feat: add secure test

tests/java/lang/apache_commons_collection/test.js

@@ -7,7 +7,16 @@ const { ruleId, ruleFile, testBase } = getEnvironment(__dirname)
 describe(ruleId, () => {
   const invoke = createNewInvoker(ruleId, ruleFile, testBase)
 
-  test("apache_commons_collection", () => {
+  test("apache_commons_collection_secure", () => {
+    const testCase = "secure/"
+
+    const results = invoke(testCase)
+
+    expect(results.Missing).toEqual([])
+    expect(results.Extra).toEqual([])
+  })
+
+  test("apache_commons_collection_insecure", () => {
     const testCase = "insecure/"
 
     const results = invoke(testCase)

tests/java/lang/apache_commons_collection/testdata/insecure/main.java

@@ -2,7 +2,7 @@
 
 public class Foo {
   public static void bad(String[] args) throws Exception {
-    // bearer:expected java_lang_apache_commons_collection
+    // ok - version 3.2.2 +
     InvokerTransformer transformer = new InvokerTransformer("exec", new Class[]{String.class}, new Object[]{"calc.exe"});
     Object result = transformer.transform(null);
   }

tests/java/lang/apache_commons_collection/testdata/secure/main.java

@@ -0,0 +1,9 @@
+import org.apache.commons.collections3;
+
+public class Foo {
+  public static void bad(String[] args) throws Exception {
+    // bearer:expected java_lang_apache_commons_collection
+    InvokerTransformer transformer = new InvokerTransformer("exec", new Class[]{String.class}, new Object[]{"calc.exe"});
+    Object result = transformer.transform(null);
+  }
+}

tests/java/lang/apache_commons_collection/testdata/secure/maven-dependencies.json

@@ -0,0 +1,10 @@
+[{
+  "groupId": "org.apache.commons",
+  "artifactId": "commons-collections3",
+  "version": "3.2.2"
+},
+{
+  "groupId": "test1",
+  "artifactId": "testartifact1",
+  "version": "1.0.beta"
+}]