From 0c6d5f1bc2d300d4b736ba19c5e671805e5c2f68 Mon Sep 17 00:00:00 2001 From: Oleg Kopysov Date: Thu, 7 Mar 2024 18:13:36 +0200 Subject: [PATCH] fix: Fix issues detected by Svace code analyzer Signed-off-by: Oleg Kopysov --- .../com/lpvs/controller/GitHubController.java | 7 --- .../com/lpvs/service/LPVSGitHubService.java | 2 +- .../lpvs/service/LPVSStatisticsService.java | 3 +- .../scanoss/LPVSScanossDetectService.java | 9 ++-- .../java/com/lpvs/util/LPVSCommentUtil.java | 49 ++++++++++--------- 5 files changed, 35 insertions(+), 35 deletions(-) diff --git a/src/main/java/com/lpvs/controller/GitHubController.java b/src/main/java/com/lpvs/controller/GitHubController.java index c2b82d6e..2a6f783c 100644 --- a/src/main/java/com/lpvs/controller/GitHubController.java +++ b/src/main/java/com/lpvs/controller/GitHubController.java @@ -220,13 +220,6 @@ public ResponseEntity gitHubSingleScan( GHRepository repository = gitHub.getRepository(gitHubOrg + "/" + gitHubRepo); GHPullRequest pullRequest = repository.getPullRequest(prNumber); LPVSQueue scanConfig = LPVSWebhookUtil.getGitHubWebhookConfig(repository, pullRequest); - - if (scanConfig == null) { - log.error("Error with connection to GitHub."); - return ResponseEntity.status(HttpStatus.FORBIDDEN) - .headers(LPVSWebhookUtil.generateSecurityHeaders()) - .body(new LPVSResponseWrapper(ERROR)); - } scanConfig.setAction(LPVSPullRequestAction.SINGLE_SCAN); scanConfig.setAttempts(0); scanConfig.setDate(new Date()); diff --git a/src/main/java/com/lpvs/service/LPVSGitHubService.java b/src/main/java/com/lpvs/service/LPVSGitHubService.java index fffe114a..eb83e285 100644 --- a/src/main/java/com/lpvs/service/LPVSGitHubService.java +++ b/src/main/java/com/lpvs/service/LPVSGitHubService.java @@ -409,7 +409,7 @@ public LPVSQueue getInternalQueueByPullRequest(String pullRequest) { pullRequestSplit.length - 4, pullRequestSplit.length - 2)); int pullRequestNum = Integer.parseInt(pullRequestSplit[pullRequestSplit.length - 1]); - GitHub gitHub = gitHubConnectionService.connectToGitHubApi(); + gitHub = gitHubConnectionService.connectToGitHubApi(); GHRepository repo = gitHub.getRepository(pullRequestRepo); GHPullRequest pR = repo.getPullRequest(pullRequestNum); return LPVSWebhookUtil.getGitHubWebhookConfig(repo, pR); diff --git a/src/main/java/com/lpvs/service/LPVSStatisticsService.java b/src/main/java/com/lpvs/service/LPVSStatisticsService.java index fb49c301..298641b0 100644 --- a/src/main/java/com/lpvs/service/LPVSStatisticsService.java +++ b/src/main/java/com/lpvs/service/LPVSStatisticsService.java @@ -93,7 +93,7 @@ public List pathCheck( String findNickName = findMember.getNickname(); String findOrganization = findMember.getOrganization(); - List prList = new ArrayList<>(); + List prList; if ((type.equals("own") && findNickName.equals(name)) || (type.equals("org") && findOrganization.equals(name))) { @@ -122,7 +122,6 @@ public Dashboard getDashboardEntity(String type, String name, Authentication aut int totalIssueCount = 0; int totalParticipantsCount = 0; int totalRepositoryCount = 0; - Set participantsSet = new HashSet<>(); List prList = pathCheck(type, name, authentication); Map licenseCountMap = new HashMap<>(); diff --git a/src/main/java/com/lpvs/service/scanner/scanoss/LPVSScanossDetectService.java b/src/main/java/com/lpvs/service/scanner/scanoss/LPVSScanossDetectService.java index cb159645..dfdbc2f1 100644 --- a/src/main/java/com/lpvs/service/scanner/scanoss/LPVSScanossDetectService.java +++ b/src/main/java/com/lpvs/service/scanner/scanoss/LPVSScanossDetectService.java @@ -99,7 +99,7 @@ protected BufferedReader createBufferReader(InputStreamReader inputStreamReader) */ public void runScan(LPVSQueue webhookConfig, String path) throws Exception { log.debug("Starting Scanoss scanning"); - + Process process = null; try { File resultsDir = new File(getScanResultsDirectoryPath(webhookConfig)); if (resultsDir.mkdirs()) { @@ -124,7 +124,7 @@ public void runScan(LPVSQueue webhookConfig, String path) throws Exception { getScanResultsJsonFilePath(webhookConfig), path); - Process process = processBuilder.inheritIO().start(); + process = processBuilder.inheritIO().start(); int status = process.waitFor(); @@ -143,8 +143,11 @@ public void runScan(LPVSQueue webhookConfig, String path) throws Exception { } catch (IOException | InterruptedException ex) { log.error("Scanoss scanner terminated with non-zero code. Terminating."); throw ex; + } finally { + if (process != null) { + process.destroy(); + } } - log.debug("Scanoss scan done"); } diff --git a/src/main/java/com/lpvs/util/LPVSCommentUtil.java b/src/main/java/com/lpvs/util/LPVSCommentUtil.java index d518e7d4..f02bcd90 100644 --- a/src/main/java/com/lpvs/util/LPVSCommentUtil.java +++ b/src/main/java/com/lpvs/util/LPVSCommentUtil.java @@ -7,8 +7,10 @@ package com.lpvs.util; import java.io.BufferedWriter; +import java.io.File; import java.io.FileWriter; import java.io.IOException; +import java.nio.charset.StandardCharsets; import java.util.List; import com.lpvs.entity.LPVSDetectedLicense; @@ -91,31 +93,34 @@ public static String reportCommentBuilder( LPVSQueue webhookConfig, List scanResults, List> conflicts) { - String commitComment = ""; + + StringBuilder commitCommentBuilder = new StringBuilder(); if (scanResults != null && scanResults.size() != 0) { - commitComment = "**Detected licenses:**\n\n\n"; + commitCommentBuilder.append("**Detected licenses:**\n\n\n"); for (LPVSFile file : scanResults) { - commitComment += "**File:** " + file.getFilePath() + "\n"; - commitComment += - "**License(s):** " + file.convertLicensesToString(LPVSVcs.GITHUB) + "\n"; - commitComment += - "**Component:** " - + file.getComponentName() - + " (" - + file.getComponentFilePath() - + ")\n"; - commitComment += - "**Matched Lines:** " - + LPVSCommentUtil.getMatchedLinesAsLink( - webhookConfig, file, LPVSVcs.GITHUB) - + "\n"; - commitComment += "**Snippet Match:** " + file.getSnippetMatch() + "\n\n\n\n"; + commitCommentBuilder.append("**File:** "); + commitCommentBuilder.append(file.getFilePath()); + commitCommentBuilder.append("\n"); + commitCommentBuilder.append("**License(s):** "); + commitCommentBuilder.append(file.convertLicensesToString(LPVSVcs.GITHUB)); + commitCommentBuilder.append("\n"); + commitCommentBuilder.append("**Component:** "); + commitCommentBuilder.append(file.getComponentName()); + commitCommentBuilder.append(" ("); + commitCommentBuilder.append(file.getComponentFilePath()); + commitCommentBuilder.append(")\n"); + commitCommentBuilder.append("**Matched Lines:** "); + commitCommentBuilder.append(LPVSCommentUtil.getMatchedLinesAsLink( + webhookConfig, file, LPVSVcs.GITHUB)); + commitCommentBuilder.append("\n"); + commitCommentBuilder.append("**Snippet Match:** "); + commitCommentBuilder.append(file.getSnippetMatch()); + commitCommentBuilder.append("\n\n\n\n"); } } if (conflicts != null && conflicts.size() > 0) { - StringBuilder commitCommentBuilder = new StringBuilder(); commitCommentBuilder.append("**Detected license conflicts:**\n\n\n"); commitCommentBuilder.append("
    "); for (LPVSLicenseService.Conflict conflict : conflicts) { @@ -129,10 +134,9 @@ public static String reportCommentBuilder( commitCommentBuilder.append(webhookConfig.getHubLink()); commitCommentBuilder.append(")"); } - commitComment += commitCommentBuilder.toString(); } - return commitComment; + return commitCommentBuilder.toString(); } /** @@ -211,11 +215,12 @@ public static String buildHTMLComment( * @param filePath The path to expected html report file. */ public static void saveHTMLToFile(String htmlContent, String filePath) { - try (BufferedWriter writer = new BufferedWriter(new FileWriter(filePath))) { + File file = new File(filePath); + try (BufferedWriter writer = new BufferedWriter(new FileWriter(file, StandardCharsets.UTF_8))) { writer.write(htmlContent); log.info("LPVS report saved to: " + filePath); } catch (IOException ex) { - log.error("error during saving HTML report: " + ex); + log.error("error during saving HTML report: " + ex.getMessage()); } } }