Skip to content

Commit

Permalink
Fix IsOwaspSuppressionsFile assuming that the file must be named "sup…
Browse files Browse the repository at this point in the history 
…pressions.xml".

That name is a convention within Moderne, but not a default or convention anywhere else. convention
  • Loading branch information
@sambsnyd
sambsnyd committed Nov 29, 2023
1 parent da2a181 commit 9367da0
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 79 deletions.
10 changes: 4 additions & 6 deletions rewrite-xml/src/main/java/org/openrewrite/xml/security/IsOwaspSuppressionsFile.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,19 +17,16 @@

import org.openrewrite.ExecutionContext;
import org.openrewrite.Recipe;
import org.openrewrite.Tree;
import org.openrewrite.TreeVisitor;
import org.openrewrite.marker.SearchResult;
import org.openrewrite.xml.XmlIsoVisitor;
import org.openrewrite.xml.tree.Xml;

import java.nio.file.Paths;

public class IsOwaspSuppressionsFile extends Recipe {

@Override
public String getDisplayName() {
return "Find OWASP `suppressions.xml`";
return "Find OWASP vulnerability suppression XML files";
}

@Override
Expand All @@ -43,7 +40,7 @@ public TreeVisitor<?, ExecutionContext> getVisitor() {
@Override
public Xml.Document visitDocument(Xml.Document document, ExecutionContext executionContext) {
Xml.Document doc = super.visitDocument(document, executionContext);
if (!doc.getSourcePath().equals(Paths.get("suppressions.xml")) || doc.getRoot() == null) {
if (doc.getRoot() == null) {
return doc;
}
Xml.Tag root = doc.getRoot();
Expand All @@ -62,7 +59,8 @@ public Xml.Document visitDocument(Xml.Document document, ExecutionContext execut
}
}
if (isOwaspSuppressionFile) {
return doc.withRoot(doc.getRoot().withMarkers(doc.getRoot().getMarkers().addIfAbsent(new SearchResult(Tree.randomId(), "Found it"))));

return doc.withRoot(SearchResult.found(doc.getRoot()));
}
return doc;
}
Expand Down
76 changes: 3 additions & 73 deletions rewrite-xml/src/test/java/org/openrewrite/xml/security/IsOwaspSuppressionsFileTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,6 @@

import static org.openrewrite.xml.Assertions.xml;


class IsOwaspSuppressionsFileTest implements RewriteTest {

@Override
Expand Down Expand Up @@ -79,7 +78,7 @@ void addsMarkerToFilesWithCorrectXmlns() {
</suppressions>""",
"""
<?xml version="1.0" encoding="UTF-8" ?>
<!--~~(Found it)~~>--><suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
<!--~~>--><suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
<suppress>
<notes>
</notes>
Expand All @@ -105,7 +104,7 @@ void worksEvenWithoutOnePointThree() {
</suppressions>""",
"""
<?xml version="1.0" encoding="UTF-8" ?>
<!--~~(Found it)~~>--><suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.2.4.xsd">
<!--~~>--><suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.2.4.xsd">
<suppress>
<notes>
</notes>
Expand All @@ -117,23 +116,6 @@ void worksEvenWithoutOnePointThree() {
);
}

@Test
void noChangesIfNoSuppressionsFile() {
rewriteRun(
spec -> spec.cycles(1).expectedCyclesThatMakeChanges(0),
xml("""
<?xml version="1.0" encoding="UTF-8" ?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.2.4.xsd">
<suppress>
<notes>
</notes>
</suppress>
</suppressions>""",
spec -> spec.path("soppressata.xml")
)
);
}

@Test
void changesIfSuppressionsFile() {
rewriteRun(
Expand All @@ -148,59 +130,7 @@ void changesIfSuppressionsFile() {
</suppressions>""",
"""
<?xml version="1.0" encoding="UTF-8" ?>
<!--~~(Found it)~~>--><suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.2.4.xsd">
<suppress>
<notes>
</notes>
</suppress>
</suppressions>""",
spec -> spec.path("suppressions.xml")
)
);
}

@Test
void doesntChangeIfNotAtRoot() {
rewriteRun(
spec -> spec.cycles(1).expectedCyclesThatMakeChanges(0),
xml("""
<?xml version="1.0" encoding="UTF-8" ?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.2.4.xsd">
<suppress>
<notes>
</notes>
</suppress>
</suppressions>""",
spec -> spec.path("not/root/suppressions.xml")
)
);
}

@Test
void onlyChangesRoot() {
rewriteRun(
spec -> spec.cycles(1).expectedCyclesThatMakeChanges(1),
xml("""
<?xml version="1.0" encoding="UTF-8" ?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.2.4.xsd">
<suppress>
<notes>
</notes>
</suppress>
</suppressions>""",
spec -> spec.path("not/root/suppressions.xml")
),
xml("""
<?xml version="1.0" encoding="UTF-8" ?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.2.4.xsd">
<suppress>
<notes>
</notes>
</suppress>
</suppressions>""",
"""
<?xml version="1.0" encoding="UTF-8" ?>
<!--~~(Found it)~~>--><suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.2.4.xsd">
<!--~~>--><suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.2.4.xsd">
<suppress>
<notes>
</notes>
Expand Down

0 comments on commit 9367da0

Please sign in to comment.