From 755638356fb325497f110dacdaa4b41cc241ddce Mon Sep 17 00:00:00 2001 From: Gaurav Deshpande Date: Sun, 6 Oct 2019 16:07:21 +0530 Subject: [PATCH 1/3] Fix: Github reports security vulnerabilities #933 Upgrade camel and spring-data --- pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index f1a586eb8b34..35ff39c3eac1 100644 --- a/pom.xml +++ b/pom.xml @@ -31,7 +31,7 @@ 5.0.1.Final 4.2.4.RELEASE 1.3.3.RELEASE - 1.9.2.RELEASE + 1.11.22.RELEASE 1.4.190 4.12 5.0.2 @@ -40,7 +40,7 @@ 3.8.1 0.8.4 1.4 - 2.16.1 + 2.24.0 19.0 1.10.19 4.5.2 From 4ca6e8987255a521ef43a7b21d155262378e7078 Mon Sep 17 00:00:00 2001 From: Gaurav Deshpande Date: Mon, 7 Oct 2019 02:54:46 +0530 Subject: [PATCH 2/3] -Fix github security vulnerabilities in spring-data and camel --- .../routes/AggregatorRouteTest.java | 4 ++-- .../splitter/routes/SplitterRouteTest.java | 4 ++-- .../eip/wiretap/routes/WireTapRouteTest.java | 4 ++-- layers/pom.xml | 6 ++++- .../layers/CakeBakingServiceImpl.java | 24 ++++++++++--------- .../src/main/resources/applicationContext.xml | 2 +- pom.xml | 19 ++++++++------- repository/pom.xml | 6 ++++- .../java/com/iluwatar/repository/App.java | 9 +++---- .../com/iluwatar/repository/AppConfig.java | 13 ++++++---- .../src/main/resources/applicationContext.xml | 2 +- .../AnnotationBasedRepositoryTest.java | 12 +++++----- .../iluwatar/repository/AppConfigTest.java | 5 ++-- .../iluwatar/repository/RepositoryTest.java | 11 +++++---- 14 files changed, 68 insertions(+), 53 deletions(-) diff --git a/eip-aggregator/src/test/java/com/iluwatar/eip/aggregator/routes/AggregatorRouteTest.java b/eip-aggregator/src/test/java/com/iluwatar/eip/aggregator/routes/AggregatorRouteTest.java index 2c7d207d6f53..2b831e01958b 100644 --- a/eip-aggregator/src/test/java/com/iluwatar/eip/aggregator/routes/AggregatorRouteTest.java +++ b/eip-aggregator/src/test/java/com/iluwatar/eip/aggregator/routes/AggregatorRouteTest.java @@ -28,7 +28,7 @@ import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; import org.springframework.boot.autoconfigure.EnableAutoConfiguration; -import org.springframework.boot.test.SpringApplicationConfiguration; +import org.springframework.boot.test.context.SpringBootTest; import org.springframework.context.annotation.ComponentScan; import org.springframework.test.annotation.DirtiesContext; import org.springframework.test.context.ActiveProfiles; @@ -44,7 +44,7 @@ *

*/ @ExtendWith(SpringExtension.class) -@SpringApplicationConfiguration(classes = AggregatorRouteTest.class) +@SpringBootTest(classes = AggregatorRouteTest.class) @ActiveProfiles("test") @EnableAutoConfiguration @ComponentScan diff --git a/eip-splitter/src/test/java/com/iluwatar/eip/splitter/routes/SplitterRouteTest.java b/eip-splitter/src/test/java/com/iluwatar/eip/splitter/routes/SplitterRouteTest.java index 9257a4410186..334b77da03c8 100644 --- a/eip-splitter/src/test/java/com/iluwatar/eip/splitter/routes/SplitterRouteTest.java +++ b/eip-splitter/src/test/java/com/iluwatar/eip/splitter/routes/SplitterRouteTest.java @@ -28,7 +28,7 @@ import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; import org.springframework.boot.autoconfigure.EnableAutoConfiguration; -import org.springframework.boot.test.SpringApplicationConfiguration; +import org.springframework.boot.test.context.SpringBootTest; import org.springframework.context.annotation.ComponentScan; import org.springframework.test.annotation.DirtiesContext; import org.springframework.test.context.ActiveProfiles; @@ -42,7 +42,7 @@ *

