From c2c0b1922e7a680743d18e4d783f41ad4d77d570 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 20 Sep 2023 08:42:24 +0000 Subject: [PATCH 1/8] Bump org.eclipse.jgit:org.eclipse.jgit Bumps org.eclipse.jgit:org.eclipse.jgit from 6.4.0.202211300538-r to 6.6.1.202309021850-r. --- updated-dependencies: - dependency-name: org.eclipse.jgit:org.eclipse.jgit dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 52e03878..583e3c0c 100644 --- a/pom.xml +++ b/pom.xml @@ -132,7 +132,7 @@ org.eclipse.jgit org.eclipse.jgit - 6.4.0.202211300538-r + 6.6.1.202309021850-r tech.jhipster From bd89fb5f8517bbdfebcc1b125b13a42f982c77ff Mon Sep 17 00:00:00 2001 From: Quentin Date: Sat, 23 Sep 2023 14:26:26 +0200 Subject: [PATCH 2/8] Sonar: Remove this use of 'featurePolicy'; it is deprecated --- .../github/jhipster/online/config/SecurityConfiguration.java | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/src/main/java/io/github/jhipster/online/config/SecurityConfiguration.java b/src/main/java/io/github/jhipster/online/config/SecurityConfiguration.java index 2a355f8c..e1322a61 100644 --- a/src/main/java/io/github/jhipster/online/config/SecurityConfiguration.java +++ b/src/main/java/io/github/jhipster/online/config/SecurityConfiguration.java @@ -87,7 +87,9 @@ public void configure(HttpSecurity http) throws Exception { .and() .referrerPolicy(ReferrerPolicyHeaderWriter.ReferrerPolicy.STRICT_ORIGIN_WHEN_CROSS_ORIGIN) .and() - .featurePolicy("geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'") + .permissionsPolicy(permissions -> permissions + .policy("geolocation=(none), midi=(none), sync-xhr=(none), microphone=(none), camera=(none), magnetometer=(none), gyroscope=(none), speaker=(none), fullscreen=(none), speaker=(none), payment=(none)") + ) .and() .frameOptions() .deny() From 9ffbe7c40a0069c387e30c80e20e73ef512565cc Mon Sep 17 00:00:00 2001 From: Quentin Date: Sat, 23 Sep 2023 14:52:18 +0200 Subject: [PATCH 3/8] Sonar: Remove this use of 'WebSecurityConfigurerAdapter'; it is deprecated --- .../online/config/SecurityConfiguration.java | 34 ++++++++++--------- 1 file changed, 18 insertions(+), 16 deletions(-) diff --git a/src/main/java/io/github/jhipster/online/config/SecurityConfiguration.java b/src/main/java/io/github/jhipster/online/config/SecurityConfiguration.java index e1322a61..4f458fd3 100644 --- a/src/main/java/io/github/jhipster/online/config/SecurityConfiguration.java +++ b/src/main/java/io/github/jhipster/online/config/SecurityConfiguration.java @@ -26,12 +26,12 @@ import org.springframework.http.HttpMethod; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; -import org.springframework.security.config.annotation.web.builders.WebSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; -import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; import org.springframework.security.config.http.SessionCreationPolicy; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter; import org.springframework.security.web.header.writers.ReferrerPolicyHeaderWriter; import org.springframework.web.filter.CorsFilter; @@ -40,7 +40,7 @@ @EnableWebSecurity @EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true) @Import(SecurityProblemSupport.class) -public class SecurityConfiguration extends WebSecurityConfigurerAdapter { +public class SecurityConfiguration { private final TokenProvider tokenProvider; @@ -58,21 +58,22 @@ public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(); } - @Override - public void configure(WebSecurity web) { - web - .ignoring() - .antMatchers(HttpMethod.OPTIONS, "/**") - .antMatchers("/app/**/*.{js,html}") - .antMatchers("/i18n/**") - .antMatchers("/content/**") - .antMatchers("/swagger-ui/index.html") - .antMatchers("/test/**") - .antMatchers("/h2-console/**"); + @Bean + public WebSecurityCustomizer webSecurityCustomizer() { + return web -> + web + .ignoring() + .antMatchers(HttpMethod.OPTIONS, "/**") + .antMatchers("/app/**/*.{js,html}") + .antMatchers("/i18n/**") + .antMatchers("/content/**") + .antMatchers("/swagger-ui/index.html") + .antMatchers("/test/**") + .antMatchers("/h2-console/**"); } - @Override - public void configure(HttpSecurity http) throws Exception { + @Bean + public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { // @formatter:off http .csrf() @@ -124,6 +125,7 @@ public void configure(HttpSecurity http) throws Exception { .httpBasic() .and() .apply(securityConfigurerAdapter()); + return http.build(); // @formatter:on } From 46da377aeb1665fbeee5d8861300ff1d673d8f03 Mon Sep 17 00:00:00 2001 From: Quentin Date: Sat, 23 Sep 2023 16:48:39 +0200 Subject: [PATCH 4/8] Sonar: Extract this nested ternary operation into an independent statement --- src/main/webapp/swagger-ui/index.html | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/main/webapp/swagger-ui/index.html b/src/main/webapp/swagger-ui/index.html index 9448aec2..ed04b4a9 100644 --- a/src/main/webapp/swagger-ui/index.html +++ b/src/main/webapp/swagger-ui/index.html @@ -28,7 +28,10 @@ urls.sort(function (a, b) { var x = a.name.toLowerCase(), y = b.name.toLowerCase(); - return x < y ? -1 : x > y ? 