Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: CET-4500 #1696

Closed
wants to merge 45 commits into from
Closed
Changes from 1 commit
Commits
Show all changes
45 commits
Select commit Hold shift + click to select a range
311575f
(feat) Add data models for code scanning alert and related structures
akashRindhe May 17, 2021
b2437b8
(feat) Add methods to list code scanning alerts on a repository
akashRindhe May 17, 2021
1efcbf1
(feat) Add function to search code scanning alert by id
akashRindhe May 17, 2021
6ab47cf
(feat) Add method to list instances of code scanning alert
akashRindhe May 19, 2021
3ff6ac0
Merge branch 'main' into feat/1133
bitwiseman Jun 1, 2021
8f0ba6e
Merge branch 'main' into feat/1133
bitwiseman Jun 23, 2021
a86959e
Merge branch 'main' into feat/1133
bitwiseman Jul 13, 2021
336189e
Merge branch 'main' into feat/1133
bitwiseman Sep 9, 2021
d61bc81
Merge branch 'main' into feat/1133
bitwiseman Sep 24, 2021
fe129ca
Merge branch 'main' into feat/1133
bitwiseman Oct 24, 2021
8fc2de2
Bring PR up to current main
bitwiseman Oct 25, 2021
c25f5b4
Merge branch 'main' into feat/1133
bitwiseman Nov 8, 2021
8912703
Merge branch 'main' into feat/1133
bitwiseman Nov 23, 2021
8745486
Merge branch 'main' into feat/1133
bitwiseman Nov 28, 2021
90f93fe
Merge branch 'main' into feat/1133
bitwiseman Feb 14, 2022
b81ee25
Merge branch 'main' into feat/1133
bitwiseman Mar 7, 2022
fc45aeb
Merge branch 'main' into feat/1133
bitwiseman Mar 7, 2022
1701217
Use Cortex packages
nikhilunni Mar 29, 2022
3f8f079
Merge branch 'main' into feat/1133
bitwiseman Apr 7, 2022
7135e5b
Merge remote-tracking branch 'akash/feat/1133' into addis-main-dec21
maddymanu Dec 21, 2022
d432ae0
adding doc comments
Dec 21, 2022
d876b99
applying spotless
Dec 21, 2022
1114434
adding doc comments for test
Dec 21, 2022
d39b694
comment out test
Jan 3, 2023
ccb805d
spotless
Jan 4, 2023
fe61da3
making severity gettable on the alert object
Jan 5, 2023
4b68a6e
spacing issue
Jan 5, 2023
baed123
Pom file for testing
Jan 5, 2023
05c1446
spotless
Jan 6, 2023
be746e9
Try another build
Jan 10, 2023
620b2d6
get tests to pass?
Jan 11, 2023
27b100d
up version number
Jan 17, 2023
90b5451
Merge pull request #9 from cortexapps/addis-main-dec21
greg-p-cortex Jan 17, 2023
d2c9851
Merge remote-tracking branch 'cortex/main' into addis-optimizations
maddymanu Apr 5, 2023
29e4491
Skip author resolve if already present
maddymanu Apr 5, 2023
f3f3386
Bump Version
maddymanu Apr 5, 2023
c2fdd89
Merge pull request #10 from cortexapps/addis-optimizations
maddymanu Apr 5, 2023
897fff4
[CET-3337] Update the GhWorkflowRunQueryBuilder to have a query param…
jennie-m-chen May 16, 2023
a2129b2
handle nulls for publishedAT
Jun 6, 2023
c825722
Merge pull request #17 from cortexapps/Fix-releases
greg-p-cortex Jun 6, 2023
2770d58
Update GHCodeScanningAlert to get rule name (#18)
JGaworecki Aug 4, 2023
f4971c9
Update README.md
eyalfoni Aug 4, 2023
b304184
Merge pull request #19 from cortexapps/eyalfoni-patch-1
eyalfoni Aug 4, 2023
bd42067
fix: CET-4500 basepath not being respected for vulnerabilities
imundra Aug 16, 2023
2e84471
update CI
imundra Aug 16, 2023
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
spotless
Gregory Pett authored and Gregory Pett committed Jan 4, 2023
commit ccb805d86869236e1d5718cfd9465752373a4b79
122 changes: 61 additions & 61 deletions src/test/java/org/kohsuke/github/GHCodeScanningAlertInstanceTest.java
Original file line number Diff line number Diff line change
@@ -1,77 +1,77 @@
//package org.kohsuke.github;
// package org.kohsuke.github;
//
//import org.junit.Assume;
//import org.junit.Before;
//import org.junit.Test;
// import org.junit.Assume;
// import org.junit.Before;
// import org.junit.Test;
//
//import java.io.IOException;
//import java.util.List;
// import java.io.IOException;
// import java.util.List;
//
//import static org.hamcrest.Matchers.greaterThanOrEqualTo;
//import static org.hamcrest.Matchers.not;
// import static org.hamcrest.Matchers.greaterThanOrEqualTo;
// import static org.hamcrest.Matchers.not;
