2024 q3 integration branch (#158)

* SCA Vulnerability fixes

* Changes related to critical severity

* Upgrading client-common and setting plugin version in config

* Updating the plugin version

* Fixed bugs found in QA testing

* Updating version for QA release

---------

Co-authored-by: susmitagorai29 <[email protected]>
Co-authored-by: PravinGadankush <[email protected]>

build.gradle

@@ -1,7 +1,7 @@
 buildscript {
     repositories {
-        jcenter()
-        maven { url 'http://repo.jenkins-ci.org/releases/' }
+    	jcenter()
+    	maven { url 'http://repo.jenkins-ci.org/releases/' }
     }
     dependencies {
         classpath 'org.jenkins-ci.tools:gradle-jpi-plugin:0.35.0',
@@ -18,7 +18,7 @@ apply plugin: 'project-report'
 apply plugin: 'org.jenkins-ci.jpi'
 apply plugin: 'nebula.provided-base'
 
-repositories {
+repositories {	
 	jcenter()
     mavenLocal()        // Use this to load a custom build of Common Client from a local Maven repo.
     maven { url 'http://repo.jenkins-ci.org/releases/' }
@@ -53,7 +53,7 @@ dependencies {
     }
 
 
-    compile ('com.checkmarx:cx-client-common:2024.2.3') {
+    compile ('com.checkmarx:cx-client-common:2024.3.28') {
 
        exclude group: 'org.yaml' , module: 'snakeyaml'
        exclude group: 'com.google.code.gson', module: 'gson'
@@ -62,7 +62,23 @@ dependencies {
        exclude group: 'com.google.guava', module: 'guava'
        exclude group: 'commons-collections', module: 'commons-collections'
        exclude group: 'io.netty', module: 'netty-codec-http'
-       exclude group: 'org.apache.commons', module: 'commons-compress' 
+       exclude group: 'org.apache.commons', module: 'commons-compress'
+       exclude group: 'io.vertx', module: 'vertx-core'
+       exclude group: 'org.mozilla', module: 'rhino'
+       exclude group: 'io.netty', module: 'netty-common'
+       exclude group: 'io.netty', module: 'netty-buffer'
+       exclude group: 'io.netty', module: 'netty-transport'
+       exclude group: 'io.netty', module: 'netty-resolver'
+       exclude group: 'io.netty', module: 'netty-handler'
+       exclude group: 'io.netty', module: 'netty-transport-native-unix-common'
+       exclude group: 'io.netty', module: 'netty-codec'
+       exclude group: 'io.netty', module: 'netty-handler-proxy'
+       exclude group: 'io.netty', module: 'netty-codec-socks'
+       exclude group: 'io.netty', module: 'netty-codec-http2'
+       exclude group: 'io.netty', module: 'netty-resolver-dns'
+       exclude group: 'io.netty', module: 'netty-codec-dns'
+       exclude group: 'org.iq80.snappy', module: 'snappy'
+       exclude group: 'org.codehaus.plexus', module: 'plexus-utils' 
     }
 
     compile 'com.fasterxml.jackson.core:jackson-core:2.11.3',
@@ -74,12 +90,29 @@ dependencies {
             'org.apache.logging.log4j:log4j-slf4j-impl:2.17.1',
             'org.apache.logging.log4j:log4j-api:2.17.1',
             'org.apache.logging.log4j:log4j-core:2.17.1',
-            'org.apache.commons:commons-compress:1.26.0',          
+            'org.apache.commons:commons-compress:1.27.0',          
             'com.google.code.gson:gson:2.8.9',           
             'org.yaml:snakeyaml:2.2',
             'org.json:json:20231013',
             'org.eclipse.jgit:org.eclipse.jgit:6.8.0.202311291450-r',
-            'com.google.guava:guava:32.1.1-jre' 
+            'com.google.guava:guava:32.1.1-jre',
+            'io.vertx:vertx-core:4.5.9',
+            'org.mozilla:rhino:1.7.15',
+            'javax.annotation:javax.annotation-api:1.3.2',
+            'io.netty:netty-common:4.1.112.Final',
+            'io.netty:netty-buffer:4.1.112.Final',
+            'io.netty:netty-transport:4.1.112.Final',
+            'io.netty:netty-resolver:4.1.112.Final',
+            'io.netty:netty-handler:4.1.112.Final',
+            'io.netty:netty-transport-native-unix-common:4.1.112.Final',
+            'io.netty:netty-codec:4.1.112.Final',
+            'io.netty:netty-handler-proxy:4.1.112.Final',
+            'io.netty:netty-codec-socks:4.1.112.Final',
+            'io.netty:netty-codec-http2:4.1.112.Final',
+            'io.netty:netty-resolver-dns:4.1.112.Final',
+            'io.netty:netty-codec-dns:4.1.112.Final',
+            'org.codehaus.plexus:plexus-utils:3.5.1',
+            'org.iq80.snappy:snappy:0.5'
 
