Merge branch 'local-files-scan' of https://github.com/Samsung/LPVS in…

…to local-files-scan
Samsung · Aug 6, 2024 · a0cada0 · a0cada0
2 parents 8ff3e2a + bf6065e
commit a0cada0
Show file tree

Hide file tree

Showing 12 changed files with 66 additions and 23 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -19,7 +19,7 @@ jobs:
 
     steps:
     - name: Harden Runner
-      uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
+      uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
       with:
         egress-policy: audit
     - name: Checkout repository

diff --git a/.github/workflows/cflite_batch.yml b/.github/workflows/cflite_batch.yml
@@ -22,7 +22,7 @@ jobs:
         # - memory
     steps:
     - name: Harden Runner
-      uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
+      uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
       with:
         egress-policy: audit
 

diff --git a/.github/workflows/check-docker.yml b/.github/workflows/check-docker.yml
@@ -15,7 +15,7 @@ jobs:
 
     steps:
     - name: Harden Runner
-      uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
+      uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
       with:
         egress-policy: audit
     - name: Checkout repository

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -20,7 +20,7 @@ jobs:
 
     steps:
     - name: Harden Runner
-      uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
+      uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
       with:
         egress-policy: audit
 
@@ -29,7 +29,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7
+      uses: github/codeql-action/init@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
       with:
         languages: ${{ matrix.language }}
 
@@ -43,7 +43,7 @@ jobs:
       run: mvn -B package --file pom.xml
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7
+      uses: github/codeql-action/analyze@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
       with:
         category: "/language:${{matrix.language}}"
 
diff --git a/.github/workflows/findbugs.yml b/.github/workflows/findbugs.yml
@@ -16,7 +16,7 @@ jobs:
 
     steps:
     - name: Harden Runner
-      uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
+      uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
       with:
         egress-policy: audit
     - name: Checkout repository

diff --git a/.github/workflows/java-format-checker.yml b/.github/workflows/java-format-checker.yml
@@ -11,7 +11,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
+        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
         with:
           egress-policy: audit
       - name: Checkout repository

diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml
@@ -20,7 +20,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
+        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
         with:
           egress-policy: audit
 
@@ -73,7 +73,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
+        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
         with:
           egress-policy: audit
 
@@ -106,7 +106,7 @@ jobs:
     if: startsWith(github.ref, 'refs/tags/')
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
+        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
         with:
           egress-policy: audit
 
@@ -116,7 +116,7 @@ jobs:
           name: ${{ needs.build.outputs.version }}
 
       - name: Upload assets
-        uses: softprops/action-gh-release@9d7c94cfd0a1f3ed45544c887983e9fa900f0564 # v2.0.4
+        uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v2.0.8
         with:
           files: |
             ${{ needs.build.outputs.version }}
@@ -132,7 +132,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
+        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
         with:
           egress-policy: audit
       - name: Checkout repository
@@ -163,7 +163,7 @@ jobs:
       packages: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
+        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
         with:
           egress-policy: audit
       - name: Checkout repository
@@ -187,15 +187,15 @@ jobs:
       packages: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
+        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
         with:
           egress-policy: audit
 
       - name: Check out the repo
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
       - name: Log in to the Container registry
-        uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
+        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
@@ -208,7 +208,7 @@ jobs:
           images: ghcr.io/${{ github.repository }}
 
       - name: Build and push Docker image
-        uses: docker/build-push-action@15560696de535e4014efeff63c48f16952e52dd1 # v6.2.0
+        uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0
         with:
           context: .
           push: true

diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -32,7 +32,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
+        uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
         with:
           egress-policy: audit
 
