From 42740f46cdd09b08002f323866017a523730ca36 Mon Sep 17 00:00:00 2001 From: Chad Wilson Date: Thu, 16 Dec 2021 23:06:05 +0800 Subject: [PATCH 1/2] Ensure FeedEntriesRepresenter also tests example with Manual approval --- .../go/server/domain/xml/FeedEntriesRepresenterTest.java | 3 ++- server/src/test-fast/resources/feeds/stages-with-entries.xml | 3 +++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/server/src/test-fast/java/com/thoughtworks/go/server/domain/xml/FeedEntriesRepresenterTest.java b/server/src/test-fast/java/com/thoughtworks/go/server/domain/xml/FeedEntriesRepresenterTest.java index 43a9a1f8e2a..bb897d4549e 100644 --- a/server/src/test-fast/java/com/thoughtworks/go/server/domain/xml/FeedEntriesRepresenterTest.java +++ b/server/src/test-fast/java/com/thoughtworks/go/server/domain/xml/FeedEntriesRepresenterTest.java @@ -23,6 +23,7 @@ import com.thoughtworks.go.domain.feed.stage.StageFeedEntry; import com.thoughtworks.go.junit5.FileSource; import com.thoughtworks.go.util.DateUtils; +import com.thoughtworks.go.util.GoConstants; import com.thoughtworks.go.util.SystemEnvironment; import org.dom4j.Document; import org.junit.jupiter.params.ParameterizedTest; @@ -76,6 +77,6 @@ private static StageFeedEntry passed() { private static StageFeedEntry cancelled() { Date date = DateUtils.parseISO8601("2019-12-31T07:28:30+05:30"); StageIdentifier identifier = new StageIdentifier("up42", 2, "integration-tests", "100"); - return new StageFeedEntry(1L, 1L, identifier, 123L, date, StageResult.Cancelled, "", "Bob", "Admin"); + return new StageFeedEntry(1L, 1L, identifier, 123L, date, StageResult.Cancelled, GoConstants.APPROVAL_MANUAL, "Bob", "Admin"); } } diff --git a/server/src/test-fast/resources/feeds/stages-with-entries.xml b/server/src/test-fast/resources/feeds/stages-with-entries.xml index b9620fc326d..e4f4d2b1aaf 100644 --- a/server/src/test-fast/resources/feeds/stages-with-entries.xml +++ b/server/src/test-fast/resources/feeds/stages-with-entries.xml @@ -12,6 +12,9 @@ <![CDATA[up42(2) stage integration-tests(100) Cancelled]]> 2019-12-31T01:58:30Z https://go-server/go/pipelines/up42/2/integration-tests/100 + + + bob@gocd.org From f32c8087b20673da0278dd2571ed19e8181d5f1a Mon Sep 17 00:00:00 2001 From: Chad Wilson Date: Thu, 16 Dec 2021 22:28:11 +0800 Subject: [PATCH 2/2] Upgrade dom4j from 1.6.1 to 2.1.3 - Fixed compile time generics in test utility - Fixed incorrect use of Dom4j in FeedEntriesRepresenter which now fails validation Despite not being flagged on OWASP Dependency Check reports, DOM4J 1.6.1 may be subject to https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1000632 - it's not clear that this only affects DOM4J 2.x and folks such as Hibernate upgraded it as a result: https://hibernate.atlassian.net/browse/HHH-12964 Additionally, `1.6.1` is very EOL and un-patched. * It seems fully compatible at runtime * Old Hibernate depends on it, but was upgraded in https://github.com/hibernate/hibernate-orm/pull/2533 with no other code changes * Release notes dont mention any serious breaking changes other than compile time generics https://github.com/dom4j/dom4j/releases/tag/version-2.0.0 --- build.gradle | 3 ++- common/build.gradle | 5 +++- config/config-server/build.gradle | 1 + dependencies.gradle | 2 +- server/build.gradle | 18 -------------- .../domain/xml/FeedEntriesRepresenter.java | 4 ++-- .../domain/xml/builder/AbstractBuilder.java | 24 +++++++++++++++---- .../go/server/JUnitReportGenerator.java | 9 +++++-- 8 files changed, 37 insertions(+), 29 deletions(-) diff --git a/build.gradle b/build.gradle index 24571e4487f..adf540e362c 100644 --- a/build.gradle +++ b/build.gradle @@ -15,9 +15,9 @@ */ -import com.github.jk1.license.task.ReportTask import com.github.jk1.license.filter.LicenseBundleNormalizer import com.github.jk1.license.render.JsonReportRenderer +import com.github.jk1.license.task.ReportTask import groovy.io.FileType import nl.javadude.gradle.plugins.license.License import org.apache.tools.ant.filters.FixCrLfFilter @@ -647,6 +647,7 @@ subprojects { } project.configurations*.exclude(group: 'junit') + project.configurations*.exclude(group: 'dom4j') project.configurations*.exclude(group: 'xalan') project.configurations*.exclude(group: 'xml-apis') } diff --git a/common/build.gradle b/common/build.gradle index a3f736e2306..ebb52be7dca 100644 --- a/common/build.gradle +++ b/common/build.gradle @@ -23,7 +23,10 @@ dependencies { api project(':util') api project(':domain') api project(':plugin-infra:go-plugin-access') - api project.deps.dom4j + api(project.deps.dom4j) { + // workaround for dom4j Gradle metadata optional dependency issues (https://github.com/dom4j/dom4j/issues/99) + transitive = false + } api project.deps.apacheHttpMime api project.deps.commonsCollections4 api project.deps.commonsText diff --git a/config/config-server/build.gradle b/config/config-server/build.gradle index c7821c11323..368e5ae1e25 100644 --- a/config/config-server/build.gradle +++ b/config/config-server/build.gradle @@ -26,6 +26,7 @@ dependencies { } implementation project.deps.slf4j implementation project.deps.cglib + implementation project.deps.jaxen compileOnly project.deps.jetBrainsAnnotations providedAtPackageTime(project.deps.bouncyCastle) testImplementation project(path: ':config:config-api', configuration: 'testOutput') diff --git a/dependencies.gradle b/dependencies.gradle index 9c3797b2365..06df6b6ad1b 100644 --- a/dependencies.gradle +++ b/dependencies.gradle @@ -50,7 +50,7 @@ final Map libraries = [ commonsPool : 'org.apache.commons:commons-pool2:2.11.1', commonsText : 'org.apache.commons:commons-text:1.9', dbunit : 'org.dbunit:dbunit:2.7.2', - dom4j : 'dom4j:dom4j:1.6.1', + dom4j : 'org.dom4j:dom4j:2.1.3', ehcache : 'net.sf.ehcache:ehcache:2.10.9.2', felix : 'org.apache.felix:org.apache.felix.framework:7.0.3', freemarker : 'org.freemarker:freemarker:2.3.31', diff --git a/server/build.gradle b/server/build.gradle index fd318528998..e6e1aad9ab2 100644 --- a/server/build.gradle +++ b/server/build.gradle @@ -297,11 +297,6 @@ dependencies { implementation project.deps.mailSmtp implementation project.deps.objenesis - // needed by jdom2 for some XPATH stuff - implementation(project.deps.jaxen) { - exclude(module: 'xom') - exclude(module: 'jdom') - } implementation project.deps.slf4j implementation(project.deps.jgitServer) { exclude(module: 'jsch') @@ -969,19 +964,6 @@ task licenseReportAggregate { ] ] ], - [ - moduleName : 'dom4j:dom4j', - moduleVersion : '1.6.1', - moduleUrls : [ - "https://dom4j.github.io/" - ], - moduleLicenses: [ - [ - moduleLicense : 'dom4j BSD license', - moduleLicenseUrl: "https://github.com/dom4j/dom4j/blob/dom4j_1_6_1/LICENSE.txt" - ] - ] - ], [ moduleName : 'com.bazaarvoice.jolt:jolt-core', moduleVersion : project.versions.jolt, diff --git a/server/src/main/java/com/thoughtworks/go/server/domain/xml/FeedEntriesRepresenter.java b/server/src/main/java/com/thoughtworks/go/server/domain/xml/FeedEntriesRepresenter.java index 4a90b38bff8..5028a64a5ce 100644 --- a/server/src/main/java/com/thoughtworks/go/server/domain/xml/FeedEntriesRepresenter.java +++ b/server/src/main/java/com/thoughtworks/go/server/domain/xml/FeedEntriesRepresenter.java @@ -69,7 +69,7 @@ private void addEntry(StageFeedEntry feed, ElementBuilder builder, XmlWriterCont .textNode("id", entryUrl); if (feed.isManuallyTriggered()) { - builder.node("go:author", childBuilder -> childBuilder.cdataNode("go:name", feed.getApprovedBy())); + builder.node("go", "author", childBuilder -> childBuilder.cdataNode("go", "name", feed.getApprovedBy())); } feed.getAuthors().forEach(author -> { @@ -82,7 +82,7 @@ private void addEntry(StageFeedEntry feed, ElementBuilder