Checkmarx · cx-pedro-lopes · Jun 20, 2022 · Jun 15, 2022 · Jun 15, 2022 · Jun 15, 2022
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -8,12 +8,8 @@ jobs:
     steps:
       - name: Checkout
         uses: actions/checkout@v3
-
-      - name: Set up JDK 8
-        uses: actions/setup-java@v3.3.0
         with:
-          distribution: 'temurin'
-          java-version: 8
+          token: ${{ secrets.PERSONAL_ACCESS_TOKEN }}
 
       - name: Cache local Maven repository
         uses: actions/cache@v3
@@ -23,12 +19,36 @@ jobs:
           restore-keys: |
             ${{ runner.os }}-maven-
 
+      - name: Set up JDK 11
+        uses: actions/setup-java@v3.3.0
+        with:
+          distribution: 'temurin'
+          java-version: '11'
+          server-id: ossrh
+          server-username: MAVEN_USERNAME
+          server-password: MAVEN_PASSWORD
+          gpg-private-key: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }}
+          gpg-passphrase: MAVEN_GPG_PASSPHRASE
+
       - name: Run tests with Maven
+        run: mvn -B test --file pom.xml
         env:
           CX_CLIENT_ID: ${{ secrets.CX_CLIENT_ID}}
           CX_CLIENT_SECRET: ${{ secrets.CX_CLIENT_SECRET}}
           CX_BASE_URI: ${{ secrets.CX_BASE_URI }}
           CX_TENANT: ${{ secrets.CX_TENANT }}
           CX_SCAN_ID: ${{ secrets.CX_SCAN_ID }}
           CX_APIKEY: ${{ secrets.CX_APIKEY }}
-        run: mvn -B test --file pom.xml
+
+
+      - name: Build with Maven
+        run: mvn -B verify -DskipTests --file pom.xml
+        env:
+          MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
+          MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }}
+          MAVEN_GPG_PASSPHRASE: ${{ secrets.MAVEN_GPG_PASSPHRASE }}
+
+      - name: Run SpotBugs Analysis
+        uses: jwgmeligmeyling/spotbugs-github-action@master
+        with:
+          path: '**/spotbugsXml.xml'
diff --git a/pom.xml b/pom.xml
@@ -9,7 +9,7 @@
     <packaging>jar</packaging>
 
     <name>Checkmarx AST Client</name>
-    <description>Checkmarx AST ClI SDK</description>
+    <description>Checkmarx AST CLI SDK</description>
     <url>https://www.checkmarx.com</url>
 
     <properties>
@@ -60,6 +60,24 @@
 
     <build>
         <plugins>
+            <plugin>
+                <groupId>com.github.spotbugs</groupId>
+                <artifactId>spotbugs-maven-plugin</artifactId>
+                <version>4.7.0.0</version>
+                <configuration>
+                    <effort>Max</effort>
+                    <threshold>High</threshold>
+                    <xmlOutput>true</xmlOutput>
+                    <failOnError>false</failOnError>
+                </configuration>
+                <executions>
+                    <execution>
+                        <goals>
+                            <goal>check</goal>
+                        </goals>
+                    </execution>
+                </executions>
+            </plugin>
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-surefire-plugin</artifactId>

diff --git a/src/main/java/com/checkmarx/ast/results/result/Node.java b/src/main/java/com/checkmarx/ast/results/result/Node.java
@@ -9,7 +9,6 @@
 import com.fasterxml.jackson.databind.type.TypeFactory;
 import lombok.Value;
 import org.apache.commons.lang3.StringUtils;
-
 import java.io.IOException;
 import java.util.List;
 import java.util.Objects;
@@ -103,14 +102,18 @@ public boolean equals(Object obj) {
         }
         Node node = (Node) obj;
         return line == node.line &&
-               column == node.column &&
-               length == node.length &&
-               Objects.equals(name, node.name) &&
-               Objects.equals(method, node.method) &&
-               Objects.equals(domType, node.domType) &&
-               Objects.equals(fileName, node.fileName) &&
-               Objects.equals(fullName, node.fullName) &&
-               Objects.equals(methodLine, node.methodLine);
+                column == node.column &&
+                length == node.length &&
+                Objects.equals(name, node.name) &&
+                Objects.equals(method, node.method) &&
+                Objects.equals(domType, node.domType) &&
+                Objects.equals(fileName, node.fileName) &&
+                Objects.equals(fullName, node.fullName) &&
+                Objects.equals(methodLine, node.methodLine);
     }
 
+    @Override
+    public int hashCode() {
+        return id.hashCode();
+    }
 }
diff --git a/src/main/java/com/checkmarx/ast/wrapper/CxWrapper.java b/src/main/java/com/checkmarx/ast/wrapper/CxWrapper.java
@@ -15,7 +15,6 @@
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
-
 import java.io.IOException;
 import java.nio.file.Files;
 import java.util.ArrayList;
@@ -35,7 +34,7 @@ public class CxWrapper {
     @NonNull
     private final String executable;
 
-    public CxWrapper(@NonNull CxConfig cxConfig)
+    public CxWrapper(CxConfig cxConfig)
             throws CxConfig.InvalidCLIConfigException, IOException {
         this(cxConfig, LoggerFactory.getLogger(CxWrapper.class));
     }

diff --git a/src/main/java/com/checkmarx/ast/wrapper/Execution.java b/src/main/java/com/checkmarx/ast/wrapper/Execution.java
@@ -1,7 +1,6 @@
 package com.checkmarx.ast.wrapper;
 
 import org.slf4j.Logger;
-
 import java.io.*;
 import java.net.URL;
 import java.nio.charset.StandardCharsets;
@@ -83,7 +82,7 @@ static String executeCommand(List<String> arguments,
         File outputFile = new File(directory, file);
 
         return new String(Files.readAllBytes(Paths.get(outputFile.getAbsolutePath())),
-                          StandardCharsets.UTF_8);
+                StandardCharsets.UTF_8);
     }
 
     static String getTempBinary() throws IOException {
@@ -98,7 +97,7 @@ static String getTempBinary() throws IOException {
             }
             File tempExecutable = new File(TEMP_DIR, fileName);
             if (!tempExecutable.exists() || !compareChecksum(resource.openStream(),
-                                                             new FileInputStream(tempExecutable))) {
+                    new FileInputStream(tempExecutable))) {
                 copyURLToFile(resource, tempExecutable);
             }
             if (!tempExecutable.canExecute() && !tempExecutable.setExecutable(true)) {
@@ -111,7 +110,7 @@ static String getTempBinary() throws IOException {
 
     private static BufferedReader getReader(Process process) {
         InputStream is = process.getInputStream();
-        InputStreamReader isr = new InputStreamReader(is);
+        InputStreamReader isr = new InputStreamReader(is, StandardCharsets.UTF_8);
         return new BufferedReader(isr);
     }
 
@@ -167,7 +166,7 @@ private static String md5(InputStream a) {
             while ((i = a.read(buf)) != -1) {
                 md.update(buf, 0, i);
             }
-            md5 = new String(md.digest());
+            md5 = new String(md.digest(), StandardCharsets.UTF_8);
         } catch (NoSuchAlgorithmException | IOException e) {
             // ignore
         }