From e45de88cc1d718ad07d4121bfae0f5d41e8d395f Mon Sep 17 00:00:00 2001 From: Gary O'Neall Date: Mon, 2 Sep 2024 15:24:43 -0700 Subject: [PATCH 1/4] Add dependency-track to POM file Signed-off-by: Gary O'Neall --- pom.xml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/pom.xml b/pom.xml index 2d3e0ea..19685df 100644 --- a/pom.xml +++ b/pom.xml @@ -47,6 +47,7 @@ https://sonarcloud.io spdx spdx-java-core + 8.0.1 @@ -116,6 +117,11 @@ + + org.owasp + dependency-check-maven + ${dependency-check-maven.version} + From 748e769335370fc815fe42e1a85a236f00554630 Mon Sep 17 00:00:00 2001 From: Gary O'Neall Date: Mon, 2 Sep 2024 15:24:56 -0700 Subject: [PATCH 2/4] More fixes for issues found in SonarCloud Signed-off-by: Gary O'Neall --- .../java/org/spdx/core/CoreModelObject.java | 6 +-- .../java/org/spdx/core/DefaultModelStore.java | 8 +-- .../java/org/spdx/core/ModelCollection.java | 16 +++--- .../java/org/spdx/core/ModelRegistry.java | 2 +- src/main/java/org/spdx/core/ModelSet.java | 4 +- .../org/spdx/core/RuntimeSpdxException.java | 54 +++++++++++++++++++ .../java/org/spdx/core/SimpleUriValue.java | 2 +- .../TestLicenseTemplateRule.java | 32 ----------- .../TestSpdxLicenseTemplateHelper.java | 31 ----------- .../java/org/spdx/storage/MockModelStore.java | 8 +-- 10 files changed, 77 insertions(+), 86 deletions(-) create mode 100644 src/main/java/org/spdx/core/RuntimeSpdxException.java diff --git a/src/main/java/org/spdx/core/CoreModelObject.java b/src/main/java/org/spdx/core/CoreModelObject.java index e36a0df..62d0bb9 100644 --- a/src/main/java/org/spdx/core/CoreModelObject.java +++ b/src/main/java/org/spdx/core/CoreModelObject.java @@ -78,7 +78,7 @@ public abstract class CoreModelObject { static final String PROPERTY_MSG = "Property "; - private static final String ATTEMPTING_EXTERNAL_MSG = "Attempting to set {0} for an external model object"; + private static final String ATTEMPTING_EXTERNAL_MSG = "Attempting to set {} for an external model object"; protected IModelStore modelStore; protected String objectUri; protected String specVersion; @@ -862,7 +862,7 @@ public CoreModelObject clone(IModelStore modelStore) { retval.copyFrom(this); return retval; } catch (InvalidSPDXAnalysisException e) { - throw new RuntimeException(e); + throw new RuntimeSpdxException(e); } } @@ -992,7 +992,7 @@ public boolean isStrict() { /** * @return the version of the SPDX specification this object complies with */ - public String getSpecVersion() throws InvalidSPDXAnalysisException { + public String getSpecVersion() { return this.specVersion; } diff --git a/src/main/java/org/spdx/core/DefaultModelStore.java b/src/main/java/org/spdx/core/DefaultModelStore.java index 257c7f7..b8821c1 100644 --- a/src/main/java/org/spdx/core/DefaultModelStore.java +++ b/src/main/java/org/spdx/core/DefaultModelStore.java @@ -33,7 +33,7 @@ */ public class DefaultModelStore { - static IModelStore defaultModelStore = null; + static IModelStore defaultStore = null; static String defaultDocumentUri = "http://www.spdx.org/documents/default_doc_uri_for_SPDX_tools"; static IModelCopyManager defaultCopyManager = null; static final String NOT_INITIALIZED_MSG = "Default model store has not been initialized"; @@ -50,10 +50,10 @@ private DefaultModelStore() { public static IModelStore getDefaultModelStore() throws DefaultStoreNotInitialized { lock.readLock().lock(); try { - if (Objects.isNull(defaultModelStore)) { + if (Objects.isNull(defaultStore)) { throw new DefaultStoreNotInitialized(NOT_INITIALIZED_MSG); } - return defaultModelStore; + return defaultStore; } finally { lock.readLock().unlock(); } @@ -88,7 +88,7 @@ public static final void initialize(IModelStore newModelStore, String newDefault Objects.requireNonNull(newDefaultCopyManager, "Copy manager can not be null"); lock.writeLock().lock(); try { - defaultModelStore = newModelStore; + defaultStore = newModelStore; defaultDocumentUri = newDefaultDocumentUri; defaultCopyManager = newDefaultCopyManager; } finally { diff --git a/src/main/java/org/spdx/core/ModelCollection.java