builder, XmlWriterCont }); if (isNotBlank(feed.getCancelledBy())) { - builder.node("cancelledBy", child -> child.cdataNode("go:name", feed.getCancelledBy())); + builder.node("cancelledBy", child -> child.cdataNode("go", "name", feed.getCancelledBy())); } String stageTitle = identifier.getStageName() + " Stage Detail"; diff --git a/server/src/main/java/com/thoughtworks/go/server/domain/xml/builder/AbstractBuilder.java b/server/src/main/java/com/thoughtworks/go/server/domain/xml/builder/AbstractBuilder.java index a703222e1c6..92c47b8a2ee 100644 --- a/server/src/main/java/com/thoughtworks/go/server/domain/xml/builder/AbstractBuilder.java +++ b/server/src/main/java/com/thoughtworks/go/server/domain/xml/builder/AbstractBuilder.java @@ -50,6 +50,11 @@ public SELF cdataNode(String name, String CDATA) { return mySelf; } + public SELF cdataNode(String prefix, String name, String CDATA) { + current().add(withNamespace(prefix, name).addCDATA(CDATA)); + return mySelf; + } + public SELF link(String href, String rel) { current().add(getLink(href, rel)); return mySelf; @@ -57,8 +62,8 @@ public SELF link(String href, String rel) { public SELF link(String href, String rel, String title, String type) { current().add(getLink(href, rel) - .addAttribute("title", title) - .addAttribute("type", type)); + .addAttribute("title", title) + .addAttribute("type", type)); return mySelf; } @@ -69,6 +74,13 @@ public SELF node(String name, Consumer consumer) { return mySelf; } + public SELF node(String prefix, String name, Consumer consumer) { + DOMElement element = withNamespace(prefix, name); + current().add(element); + consumer.accept(new ElementBuilder(element)); + return mySelf; + } + public SELF emptyNode(String name) { DOMElement element = withNamespace(name); current().add(element); @@ -95,8 +107,8 @@ public SELF comment(String comment) { private Element getLink(String href, String rel) { return withNamespace("link") - .addAttribute("rel", rel) - .addAttribute("href", href); + .addAttribute("rel", rel) + .addAttribute("href", href); } private DOMElement withNamespace(String name) { @@ -105,6 +117,10 @@ private DOMElement withNamespace(String name) { return element; } + private DOMElement withNamespace(String prefix, String name) { + return new DOMElement(name, current().getNamespaceForPrefix(prefix)); + } + private Optional getDefaultNameSpace() { return Optional.ofNullable(current().getNamespace()); } diff --git a/server/src/test-fast/java/com/thoughtworks/go/server/JUnitReportGenerator.java b/server/src/test-fast/java/com/thoughtworks/go/server/JUnitReportGenerator.java index 4bab0ddc113..aa8865d7462 100644 --- a/server/src/test-fast/java/com/thoughtworks/go/server/JUnitReportGenerator.java +++ b/server/src/test-fast/java/com/thoughtworks/go/server/JUnitReportGenerator.java @@ -24,6 +24,7 @@ import java.io.File; import java.io.FileInputStream; import java.util.List; +import java.util.stream.Collectors; import static java.nio.charset.StandardCharsets.UTF_8; @@ -31,14 +32,18 @@ public class JUnitReportGenerator { public static void main(String[] args) throws Exception { - Document doc = new SAXReader().read(new FileInputStream(new File("/home/cruise/sample_junit.xml"))); + Document doc = new SAXReader().read(new FileInputStream("/home/cruise/sample_junit.xml")); Element suite = (Element) doc.selectSingleNode("//testsuite"); Element rootElement = doc.getRootElement(); for (int i = 0; i < 50000; i++) { Element copy = suite.createCopy(); setAttr(i, copy, "name"); setAttr(i, copy, "hostname"); - List elements = copy.selectNodes(".//testcase"); + List elements = copy.selectNodes(".//testcase") + .stream() + .filter(Element.class::isInstance) + .map(Element.class::cast) + .collect(Collectors.toList()); for (Element element : elements) { setAttr(i, element, "classname"); setAttr(i, element, "name");