fix(#1713): CVE-2020-15250 (Medium) detected in junit-4.12.jar

custom/build.gradle

@@ -11,5 +11,5 @@ repositories {
 }
 
 dependencies {
-    testCompile group: 'junit', name: 'junit', version: '4.12'
+    testCompile group: 'junit', name: 'junit', version: '4.13.1'
 }

gradle.properties

@@ -29,15 +29,14 @@ LEADPONY_JUSTIFY_VERSION=0.14.0
 JACKSON_VERSION=2.11.1
 MEDEIA_VALIDATOR_JACKSON_VERSION=1.1.1
 
-JUNIT_JUPITER_VERSION=5.5.1
-JUNIT_4_VERSION=4.12
-JUNIT_PLATFORM_RUNNER_VERSION=1.3.1
+JUNIT_JUPITER_VERSION=5.6.3
+JUNIT_4_VERSION=4.13.1
+JUNIT_PLATFORM_RUNNER_VERSION=1.6.3
 MOCKITO_VERSION=1.9.5
 MOCKITO_JUNIT_JUPITER_VERSION=2.28.2
 GHERKIN_VERSION=5.0.0
-CUCUMBER_VERSION=4.0.0
-CUCUMBER_EXPRESSIONS_VERSION=6.0.1
-CUCUMBER_PICOCONTAINER_VERSION=1.2.5
+CUCUMBER_VERSION=5.0.0
+CUCUMBER_PICOCONTAINER_VERSION=5.0.0
 SELENIUM_VERSION=3.141.59
 
 FAKER_VERSION=1.0.2

orchestrator/build.gradle

@@ -45,13 +45,11 @@ dependencies {
     testCompile "org.junit.platform:junit-platform-runner:${JUNIT_PLATFORM_RUNNER_VERSION}"
     testCompile "org.junit.vintage:junit-vintage-engine:${JUNIT_JUPITER_VERSION}"
     testCompile "org.junit.jupiter:junit-jupiter-params:${JUNIT_JUPITER_VERSION}"
-    testCompile "io.cucumber:cucumber-core:${CUCUMBER_VERSION}"
     testCompile "io.cucumber:cucumber-junit:${CUCUMBER_VERSION}"
     testCompile "io.cucumber:cucumber-java:${CUCUMBER_VERSION}"
-    testCompile "io.cucumber:cucumber-jvm:${CUCUMBER_VERSION}"
+    testCompile "io.cucumber:cucumber-java8:${CUCUMBER_VERSION}"
     testCompile "io.cucumber:gherkin:${GHERKIN_VERSION}"
-    testCompile "io.cucumber:cucumber-expressions:${CUCUMBER_EXPRESSIONS_VERSION}"
-    testCompile "info.cukes:cucumber-picocontainer:${CUCUMBER_PICOCONTAINER_VERSION}"
+    testCompile "io.cucumber:cucumber-picocontainer:${CUCUMBER_PICOCONTAINER_VERSION}"
     testCompile "org.mockito:mockito-all:${MOCKITO_VERSION}"
     testCompile "com.shazam:shazamcrest:${SHAZAMCREST_VERSION}"
     testCompile "org.junit.jupiter:junit-jupiter-engine:${JUNIT_JUPITER_VERSION}"

orchestrator/src/test/java/com/scottlogic/datahelix/generator/orchestrator/cucumber/features/operators/general/ConstraintTypes.feature

@@ -41,9 +41,9 @@ Feature: Correct Constraint Types, validation exceptions should be raised if the
     Given there is a non nullable field foo
     And foo has type "datetime"
     And foo is in set:
-      | "aaa"|
-      | "bbb |
-      | "ccc |
+      | "aaa" |
+      | "bbb" |
+      | "ccc" |
     Then the profile is invalid
 
   Scenario Outline: <wrongType> constraint <constraint> cannot be applied to <type> fields

orchestrator/src/test/java/com/scottlogic/datahelix/generator/orchestrator/cucumber/testframework/TestRunner.java

@@ -17,8 +17,8 @@
 package com.scottlogic.datahelix.generator.orchestrator.cucumber.testframework;
 
 import com.scottlogic.datahelix.generator.orchestrator.cucumber.testframework.utils.GeneratorCucumber;
+import io.cucumber.junit.CucumberOptions;
 import org.junit.runner.RunWith;
-import cucumber.api.CucumberOptions;
 