b/src/main/java/org/spdx/core/ModelCollection.java index 66387a3..624f1e0 100644 --- a/src/main/java/org/spdx/core/ModelCollection.java +++ b/src/main/java/org/spdx/core/ModelCollection.java @@ -120,7 +120,7 @@ public int size() { try { return this.modelStore.collectionSize(objectUri, this.propertyDescriptor); } catch (InvalidSPDXAnalysisException e) { - throw new RuntimeException(e); + throw new RuntimeSpdxException(e); } } @@ -129,7 +129,7 @@ public boolean isEmpty() { try { return this.modelStore.collectionSize(objectUri, this.propertyDescriptor) == 0; } catch (InvalidSPDXAnalysisException e) { - throw new RuntimeException(e); + throw new RuntimeSpdxException(e); } } @@ -145,7 +145,7 @@ public boolean contains(Object o) { return this.modelStore.collectionContains( objectUri, this.propertyDescriptor, storedObject); } catch (InvalidSPDXAnalysisException e) { - throw new RuntimeException(e); + throw new RuntimeSpdxException(e); } } @@ -169,7 +169,7 @@ private Object checkConvertTypedValue(Object value) { } return retval; } catch (InvalidSPDXAnalysisException e) { - throw new RuntimeException(e); + throw new RuntimeSpdxException(e); } } @@ -195,7 +195,7 @@ public Iterator iterator() { return new ModelCollectionIterator( modelStore.listValues(objectUri, propertyDescriptor)); } catch (InvalidSPDXAnalysisException e) { - throw new RuntimeException(e); + throw new RuntimeSpdxException(e); } } @@ -216,7 +216,7 @@ public boolean add(Object element) { objectUri, propertyDescriptor, ModelObjectHelper.modelObjectToStoredObject(element, modelStore, copyManager, idPrefix)); } catch (InvalidSPDXAnalysisException e) { - throw new RuntimeException(e); + throw new RuntimeSpdxException(e); } } @@ -226,7 +226,7 @@ public boolean remove(Object element) { return modelStore.removeValueFromCollection(objectUri, propertyDescriptor, ModelObjectHelper.modelObjectToStoredObject(element, modelStore, null, null)); } catch (InvalidSPDXAnalysisException e) { - throw new RuntimeException(e); + throw new RuntimeSpdxException(e); } } @@ -276,7 +276,7 @@ public void clear() { try { modelStore.clearValueCollection(objectUri, propertyDescriptor); } catch (InvalidSPDXAnalysisException e) { - throw new RuntimeException(e); + throw new RuntimeSpdxException(e); } } diff --git a/src/main/java/org/spdx/core/ModelRegistry.java b/src/main/java/org/spdx/core/ModelRegistry.java index 7c0150e..3f30ad2 100644 --- a/src/main/java/org/spdx/core/ModelRegistry.java +++ b/src/main/java/org/spdx/core/ModelRegistry.java @@ -43,7 +43,7 @@ public class ModelRegistry { * Private constructor - singleton class */ private ModelRegistry() { - // Nothing really todo here + // Nothing really to be done here } public static ModelRegistry getModelRegistry() { diff --git a/src/main/java/org/spdx/core/ModelSet.java b/src/main/java/org/spdx/core/ModelSet.java index 37be927..1952925 100644 --- a/src/main/java/org/spdx/core/ModelSet.java +++ b/src/main/java/org/spdx/core/ModelSet.java @@ -62,7 +62,7 @@ public boolean add(Object element) { try { lock = this.getModelStore().enterCriticalSection(false); } catch (InvalidSPDXAnalysisException e) { - throw new RuntimeException(e); + throw new RuntimeSpdxException(e); } try { if (!super.contains(element)) { @@ -82,7 +82,7 @@ public boolean addAll(Collection c) { try { lock = this.getModelStore().enterCriticalSection(false); } catch (InvalidSPDXAnalysisException e) { - throw new RuntimeException(e); + throw new RuntimeSpdxException(e); } try { boolean retval = false; diff --git a/src/main/java/org/spdx/core/RuntimeSpdxException.java b/src/main/java/org/spdx/core/RuntimeSpdxException.java new file mode 100644 index 0000000..bd9ef56 --- /dev/null +++ b/src/main/java/org/spdx/core/RuntimeSpdxException.java @@ -0,0 +1,54 @@ +/** + * SPDX-License-Identifier: Apache-2.0 + * Copyright (c) 2024 Source Auditor Inc. + */ +package org.spdx.core; + +/** + * Runtime Exception wrapper for SPDX exceptions (cause field) + * + * @author Gary O'Neall + * + */ +public class RuntimeSpdxException extends RuntimeException { + + + /** + * + */ + private static