refactor(deps): Update new codebase library

This specific set of code are still relying on ancient json-simple
version. The modern json-simple version made small changes on API
forcing to refactor part of the code.

Signed-off-by: Helio Chissini de Castro <heliocastro@gmail.com>

backend/src/src-vmcomponents/pom.xml

@@ -38,7 +38,10 @@
         <dependency>
             <groupId>org.apache.httpcomponents</groupId>
             <artifactId>httpcore</artifactId>
-            <version>4.4.4</version>
+        </dependency>
+        <dependency>
+            <groupId>com.github.cliftonlabs</groupId>
+            <artifactId>json-simple</artifactId>
         </dependency>
     </dependencies>
-</project>
+</project>

backend/src/src-vmcomponents/src/main/java/org/eclipse/sw360/vmcomponents/common/SVMMapper.java

@@ -15,8 +15,8 @@
 import org.eclipse.sw360.datahandler.thrift.vulnerabilities.CVEReference;
 import org.eclipse.sw360.datahandler.thrift.vulnerabilities.VendorAdvisory;
 import org.eclipse.sw360.datahandler.thrift.vulnerabilities.Vulnerability;
-import org.json.simple.JSONArray;
-import org.json.simple.JSONObject;
+import com.github.cliftonlabs.json_simple.JsonArray;
+import com.github.cliftonlabs.json_simple.JsonObject;
 
 import java.text.ParseException;
 import java.text.SimpleDateFormat;
@@ -58,7 +58,7 @@ public static VMAction updateAction(VMAction oldElement, VMAction update){
         return oldElement;
     }
 
-    public static VMAction updateActionByJSON(VMAction oldElement, JSONObject json){
+    public static VMAction updateActionByJSON(VMAction oldElement, JsonObject json){
         if (oldElement != null && json != null){
             String text = (String) json.get(SVMConstants.ACTION_TEXT);
 
@@ -84,7 +84,7 @@ public static VMPriority updatePriority(VMPriority oldElement, VMPriority update
         return oldElement;
     }
 
-    public static VMPriority updatePriorityByJSON(VMPriority oldElement, JSONObject json){
+    public static VMPriority updatePriorityByJSON(VMPriority oldElement, JsonObject json){
         if (oldElement != null && json != null){
             String shortText = (String) json.get(SVMConstants.PRIORITY_SHORT);
             String longText = (String) json.get(SVMConstants.PRIORITY_LONG);
@@ -119,7 +119,7 @@ public static VMComponent updateComponent(VMComponent oldElement, VMComponent up
         return oldElement;
     }
 
-    public static VMComponent updateComponentByJSON(VMComponent oldElement, JSONObject json){
+    public static VMComponent updateComponentByJSON(VMComponent oldElement, JsonObject json){
         if (oldElement != null && json != null){
             String vendor = (String) json.get(SVMConstants.COMPONENT_VENDOR);
             String name = (String) json.get(SVMConstants.COMPONENT_NAME);
@@ -142,20 +142,20 @@ public static VMComponent updateComponentByJSON(VMComponent oldElement, JSONObje
         return oldElement;
     }
 
