[Backport 2.x] Update dependency com.pinterest:ktlint to 0.47.1 and fix CVE-2023-6378 for common-utils

build.gradle

@@ -66,7 +66,12 @@ apply plugin: 'opensearch.repositories'
 apply from: 'build-tools/opensearchplugin-coverage.gradle'
 
 configurations {
-    ktlint
+    ktlint {
+      resolutionStrategy {
+          force "ch.qos.logback:logback-classic:1.3.14"
+          force "ch.qos.logback:logback-core:1.3.14"
+      }
+   }
 }
 
 dependencies {
@@ -86,7 +91,7 @@ dependencies {
     testImplementation "commons-validator:commons-validator:1.7"
     testRuntimeOnly 'org.junit.jupiter:junit-jupiter-engine:5.7.2'
 
-    ktlint "com.pinterest:ktlint:0.44.0"
+    ktlint "com.pinterest:ktlint:0.47.1"
 }
 
 test {
@@ -226,4 +231,4 @@ task updateVersion {
         // Include the required files that needs to be updated with new Version
         ant.replaceregexp(file:'build.gradle', match: '"opensearch.version", "\\d.*"', replace: '"opensearch.version", "' + newVersion.tokenize('-')[0] + '-SNAPSHOT"', flags:'g', byline:true)
     }
-}
+}

src/main/kotlin/org/opensearch/commons/alerting/action/AcknowledgeChainedAlertRequest.kt

@@ -19,7 +19,7 @@ class AcknowledgeChainedAlertRequest : ActionRequest {
 
     constructor(
         workflowId: String,
-        alertIds: List<String>,
+        alertIds: List<String>
     ) : super() {
         this.workflowId = workflowId
         this.alertIds = alertIds
@@ -28,7 +28,7 @@ class AcknowledgeChainedAlertRequest : ActionRequest {
     @Throws(IOException::class)
     constructor(sin: StreamInput) : this(
         sin.readString(), // workflowId
-        Collections.unmodifiableList(sin.readStringList()), // alertIds
+        Collections.unmodifiableList(sin.readStringList()) // alertIds
     )
 
     override fun validate(): ActionRequestValidationException? {

src/main/kotlin/org/opensearch/commons/alerting/action/AlertingActions.kt

@@ -29,6 +29,7 @@ object AlertingActions {
     @JvmField
     val INDEX_WORKFLOW_ACTION_TYPE =
         ActionType(INDEX_WORKFLOW_ACTION_NAME, ::IndexWorkflowResponse)
+
     @JvmField
     val GET_ALERTS_ACTION_TYPE =
         ActionType(GET_ALERTS_ACTION_NAME, ::GetAlertsResponse)
@@ -48,6 +49,7 @@ object AlertingActions {
     @JvmField
     val DELETE_WORKFLOW_ACTION_TYPE =
         ActionType(DELETE_WORKFLOW_ACTION_NAME, ::DeleteWorkflowResponse)
+
     @JvmField
     val GET_FINDINGS_ACTION_TYPE =
         ActionType(GET_FINDINGS_ACTION_NAME, ::GetFindingsResponse)

src/main/kotlin/org/opensearch/commons/alerting/action/DeleteWorkflowRequest.kt

@@ -9,6 +9,7 @@ import java.io.IOException
 class DeleteWorkflowRequest : ActionRequest {
 
     val workflowId: String
+
     /**
      * Flag that indicates whether the delegate monitors should be deleted or not.
      * If the flag is set to true, Delegate monitors will be deleted only in the case when they are part of the specified workflow and no other.

src/main/kotlin/org/opensearch/commons/alerting/action/GetMonitorRequest.kt

@@ -38,7 +38,9 @@
         sin.readEnum(RestRequest.Method::class.java), // method
         if (sin.readBoolean()) {
             FetchSourceContext(sin) // srcContext
-        } else null
+        } else {
+            null
+        }
     )
 
     override fun validate(): ActionRequestValidationException? {

src/main/kotlin/org/opensearch/commons/alerting/action/GetMonitorResponse.kt

@@ -32,7 +32,7 @@
         seqNo: Long,
         primaryTerm: Long,
         monitor: Monitor?,
-        associatedCompositeMonitors: List<AssociatedWorkflow>?,
+        associatedCompositeMonitors: List<AssociatedWorkflow>?
     ) : super() {
         this.id = id
         this.version = version
@@ -50,8 +50,10 @@
         primaryTerm = sin.readLong(), // primaryTerm
         monitor = if (sin.readBoolean()) {
             Monitor.readFrom(sin) // monitor
-        } else null,
-        associatedCompositeMonitors = sin.readList((AssociatedWorkflow)::readFrom),
+        } else {
+            null
+        },
+        associatedCompositeMonitors = sin.readList((AssociatedWorkflow)::readFrom)
     )
 