1 : 0; + if (x === y) { + return 0; + } + return x < y ? -1 : 1; }); // Build a system From 2f7d32449afb15792c69e2217938a5b97eb52bf3 Mon Sep 17 00:00:00 2001 From: Quentin Date: Sat, 23 Sep 2023 16:53:15 +0200 Subject: [PATCH 5/8] Sonar: Define a constant instead of duplicating this literal '--force' 3 times --- .../github/jhipster/online/service/JHipsterService.java | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/main/java/io/github/jhipster/online/service/JHipsterService.java b/src/main/java/io/github/jhipster/online/service/JHipsterService.java index e0c786db..5bc863cd 100644 --- a/src/main/java/io/github/jhipster/online/service/JHipsterService.java +++ b/src/main/java/io/github/jhipster/online/service/JHipsterService.java @@ -42,6 +42,8 @@ public class JHipsterService { private static final String SKIP_INSTALL = "--skip-install"; + private static final String FORCE = "--force"; + private final LogsService logsService; private final Executor taskExecutor; @@ -79,7 +81,7 @@ public void generateApplication(String generationId, File workingDir) throws IOE SKIP_INSTALL, "--skip-cache", "--skip-git", - "--force" + FORCE ); } @@ -94,7 +96,7 @@ public void runImportJdl(String generationId, File workingDir, String jdlFileNam FORCE_INSIGHT, SKIP_CHECKS, SKIP_INSTALL, - "--force" + FORCE ); } @@ -113,7 +115,7 @@ public void addCiCd(String generationId, File workingDir, CiCdTool ciCdTool) thr FORCE_INSIGHT, SKIP_CHECKS, SKIP_INSTALL, - "--force" + FORCE ); } From 20e84316d8c44ee9fc79fd2a234b02241cfac0d8 Mon Sep 17 00:00:00 2001 From: Quentin Date: Sat, 23 Sep 2023 17:04:50 +0200 Subject: [PATCH 6/8] Sonar: Provide the parametrized type for this generic --- .../io/github/jhipster/online/web/rest/GitResource.java | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/main/java/io/github/jhipster/online/web/rest/GitResource.java b/src/main/java/io/github/jhipster/online/web/rest/GitResource.java index 4f0b2f4d..afe90a33 100644 --- a/src/main/java/io/github/jhipster/online/web/rest/GitResource.java +++ b/src/main/java/io/github/jhipster/online/web/rest/GitResource.java @@ -37,6 +37,7 @@ import java.net.http.HttpResponse; import java.util.Collection; import java.util.HashMap; +import java.util.List; import java.util.Map; import java.util.Optional; import java.util.concurrent.CompletableFuture; @@ -326,7 +327,10 @@ public void setAccess_token(String access_token) { */ @GetMapping("/{gitProvider}/companies/{companyName}/projects") @Secured(AuthoritiesConstants.USER) - public @ResponseBody ResponseEntity getOrganizationProjects(@PathVariable String gitProvider, @PathVariable String companyName) { + public @ResponseBody ResponseEntity> getOrganizationProjects( + @PathVariable String gitProvider, + @PathVariable String companyName + ) { Optional maybeGitProvider = GitProvider.getGitProviderByValue(gitProvider); return maybeGitProvider .map( From 7eecd2a62a393c01d6c66b7d2b0fbeca677756b2 Mon Sep 17 00:00:00 2001 From: Quentin Date: Sat, 23 Sep 2023 17:14:40 +0200 Subject: [PATCH 7/8] Sonar: 'CookieModule.forRoot' is deprecated --- src/main/webapp/app/core/core.module.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/webapp/app/core/core.module.ts b/src/main/webapp/app/core/core.module.ts index 4f1499a9..4a9059fc 100644 --- a/src/main/webapp/app/core/core.module.ts +++ b/src/main/webapp/app/core/core.module.ts @@ -40,7 +40,7 @@ import { fontAwesomeIcons } from './icons/font-awesome-icons'; @NgModule({ imports: [ HttpClientModule, - CookieModule.forRoot(), + CookieModule.withOptions(), NgxWebstorageModule.forRoot({ prefix: 'jhi', separator: '-' }), NgJhipsterModule.forRoot({ // set below to true to make alerts look like toast From 605f9fb0f114353ceb64a008c130cc88f84e28f6 Mon Sep 17 00:00:00 2001 From: Quentin Date: Sun, 24 Sep 2023 16:37:19 +0200 Subject: [PATCH 8/8] Sonar: Update this function so that its implementation is not identical to the one on line 69 --- .../app/home/jdl-metadata/jdl-studio.component.ts | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/src/main/webapp/app/home/jdl-metadata/jdl-studio.component.ts b/src/main/webapp/app/home/jdl-metadata/jdl-studio.component.ts index 086eeba7..f54f4bec 100644 --- a/src/main/webapp/app/home/jdl-metadata/jdl-studio.component.ts +++ b/src/main/webapp/app/home/jdl-metadata/jdl-studio.component.ts @@ -67,9 +67,7 @@ export class DeleteJdlStudioComponent implements OnInit, OnDestroy { } ngOnDestroy(): void { - if (this.subscription) { - this.subscription.unsubscribe(); - } + unsubscribe(this.subscription); } } @@ -164,12 +162,16 @@ export class ApplyJdlStudioComponent implements OnInit, OnDestroy { } ngOnDestroy(): void { - if (this.subscription) { - this.subscription.unsubscribe(); - } + unsubscribe(this.subscription); } isAtLeastOneGitProviderAvailableAndConfigured(): boolean { return (this.gitConfig.githubAvailable && this.githubConfigured) || (this.gitConfig.gitlabAvailable && this.gitlabConfigured) || false; } } + +const unsubscribe = (subscription: Subscription | undefined) => { + if (subscription) { + subscription.unsubscribe(); + } +};