@@ -42,7 +42,7 @@ jobs:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
+        uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
         with:
           results_file: results.sarif
           results_format: sarif
@@ -72,6 +72,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v2.1.27
+        uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v2.1.27
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/test-suite.yml b/.github/workflows/test-suite.yml
@@ -16,7 +16,7 @@ jobs:
 
     steps:
     - name: Harden Runner
-      uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1
+      uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
       with:
         egress-policy: audit
     - name: Checkout repository

diff --git a/pom.xml b/pom.xml
@@ -113,7 +113,7 @@
         <dependency>
             <groupId>com.h2database</groupId>
             <artifactId>h2</artifactId>
-            <version>2.2.220</version>
+            <version>2.3.230</version>
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
@@ -211,7 +211,7 @@
             <plugin>
                 <groupId>com.github.spotbugs</groupId>
                 <artifactId>spotbugs-maven-plugin</artifactId>
-                <version>4.8.4.0</version>
+                <version>4.8.6.2</version>
                 <configuration>
                     <includeFilterFile>spotbugs-security-include.xml</includeFilterFile>
                     <plugins>

diff --git a/src/main/java/com/lpvs/LicensePreValidationService.java b/src/main/java/com/lpvs/LicensePreValidationService.java
@@ -55,6 +55,7 @@ public LicensePreValidationService(@Value("${lpvs.cores:8}") int corePoolSize) {
      */
     public static void main(String[] args) {
         try {
+            log.info(getEmblem());
             ApplicationContext applicationContext =
                     SpringApplication.run(LicensePreValidationService.class, args);
             exitHandler = applicationContext.getBean(LPVSExitHandler.class);
@@ -85,4 +86,39 @@ public TaskExecutor getAsyncExecutor() {
         executor.setThreadNamePrefix("LPVS::");
         return executor;
     }
+
+    /**
+     * Returns the emblem for the License Pre-Validation Service.
+     *
+     * @return the emblem as a String
+     */
+    protected static String getEmblem() {
+        StringBuilder emblem = new StringBuilder();
+        emblem.append("\n");
+        emblem.append(
+                "   .----------------.   .----------------.   .----------------.   .----------------. \n");
+        emblem.append(
+                "  | .--------------. | | .--------------. | | .--------------. | | .--------------. |\n");
+        emblem.append(
+                "  | |   _____      | | | |   ______     | | | | ____   ____  | | | |    _______   | |\n");
+        emblem.append(
+                "  | |  |_   _|     | | | |  |_   __ \\   | | | ||_  _| |_  _| | | | |   /  ___  |  | |\n");
+        emblem.append(
+                "  | |    | |       | | | |    | |__) |  | | | |  \\ \\   / /   | | | |  |  (__ \\_|  | |\n");
+        emblem.append(
+                "  | |    | |   _   | | | |    |  ___/   | | | |   \\ \\ / /    | | | |   '.___`-.   | |\n");
+        emblem.append(
+                "  | |   _| |__/ |  | | | |   _| |_      | | | |    \\ ' /     | | | |  |`\\____) |  | |\n");
+        emblem.append(
+                "  | |  |________|  | | | |  |_____|     | | | |     \\_/      | | | |  |_______.'  | |\n");
+        emblem.append(
+                "  | |              | | | |              | | | |              | | | |              | |\n");
+        emblem.append(
+                "  | '--------------' | | '--------------' | | '--------------' | | '--------------' |\n");
+        emblem.append(
+                "   '----------------'   '----------------'   '----------------'   '----------------' \n");
+        emblem.append(
+                "  :: License Pre-Validation Service ::                                      (v1.5.2)\n");
+        return emblem.toString();
+    }
 }
diff --git a/src/test/java/com/lpvs/LicensePreValidationServiceTest.java b/src/test/java/com/lpvs/LicensePreValidationServiceTest.java
@@ -21,6 +21,7 @@
 import java.lang.reflect.Field;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
 import static org.mockito.Mockito.*;
 
 public class LicensePreValidationServiceTest {
@@ -137,4 +138,10 @@ public void testMain_Exception_N() throws NoSuchFieldException, IllegalAccessExc
         LicensePreValidationService.main(args);
         Mockito.verify(exitHandler, Mockito.times(0)).exit(anyInt());
     }
+
+    @Test
+    public void testGetEmblem() {
+        String emblem = LicensePreValidationService.getEmblem();
+        assertNotNull(emblem);
+    }
 }