 @RunWith(GeneratorCucumber.class)
 @CucumberOptions(

orchestrator/src/test/java/com/scottlogic/datahelix/generator/orchestrator/cucumber/testframework/steps/BooleanValueStep.java

@@ -16,9 +16,11 @@
 
 package com.scottlogic.datahelix.generator.orchestrator.cucumber.testframework.steps;
 
+import com.fasterxml.jackson.core.JsonParseException;
 import com.scottlogic.datahelix.generator.orchestrator.cucumber.testframework.utils.CucumberTestState;
 import com.scottlogic.datahelix.generator.profile.dtos.constraints.ConstraintType;
-import cucumber.api.java.en.When;
+import io.cucumber.java.ParameterType;
+import io.cucumber.java.en.When;
 
 public class BooleanValueStep {
     private final CucumberTestState state;
@@ -27,6 +29,11 @@ public BooleanValueStep(CucumberTestState state) {
         this.state = state;
     }
 
+    @ParameterType(name = "boolean", value = "(true|false)$")
+    public Boolean defineBoolean(String value) throws JsonParseException {
+        return Boolean.valueOf(value);
+    }
+
     @When("{fieldVar} is equal to {boolean}")
     public void whenFieldIsConstrainedByNumericValue(String fieldName, Boolean value) {
         this.state.addConstraint(fieldName, ConstraintType.EQUAL_TO, value);

orchestrator/src/test/java/com/scottlogic/datahelix/generator/orchestrator/cucumber/testframework/steps/CombinationStrategyStep.java

@@ -0,0 +1,31 @@
+/*
+ * Copyright 2019 Scott Logic Ltd
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.scottlogic.datahelix.generator.orchestrator.cucumber.testframework.steps;
+
+import com.scottlogic.datahelix.generator.core.config.detail.CombinationStrategyType;
+import io.cucumber.java.ParameterType;
+
+import java.util.Arrays;
+
+public class CombinationStrategyStep {
+    @ParameterType(name = "combinationStrategy", value = "(.*)$")
+    public CombinationStrategyType defineCombinationStrategy(String value) {
+        return Arrays.stream(CombinationStrategyType.values())
+            .filter(val -> val.toString().equalsIgnoreCase(value))
+            .findFirst().orElse(CombinationStrategyType.PINNING);
+    }
+}

orchestrator/src/test/java/com/scottlogic/datahelix/generator/orchestrator/cucumber/testframework/steps/CucumberHooks.java

@@ -16,8 +16,8 @@
 
 package com.scottlogic.datahelix.generator.orchestrator.cucumber.testframework.steps;
 
-import cucumber.api.Scenario;
-import cucumber.api.java.Before;
+import io.cucumber.java.Before;
+import io.cucumber.java.Scenario;
 import org.junit.AssumptionViolatedException;
 
 public class CucumberHooks {

orchestrator/src/test/java/com/scottlogic/datahelix/generator/orchestrator/cucumber/testframework/steps/DataGenerationStep.java

@@ -0,0 +1,39 @@
+/*
+ * Copyright 2019 Scott Logic Ltd
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.scottlogic.datahelix.generator.orchestrator.cucumber.testframework.steps;
+
+import com.scottlogic.datahelix.generator.core.config.detail.DataGenerationType;
+import com.scottlogic.datahelix.generator.orchestrator.cucumber.testframework.utils.CucumberGenerationMode;
+import io.cucumber.java.ParameterType;
+
+import java.util.Arrays;
+
+public class DataGenerationStep {
+    @ParameterType(name = "generationStrategy", value = "(.*)$")
+    public DataGenerationType defineGenerationStrategy(String value) {
+        return Arrays.stream(DataGenerationType.values())
+            .filter(val -> val.toString().equalsIgnoreCase(value))
+            .findFirst().orElse(DataGenerationType.FULL_SEQUENTIAL);
+    }
+
+    @ParameterType(name = "generationMode", value = "(.*)$")
+    public CucumberGenerationMode defineGenerationMode(String value) {
+        return Arrays.stream(CucumberGenerationMode.values())
+            .filter(val -> val.toString().equalsIgnoreCase(value))
+            .findFirst().orElse(CucumberGenerationMode.VALIDATING);
+    }
+}

orchestrator/src/test/java/com/scottlogic/datahelix/generator/orchestrator/cucumber/testframework/steps/DateTimeValueStep.java