//
///**
/// **
// * <p>
// * Note : As the code scanning alerts cannot be tailored as part of test setup, lot of the test cases are dependent on
// * manual setup of the mock repo. Assertions and verifications will often simply check that the values are non-null
// * rather than depending on hard-coded values, to prevent making the tests flimsy
// * </p>
// */
//public class GHCodeScanningAlertInstanceTest extends AbstractGitHubWireMockTest {
// private static final String REPO_NAME = "Pixi";
// private GHCodeScanningAlert alert;
// public class GHCodeScanningAlertInstanceTest extends AbstractGitHubWireMockTest {
// private static final String REPO_NAME = "Pixi";
// private GHCodeScanningAlert alert;
//
// /**
// * Gets the first dismissed alert from the mock repo
// *
// * @throws Exception
// * the exception
// */
// @Before
// public void setUp() throws Exception {
// GHRepository repo = gitHub.getRepository(GITHUB_API_TEST_ORG + "/" + REPO_NAME);
// alert = getAlertFromRepo(repo);
// }
// /**
// * Gets the first dismissed alert from the mock repo
// *
// * @throws Exception
// * the exception
// */
// @Before
// public void setUp() throws Exception {
// GHRepository repo = gitHub.getRepository(GITHUB_API_TEST_ORG + "/" + REPO_NAME);
// alert = getAlertFromRepo(repo);
// }
//
// private GHCodeScanningAlert getAlertFromRepo(GHRepository repo) {
// List<GHCodeScanningAlert> dismissedAlerts = repo.listCodeScanningAlerts(GHCodeScanningAlertState.DISMISSED)
// ._iterator(1)
// .nextPage();
// Assume.assumeThat(dismissedAlerts.size(), greaterThanOrEqualTo(1));
// return dismissedAlerts.get(0);
// }
// private GHCodeScanningAlert getAlertFromRepo(GHRepository repo) {
// List<GHCodeScanningAlert> dismissedAlerts = repo.listCodeScanningAlerts(GHCodeScanningAlertState.DISMISSED)
// ._iterator(1)
// .nextPage();
// Assume.assumeThat(dismissedAlerts.size(), greaterThanOrEqualTo(1));
// return dismissedAlerts.get(0);
// }
//
// /**
// * Test list alert instances payload
// *
// * @throws IOException
// * Signals that an I/O exception has occurred.
// */
// @Test
// public void testListAlertInstances() throws IOException {
// // Arrange
// /**
// * Test list alert instances payload
// *
// * @throws IOException
// * Signals that an I/O exception has occurred.
// */
// @Test
// public void testListAlertInstances() throws IOException {
// // Arrange
//
// // Act
// List<GHCodeScanningAlertInstance> results = alert.listAlertInstances().toList();
// // Act
// List<GHCodeScanningAlertInstance> results = alert.listAlertInstances().toList();
//
// // Assert
// assertThat(results.size(), greaterThanOrEqualTo(1));
// GHCodeScanningAlertInstance instance = results.get(0);
// // Can't assert on exact values with having to hardcode values from
// // json file, hence making the assertions generics
// assertThat(instance.getRef(), not((Object) null));
// assertThat(instance.getCommitSha(), not((Object) null));
// assertThat(instance.getState(), not((Object) null));
// assertThat(instance.getMessage(), not((Object) null));
// assertThat(instance.getLocation(), not((Object) null));
// // Assert
// assertThat(results.size(), greaterThanOrEqualTo(1));
// GHCodeScanningAlertInstance instance = results.get(0);
// // Can't assert on exact values with having to hardcode values from
// // json file, hence making the assertions generics
// assertThat(instance.getRef(), not((Object) null));
// assertThat(instance.getCommitSha(), not((Object) null));
// assertThat(instance.getState(), not((Object) null));
// assertThat(instance.getMessage(), not((Object) null));
// assertThat(instance.getLocation(), not((Object) null));
//
// GHCodeScanningAlertInstance.Location location = instance.getLocation();
// // Can't assert on exact values with having to hardcode values from
// // json file, hence making the assertions generics
// assertThat(location.getPath(), not((Object) null));
// assertThat(location.getStartLine(), greaterThanOrEqualTo(0L));
// assertThat(location.getEndLine(), greaterThanOrEqualTo(0L));
