42,7 @@ com.exasol bucketfs-java - 3.1.1 + 3.1.2 com.exasol From 5b4b13aee49cd53c64ae3b4bc8ea35ab315ee127 Mon Sep 17 00:00:00 2001 From: Christoph Pirkl Date: Fri, 1 Mar 2024 07:22:18 +0100 Subject: [PATCH 04/12] Update release date --- doc/changes/changes_0.6.12.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/changes/changes_0.6.12.md b/doc/changes/changes_0.6.12.md index 037c669..af9ac66 100644 --- a/doc/changes/changes_0.6.12.md +++ b/doc/changes/changes_0.6.12.md @@ -1,4 +1,4 @@ -# Udf Debugging Java 0.6.12, released 2024-02-29 +# Udf Debugging Java 0.6.12, released 2024-03-01 Code name: Fix CVE-2024-25710 and CVE-2024-26308 in compile dependency `org.apache.commons:commons-compress` From d3c304628e566333f3213a5f60a14d3d482b7ffb Mon Sep 17 00:00:00 2001 From: Christoph Pirkl Date: Fri, 1 Mar 2024 09:48:58 +0100 Subject: [PATCH 05/12] Refactor test --- .../modules/udflogs/LogRecorderTest.java | 47 +++++++++---------- 1 file changed, 22 insertions(+), 25 deletions(-) diff --git a/src/test/java/com/exasol/udfdebugging/modules/udflogs/LogRecorderTest.java b/src/test/java/com/exasol/udfdebugging/modules/udflogs/LogRecorderTest.java index f759e6e..c715aac 100644 --- a/src/test/java/com/exasol/udfdebugging/modules/udflogs/LogRecorderTest.java +++ b/src/test/java/com/exasol/udfdebugging/modules/udflogs/LogRecorderTest.java @@ -1,6 +1,9 @@ package com.exasol.udfdebugging.modules.udflogs; import static org.hamcrest.MatcherAssert.assertThat; +import static org.hamcrest.Matchers.equalTo; +import static org.hamcrest.Matchers.hasSize; +import static org.junit.jupiter.api.Assertions.assertAll; import java.io.*; import java.net.Socket; @@ -9,7 +12,6 @@ import java.util.ArrayList; import java.util.List; -import org.hamcrest.Matchers; import org.junit.jupiter.api.Test; class LogRecorderTest { @@ -17,41 +19,37 @@ class LogRecorderTest { @Test void testLogsAreWrittenAsFile() throws Exception { final List logFiles = new ArrayList<>(); - final LogRecorder logRecorder = new LogRecorder(logFiles::add); - final StreamToLogger connection = new StreamToLogger(logRecorder.getPort()); - connection.write("test"); - assertThat(logFiles, Matchers.hasSize(1)); - assertThat(Files.readString(logFiles.get(0)), Matchers.equalTo("test")); - connection.close(); - logRecorder.close(); + try (final LogRecorder logRecorder = new LogRecorder(logFiles::add); + final StreamToLogger connection = new StreamToLogger(logRecorder.getPort());) { + connection.write("test"); + assertAll(() -> assertThat(logFiles, hasSize(1)), + () -> assertThat(Files.readString(logFiles.get(0)), equalTo("test"))); + } } @Test void testParallelStreams() throws Exception { final List logFiles = new ArrayList<>(); - final LogRecorder logRecorder = new LogRecorder(logFiles::add); - final StreamToLogger connection1 = new StreamToLogger(logRecorder.getPort()); - connection1.write("test"); - assertThat(logFiles, Matchers.hasSize(1)); - assertThat(Files.readString(logFiles.get(0)), Matchers.equalTo("test")); - final StreamToLogger connection2 = new StreamToLogger(logRecorder.getPort()); - connection2.write("other"); - assertThat(logFiles, Matchers.hasSize(2)); - assertThat(Files.readString(logFiles.get(1)), Matchers.equalTo("other")); - connection1.close(); - connection2.close(); - logRecorder.close(); + try (final LogRecorder logRecorder = new LogRecorder(logFiles::add); + final StreamToLogger connection1 = new StreamToLogger(logRecorder.getPort());) { + connection1.write("test"); + assertAll(() -> assertThat(logFiles, hasSize(1)), + () -> assertThat(Files.readString(logFiles.get(0)), equalTo("test"))); + try (final StreamToLogger connection2 = new StreamToLogger(logRecorder.getPort())) { + connection2.write("other"); + assertAll(() -> assertThat(logFiles, hasSize(2)), + () -> assertThat(Files.readString(logFiles.get(1)), equalTo("other"))); + } + } } private static class StreamToLogger implements Closeable { private final Socket socket; - private final OutputStream outputStream; private final PrintWriter writer; public StreamToLogger(final int port) throws IOException { this.socket = new Socket("localhost", port); - this.outputStream = this.socket.getOutputStream(); - this.writer = new PrintWriter(this.outputStream); + this.writer = new PrintWriter(this.socket.getOutputStream()); } @SuppressWarnings("java:S2925") // sleep is required @@ -64,8 +62,7 @@ public void write(final String message) throws InterruptedException { @Override public void close() throws IOException { this.writer.close(); - this.outputStream.close(); this.socket.close(); } } -} \ No newline at end of file +} From 564324e3fa0b474cdbaca0aeac21c90e0deef35b Mon Sep 17 00:00:00 2001 From: Christoph Pirkl Date: Fri, 1 Mar 2024 10:20:59 +0100 Subject: [PATCH 06/12] Increase timeout to fix test --- .../exasol/udfdebugging/modules/udflogs/LogRecorderTest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/test/java/com/exasol/udfdebugging/modules/udflogs/LogRecorderTest.java b/src/test/java/com/exasol/udfdebugging/modules/udflogs/LogRecorderTest.java index c715aac..81b6a75 100644 --- a/src/test/java/com/exasol/udfdebugging/modules/udflogs/LogRecorderTest.java +++ b/src/test/java/com/exasol/udfdebugging/modules/udflogs/LogRecorderTest.java @@ -56,7 +56,7 @@ public StreamToLogger(final int port) throws IOException { public void write(final String message) throws InterruptedException { this.writer.write(message); this.writer.flush(); - Thread.sleep(100); + Thread.sleep(200); } @Override From e159d4c561d3a2c64e80ca07b53674c6fe232671 Mon Sep 17 00:00:00 2001 From: Christoph Pirkl Date: Fri, 1 Mar 2024 10:24:06 +0100 Subject: [PATCH 07/12] Fix issue number --- doc/changes/changes_0.6.12.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/changes/changes_0.6.12.md b/doc/changes/changes_0.6.12.md index af9ac66..2b7fbb4 100644 --- a/doc/changes/changes_0.6.12.md +++ b/doc/changes/changes_0.6.12.md @@ -8,7 +8,7 @@ This release fixes vulnerabilities CVE-2024-25710 and CVE-2024-26308 in compile ## Security -* #36: Fixed CVE-2024-25710 and CVE-2024-26308 in compile dependency `org.apache.commons:commons-compress` +* #63: Fixed CVE-2024-25710 and CVE-2024-26308 in compile dependency `org.apache.commons:commons-compress` ## Dependency Updates From 78f98cd06e99ec38033adfe48cdf313874fd4767 Mon Sep 17 00:00:00 2001 From: Christoph Pirkl Date: Fri, 1 Mar 2024 10:45:27 +0100 Subject: [PATCH 08/12] Fail on compiler warnings --- pom.xml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/pom.xml b/pom.xml index eaac2da..d92dcb6 100644 --- a/pom.xml +++ b/pom.xml @@ -148,6 +148,18 @@ + + org.apache.maven.plugins + maven-compiler-plugin + + + + -Xlint:all,-path + -Werror + + + org.sonatype.ossindex.maven ossindex-maven-plugin From 9d50f40e97d6ae9ed0ec187dfe77fc6990321e1e Mon Sep 17 00:00:00 2001 From: Christoph Pirkl Date: Fri, 1 Mar 2024 10:45:46 +0100 Subject: [PATCH 09/12] Declare more specific exception --- .../com/exasol/udfdebugging/modules/udflogs/LogRecorder.