Update Snyk API version to 2023-06-22

This changes the default version for new DT deployments, and updates the version for existing ones, **if the version has not been changed already**. `2023-06-22` is the most recent stable version according to apidocs.snyk.io. Tested and confirmed that it's working fine with DT's integration. Signed-off-by: nscuro <[email protected]>
DependencyTrack · Jul 25, 2023 · 4c1d59a · 4c1d59a
1 parent 1d8bc96
commit 4c1d59a
Show file tree

Hide file tree

Showing 3 changed files with 67 additions and 1 deletion.
diff --git a/src/main/java/org/dependencytrack/model/ConfigPropertyConstants.java b/src/main/java/org/dependencytrack/model/ConfigPropertyConstants.java
@@ -55,7 +55,7 @@ public enum ConfigPropertyConstants {
     SCANNER_SNYK_ALIAS_SYNC_ENABLED("scanner", "snyk.alias.sync.enabled", "false", PropertyType.BOOLEAN, "Flag to enable/disable alias synchronization for Snyk"),
     SCANNER_SNYK_API_TOKEN("scanner", "snyk.api.token", null, PropertyType.ENCRYPTEDSTRING, "The API token used for Snyk API authentication"),
     SCANNER_SNYK_ORG_ID("scanner", "snyk.org.id", null, PropertyType.STRING, "The Organization ID used for Snyk API access"),
-    SCANNER_SNYK_API_VERSION("scanner", "snyk.api.version", "2022-11-14", PropertyType.STRING, "Snyk API version"),
+    SCANNER_SNYK_API_VERSION("scanner", "snyk.api.version", "2023-06-22", PropertyType.STRING, "Snyk API version"),
     SCANNER_SNYK_CVSS_SOURCE("scanner", "snyk.cvss.source", "NVD", PropertyType.STRING, "Type of source to be prioritized for cvss calculation"),
     SCANNER_SNYK_BASE_URL("scanner", "snyk.base.url", "https://api.snyk.io", PropertyType.URL, "Base Url pointing to the hostname and path for Snyk analysis"),
     VULNERABILITY_SOURCE_NVD_ENABLED("vuln-source", "nvd.enabled", "true", PropertyType.BOOLEAN, "Flag to enable/disable National Vulnerability Database"),

diff --git a/src/main/java/org/dependencytrack/upgrade/UpgradeItems.java b/src/main/java/org/dependencytrack/upgrade/UpgradeItems.java
@@ -36,6 +36,7 @@ class UpgradeItems {
         UPGRADE_ITEMS.add(org.dependencytrack.upgrade.v463.v463Updater.class);
         UPGRADE_ITEMS.add(org.dependencytrack.upgrade.v470.v470Updater.class);
         UPGRADE_ITEMS.add(org.dependencytrack.upgrade.v480.v480Updater.class);
+        UPGRADE_ITEMS.add(org.dependencytrack.upgrade.v490.v490Updater.class);
     }
 
     static List<Class<? extends UpgradeItem>> getUpgradeItems() {

diff --git a/src/main/java/org/dependencytrack/upgrade/v490/v490Updater.java b/src/main/java/org/dependencytrack/upgrade/v490/v490Updater.java
@@ -0,0 +1,65 @@
+/*
+ * This file is part of Dependency-Track.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * SPDX-License-Identifier: Apache-2.0
+ * Copyright (c) Steve Springett. All Rights Reserved.
+ */
+package org.dependencytrack.upgrade.v490;
+
+import alpine.common.logging.Logger;
+import alpine.persistence.AlpineQueryManager;
+import alpine.server.upgrade.AbstractUpgradeItem;
+
+import java.sql.Connection;
+import java.sql.PreparedStatement;
+
+import static org.dependencytrack.model.ConfigPropertyConstants.SCANNER_SNYK_API_VERSION;
+
+public class v490Updater extends AbstractUpgradeItem {
+
+    private static final Logger LOGGER = Logger.getLogger(v490Updater.class);
+
+    @Override
+    public String getSchemaVersion() {
+        return "4.9.0";
+    }
+
+    @Override
+    public void executeUpgrade(final AlpineQueryManager qm, final Connection connection) throws Exception {
+        updateDefaultSnykApiVersion(connection);
+    }
+
+    /**
+     * Update the Snyk API version from its previous default to a current and actively supported one.
+     * Only do so when the version has not been modified manually.
+     *
+     * @param connection The {@link Connection} to use for executing queries
+     * @throws Exception When executing a query failed
+     */
+    private static void updateDefaultSnykApiVersion(final Connection connection) throws Exception {
+        LOGGER.info("Updating Snyk API version from 2022-11-14 to %s"
+                .formatted(SCANNER_SNYK_API_VERSION.getDefaultPropertyValue()));
+        try (final PreparedStatement ps = connection.prepareStatement("""
+                UPDATE "CONFIGPROPERTY" SET "PROPERTYVALUE" = ?
+                WHERE "GROUPNAME" = 'scanner'
+                    AND "PROPERTYNAME" = 'snyk.api.version'
+                    AND "PROPERTYVALUE" = '2022-11-14'
+                """)) {
+            ps.setString(1, SCANNER_SNYK_API_VERSION.getDefaultPropertyValue());
+            ps.executeUpdate();
+        }
+    }
+
+}