*/ @ExtendWith(SpringExtension.class) -@SpringApplicationConfiguration(classes = SplitterRouteTest.class) +@SpringBootTest(classes = SplitterRouteTest.class) @ActiveProfiles("test") @EnableAutoConfiguration @ComponentScan diff --git a/eip-wire-tap/src/test/java/com/iluwatar/eip/wiretap/routes/WireTapRouteTest.java b/eip-wire-tap/src/test/java/com/iluwatar/eip/wiretap/routes/WireTapRouteTest.java index 449f86208258..bb433f350238 100644 --- a/eip-wire-tap/src/test/java/com/iluwatar/eip/wiretap/routes/WireTapRouteTest.java +++ b/eip-wire-tap/src/test/java/com/iluwatar/eip/wiretap/routes/WireTapRouteTest.java @@ -29,7 +29,7 @@ import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; import org.springframework.boot.autoconfigure.EnableAutoConfiguration; -import org.springframework.boot.test.SpringApplicationConfiguration; +import org.springframework.boot.test.context.SpringBootTest; import org.springframework.context.annotation.ComponentScan; import org.springframework.test.annotation.DirtiesContext; import org.springframework.test.context.ActiveProfiles; @@ -45,7 +45,7 @@ *

*/ @ExtendWith(SpringExtension.class) -@SpringApplicationConfiguration(classes = WireTapRouteTest.class) +@SpringBootTest(classes = WireTapRouteTest.class) @ActiveProfiles("test") @EnableAutoConfiguration @ComponentScan diff --git a/layers/pom.xml b/layers/pom.xml index 8237c8f4f6e0..a6d3d17199f6 100644 --- a/layers/pom.xml +++ b/layers/pom.xml @@ -41,7 +41,11 @@ org.hibernate - hibernate-entitymanager + hibernate-core + + + javax.xml.bind + jaxb-api commons-dbcp diff --git a/layers/src/main/java/com/iluwatar/layers/CakeBakingServiceImpl.java b/layers/src/main/java/com/iluwatar/layers/CakeBakingServiceImpl.java index e8deee73a767..411437ff6691 100644 --- a/layers/src/main/java/com/iluwatar/layers/CakeBakingServiceImpl.java +++ b/layers/src/main/java/com/iluwatar/layers/CakeBakingServiceImpl.java @@ -72,18 +72,20 @@ public void bakeNewCake(CakeInfo cakeInfo) throws CakeBakingException { } } CakeToppingDao toppingBean = context.getBean(CakeToppingDao.class); - CakeTopping topping = toppingBean.findOne(matchingToppings.iterator().next().getId()); + Optional topping = toppingBean.findById(matchingToppings.iterator().next().getId()); CakeDao cakeBean = context.getBean(CakeDao.class); - Cake cake = new Cake(); - cake.setTopping(topping); - cake.setLayers(foundLayers); - cakeBean.save(cake); - topping.setCake(cake); - toppingBean.save(topping); - CakeLayerDao layerBean = context.getBean(CakeLayerDao.class); - for (CakeLayer layer : foundLayers) { - layer.setCake(cake); - layerBean.save(layer); + if (topping.isPresent()) { + Cake cake = new Cake(); + cake.setTopping(topping.get()); + cake.setLayers(foundLayers); + cakeBean.save(cake); + topping.get().setCake(cake); + toppingBean.save(topping.get()); + CakeLayerDao layerBean = context.getBean(CakeLayerDao.class); + for (CakeLayer layer : foundLayers) { + layer.setCake(cake); + layerBean.save(layer); + } } } diff --git a/layers/src/main/resources/applicationContext.xml b/layers/src/main/resources/applicationContext.xml index eca3670b0fbf..c149094c1fa3 100644 --- a/layers/src/main/resources/applicationContext.xml +++ b/layers/src/main/resources/applicationContext.xml @@ -50,7 +50,7 @@ - + diff --git a/pom.xml b/pom.xml index 5cf6824e5e0f..e0f64a534aef 100644 --- a/pom.xml +++ b/pom.xml @@ -28,10 +28,10 @@ 2014 UTF-8 - 5.0.1.Final - 4.2.4.RELEASE - 1.3.3.RELEASE - 1.11.22.RELEASE + 5.2.18.Final + 5.0.13.RELEASE + 2.0.9.RELEASE + 2.0.14.RELEASE 1.4.190 4.12 5.0.2 @@ -55,6 +55,7 @@ 2.0.1 2.8.5 3.12.0 + 1.2.17 2.3.0 1.3.1 @@ -191,11 +192,6 @@ hibernate-core ${hibernate.version} - - org.hibernate - hibernate-entitymanager - ${hibernate.version} - org.springframework.boot spring-boot-dependencies @@ -300,6 +296,11 @@ mongo-java-driver ${mongo-java-driver.version} + + log4j + log4j + ${log4j.version} + javax.xml.bind jaxb-api diff --git a/repository/pom.xml b/repository/pom.xml index 2ccdc9da7ba5..f0340f1260ef 100644 --- a/repository/pom.xml +++ b/repository/pom.xml @@ -44,7 +44,7 @@ org.hibernate - hibernate-entitymanager + hibernate-core commons-dbcp @@ -71,5 +71,9 @@ javax.annotation javax.annotation-api + + org.springframework.boot + spring-boot-starter-test + diff --git a/repository/src/main/java/com/iluwatar/repository/App.java b/repository/src/main/java/com/iluwatar/repository/App.java index d96b4351ea38..7ecd7dd1a0da 100644 --- a/repository/src/main/java/com/iluwatar/repository/App.java +++ b/repository/src/main/java/com/iluwatar/repository/App.java @@ -23,6 +23,7 @@ package com.iluwatar.repository; import java.util.List; +import java.util.Optional; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -84,17 +85,17 @@ public static void main(String[] args) { nasta.setSurname("Spotakova"); repository.save(nasta); - LOGGER.info("Find by id 2: {}", repository.findOne(2L)); + LOGGER.info("Find by id 2: {}", repository.findById(2L)); // Remove record from Person - repository.delete(2L); + repository.deleteById(2L); // count records LOGGER.info("Count Person records: {}", repository.count()); // find by name - Person p = repository.findOne(new PersonSpecifications.NameEqualSpec("John")); - LOGGER.info("Find by John is {}", p); + Optional p = repository.findOne(new PersonSpecifications.NameEqualSpec("John")); + LOGGER.info("Find by John is {}", p.get()); // find by age persons = repository.findAll(new PersonSpecifications.AgeBetweenSpec(20, 40)); diff --git a/repository/src/main/java/com/iluwatar/repository/AppConfig.java b/repository/src/main/java/com/iluwatar/repository/AppConfig.java index c5ccb7d00002..0c6acf21b43c 100644 --- a/repository/src/main/java/com/iluwatar/repository/AppConfig.java +++ b/repository/src/main/java/com/iluwatar/repository/AppConfig.java @@ -24,6 +24,7 @@ import java.sql.SQLException; import java.util.List; +import java.util.Optional; import java.util.Properties; import javax.sql.DataSource; @@ -32,6 +33,7 @@ import org.hibernate.jpa.HibernatePersistenceProvider; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.boot.SpringBootConfiguration; import org.springframework.context.annotation.AnnotationConfigApplicationContext; import org.springframework.context.annotation.Bean; import org.springframework.data.jpa.repository.config.EnableJpaRepositories; @@ -44,6 +46,7 @@ * */ @EnableJpaRepositories +@SpringBootConfiguration public class AppConfig { private static final Logger LOGGER = LoggerFactory.getLogger(AppConfig.class); @@ -60,7 +63,7 @@ public DataSource dataSource() { basicDataSource.setUrl("jdbc:h2:~/databases/person"); basicDataSource.setUsername("sa"); basicDataSource.setPassword("sa"); - return (DataSource) basicDataSource; + return basicDataSource; } /** @@ -134,17 +137,17 @@ public static void main(String[] args) { nasta.setSurname("Spotakova"); repository.save(nasta); - LOGGER.info("Find by id 2: {}", repository.findOne(2L)); + LOGGER.info("Find by id 2: {}", repository.findById(2L)); // Remove record from Person - repository.delete(2L); + repository.deleteById(2L); // count records LOGGER.info("Count Person records: {}", repository.count()); // find by name - Person p = repository.findOne(new PersonSpecifications.NameEqualSpec("John")); - LOGGER.info("Find by John is {}", p); + Optional