-    public static Vulnerability updateVulnerabilityByJSON(Vulnerability oldElement, JSONObject json){
+    public static Vulnerability updateVulnerabilityByJSON(Vulnerability oldElement, JsonObject json){
         if (oldElement != null && json != null){
             String title = (String) json.get(SVMConstants.VULNERABILITY_TITLE);
             String description = (String) json.get(SVMConstants.VULNERABILITY_DESCRIPTION);
             String publishDate = mapSVMDate((String) json.get(SVMConstants.VULNERABILITY_PUBLISH_DATE));
             String lastUpdate = mapSVMDate((String) json.get(SVMConstants.VULNERABILITY_LAST_UPDATE));
             Long priority = (Long) json.get(SVMConstants.VULNERABILITY_PRIORITY);
             Long action = (Long) json.get(SVMConstants.VULNERABILITY_ACTION);
-            Set<String> compVmids = mapJSONStringArray((JSONArray) json.get(SVMConstants.VULNERABILITY_COMPONENTS));
-            Set<VendorAdvisory> vas = mapJSONVendorAdvisories((JSONArray) json.get(SVMConstants.VULNERABILITY_VENDOR_ADVISORIES));
+            Set<String> compVmids = mapJSONStringArray((JsonArray) json.get(SVMConstants.VULNERABILITY_COMPONENTS));
+            Set<VendorAdvisory> vas = mapJSONVendorAdvisories((JsonArray) json.get(SVMConstants.VULNERABILITY_VENDOR_ADVISORIES));
             String legalNotice = (String) json.get(SVMConstants.VULNERABILITY_LEGAL_NOTICE);
             String extendedDescription = (String) json.get(SVMConstants.VULNERABILITY_EXTENDED_DISC);
-            Set<CVEReference> cveReferences = mapJSONCVEReferences((JSONArray) json.get(SVMConstants.VULNERABILITY_CVE_REFERENCES));
-            Set<String> references = mapJSONStringArray((JSONArray) json.get(SVMConstants.VULNERABILITY_REFERENCES));
+            Set<CVEReference> cveReferences = mapJSONCVEReferences((JsonArray) json.get(SVMConstants.VULNERABILITY_CVE_REFERENCES));
+            Set<String> references = mapJSONStringArray((JsonArray) json.get(SVMConstants.VULNERABILITY_REFERENCES));
 
             return new Vulnerability(oldElement)
                     .setTitle(title)
@@ -188,7 +188,7 @@ private static String mapSVMDate(String date){
         }
     }
 
-    private static Set<String> mapJSONStringArray(JSONArray stringArray){
+    private static Set<String> mapJSONStringArray(JsonArray stringArray){
         if (stringArray == null || stringArray.size() == 0){
             return Collections.EMPTY_SET;
         }
@@ -199,27 +199,27 @@ private static Set<String> mapJSONStringArray(JSONArray stringArray){
         return set;
     }
 
-    private static Set<CVEReference> mapJSONCVEReferences(JSONArray cveReferences){
+    private static Set<CVEReference> mapJSONCVEReferences(JsonArray cveReferences){
         if (cveReferences == null || cveReferences.size() == 0){
             return Collections.EMPTY_SET;
         }
         Set<CVEReference> set = new HashSet<>();
         for (Object cve : cveReferences) {
-            JSONObject cveReference = (JSONObject) cve;
+            JsonObject cveReference = (JsonObject) cve;
             Long cveYear = (Long) cveReference.get(SVMConstants.VULNERABILITY_CVE_YEAR);
             Long cveNumber = (Long) cveReference.get(SVMConstants.VULNERABILITY_CVE_NUMBER);
             set.add(new CVEReference(cveYear==null?null:cveYear.toString(), cveNumber==null?null:cveNumber.toString()));
         }
         return set;
     }
 
-    private static Set<VendorAdvisory> mapJSONVendorAdvisories(JSONArray vendorAdvisories){
+    private static Set<VendorAdvisory> mapJSONVendorAdvisories(JsonArray vendorAdvisories){
         if (vendorAdvisories == null || vendorAdvisories.size() == 0){
             return Collections.EMPTY_SET;
         }
         Set<VendorAdvisory> set = new HashSet<>();
         for (Object va : vendorAdvisories) {
-            JSONObject vendorAdvisory = (JSONObject) va;
+            JsonObject vendorAdvisory = (JsonObject) va;
             String vendor = (String) vendorAdvisory.get(SVMConstants.VULNERABILITY_VA_VENDOR);
             String name = (String) vendorAdvisory.get(SVMConstants.VULNERABILITY_VA_NAME);
             String url = (String) vendorAdvisory.get(SVMConstants.VULNERABILITY_VA_URL);

backend/src/src-vmcomponents/src/main/java/org/eclipse/sw360/vmcomponents/handler/SVMSyncHandler.java

