Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Check for suspicious gradle-wrapper.jar #1434

Merged
merged 2 commits into from
May 20, 2020
Merged

Check for suspicious gradle-wrapper.jar #1434

merged 2 commits into from
May 20, 2020

Conversation

snjeza
Copy link
Contributor

@snjeza snjeza commented May 5, 2020
edited
Loading

Requires redhat-developer/vscode-java#1440

Signed-off-by: Snjezana Peco snjezana.peco@redhat.com

@snjeza snjeza requested review from gorkem and fbricon May 5, 2020 18:07
@Eskibear Eskibear mentioned this pull request May 6, 2020
Merged
fbricon
fbricon requested changes May 6, 2020
View reviewed changes
Copy link
Contributor

@fbricon fbricon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code translated from https://github.com/gradle/wrapper-validation-action/ should retain original copyright/license, with a link to the original source

org.eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/internal/gradle/checksums/WrapperValidator.java Outdated Show resolved Hide resolved
org.eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/internal/gradle/checksums/WrapperValidator.java Outdated Show resolved Hide resolved
org.eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/internal/gradle/checksums/WrapperValidator.java Outdated Show resolved Hide resolved
org.eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/internal/gradle/checksums/WrapperValidator.java Outdated Show resolved Hide resolved
...se.jdt.ls.tests/src/org/eclipse/jdt/ls/core/internal/managers/GradleProjectImporterTest.java Outdated Show resolved Hide resolved
...eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/core/internal/managers/GradleProjectImporter.java Show resolved Hide resolved
@snjeza snjeza changed the title Check gradle-wrapper.jar [WIP] Check gradle-wrapper.jar May 6, 2020
@snjeza
Copy link
Contributor Author

snjeza commented May 6, 2020

Code translated from https://github.com/gradle/wrapper-validation-action/ should retain original copyright/license, with a link to the original source

I haven't copied anything from https://github.com/gradle/wrapper-validation-action/. I have only used those class names that you sent.

@fbricon
Copy link
Contributor

fbricon commented May 6, 2020

I have only used those class names that you sent.

Well that code I translated from https://github.com/gradle/wrapper-validation-action/.

@snjeza snjeza mentioned this pull request May 10, 2020
Merged
@snjeza
Copy link
Contributor Author

snjeza commented May 10, 2020

Well that code I translated from https://github.com/gradle/wrapper-validation-action/.

I haven't used any code, but only the WrapperValidator, ValidationResult class names.

@snjeza snjeza changed the title [WIP] Check gradle-wrapper.jar Check gradle-wrapper.jar May 13, 2020
fbricon
fbricon requested changes May 13, 2020
View reviewed changes
org.eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/core/internal/JobHelpers.java Outdated Show resolved Hide resolved
org.eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/core/internal/preferences/Preferences.java Outdated Show resolved Hide resolved
...eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/core/internal/managers/GradleProjectImporter.java Outdated Show resolved Hide resolved
org.eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/core/internal/preferences/Preferences.java Outdated
@@ -1367,4 +1443,9 @@ public Preferences setStaticImportOnDemandThreshold(int staticImportOnDemandThre
defEclipsePrefs.put(CodeStyleConfiguration.ORGIMPORTS_STATIC_ONDEMANDTHRESHOLD, String.valueOf(this.staticImportOnDemandThreshold));
return this;
}

class Sha256 {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ChecksumWrapper

org.eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/core/internal/preferences/Preferences.java Outdated Show resolved Hide resolved
...clipse.jdt.ls.core/src/org/eclipse/jdt/ls/internal/gradle/checksums/DownloadChecksumJob.java Show resolved Hide resolved
@snjeza
Copy link
Contributor Author

snjeza commented May 13, 2020

@fbricon I have updated the PR.

fbricon
fbricon requested changes May 18, 2020
View reviewed changes
org.eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/internal/gradle/checksums/WrapperValidator.java Outdated Show resolved Hide resolved
org.eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/internal/gradle/checksums/WrapperValidator.java Outdated Show resolved Hide resolved
org.eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/internal/gradle/checksums/WrapperValidator.java Outdated Show resolved Hide resolved
org.eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/internal/gradle/checksums/WrapperValidator.java Outdated Show resolved Hide resolved
...clipse.jdt.ls.core/src/org/eclipse/jdt/ls/internal/gradle/checksums/DownloadChecksumJob.java Outdated Show resolved Hide resolved
org.eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/core/internal/preferences/Preferences.java Outdated Show resolved Hide resolved
org.eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/core/internal/preferences/Preferences.java Outdated Show resolved Hide resolved
org.eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/core/internal/preferences/Preferences.java Outdated Show resolved Hide resolved
org.eclipse.jdt.ls.core/src/org/eclipse/jdt/ls/internal/gradle/checksums/WrapperValidator.java Show resolved Hide resolved
...eclipse.jdt.ls.tests/src/org/eclipse/jdt/ls/core/internal/managers/WrapperValidatorTest.java Show resolved Hide resolved
@snjeza
Copy link
Contributor Author

snjeza commented May 19, 2020

test this please

fbricon
fbricon reviewed May 19, 2020
View reviewed changes
...eclipse.jdt.ls.tests/src/org/eclipse/jdt/ls/core/internal/managers/WrapperValidatorTest.java
File sha256Directory = WrapperValidator.getSha256CacheFile();
// test cache
file = new File(sha256Directory, "gradle-6.4-wrapper.jar.sha256");
String sha256 = Files.lines(Paths.get(file.getAbsolutePath()), StandardCharsets.UTF_8).findFirst().get();
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

java.nio.file.NoSuchFileException: /Users/fbricon/Dev/projects/eclipse.jdt.ls/org.eclipse.jdt.ls.tests/target/gradle/checksums/gradle-6.4-wrapper.jar.sha256
at org.eclipse.jdt.ls.core.internal.managers.WrapperValidatorTest.testGradleWrapper(WrapperValidatorTest.java:63)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

See #1450

@fbricon fbricon changed the title Check gradle-wrapper.jar Check for suspicious gradle-wrapper.jar May 20, 2020
@fbricon fbricon added this to the Mid May 2020 milestone May 20, 2020
@snjeza
Check for suspicious gradle-wrapper.jar
9d8498d 
Signed-off-by: Snjezana Peco <snjezana.peco@redhat.com>
@snjeza
Fix WrapperValidatorTest.testGradleWrapper
31c55fb 
Signed-off-by: Snjezana Peco <snjezana.peco@redhat.com>
@fbricon fbricon merged commit 8d33bd0 into eclipse-jdtls:master May 20, 2020
@fbricon
Copy link
Contributor

fbricon commented May 20, 2020

Thanks @snjeza !

@Eskibear Eskibear mentioned this pull request Jul 16, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fbricon fbricon fbricon requested changes

@gorkem gorkem Awaiting requested review from gorkem

Assignees
No one assigned
Labels
enhancement gradle
Projects
None yet
Milestone
Mid May 2020
Development

Successfully merging this pull request may close these issues.
2 participants
@snjeza @fbricon