@@ -20,12 +20,16 @@
 import com.scottlogic.datahelix.generator.orchestrator.cucumber.testframework.utils.CucumberTestState;
 import com.scottlogic.datahelix.generator.orchestrator.cucumber.testframework.utils.GeneratorTestUtilities;
 import com.scottlogic.datahelix.generator.profile.dtos.constraints.ConstraintType;
-import cucumber.api.java.en.And;
-import cucumber.api.java.en.Then;
-import cucumber.api.java.en.When;
+import io.cucumber.java.ParameterType;
+import io.cucumber.java.en.And;
+import io.cucumber.java.en.Then;
+import io.cucumber.java.en.When;
 
 import java.time.OffsetDateTime;
+import java.util.Arrays;
+import java.util.List;
 import java.util.function.Function;
+import java.util.stream.Collectors;
 
 public class DateTimeValueStep {
     public static final String DATETIME_REGEX = "(-?(\\d{4,19})-(\\d{2})-(\\d{2}T(\\d{2}:\\d{2}:\\d{2}\\.\\d{3}))Z?)";
@@ -37,6 +41,20 @@ public DateTimeValueStep(CucumberTestState state, CucumberTestHelper helper){
         this.helper = helper;
     }
 
+    @ParameterType(name = "date", value = DateTimeValueStep.DATETIME_REGEX)
+    public String defineDate(String value) {
+        return extractConstraint(value);
+    }
+
+    private String extractConstraint(String gherkinConstraint) {
+        List<String> allConstraints = Arrays.asList(gherkinConstraint.split(" "));
+        return allConstraints.get(0) + allConstraints
+            .stream()
+            .skip(1)
+            .map(value -> value.substring(0, 1).toUpperCase() + value.substring(1))
+            .collect(Collectors.joining());
+    }
+
     @When("^([A-z0-9]+) is equal to boolean true")
     public void equalToTrue(String fieldName) {
         state.addConstraint(fieldName, ConstraintType.EQUAL_TO, true);

orchestrator/src/test/java/com/scottlogic/datahelix/generator/orchestrator/cucumber/testframework/steps/DateValueStep.java

@@ -18,7 +18,7 @@
 
 import com.scottlogic.datahelix.generator.orchestrator.cucumber.testframework.utils.CucumberTestState;
 import com.scottlogic.datahelix.generator.profile.dtos.constraints.ConstraintType;
-import cucumber.api.java.en.When;
+import io.cucumber.java.en.When;
 
 public class DateValueStep {
     private final CucumberTestState state;

orchestrator/src/test/java/com/scottlogic/datahelix/generator/orchestrator/cucumber/testframework/steps/GeneralTestStep.java

@@ -22,8 +22,8 @@
 import com.scottlogic.datahelix.generator.core.config.detail.DataGenerationType;
 import com.scottlogic.datahelix.generator.orchestrator.cucumber.testframework.utils.*;
 import com.scottlogic.datahelix.generator.profile.dtos.constraints.ConstraintType;
-import cucumber.api.java.Before;
-import cucumber.api.java.en.*;
+import io.cucumber.java.Before;
+import io.cucumber.java.en.*;
 import org.hamcrest.Matcher;
 import org.junit.Assert;
 
@@ -352,5 +352,13 @@ static class GeneratedTestData {
             this.expectedData = expectedData;
             this.generatedData = generatedData;
         }
+
+        @Override
+        public String toString() {
+            return "GeneratedTestData{" +
+                "expectedData=" + expectedData +
+                ", generatedData=" + generatedData +
+                '}';
+        }
     }
 }

orchestrator/src/test/java/com/scottlogic/datahelix/generator/orchestrator/cucumber/testframework/steps/JSONTestStep.java

@@ -17,7 +17,7 @@
 package com.scottlogic.datahelix.generator.orchestrator.cucumber.testframework.steps;
 
 import com.scottlogic.datahelix.generator.orchestrator.cucumber.testframework.utils.CucumberTestState;
-import cucumber.api.java.en.And;
+import io.cucumber.java.en.And;
 
 import java.io.IOException;
 

orchestrator/src/test/java/com/scottlogic/datahelix/generator/orchestrator/cucumber/testframework/steps/MapValueStep.java

@@ -17,7 +17,7 @@
 package com.scottlogic.datahelix.generator.orchestrator.cucumber.testframework.steps;
 
 import com.scottlogic.datahelix.generator.orchestrator.cucumber.testframework.utils.CucumberTestState;
-import cucumber.api.java.en.And;
+import io.cucumber.java.en.And;
 
 import java.util.List;
 
@@ -28,12 +28,12 @@ public MapValueStep(CucumberTestState state) {
         this.state = state;
     }
 