final long serialVersionUID = 1L; + + /** + * @param message exception message + */ + public RuntimeSpdxException(String message) { + super(message); + } + + /** + * @param cause SPDX analysis cause + */ + public RuntimeSpdxException(InvalidSPDXAnalysisException cause) { + super(cause); + } + + /** + * @param message exception message + * @param cause SPDX analysis cause + */ + public RuntimeSpdxException(String message, InvalidSPDXAnalysisException cause) { + super(message, cause); + } + + /** + * @param message exception message + * @param cause SPDX analysis cause + * @param enableSuppression + * @param writableStackTrace + */ + public RuntimeSpdxException(String message, Throwable cause, + boolean enableSuppression, boolean writableStackTrace) { + super(message, cause, enableSuppression, writableStackTrace); + } + +} diff --git a/src/main/java/org/spdx/core/SimpleUriValue.java b/src/main/java/org/spdx/core/SimpleUriValue.java index 1bfbcf3..e4686ec 100644 --- a/src/main/java/org/spdx/core/SimpleUriValue.java +++ b/src/main/java/org/spdx/core/SimpleUriValue.java @@ -113,7 +113,7 @@ public Object toModelObject(IModelStore store, IModelCopyManager copyManager, } else { retval = ModelRegistry.getModelRegistry().getExternalElement(store, uri, copyManager, type, specVersion); if (Objects.isNull(retval)) { - logger.warn("{0} does not match an enum, individual, or external pattern", this.getIndividualURI()); + logger.warn("{} does not match an enum, individual, or external pattern", this.getIndividualURI()); retval = this; } } diff --git a/src/test/java/org/spdx/licenseTemplate/TestLicenseTemplateRule.java b/src/test/java/org/spdx/licenseTemplate/TestLicenseTemplateRule.java index a568f8d..918ceb8 100644 --- a/src/test/java/org/spdx/licenseTemplate/TestLicenseTemplateRule.java +++ b/src/test/java/org/spdx/licenseTemplate/TestLicenseTemplateRule.java @@ -16,13 +16,8 @@ */ package org.spdx.licenseTemplate; - import static org.junit.Assert.*; -import org.junit.After; -import org.junit.AfterClass; -import org.junit.Before; -import org.junit.BeforeClass; import org.junit.Test; import org.spdx.licenseTemplate.LicenseTemplateRule.RuleType; @@ -38,33 +33,6 @@ public class TestLicenseTemplateRule { static final String RULE_ORIGINAL = "Copyright (c) \nAll rights reserved."; static final String RULE_MATCH = "Copyright \\(c\\) .+All rights reserved."; static final String RULE_EXAMPLE = "Copyright (C) 2013 John Doe\nAll rights reserved."; - /** - * @throws java.lang.Exception - */ - @BeforeClass - public static void setUpBeforeClass() throws Exception { - } - - /** - * @throws java.lang.Exception - */ - @AfterClass - public static void tearDownAfterClass() throws Exception { - } - - /** - * @throws java.lang.Exception - */ - @Before - public void setUp() throws Exception { - } - - /** - * @throws java.lang.Exception - */ - @After - public void tearDown() throws Exception { - } @Test public void testparseLicenseTemplateRule() throws LicenseTemplateRuleException { diff --git a/src/test/java/org/spdx/licenseTemplate/TestSpdxLicenseTemplateHelper.java b/src/test/java/org/spdx/licenseTemplate/TestSpdxLicenseTemplateHelper.java index db14009..12be38b 100644 --- a/src/test/java/org/spdx/licenseTemplate/TestSpdxLicenseTemplateHelper.java +++ b/src/test/java/org/spdx/licenseTemplate/TestSpdxLicenseTemplateHelper.java @@ -18,10 +18,6 @@ import static org.junit.Assert.*; -import org.junit.After; -import org.junit.AfterClass; -import org.junit.Before; -import org.junit.BeforeClass; import org.junit.Test; import org.spdx.licenseTemplate.LicenseTemplateRule.RuleType; @@ -121,33 +117,6 @@ public void completeParsing() { ";original=original;match=.