     @Throws(IOException::class)

src/main/kotlin/org/opensearch/commons/alerting/action/GetWorkflowAlertsRequest.kt

@@ -27,7 +27,7 @@ class GetWorkflowAlertsRequest : ActionRequest {
         monitorIds: List<String>? = null,
         workflowIds: List<String>? = null,
         alertIds: List<String>? = null,
-        getAssociatedAlerts: Boolean,
+        getAssociatedAlerts: Boolean
     ) : super() {
         this.table = table
         this.severityLevel = severityLevel

src/main/kotlin/org/opensearch/commons/alerting/action/GetWorkflowAlertsResponse.kt

@@ -12,6 +12,7 @@ import java.util.Collections
 class GetWorkflowAlertsResponse : BaseResponse {
     val alerts: List<Alert>
     val associatedAlerts: List<Alert>
+
     // totalAlerts is not the same as the size of alerts because there can be 30 alerts from the request, but
     // the request only asked for 5 alerts, so totalAlerts will be 30, but alerts will only contain 5 alerts
     val totalAlerts: Int?

src/main/kotlin/org/opensearch/commons/alerting/action/GetWorkflowResponse.kt

@@ -51,7 +51,9 @@
         sin.readEnum(RestStatus::class.java), // RestStatus
         if (sin.readBoolean()) {
             Workflow.readFrom(sin) // monitor
-        } else null
+        } else {
+            null
+        }
     )
 
     @Throws(IOException::class)
@@ -76,8 +78,9 @@
             .field(_VERSION, version)
             .field(_SEQ_NO, seqNo)
             .field(_PRIMARY_TERM, primaryTerm)
-        if (workflow != null)
+        if (workflow != null) {
             builder.field("workflow", workflow)
+        }
 
         return builder.endObject()
     }

src/main/kotlin/org/opensearch/commons/alerting/action/IndexWorkflowRequest.kt

@@ -57,55 +57,61 @@
 
         if (workflow.inputs.isEmpty()) {
             validationException = ValidateActions.addValidationError(
-                "Input list can not be empty.", validationException
+                "Input list can not be empty.",
+                validationException
             )
             return validationException
         }
         if (workflow.inputs.size > 1) {
             validationException = ValidateActions.addValidationError(
-                "Input list can contain only one element.", validationException
+                "Input list can contain only one element.",
+                validationException
             )
             return validationException
         }
         if (workflow.inputs[0] !is CompositeInput) {
             validationException = ValidateActions.addValidationError(
-                "When creating a workflow input must be CompositeInput", validationException
+                "When creating a workflow input must be CompositeInput",
+                validationException
             )
         }
         val compositeInput = workflow.inputs[0] as CompositeInput
         val monitorIds = compositeInput.sequence.delegates.stream().map { it.monitorId }.collect(Collectors.toList())
 
         if (monitorIds.isNullOrEmpty()) {
             validationException = ValidateActions.addValidationError(
-                "Delegates list can not be empty.", validationException
+                "Delegates list can not be empty.",
+                validationException
             )
             // Break the flow because next checks are dependant on non-null monitorIds
             return validationException
         }
 
         if (monitorIds.size > MAX_DELEGATE_SIZE) {
             validationException = ValidateActions.addValidationError(
-                "Delegates list can not be larger then $MAX_DELEGATE_SIZE.", validationException
+                "Delegates list can not be larger then $MAX_DELEGATE_SIZE.",
+                validationException
             )
         }
 
         if (monitorIds.toSet().size != monitorIds.size) {
             validationException = ValidateActions.addValidationError(
-                "Duplicate delegates not allowed", validationException
+                "Duplicate delegates not allowed",
+                validationException
             )
         }
         val delegates = compositeInput.sequence.delegates
         val orderSet = delegates.stream().filter { it.order > 0 }.map { it.order }.collect(Collectors.toSet())
         if (orderSet.size != delegates.size) {
             validationException = ValidateActions.addValidationError(
-                "Sequence ordering of delegate monitor shouldn't contain duplicate order values", validationException
+                "Sequence ordering of delegate monitor shouldn't contain duplicate order values",
+                validationException
             )
         }
 