-    @And("the file \"(.+)\" contains the following data:")
+    @And("the file {string} contains the following data:")
     public void whenMapDataStructure(String name, List<List<String>> values) {
         state.addMapFile(name, values);
     }
 
-    @And("^(.+) is from (.+) in (.+)$")
+    @And("{word} is from {word} in {word}")
     public void whenFieldIsInMap(String field, String key, String map) {
         state.addInMapConstraint(field, key, map);
     }

orchestrator/src/test/java/com/scottlogic/datahelix/generator/orchestrator/cucumber/testframework/steps/NullValueStep.java

@@ -19,8 +19,8 @@
 import com.scottlogic.datahelix.generator.orchestrator.cucumber.testframework.utils.CucumberTestHelper;
 import com.scottlogic.datahelix.generator.orchestrator.cucumber.testframework.utils.CucumberTestState;
 import com.scottlogic.datahelix.generator.profile.dtos.constraints.ConstraintType;
-import cucumber.api.java.en.Then;
-import cucumber.api.java.en.When;
+import io.cucumber.java.en.Then;
+import io.cucumber.java.en.When;
 
 import java.util.Objects;
 

orchestrator/src/test/java/com/scottlogic/datahelix/generator/orchestrator/cucumber/testframework/steps/NumericValueStep.java

@@ -16,11 +16,14 @@
 
 package com.scottlogic.datahelix.generator.orchestrator.cucumber.testframework.steps;
 
+import com.fasterxml.jackson.core.JsonParseException;
 import com.scottlogic.datahelix.generator.orchestrator.cucumber.testframework.utils.CucumberTestHelper;
 import com.scottlogic.datahelix.generator.orchestrator.cucumber.testframework.utils.CucumberTestState;
+import com.scottlogic.datahelix.generator.orchestrator.cucumber.testframework.utils.GeneratorTestUtilities;
 import com.scottlogic.datahelix.generator.profile.dtos.constraints.ConstraintType;
-import cucumber.api.java.en.And;
-import cucumber.api.java.en.Then;
+import io.cucumber.java.ParameterType;
+import io.cucumber.java.en.And;
+import io.cucumber.java.en.Then;
 
 import java.math.BigDecimal;
 import java.util.function.Function;
@@ -37,6 +40,11 @@ public NumericValueStep(CucumberTestState state, CucumberTestHelper helper) {
         this.helper = helper;
     }
 
+    @ParameterType(name = "number", value = "([+-]?\\d+(\\.\\d+)?)")
+    public Number defineNumber(String value) throws JsonParseException {
+        return (Number) GeneratorTestUtilities.parseNumber(value);
+    }
+
     @And("^([A-z0-9]+) is equal to (-?[0-9\\.]+)$")
     public void equalToNumber(String field, String value) {
         state.addConstraint(field, ConstraintType.EQUAL_TO, tryParse(value));

orchestrator/src/test/java/com/scottlogic/datahelix/generator/orchestrator/cucumber/testframework/steps/OperatorStep.java

@@ -0,0 +1,52 @@
+/*
+ * Copyright 2019 Scott Logic Ltd
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.scottlogic.datahelix.generator.orchestrator.cucumber.testframework.steps;
+
+import com.scottlogic.datahelix.generator.profile.dtos.constraints.ConstraintType;
+import io.cucumber.java8.En;
+
+import java.util.Arrays;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+import java.util.stream.Collectors;
+
+public class OperatorStep implements En {
+
+    public OperatorStep() {
+        Set<ConstraintType> allOperators = new HashSet<>(Arrays.asList(ConstraintType.values()));
+        String regex = this.getHumanReadableOperationRegex(allOperators);
+
+        ParameterType("operator", regex, this::extractConstraint);
+    }
+
+    private String getHumanReadableOperationRegex(Set<ConstraintType> types) {
+        return
+            types.stream()
+                .map(act -> act.propertyName.replaceAll("([a-z])([A-Z]+)", "$1 $2").toLowerCase())
+                .collect(Collectors.joining("|", "(", ")"));
+    }
+
+    private String extractConstraint(String gherkinConstraint) {
+        List<String> allConstraints = Arrays.asList(gherkinConstraint.split(" "));
+        return allConstraints.get(0) + allConstraints
+            .stream()
+            .skip(1)
+            .map(value -> value.substring(0, 1).toUpperCase() + value.substring(1))
+            .collect(Collectors.joining());
+    }
+}