@@ -29,10 +29,9 @@
 import org.eclipse.sw360.vmcomponents.process.VMProcessHandler;
 import org.eclipse.sw360.vulnerabilities.common.VulnerabilityMapper;
 import org.jetbrains.annotations.NotNull;
-import org.json.simple.JSONArray;
-import org.json.simple.JSONObject;
-import org.json.simple.JSONValue;
-import org.json.simple.parser.JSONParser;
+import com.github.cliftonlabs.json_simple.JsonArray;
+import com.github.cliftonlabs.json_simple.JsonObject;
+import com.github.cliftonlabs.json_simple.Jsoner;
 
 import java.io.IOException;
 import java.net.MalformedURLException;
@@ -223,7 +222,7 @@ public VMResult<String> cleanUpMatches(List<String> toBeCleanedComponentIds){
     public VMResult<String> getSMVElementIds(String url){
         try {
             String idResponse = SVMUtils.prepareJSONRequestAndGetResponse(url);
-            JSONArray ids = (JSONArray) JSONValue.parse(idResponse);
+            JsonArray ids = Jsoner.deserialize(idResponse, new JsonArray());
 
             if (ids == null || ids.isEmpty()){
                 return null;
@@ -251,8 +250,7 @@ private VMResult<T> getSMVElementMasterDataById(T element, String url){
                 url += "/" + SVMUtils.getVmid(element);
                 String response = SVMUtils.prepareJSONRequestAndGetResponse(url);
 
-                JSONParser parser = new JSONParser();
-                JSONObject jsonObject = (JSONObject) parser.parse(response);
+                JsonObject jsonObject = Jsoner.deserialize(response, new JsonObject());
 
                 if (VMComponent.class.isAssignableFrom(element.getClass()))
                     element = (T) SVMMapper.updateComponentByJSON((VMComponent) element, jsonObject);
@@ -635,15 +633,15 @@ private Set<String> getVulIdsPerComponentVmId(String componentVmId, String url){
             try {
                 url = url.replace(SVMConstants.COMPONENTS_ID_WILDCARD, componentVmId);
                 String response = SVMUtils.prepareJSONRequestAndGetResponse(url);
-                JSONArray ids = (JSONArray) JSONValue.parse(response);
+                JsonArray ids = Jsoner.deserialize(response, new JsonArray());
 
                 if (ids == null || ids.isEmpty()){
                     return Collections.emptySet();
                 }
 
                 Set<String> vulIds = new HashSet<>();
                 for (Object id : ids) {
-                    JSONObject json = (JSONObject) id;
+                    JsonObject json = (JsonObject) id;
                     String vulId = json.get(SVMConstants.VULNERABILITY_ID).toString();
                     if (!StringUtils.isEmpty(vulId)){
                         vulIds.add(vulId);

backend/src/src-wsimport/src/main/java/org/eclipse/sw360/wsimport/rest/WsRestClient.java

@@ -25,7 +25,7 @@
 import org.apache.http.impl.client.HttpClientBuilder;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
-import org.json.simple.JSONObject;
+import com.github.cliftonlabs.json_simple.JsonObject;
 
 import java.io.IOException;
 
@@ -40,10 +40,10 @@ public class WsRestClient {
     }
 
     private String generateRequestBody(String requestType, String userKey, WsTokenType tokenType, String token) {
-        JSONObject json = new JSONObject();
+        JsonObject json = new JsonObject();
         json.put("requestType", requestType);
         json.put("userKey", userKey);
-        json.put(tokenType, token);
+        json.put(tokenType.toString(), token);
         return json.toString();
     }
 

pom.xml

@@ -95,7 +95,7 @@
     <json.version>20231013</json.version>
     <json-path.version>2.9.0</json-path.version>
     <json-smart.version>2.4.10</json-smart.version>
-    <json-simple.version>2.3.1</json-simple.version>
+    <json-simple.version>4.0.1</json-simple.version>
     <jackson.version>2.14.2</jackson.version>
 
     <!-- Dependencies version properties -->