Skip to content

#1143: Added CPE methods to UrlUpdater #1198

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
hohwille merged 18 commits into from
Apr 7, 2025
Merged

#1143: Added CPE methods to UrlUpdater #1198

hohwille merged 18 commits into from
Apr 7, 2025

Conversation

@leonrohne27
Copy link
Contributor

@leonrohne27 leonrohne27 commented Apr 1, 2025

Part of #1143

Implements:

  • Added new methods to AbstractUrlUpdater and implemented them in concrete classes

@github-project-automation github-project-automation bot moved this to 🆕 New in IDEasy board Apr 1, 2025
@leonrohne27
Merge branch 'implement/103-add-methods-to-url-updater' into implemen…
b92b0f2 
…t/103-add-methods-to-url-updater-2

# Conflicts:
#	url-updater/src/main/java/com/devonfw/tools/ide/url/tool/helm/HelmUrlUpdater.java
@leonrohne27
#
ea10834
@coveralls
Copy link
Collaborator

coveralls commented Apr 1, 2025
edited
Loading

Pull Request Test Coverage Report for Build 14305483874

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • 137 unchanged lines in 35 files lost coverage.
  • Overall coverage decreased (-0.3%) to 67.432%
Files with Coverage Reduction New Missed Lines %
com/devonfw/tools/ide/url/tool/androidstudio/AndroidStudioUrlUpdater.java 2 90.63%
com/devonfw/tools/ide/url/tool/aws/AwsUrlUpdater.java 2 73.68%
com/devonfw/tools/ide/url/tool/az/AzureUrlUpdater.java 2 0.0%
com/devonfw/tools/ide/url/tool/docker/DockerDesktopUrlUpdater.java 2 0.0%
com/devonfw/tools/ide/url/tool/docker/DockerRancherDesktopUrlUpdater.java 2 0.0%
com/devonfw/tools/ide/url/tool/dotnet/DotNetUrlUpdater.java 2 0.0%
com/devonfw/tools/ide/url/tool/eclipse/EclipseUrlUpdater.java 2 0.0%
com/devonfw/tools/ide/url/tool/gcloud/GCloudUrlUpdater.java 2 0.0%
com/devonfw/tools/ide/url/tool/gcviewer/GcViewerUrlUpdater.java 2 0.0%
com/devonfw/tools/ide/url/tool/gh/GhUrlUpdater.java 2 0.0%
Totals Coverage Status
Change from base Build 14260626477: -0.3%
Covered Lines: 7893
Relevant Lines: 11299
💛 - Coveralls

@leonrohne27 leonrohne27 moved this from 🆕 New to Team Review in IDEasy board Apr 2, 2025
@leonrohne27 leonrohne27 marked this pull request as draft April 3, 2025 08:38
@leonrohne27 leonrohne27 marked this pull request as ready for review April 3, 2025 08:40
@leonrohne27 leonrohne27 self-assigned this Apr 3, 2025
hohwille
hohwille approved these changes Apr 4, 2025
View reviewed changes
Copy link
Member

@hohwille hohwille left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@leonrohne27 thanks for this PR. This is a good enhancement and preparation for #1143
Please note that your CPE configuration is incomplete and many other URL Updaters still use the default (getTool()) even though this is not correct.
I guess you will realise that on your way, and can then override these new methods in other URL updates in future PRs.
BTW: I did a constructive review and directly edited AbstractUrlUpdater to improve the JavaDoc.
IMHO ready for merge.

@hohwille hohwille added this to the release:2025.04.001 milestone Apr 4, 2025
@hohwille hohwille self-assigned this Apr 4, 2025
@hohwille hohwille changed the title #103: Added methods to Url Updater #103: Added CPE methods to Url Updater Apr 4, 2025
@hohwille hohwille changed the title #103: Added CPE methods to Url Updater #103: Added CPE methods to UrlUpdater Apr 4, 2025
@leonrohne27 leonrohne27 requested a review from hohwille April 4, 2025 12:28
hohwille
hohwille approved these changes Apr 7, 2025
View reviewed changes
Copy link
Member

@hohwille hohwille left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@leonrohne27 thanks for your rework. Great progress 👍

Most CPEs seems to match - e.g. for pip see https://nvd.nist.gov/vuln/detail/CVE-2023-5752#vulnConfigurationsArea or for python see https://nvd.nist.gov/vuln/detail/CVE-2024-9287#vulnConfigurationsArea or for terraform see https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&orderBy=2.3&keyword=cpe%3A2.3%3Aa%3Ahashicorp%3Aterraform&status=FINAL%2CDEPRECATED - just to show some cross-checks I did.
I also found some incorrect CPEs to update.

@leonrohne27 leonrohne27 requested a review from hohwille April 7, 2025 09:28
@hohwille hohwille changed the title #103: Added CPE methods to UrlUpdater #1143: Added CPE methods to UrlUpdater Apr 7, 2025
@hohwille hohwille merged commit d4aba53 into devonfw:main Apr 7, 2025
4 checks passed
@github-project-automation github-project-automation bot moved this from Team Review to ✅ Done in IDEasy board Apr 7, 2025
@hohwille hohwille linked an issue Apr 7, 2025 that may be closed by this pull request
CVE: create a new GitHubAction managing security.json files in ide-urls repo #1143
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@hohwille hohwille Awaiting requested review from hohwille

Assignees

@hohwille hohwille

@leonrohne27 leonrohne27

Labels

None yet

Projects

IDEasy board
Status: ✅ Done

Milestone

release:2025.04.001

Development

Successfully merging this pull request may close these issues.

CVE: create a new GitHubAction managing security.json files in ide-urls repo

3 participants

@leonrohne27 @coveralls @hohwille