         val monitorIdOrderMap: Map<String, Int> = delegates.associate { it.monitorId to it.order }
         delegates.forEach {
             if (it.chainedMonitorFindings != null) {
-
                 if (it.chainedMonitorFindings.monitorId != null) {
                     if (monitorIdOrderMap.containsKey(it.chainedMonitorFindings.monitorId) == false) {
                         validationException = ValidateActions.addValidationError(

src/main/kotlin/org/opensearch/commons/alerting/aggregation/bucketselectorext/BucketSelectorExtAggregator.kt

@@ -33,7 +33,7 @@
         script: Script,
         gapPolicy: BucketHelpers.GapPolicy,
         filter: BucketSelectorExtFilter?,
-        metadata: Map<String, Any>?,
+        metadata: Map<String, Any>?
     ) : super(name, bucketsPathsMap.values.toTypedArray(), metadata) {
         this.bucketsPathsMap = bucketsPathsMap
         this.parentBucketPath = parentBucketPath
@@ -132,7 +132,7 @@
             name(),
             parentBucketPath,
             selectedBucketsIndex,
-            originalAgg.metadata,
+            originalAgg.metadata
         )
     }
 

src/main/kotlin/org/opensearch/commons/alerting/model/Alert.kt

@@ -43,12 +43,14 @@
     val aggregationResultBucket: AggregationResultBucket? = null,
     val executionId: String? = null,
     val associatedAlertIds: List<String>,
-    val clusters: List<String>? = null,
+    val clusters: List<String>? = null
 ) : Writeable, ToXContent {
 
     init {
-        if (errorMessage != null) require(state == State.DELETED || state == State.ERROR || state == State.AUDIT) {
-            "Attempt to create an alert with an error in state: $state"
+        if (errorMessage != null) {
+            require(state == State.DELETED || state == State.ERROR || state == State.AUDIT) {
+                "Attempt to create an alert with an error in state: $state"
+            }
         }
     }
 
@@ -308,7 +310,9 @@
         monitorVersion = sin.readLong(),
         monitorUser = if (sin.readBoolean()) {
             User(sin)
-        } else null,
+        } else {
+            null
+        },
         triggerId = sin.readString(),
         triggerName = sin.readString(),
         findingIds = sin.readStringList(),
@@ -439,8 +443,11 @@
                     MONITOR_NAME_FIELD -> monitorName = xcp.text()
                     MONITOR_VERSION_FIELD -> monitorVersion = xcp.longValue()
                     MONITOR_USER_FIELD ->
-                        monitorUser = if (xcp.currentToken() == XContentParser.Token.VALUE_NULL) null
-                        else User.parse(xcp)
+                        monitorUser = if (xcp.currentToken() == XContentParser.Token.VALUE_NULL) {
+                            null
+                        } else {
+                            User.parse(xcp)
+                        }
                     TRIGGER_ID_FIELD -> triggerId = xcp.text()
                     FINDING_IDS -> {
                         ensureExpectedToken(XContentParser.Token.START_ARRAY, xcp.currentToken(), xcp)

src/main/kotlin/org/opensearch/commons/alerting/model/ChainedMonitorFindings.kt

@@ -17,7 +17,7 @@ import java.util.Collections
 // TODO - Remove the class and move the monitorId to Delegate (as a chainedMonitorId property) if this class won't be updated by adding new properties
 data class ChainedMonitorFindings(
     val monitorId: String? = null,
-    val monitorIds: List<String> = emptyList(), // if monitorId field is non-null it would be given precendence for BWC
+    val monitorIds: List<String> = emptyList() // if monitorId field is non-null it would be given precendence for BWC
 ) : BaseModel {
 
     init {
@@ -75,8 +75,9 @@ data class ChainedMonitorFindings(
 
                 when (fieldName) {
                     MONITOR_ID_FIELD -> {
-                        if (!xcp.currentToken().equals(XContentParser.Token.VALUE_NULL))
+                        if (!xcp.currentToken().equals(XContentParser.Token.VALUE_NULL)) {
                             monitorId = xcp.text()
+                        }
                     }
 