// assertThat(location.getStartColumn(), greaterThanOrEqualTo(0L));
// assertThat(location.getStartColumn(), greaterThanOrEqualTo(0L));
// }
//}
// GHCodeScanningAlertInstance.Location location = instance.getLocation();
// // Can't assert on exact values with having to hardcode values from
// // json file, hence making the assertions generics
// assertThat(location.getPath(), not((Object) null));
// assertThat(location.getStartLine(), greaterThanOrEqualTo(0L));
// assertThat(location.getEndLine(), greaterThanOrEqualTo(0L));
// assertThat(location.getStartColumn(), greaterThanOrEqualTo(0L));
// assertThat(location.getStartColumn(), greaterThanOrEqualTo(0L));
// }
// }
190 changes: 95 additions & 95 deletions src/test/java/org/kohsuke/github/GHCodeScanningAlertTest.java
Original file line number Diff line number Diff line change
@@ -1,105 +1,105 @@
//package org.kohsuke.github;
// package org.kohsuke.github;
//
//import org.junit.Assume;
//import org.junit.Before;
//import org.junit.Test;
// import org.junit.Assume;
// import org.junit.Before;
// import org.junit.Test;
//
//import java.io.IOException;
//import java.util.List;
// import java.io.IOException;
// import java.util.List;
//
//import static org.hamcrest.Matchers.equalTo;
//import static org.hamcrest.Matchers.greaterThanOrEqualTo;
//import static org.hamcrest.Matchers.is;
//import static org.hamcrest.Matchers.not;
// import static org.hamcrest.Matchers.equalTo;
// import static org.hamcrest.Matchers.greaterThanOrEqualTo;
// import static org.hamcrest.Matchers.is;
// import static org.hamcrest.Matchers.not;
//
///**
/// **
// * <p>
// * Note : As the code scanning alerts cannot be tailored as part of test setup, lot of the test cases are dependent on
// * manual setup of the mock repo. Assertions and verifications will often simply check that the values are non-null
// * rather than depending on hard-coded values, to prevent making the tests flimsy
// * </p>
// */
//public class GHCodeScanningAlertTest extends AbstractGitHubWireMockTest {
// private static final String REPO_NAME = "Pixi";
// private GHRepository repo;
//
// /**
// * Gets the mock repo
// *
// * @throws Exception
// * the exception
// */
// @Before
// public void setUp() throws Exception {
// repo = gitHub.getRepository(GITHUB_API_TEST_ORG + "/" + REPO_NAME);
// }
//
// /**
// * Test list code scanning alert payload
// */
// @Test
// public void testListCodeScanningAlerts() {
// // Arrange
//
// // Act - Search by filtering on code scanning tool
// List<GHCodeScanningAlert> codeQlAlerts = repo.listCodeScanningAlerts("CodeQL")._iterator(2).nextPage();
//
// // Assert
// assertThat(codeQlAlerts.size(), equalTo(2)); // This assertion is based on manual setup done on repo to
// // guarantee there are atleast 2 issues
//
// GHCodeScanningAlert alert = codeQlAlerts.get(0);
//
// // Verify the code scanning tool details
// assertThat(alert.getTool(), not((Object) null));
// GHCodeScanningAlert.Tool tool = alert.getTool();
// assertThat(tool.getName(), is("CodeQL"));
// assertThat(tool.getVersion(), not((Object) null));
//
// // Verify that fields of the code scanning rule are non-null
// assertThat(alert.getRule(), not((Object) null));
// GHCodeScanningAlert.Rule rule = alert.getRule();
// assertThat(rule.getId(), not((Object) null));
// assertThat(rule.getName(), not((Object) null));
// assertThat(rule.getSeverity(), not((Object) null));
//
// // Act - Search by filtering on alert status
// List<GHCodeScanningAlert> openAlerts = repo.listCodeScanningAlerts(GHCodeScanningAlertState.OPEN)
// ._iterator(2)
// .nextPage(); // This assertion is based on manual setup done on repo to
// // guarantee there are atleast 2 issues
//
// // Assert
// assertThat(openAlerts.size(), equalTo(2));
// GHCodeScanningAlert openAlert = openAlerts.get(0);
// assertThat(openAlert.getState(), is(GHCodeScanningAlertState.OPEN));
// }
//
// /**
// * Test get code scanning alert payload
// *
// * @throws IOException
// * Signals that an I/O exception has occurred.