p = repository.findOne(new PersonSpecifications.NameEqualSpec("John")); + LOGGER.info("Find by John is {}", p.get()); // find by age persons = repository.findAll(new PersonSpecifications.AgeBetweenSpec(20, 40)); diff --git a/repository/src/main/resources/applicationContext.xml b/repository/src/main/resources/applicationContext.xml index 26d6cb3f4dc3..b27bb4c85f73 100644 --- a/repository/src/main/resources/applicationContext.xml +++ b/repository/src/main/resources/applicationContext.xml @@ -49,7 +49,7 @@ - + diff --git a/repository/src/test/java/com/iluwatar/repository/AnnotationBasedRepositoryTest.java b/repository/src/test/java/com/iluwatar/repository/AnnotationBasedRepositoryTest.java index 4cfb6e022f51..8d7e1d94b797 100644 --- a/repository/src/test/java/com/iluwatar/repository/AnnotationBasedRepositoryTest.java +++ b/repository/src/test/java/com/iluwatar/repository/AnnotationBasedRepositoryTest.java @@ -28,6 +28,7 @@ import java.util.Arrays; import java.util.List; +import java.util.Optional; import javax.annotation.Resource; @@ -35,9 +36,8 @@ import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; -import org.springframework.test.context.ContextConfiguration; +import org.springframework.boot.test.context.SpringBootTest; import org.springframework.test.context.junit.jupiter.SpringExtension; -import org.springframework.test.context.support.AnnotationConfigContextLoader; import com.google.common.collect.Lists; @@ -47,7 +47,7 @@ * */ @ExtendWith(SpringExtension.class) -@ContextConfiguration(classes = { AppConfig.class }, loader = AnnotationConfigContextLoader.class) +@SpringBootTest(classes = { AppConfig.class }) public class AnnotationBasedRepositoryTest { @Resource @@ -66,7 +66,7 @@ public class AnnotationBasedRepositoryTest { @BeforeEach public void setup() { - repository.save(persons); + repository.saveAll(persons); } @Test @@ -119,8 +119,8 @@ public void testFindAllByAgeBetweenSpec() { @Test public void testFindOneByNameEqualSpec() { - Person actual = repository.findOne(new PersonSpecifications.NameEqualSpec("Terry")); - assertEquals(terry, actual); + Optional actual = repository.findOne(new PersonSpecifications.NameEqualSpec("Terry")); + assertEquals(terry, actual.get()); } @AfterEach diff --git a/repository/src/test/java/com/iluwatar/repository/AppConfigTest.java b/repository/src/test/java/com/iluwatar/repository/AppConfigTest.java index 3fb1b427b232..1839a2523e6c 100644 --- a/repository/src/test/java/com/iluwatar/repository/AppConfigTest.java +++ b/repository/src/test/java/com/iluwatar/repository/AppConfigTest.java @@ -25,9 +25,8 @@ import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.test.context.ContextConfiguration; +import org.springframework.boot.test.context.SpringBootTest; import org.springframework.test.context.junit.jupiter.SpringExtension; -import org.springframework.test.context.support.AnnotationConfigContextLoader; import org.springframework.transaction.annotation.Transactional; import javax.sql.DataSource; @@ -42,7 +41,7 @@ * */ @ExtendWith(SpringExtension.class) -@ContextConfiguration(classes = { AppConfig.class }, loader = AnnotationConfigContextLoader.class) +@SpringBootTest(classes = { AppConfig.class }) public class AppConfigTest { @Autowired diff --git a/repository/src/test/java/com/iluwatar/repository/RepositoryTest.java b/repository/src/test/java/com/iluwatar/repository/RepositoryTest.java index 5b4b8e80c055..dc976cbe72d3 100644 --- a/repository/src/test/java/com/iluwatar/repository/RepositoryTest.java +++ b/repository/src/test/java/com/iluwatar/repository/RepositoryTest.java @@ -28,6 +28,7 @@ import java.util.Arrays; import java.util.List; +import java.util.Optional; import javax.annotation.Resource; @@ -35,7 +36,7 @@ import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; import org.junit.jupiter.api.extension.ExtendWith; -import org.springframework.test.context.ContextConfiguration; +import org.springframework.boot.test.context.SpringBootTest; import org.springframework.test.context.junit.jupiter.SpringExtension; import com.google.common.collect.Lists; @@ -45,7 +46,7 @@ * by {@link org.springframework.data.jpa.domain.Specification} are also test. */ @ExtendWith(SpringExtension.class) -@ContextConfiguration(locations = { "classpath:applicationContext.xml" }) +@SpringBootTest(properties = { "locations=classpath:applicationContext.xml" }) public class RepositoryTest { @Resource @@ -64,7 +65,7 @@ public class RepositoryTest { @BeforeEach public void setup() { - repository.save(persons); + repository.saveAll(persons); } @Test @@ -115,8 +116,8 @@ public void testFindAllByAgeBetweenSpec() { @Test public void testFindOneByNameEqualSpec() { - Person actual = repository.findOne(new PersonSpecifications.NameEqualSpec("Terry")); - assertEquals(terry, actual); + Optional actual = repository.findOne(new PersonSpecifications.NameEqualSpec("Terry")); + assertEquals(terry, actual.get()); } @AfterEach From 7611aff33f7fdd0677412c687afb07b613eb8dfc Mon Sep 17 00:00:00 2001 From: Gaurav Deshpande Date: Tue, 8 Oct 2019 02:33:16 +0530 Subject: [PATCH 3/3] -Code changes for review comments --- .../main/java/com/iluwatar/layers/CakeBakingServiceImpl.java | 3 +++ repository/src/main/java/com/iluwatar/repository/App.java | 2 +- .../src/main/java/com/iluwatar/repository/AppConfig.java | 2 +- 3 files changed, 5 insertions(+), 2 deletions(-) diff --git a/layers/src/main/java/com/iluwatar/layers/CakeBakingServiceImpl.java b/layers/src/main/java/com/iluwatar/layers/CakeBakingServiceImpl.java index 411437ff6691..556a74c7afbf 100644 --- a/layers/src/main/java/com/iluwatar/layers/CakeBakingServiceImpl.java +++ b/layers/src/main/java/com/iluwatar/layers/CakeBakingServiceImpl.java @@ -86,6 +86,9 @@ public void bakeNewCake(CakeInfo cakeInfo) throws CakeBakingException { layer.setCake(cake); layerBean.save(layer); } + } else { + throw new CakeBakingException(String.format("Topping %s is not available", + cakeInfo.cakeToppingInfo.name)); } } diff --git a/repository/src/main/java/com/iluwatar/repository/App.java b/repository/src/main/java/com/iluwatar/repository/App.java index 7ecd7dd1a0da..c4a885380064 100644 --- a/repository/src/main/java/com/iluwatar/repository/App.java +++ b/repository/src/main/java/com/iluwatar/repository/App.java @@ -85,7 +85,7 @@ public static void main(String[] args) { nasta.setSurname("Spotakova"); repository.save(nasta); - LOGGER.info("Find by id 2: {}", repository.findById(2L)); + LOGGER.info("Find by id 2: {}", repository.findById(2L).get()); // Remove record from Person repository.deleteById(2L); diff --git a/repository/src/main/java/com/iluwatar/repository/AppConfig.java b/repository/src/main/java/com/iluwatar/repository/AppConfig.java index 0c6acf21b43c..584c09037be7 100644 --- a/repository/src/main/java/com/iluwatar/repository/AppConfig.java +++ b/repository/src/main/java/com/iluwatar/repository/AppConfig.java @@ -137,7 +137,7 @@ public static void main(String[] args) { nasta.setSurname("Spotakova"); repository.save(nasta); - LOGGER.info("Find by id 2: {}", repository.findById(2L)); + LOGGER.info("Find by id 2: {}", repository.findById(2L).get()); // Remove record from Person repository.deleteById(2L);