+this>>"+ "<>"+PARSE_OPTIONAL_TEXT+"<>"; - /** - * @throws java.lang.Exception - */ - @BeforeClass - public static void setUpBeforeClass() throws Exception { - } - - /** - * @throws java.lang.Exception - */ - @AfterClass - public static void tearDownAfterClass() throws Exception { - } - - /** - * @throws java.lang.Exception - */ - @Before - public void setUp() throws Exception { - } - - /** - * @throws java.lang.Exception - */ - @After - public void tearDown() throws Exception { - } /** * Test method for {@link org.spdx.licenseTemplate.SpdxLicenseTemplateHelper#templateTextToHtml(java.lang.String)}. diff --git a/src/test/java/org/spdx/storage/MockModelStore.java b/src/test/java/org/spdx/storage/MockModelStore.java index 99e1377..59df880 100644 --- a/src/test/java/org/spdx/storage/MockModelStore.java +++ b/src/test/java/org/spdx/storage/MockModelStore.java @@ -36,14 +36,14 @@ public class MockModelStore implements IModelStore { @Override public void unlock() { - + // ignore - nothing to do } }; @Override public void close() throws Exception { - + // ignore - nothing to do } @Override @@ -104,7 +104,7 @@ public IModelStoreLock enterCriticalSection(boolean readLockRequested) @Override public void leaveCriticalSection(IModelStoreLock lock) { - + // ignore - nothing to do } @Override @@ -207,7 +207,7 @@ public Optional getTypedValue(String objectUri) @Override public void delete(String objectUri) throws InvalidSPDXAnalysisException { - + // ignore - nothing to do } @Override From 07ce4c92a0d1be401a6fbb880c4d622b4c47192d Mon Sep 17 00:00:00 2001 From: Gary O'Neall Date: Mon, 2 Sep 2024 15:50:11 -0700 Subject: [PATCH 3/4] Update POM file for new sonarcloud project and add badges Signed-off-by: Gary O'Neall --- README.md | 4 ++++ pom.xml | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 1162a2f..e39e1c5 100644 --- a/README.md +++ b/README.md @@ -8,6 +8,10 @@ Please refer to the [Spdx-Java-Library](https://github.com/spdx/spdx-java-Librar Contributions are welcome. See [CONTRIBUTING.md](CONTRIBUTING.md). +# Code quality badges + +| [![Bugs](https://sonarcloud.io/api/project_badges/measure?project=spdx-java-core&metric=bugs)](https://sonarcloud.io/dashboard?id=spdx-java-core) | [![Security Rating](https://sonarcloud.io/api/project_badges/measure?project=spdx-java-core&metric=security_rating)](https://sonarcloud.io/dashboard?id=spdx-java-core) | [![Maintainability Rating](https://sonarcloud.io/api/project_badges/measure?project=spdx-java-core&metric=sqale_rating)](https://sonarcloud.io/dashboard?id=spdx-java-core) | [![Technical Debt](https://sonarcloud.io/api/project_badges/measure?project=spdx-java-core&metric=sqale_index)](https://sonarcloud.io/dashboard?id=spdx-java-core) | + ## Overall Architecture The primary class in the core library is the CoreModelObject. All SPDX model classes inherit this class. It contains several useful functions including the ability to compare to other CoreModelObjects, add/remove properties, and manage collections. diff --git a/pom.xml b/pom.xml index 19685df..28ba18d 100644 --- a/pom.xml +++ b/pom.xml @@ -45,7 +45,7 @@ UTF-8 1675930644 https://sonarcloud.io - spdx + spdx-1 spdx-java-core 8.0.1 From fa67c38046d1452b2a00b77f1b92e42645b96d69 Mon Sep 17 00:00:00 2001 From: Gary O'Neall Date: Mon, 2 Sep 2024 16:08:49 -0700 Subject: [PATCH 4/4] Additional sonarcloud fixes Signed-off-by: Gary O'Neall --- .../java/org/spdx/core/CoreModelObject.java | 24 ++++++++----------- .../java/org/spdx/core/ModelCollection.java | 5 ++-- 2 files changed, 12 insertions(+), 17 deletions(-) diff --git a/src/main/java/org/spdx/core/CoreModelObject.java b/src/main/java/org/spdx/core/CoreModelObject.java index 62d0bb9..113afc0 100644 --- a/src/main/java/org/spdx/core/CoreModelObject.java +++ b/src/main/java/org/spdx/core/CoreModelObject.java @@ -357,10 +357,9 @@ public void setPropertyValue(PropertyDescriptor propertyDescriptor, @Nullable Ob * @return an update which can be applied by invoking the apply method */ public ModelUpdate updatePropertyValue(PropertyDescriptor propertyDescriptor, Object value) { - return () ->{ + return () -> ModelObjectHelper.setPropertyValue(this.modelStore, objectUri, propertyDescriptor, value, copyManager, idPrefix); - }; } /** @@ -476,9 +475,8 @@ public void removeProperty(PropertyDescriptor propertyDescriptor) throws Invalid * @return an update which can be applied by invoking the apply method */ public ModelUpdate updateRemoveProperty(PropertyDescriptor