             constraints {
                 implementation('io.vertx:vertx-web:3.9.7') {

gradle.properties

@@ -1,6 +1,6 @@
 description = Provides automatic scan of code by Checkmarx server and shows results summary and trend in Jenkins interface.
 group = com.checkmarx.jenkins
-version = 2024.2.3
+version = 2024.3.2
 
 repositoryVersion=
 

src/main/java/com/checkmarx/jenkins/CommonClientFactory.java

@@ -20,6 +20,9 @@ static LegacyClient getInstance(CxConnectionDetails connDetails,
                 Aes.decrypt(connDetails.getPassword(), connDetails.getUsername()),
                 SCAN_ORIGIN,
                 !enableCertificateValidation);
+
+        //setting plugin version to be added in api request headers
+        scanConfig.setPluginVersion(CxConfig.version());
 
         if (connDetails.isProxy()) {
             scanConfig.setProxyConfig(ProxyHelper.getProxyConfig());

src/main/java/com/checkmarx/jenkins/CxProjectResult.java

@@ -185,6 +185,7 @@ private CategoryDataset buildDataSet(StaplerRequest req) {
             // In this case we generate an empty graph
             DataSetBuilder<CxResultSeverity, String> dsb = new DataSetBuilder<CxResultSeverity, String>();
 
+            dsb.add(0, CxResultSeverity.CRITICAL, "0");
             dsb.add(0, CxResultSeverity.HIGH, "0");
             dsb.add(0, CxResultSeverity.MEDIUM, "0");
             dsb.add(0, CxResultSeverity.LOW, "0");
@@ -194,7 +195,8 @@ private CategoryDataset buildDataSet(StaplerRequest req) {
             DataSetBuilder<CxResultSeverity, ChartUtil.NumberOnlyBuildLabel> dsb = new DataSetBuilder<CxResultSeverity, ChartUtil.NumberOnlyBuildLabel>();
 
             for (CxScanResult a = lastBuildAction; a != null; a = a.getPreviousResult()) {
-                dsb.add(a.getHighCount(), CxResultSeverity.HIGH, new ChartUtil.NumberOnlyBuildLabel((Run<?, ?>) a.owner));
+            	dsb.add(a.getCriticalCount(), CxResultSeverity.CRITICAL, new ChartUtil.NumberOnlyBuildLabel((Run<?, ?>) a.owner));
+            	dsb.add(a.getHighCount(), CxResultSeverity.HIGH, new ChartUtil.NumberOnlyBuildLabel((Run<?, ?>) a.owner));
                 dsb.add(a.getMediumCount(), CxResultSeverity.MEDIUM, new ChartUtil.NumberOnlyBuildLabel((Run<?, ?>) a.owner));
                 dsb.add(a.getLowCount(), CxResultSeverity.LOW, new ChartUtil.NumberOnlyBuildLabel((Run<?, ?>) a.owner));
             }
@@ -250,9 +252,10 @@ public String generateURL(CategoryDataset dataset, int row, int column) {
             }
         };
         plot.setRenderer(ar);
-        ar.setSeriesPaint(0, new Color(246, 0, 22)); // high.
-        ar.setSeriesPaint(1, new Color(249, 167, 16)); // medium.
-        ar.setSeriesPaint(2, new Color(254, 255, 3)); // low.
+        ar.setSeriesPaint(0, new Color(246, 0, 22).darker()); // critical.
+        ar.setSeriesPaint(1, new Color(246, 0, 22)); // high.
+        ar.setSeriesPaint(2, new Color(249, 167, 16)); // medium.
+        ar.setSeriesPaint(3, new Color(254, 255, 3)); // low.
 
         // crop extra space around the graph
         plot.setInsets(new RectangleInsets(0, 0, 0, 5.0));

src/main/java/com/checkmarx/jenkins/CxResultSeverity.java

@@ -4,7 +4,8 @@
  * This class represents the severity of a result in a scan report
  */
 public enum  CxResultSeverity {
-    HIGH("High","3"),
+	CRITICAL("Critical","4"),
+	HIGH("High","3"),
     MEDIUM("Medium","2"),
     LOW("Low","1"),
     INFO("Info","0");