                     MONITOR_IDS_FIELD -> {

src/main/kotlin/org/opensearch/commons/alerting/model/ClusterMetricsInput.kt

@@ -45,10 +45,11 @@ data class ClusterMetricsInput(
             "Invalid URI constructed from the path and path_params inputs, or the url input."
         }
 
-        if (url.isNotEmpty() && validateFieldsNotEmpty())
+        if (url.isNotEmpty() && validateFieldsNotEmpty()) {
             require(constructedUri == constructUrlFromInputs()) {
                 "The provided URL and URI fields form different URLs."
             }
+        }
 
         require(constructedUri.host.lowercase() == SUPPORTED_HOST) {
             "Only host '$SUPPORTED_HOST' is supported."
@@ -109,7 +110,8 @@ data class ClusterMetricsInput(
         /**
          * This parse function uses [XContentParser] to parse JSON input and store corresponding fields to create a [ClusterMetricsInput] object
          */
-        @JvmStatic @Throws(IOException::class)
+        @JvmStatic
+        @Throws(IOException::class)
         fun parseInner(xcp: XContentParser): ClusterMetricsInput {
             var path = ""
             var pathParams = ""
@@ -175,17 +177,20 @@ data class ClusterMetricsInput(
         if (pathParams.isNotEmpty()) {
             pathParams = pathParams.trim('/')
             ILLEGAL_PATH_PARAMETER_CHARACTERS.forEach { character ->
-                if (pathParams.contains(character))
+                if (pathParams.contains(character)) {
                     throw IllegalArgumentException(
                         "The provided path parameters contain invalid characters or spaces. Please omit: " + ILLEGAL_PATH_PARAMETER_CHARACTERS.joinToString(" ")
                     )
+                }
             }
         }
 
-        if (apiType.requiresPathParams && pathParams.isEmpty())
+        if (apiType.requiresPathParams && pathParams.isEmpty()) {
             throw IllegalArgumentException("The API requires path parameters.")
-        if (!apiType.supportsPathParams && pathParams.isNotEmpty())
+        }
+        if (!apiType.supportsPathParams && pathParams.isNotEmpty()) {
             throw IllegalArgumentException("The API does not use path parameters.")
+        }
 
         return pathParams
     }
@@ -201,11 +206,13 @@ data class ClusterMetricsInput(
         ClusterMetricType.values()
             .filter { option -> option != ClusterMetricType.BLANK }
             .forEach { option ->
-                if (uriPath.startsWith(option.prependPath) || uriPath.startsWith(option.defaultPath))
+                if (uriPath.startsWith(option.prependPath) || uriPath.startsWith(option.defaultPath)) {
                     apiType = option
+                }
             }
-        if (apiType.isBlank())
+        if (apiType.isBlank()) {
             throw IllegalArgumentException("The API could not be determined from the provided URI.")
+        }
         return apiType
     }
 
@@ -238,12 +245,15 @@ data class ClusterMetricsInput(
      * If [path] and [pathParams] are empty, populates them with values from [url].
      */
     private fun parseEmptyFields() {
-        if (pathParams.isEmpty())
+        if (pathParams.isEmpty()) {
             pathParams = this.parsePathParams()
-        if (path.isEmpty())
+        }
+        if (path.isEmpty()) {
             path = if (pathParams.isEmpty()) clusterMetricType.defaultPath else clusterMetricType.prependPath
-        if (url.isEmpty())
+        }
+        if (url.isEmpty()) {
             url = constructedUri.toString()
+        }
     }
 
     /**

src/main/kotlin/org/opensearch/commons/alerting/model/CompositeInput.kt

@@ -12,7 +12,7 @@
 import java.io.IOException
 
 data class CompositeInput(
-    val sequence: Sequence,
+    val sequence: Sequence
 ) : WorkflowInput {
     @Throws(IOException::class)
     constructor(sin: StreamInput) : this(
@@ -53,7 +53,8 @@
 
         val XCONTENT_REGISTRY = NamedXContentRegistry.Entry(
             WorkflowInput::class.java,
-            ParseField(COMPOSITE_INPUT_FIELD), CheckedFunction { CompositeInput.parse(it) }
+            ParseField(COMPOSITE_INPUT_FIELD),
+            CheckedFunction { CompositeInput.parse(it) }
         )
 
         @JvmStatic