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/com/exasol/udfdebugging/modules/udflogs/LogRecorder.java b/src/main/java/com/exasol/udfdebugging/modules/udflogs/LogRecorder.java index d7d0363..01dee15 100644 --- a/src/main/java/com/exasol/udfdebugging/modules/udflogs/LogRecorder.java +++ b/src/main/java/com/exasol/udfdebugging/modules/udflogs/LogRecorder.java @@ -37,7 +37,7 @@ public LogRecorder(final Consumer logFileHandler) { } @Override - public void close() throws Exception { + public void close() throws IOException { this.server.close(); } From d78861a9258b9eaf8b0cb85a58520d11fc831183 Mon Sep 17 00:00:00 2001 From: Christoph Pirkl Date: Fri, 1 Mar 2024 10:47:08 +0100 Subject: [PATCH 10/12] Suppress compiler warnings about unused variable in try block --- src/test/java/com/exasol/udfdebugging/UdfTestSetupTest.java | 3 ++- .../udfdebugging/modules/jprofiler/JProfilerModuleTest.java | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/src/test/java/com/exasol/udfdebugging/UdfTestSetupTest.java b/src/test/java/com/exasol/udfdebugging/UdfTestSetupTest.java index ff22f50..2090a56 100644 --- a/src/test/java/com/exasol/udfdebugging/UdfTestSetupTest.java +++ b/src/test/java/com/exasol/udfdebugging/UdfTestSetupTest.java @@ -76,6 +76,7 @@ void testCoverageEnabled() { } @Test + @SuppressWarnings("try") // Try-with-resources variable not used in try block void testUdfLogsEnabled() throws SQLException { final Statement statement = mock(Statement.class); when(this.connection.createStatement()).thenReturn(statement); @@ -102,4 +103,4 @@ void testDebuggingDisabled() { assertThat(jvmOptions, not(hasItem(EXPECTED_DEBUG_JVM_OPTION))); } } -} \ No newline at end of file +} diff --git a/src/test/java/com/exasol/udfdebugging/modules/jprofiler/JProfilerModuleTest.java b/src/test/java/com/exasol/udfdebugging/modules/jprofiler/JProfilerModuleTest.java index 261838c..0e33f13 100644 --- a/src/test/java/com/exasol/udfdebugging/modules/jprofiler/JProfilerModuleTest.java +++ b/src/test/java/com/exasol/udfdebugging/modules/jprofiler/JProfilerModuleTest.java @@ -24,6 +24,7 @@ static void beforeAll() { } @Test + @SuppressWarnings("try") // Try-with-resources variable not used in try block void testUpload() throws BucketAccessException, TimeoutException, FileNotFoundException { final Bucket bucket = mock(Bucket.class); try (final JProfilerModule jProfilerModule = new JProfilerModule(bucket)) { @@ -43,4 +44,4 @@ void testGetJvmOptions() { + "=port=11002")); } } -} \ No newline at end of file +} From 7649146c58ad6a6e82d83c9f863df868737abc65 Mon Sep 17 00:00:00 2001 From: Christoph Pirkl Date: Fri, 1 Mar 2024 10:47:18 +0100 Subject: [PATCH 11/12] Increase timeout to fix failing test --- .../exasol/udfdebugging/modules/udflogs/LogRecorderTest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/test/java/com/exasol/udfdebugging/modules/udflogs/LogRecorderTest.java b/src/test/java/com/exasol/udfdebugging/modules/udflogs/LogRecorderTest.java index 81b6a75..f9dad16 100644 --- a/src/test/java/com/exasol/udfdebugging/modules/udflogs/LogRecorderTest.java +++ b/src/test/java/com/exasol/udfdebugging/modules/udflogs/LogRecorderTest.java @@ -56,7 +56,7 @@ public StreamToLogger(final int port) throws IOException { public void write(final String message) throws InterruptedException { this.writer.write(message); this.writer.flush(); - Thread.sleep(200); + Thread.sleep(400); } @Override From c3bc2aaba6063767abf0176c52edca6db8b02a8d Mon Sep 17 00:00:00 2001 From: Christoph Pirkl Date: Fri, 1 Mar 2024 10:51:02 +0100 Subject: [PATCH 12/12] Run PK fix --- dependencies.md | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/dependencies.md b/dependencies.md index 6b94cb8..f73ddbe 100644 --- a/dependencies.md +++ b/dependencies.md @@ -39,12 +39,12 @@ | ------------------------------------------------------- | ---------------------------------------------- | | [SonarQube Scanner for Maven][30] | [GNU LGPL 3][31] | | [Apache Maven Toolchains Plugin][32] | [Apache License, Version 2.0][12] | -| [Apache Maven Compiler Plugin][33] | [Apache-2.0][12] | -| [Apache Maven Enforcer Plugin][34] | [Apache-2.0][12] | -| [Maven Flatten Plugin][35] | [Apache Software Licenese][12] | -| [Maven Dependency Plugin][36] | [The Apache Software License, Version 2.0][37] | -| [Project Keeper Maven plugin][38] | [The MIT License][39] | -| [org.sonatype.ossindex.maven:ossindex-maven-plugin][40] | [ASL2][37] | +| [Maven Dependency Plugin][33] | [The Apache Software License, Version 2.0][34] | +| [Project Keeper Maven plugin][35] | [The MIT License][36] | +| [Apache Maven Compiler Plugin][37] | [Apache-2.0][12] | +| [Apache Maven Enforcer Plugin][38] | [Apache-2.0][12] | +| [Maven Flatten Plugin][39] | [Apache Software Licenese][12] | +| [org.sonatype.ossindex.maven:ossindex-maven-plugin][40] | [ASL2][34] | | [Maven Surefire Plugin][41] | [Apache-2.0][12] | | [Versions Maven Plugin][42] | [Apache License, Version 2.0][12] | | [duplicate-finder-maven-plugin Maven Mojo][43] | [Apache License 2.0][44] | @@ -56,7 +56,7 @@ | [Maven Failsafe Plugin][51] | [Apache-2.0][12] | | [JaCoCo :: Maven Plugin][52] | [Eclipse Public License 2.0][6] | | [error-code-crawler-maven-plugin][53] | [MIT License][54] | -| [Reproducible Build Maven Plugin][55] | [Apache 2.0][37] | +| [Reproducible Build Maven Plugin][55] | [Apache 2.0][34] | [0]: https://github.com/eclipse-ee4j/jsonp [1]: https://projects.eclipse.org/license/epl-2.0 @@ -91,13 +91,13 @@ [30]: http://sonarsource.github.io/sonar-scanner-maven/ [31]: http://www.gnu.org/licenses/lgpl.txt [32]: https://maven.apache.org/plugins/maven-toolchains-plugin/ -[33]: https://maven.apache.org/plugins/maven-compiler-plugin/ -[34]: https://maven.apache.org/enforcer/maven-enforcer-plugin/ -[35]: https://www.mojohaus.org/flatten-maven-plugin/ -[36]: http://maven.apache.org/plugins/maven-dependency-plugin/ -[37]: http://www.apache.org/licenses/LICENSE-2.0.txt -[38]: https://github.com/exasol/project-keeper/ -[39]: https://github.com/exasol/project-keeper/blob/main/LICENSE +[33]: http://maven.apache.org/plugins/maven-dependency-plugin/ +[34]: http://www.apache.org/licenses/LICENSE-2.0.txt +[35]: https://github.com/exasol/project-keeper/ +[36]: https://github.com/exasol/project-keeper/blob/main/LICENSE +[37]: https://maven.apache.org/plugins/maven-compiler-plugin/ +[38]: https://maven.apache.org/enforcer/maven-enforcer-plugin/ +[39]: https://www.mojohaus.org/flatten-maven-plugin/ [40]: https://sonatype.github.io/ossindex-maven/maven-plugin/ [41]: https://maven.apache.org/surefire/maven-surefire-plugin/ [42]: https://www.mojohaus.org/versions/versions-maven-plugin/