propertyDescriptor) { - return () -> { + return () -> ModelObjectHelper.removeProperty(modelStore, objectUri, propertyDescriptor); - }; } /** @@ -499,9 +497,8 @@ public void clearValueCollection(PropertyDescriptor propertyDescriptor) throws I * @return an update which can be applied by invoking the apply method */ public ModelUpdate updateClearValueCollection(PropertyDescriptor propertyDescriptor) { - return () ->{ + return () -> ModelObjectHelper.clearValueCollection(modelStore, objectUri, propertyDescriptor); - }; } /** @@ -528,10 +525,9 @@ public void addPropertyValueToCollection(PropertyDescriptor propertyDescriptor, * @return an update which can be applied by invoking the apply method */ public ModelUpdate updateAddPropertyValueToCollection(PropertyDescriptor propertyDescriptor, Object value) { - return () ->{ + return () -> ModelObjectHelper.addValueToCollection(modelStore, objectUri, propertyDescriptor, value, copyManager, idPrefix); - }; } /** @@ -555,9 +551,8 @@ public void removePropertyValueFromCollection(PropertyDescriptor propertyDescrip * @return an update which can be applied by invoking the apply method */ public ModelUpdate updateRemovePropertyValueFromCollection(PropertyDescriptor propertyDescriptor, Object value) { - return () -> { + return () -> ModelObjectHelper.removePropertyValueFromCollection(modelStore, objectUri, propertyDescriptor, value); - }; } /** @@ -565,7 +560,7 @@ public ModelUpdate updateRemovePropertyValueFromCollection(PropertyDescriptor pr * @return Set of values associated with a property */ public ModelSet getObjectPropertyValueSet(PropertyDescriptor propertyDescriptor, Class type) throws InvalidSPDXAnalysisException { - return new ModelSet(this.modelStore, this.objectUri, propertyDescriptor, + return new ModelSet<>(this.modelStore, this.objectUri, propertyDescriptor, this.copyManager, type, specVersion, idPrefix); } @@ -574,7 +569,7 @@ public ModelSet getObjectPropertyValueSet(PropertyDescriptor propertyDescript * @return Collection of values associated with a property */ public ModelCollection getObjectPropertyValueCollection(PropertyDescriptor propertyDescriptor, Class type) throws InvalidSPDXAnalysisException { - return new ModelCollection(this.modelStore, this.objectUri, propertyDescriptor, + return new ModelCollection<>(this.modelStore, this.objectUri, propertyDescriptor, this.copyManager, type, specVersion, idPrefix); } @@ -615,7 +610,7 @@ public boolean equivalent(CoreModelObject compare, boolean ignoreRelatedElements return false; } List propertyValueDescriptors = getPropertyValueDescriptors(); - List comparePropertyValueDescriptors = new ArrayList(compare.getPropertyValueDescriptors()); // create a copy since we're going to modify it + List comparePropertyValueDescriptors = new ArrayList<>(compare.getPropertyValueDescriptors()); // create a copy since we're going to modify it for (PropertyDescriptor propertyDescriptor:propertyValueDescriptors) { if (ignoreRelatedElements && isRelatedElement(propertyDescriptor)) { continue; @@ -991,8 +986,9 @@ public boolean isStrict() { /** * @return the version of the SPDX specification this object complies with + * @throws InvalidSPDXAnalysisException - this is here just for compatibility with overriden methods */ - public String getSpecVersion() { + public String getSpecVersion() throws InvalidSPDXAnalysisException { return this.specVersion; } diff --git a/src/main/java/org/spdx/core/ModelCollection.java b/src/main/java/org/spdx/core/ModelCollection.java index 624f1e0..75dcdf0 100644 --- a/src/main/java/org/spdx/core/ModelCollection.java +++ b/src/main/java/org/spdx/core/ModelCollection.java @@ -176,9 +176,8 @@ private Object checkConvertTypedValue(Object value) { /** * Converts any typed or individual value objects to a ModelObject */ - private UnaryOperator checkConvertTypedValue = value -> { - return checkConvertTypedValue(value); - }; + + private UnaryOperator checkConvertTypedValue = ModelCollection.this::checkConvertTypedValue; /** * @return a list of objects for the model collection