// */
// @Test
// public void testGetCodeScanningAlert() throws IOException {
// // Arrange
// List<GHCodeScanningAlert> dismissedAlerts = repo.listCodeScanningAlerts(GHCodeScanningAlertState.DISMISSED)
// ._iterator(1)
// .nextPage();
// Assume.assumeThat(dismissedAlerts.size(), greaterThanOrEqualTo(1));
// GHCodeScanningAlert dismissedAlert = dismissedAlerts.get(0);
// long idOfDismissed = dismissedAlert.getId();
//
// // Act
// GHCodeScanningAlert result = repo.getCodeScanningAlert(idOfDismissed);
//
// // Assert
// assertThat(result, not((Object) null));
// assertThat(result.getId(), equalTo(idOfDismissed));
// assertThat(result.getDismissedReason(), equalTo(dismissedAlert.getDismissedReason()));
// assertThat(result.getDismissedAt(), equalTo(dismissedAlert.getDismissedAt()));
// assertThat(result.getDismissedBy().login, equalTo(dismissedAlert.getDismissedBy().login));
// }
//
//}
// public class GHCodeScanningAlertTest extends AbstractGitHubWireMockTest {
// private static final String REPO_NAME = "Pixi";
// private GHRepository repo;
//
// /**
// * Gets the mock repo
// *
// * @throws Exception
// * the exception
// */
// @Before
// public void setUp() throws Exception {
// repo = gitHub.getRepository(GITHUB_API_TEST_ORG + "/" + REPO_NAME);
// }
//
// /**
// * Test list code scanning alert payload
// */
// @Test
// public void testListCodeScanningAlerts() {
// // Arrange
//
// // Act - Search by filtering on code scanning tool
// List<GHCodeScanningAlert> codeQlAlerts = repo.listCodeScanningAlerts("CodeQL")._iterator(2).nextPage();
//
// // Assert
// assertThat(codeQlAlerts.size(), equalTo(2)); // This assertion is based on manual setup done on repo to
// // guarantee there are atleast 2 issues
//
// GHCodeScanningAlert alert = codeQlAlerts.get(0);
//
// // Verify the code scanning tool details
// assertThat(alert.getTool(), not((Object) null));
// GHCodeScanningAlert.Tool tool = alert.getTool();
// assertThat(tool.getName(), is("CodeQL"));
// assertThat(tool.getVersion(), not((Object) null));
//
// // Verify that fields of the code scanning rule are non-null
// assertThat(alert.getRule(), not((Object) null));
// GHCodeScanningAlert.Rule rule = alert.getRule();
// assertThat(rule.getId(), not((Object) null));
// assertThat(rule.getName(), not((Object) null));
// assertThat(rule.getSeverity(), not((Object) null));
//
// // Act - Search by filtering on alert status
// List<GHCodeScanningAlert> openAlerts = repo.listCodeScanningAlerts(GHCodeScanningAlertState.OPEN)
// ._iterator(2)
// .nextPage(); // This assertion is based on manual setup done on repo to
// // guarantee there are atleast 2 issues
//
// // Assert
// assertThat(openAlerts.size(), equalTo(2));
// GHCodeScanningAlert openAlert = openAlerts.get(0);
// assertThat(openAlert.getState(), is(GHCodeScanningAlertState.OPEN));
// }
//
// /**
// * Test get code scanning alert payload
// *
// * @throws IOException
// * Signals that an I/O exception has occurred.
// */
// @Test
// public void testGetCodeScanningAlert() throws IOException {
// // Arrange
// List<GHCodeScanningAlert> dismissedAlerts = repo.listCodeScanningAlerts(GHCodeScanningAlertState.DISMISSED)
// ._iterator(1)
// .nextPage();
// Assume.assumeThat(dismissedAlerts.size(), greaterThanOrEqualTo(1));
// GHCodeScanningAlert dismissedAlert = dismissedAlerts.get(0);
// long idOfDismissed = dismissedAlert.getId();
//
// // Act
// GHCodeScanningAlert result = repo.getCodeScanningAlert(idOfDismissed);
//
// // Assert
// assertThat(result, not((Object) null));
// assertThat(result.getId(), equalTo(idOfDismissed));
// assertThat(result.getDismissedReason(), equalTo(dismissedAlert.getDismissedReason()));
// assertThat(result.getDismissedAt(), equalTo(dismissedAlert.getDismissedAt()));
// assertThat(result.getDismissedBy().login, equalTo(dismissedAlert.getDismissedBy().login));
// }
//
// }