From b16bc668ec7b0cd34f80b26bf78c7ec9d8177f79 Mon Sep 17 00:00:00 2001 From: Nariman Abdullin Date: Mon, 31 Jul 2023 15:58:39 +0300 Subject: [PATCH 1/5] Readme.MD ### What's done: - fixed javadocs - added a stub for README.md --- README.md | 116 +++++++++++++++++- .../buildutils/PublishingConfiguration.kt | 4 +- .../osv4k/OsvSchemaJacksonJavaTestUtil.java | 1 - 3 files changed, 118 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 427c985..363bd8d 100644 --- a/README.md +++ b/README.md @@ -1 +1,115 @@ -# osv4k \ No newline at end of file +# osv4k + +[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT) +[![GitHub release](https://img.shields.io/github/release/saveourtool/osv4k.svg)](https://github.com/saveourtool/osv4k/releases/) +[![Maven Central](https://img.shields.io/maven-central/v/com.saveourtool.osv4k/osv4k.svg)](https://search.maven.org/#search%7Cga%7C1%7Cg%3A%22com.saveourtool.osv4k%22) +[![javadoc](https://javadoc.io/badge2/com.saveourtool.osv4k/osv4k/javadoc.svg)](https://javadoc.io/doc/com.saveourtool.osv4k/osv4k) +[![Build](https://github.com/saveourtool/osv4k/actions/workflows/build.yml/badge.svg?branch=main)](https://github.com/saveourtool/osv4k/actions/workflows/build.yml?query=branch%3Amain) +[![Dependencies](https://github.com/saveourtool/osv4k/actions/workflows/dependencies.yml/badge.svg?branch=main)](https://github.com/saveourtool/osv4k/actions/workflows/dependencies.yml?query=branch%3Amain) + +_Kotlin_ model for [OSV](https://ossf.github.io/osv-schema/) Schema. + +This library is inspired by the tool [detekt/sarif4k](https://github.com/detekt/sarif4k). + +See the [project website](https://saveourtool.github.io/osv4k/) for documentation and APIs. + +## Features + +- Support [_Kotlin Multiplatform_](https://kotlinlang.org/docs/multiplatform.html): _jvm_, _js_, _linuxX64_/_mingwX64_/_macosX64_. +- Support [_KotlinX Serialization_](https://github.com/Kotlin/kotlinx.serialization). +- Support [_Jackson annotations_](https://github.com/FasterXML/jackson-annotations) for _jvm_ target. + +## Releases + +The latest release is available from both _GitHub Packages_ and _Maven Central_. +For _GitHub Packages_, the repository can be added as follows. + +For `build.gradle.kts`: + +```kotlin +repositories { + maven { + name = "saveourtool/osv4k" + url = uri("https://maven.pkg.github.com/saveourtool/osv4k") + content { + includeGroup("com.saveourtool.osv4k") + } + credentials { + username = project.findProperty("gpr.user") as String? ?: System.getenv("GITHUB_ACTOR") + password = project.findProperty("gpr.key") as String? ?: System.getenv("GITHUB_TOKEN") + } + } +} +``` + +For `settings.gradle.kts`: + +```kotlin +dependencyResolutionManagement { + repositories { + maven { + name = "saveourtool/osv4k" + url = uri("https://maven.pkg.github.com/saveourtool/osv4k") + content { + includeGroup("com.saveourtool.osv4k") + } + credentials { + username = providers.gradleProperty("gpr.user").orNull + ?: System.getenv("GITHUB_ACTOR") + password = providers.gradleProperty("gpr.key").orNull + ?: System.getenv("GITHUB_TOKEN") + } + } + } +} +``` + +Then add the dependency as usual: + - Gradle + ```kotlin + dependencies { + implementation("com.saveourtool.osv4k:osv4k:1.0.0") + } + ``` + - Maven + ```xml + + com.saveourtool.osv4k + osv4k-jvm + 1.0.0 + + ``` + +## Usage +### Kotlin using _Kotlinx Serialization_: + +```kotlin +import com.saveourtool.osv4k.* +import java.nio.file.Path +import kotlin.io.path.readText +import kotlinx.serialization.json.Json + +fun readFromFile(pathToFile: Path) { + val content = pathToFile.readText() + val schema: RawOsvSchema = Json.decodeFromString(content) + // do something with RawOsvSchema +} +``` + +### Java using _Jackson Annotations_: + +```java +import com.fasterxml.jackson.databind.ObjectMapper; + +import java.nio.file.Files; +import java.nio.file.Path; + +class Test { + private static final ObjectMapper objectMapper = new ObjectMapper(); + + static void readFromFile(final Path pathToFile) { + final OsvSchema result = objectMapper.readValue(pathToFile.toFile(), OsvSchema.class); + // do something with OsvSchema + } +} +``` diff --git a/buildSrc/src/main/kotlin/com/saveourtool/osv4k/buildutils/PublishingConfiguration.kt b/buildSrc/src/main/kotlin/com/saveourtool/osv4k/buildutils/PublishingConfiguration.kt index 9f59f4b..0322250 100644 --- a/buildSrc/src/main/kotlin/com/saveourtool/osv4k/buildutils/PublishingConfiguration.kt +++ b/buildSrc/src/main/kotlin/com/saveourtool/osv4k/buildutils/PublishingConfiguration.kt @@ -31,6 +31,7 @@ import org.gradle.nativeplatform.platform.internal.DefaultNativePlatform import org.gradle.plugins.signing.Sign import org.gradle.plugins.signing.SigningExtension import org.gradle.plugins.signing.SigningPlugin +import org.jetbrains.dokka.gradle.DokkaPlugin /** * Configures all aspects of the publishing process. @@ -139,11 +140,12 @@ fun Project.configureGitHubPublishing() { */ @Suppress("TOO_LONG_FUNCTION") fun Project.configurePublications() { + apply() @Suppress("GENERIC_VARIABLE_WRONG_DECLARATION") val dokkaJarProvider = tasks.register("dokkaJar") { group = "documentation" archiveClassifier.set("javadoc") - from(tasks.findByName("dokkaHtml")) + from(tasks.named("dokkaHtml")) } configure { publications.withType().configureEach { diff --git a/src/jvmTest/java/com/saveourtool/osv4k/OsvSchemaJacksonJavaTestUtil.java b/src/jvmTest/java/com/saveourtool/osv4k/OsvSchemaJacksonJavaTestUtil.java index a52e265..6885575 100644 --- a/src/jvmTest/java/com/saveourtool/osv4k/OsvSchemaJacksonJavaTestUtil.java +++ b/src/jvmTest/java/com/saveourtool/osv4k/OsvSchemaJacksonJavaTestUtil.java @@ -1,6 +1,5 @@ package com.saveourtool.osv4k; -import com.fasterxml.jackson.annotation.JsonInclude; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.core.util.DefaultPrettyPrinter; import com.fasterxml.jackson.databind.ObjectMapper; From 6acd4529ea1f7ebaf0ca95ccc223831813ebc767 Mon Sep 17 00:00:00 2001 From: Nariman Abdullin Date: Mon, 31 Jul 2023 16:40:33 +0300 Subject: [PATCH 2/5] added a note about generic types --- README.md | 23 +++++++++++++++++++ .../kotlin/com/saveourtool/osv4k/OsvSchema.kt | 6 ++++- 2 files changed, 28 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 363bd8d..bf28378 100644 --- a/README.md +++ b/README.md @@ -80,6 +80,29 @@ Then add the dependency as usual: ``` +## Database and ecosystem specific fields + +_OSV Schema_ has extensions points for database and ecosystem specific fields: +1. The top level `database_specific`. +2. In the `affected[]` object: + - `affected[].ecosystem_specific`; + - `affected[].database_specific`. +3. `affected[].ranges[].database`. + +_OSV4K Model_ implements it using generic type: +```kotlin +/** + * @param D The top level `database_specific`. + * @param A_E `affected[].ecosystem_specific`. + * @param A_D `affected[].database_specific`. + * @param A_R_D `affected[].ranges[].database_specific`. + */ +data class OsvSchema +``` + +*Note #1*: these types should be serializable for selected engine. +*Note #2*: there is alias `com.saveourtool.osv4k.RawOsvSchema` for `KotlinX Serialization` which uses `kotlinx.serialization.json.JsonObject` as raw type. + ## Usage ### Kotlin using _Kotlinx Serialization_: diff --git a/src/commonMain/kotlin/com/saveourtool/osv4k/OsvSchema.kt b/src/commonMain/kotlin/com/saveourtool/osv4k/OsvSchema.kt index 691dd6e..357501e 100644 --- a/src/commonMain/kotlin/com/saveourtool/osv4k/OsvSchema.kt +++ b/src/commonMain/kotlin/com/saveourtool/osv4k/OsvSchema.kt @@ -27,6 +27,10 @@ typealias RawOsvSchema = OsvSchema( +data class OsvSchema( @SerialName("schema_version") @get:JsonProperty( value = "schema_version", From 8d8b45a1374177aec282b87cf3bc3d8d3ee3c246 Mon Sep 17 00:00:00 2001 From: Nariman Abdullin Date: Mon, 31 Jul 2023 18:59:55 +0300 Subject: [PATCH 3/5] added examples on kotlin and java --- README.md | 206 +++++++++++++++++- .../kotlin/com/saveourtool/osv4k/OsvSchema.kt | 4 +- .../com/saveourtool/osv4k/GoExamples.java | 114 ++++++++++ .../osv4k/OsvSchemaJacksonJavaTestUtil.java | 10 +- .../com/saveourtool/osv4k/GoJacksonTest.kt | 90 +++++++- .../osv4k/OsvSchemaJacksonTestUtil.kt | 7 +- 6 files changed, 414 insertions(+), 17 deletions(-) create mode 100644 src/jvmTest/java/com/saveourtool/osv4k/GoExamples.java diff --git a/README.md b/README.md index bf28378..9908740 100644 --- a/README.md +++ b/README.md @@ -104,7 +104,7 @@ data class OsvSchema *Note #2*: there is alias `com.saveourtool.osv4k.RawOsvSchema` for `KotlinX Serialization` which uses `kotlinx.serialization.json.JsonObject` as raw type. ## Usage -### Kotlin using _Kotlinx Serialization_: +### Reading: Kotlin using _Kotlinx Serialization_: ```kotlin import com.saveourtool.osv4k.* @@ -119,7 +119,7 @@ fun readFromFile(pathToFile: Path) { } ``` -### Java using _Jackson Annotations_: +### Reading: Java using _Jackson Annotations_: ```java import com.fasterxml.jackson.databind.ObjectMapper; @@ -136,3 +136,205 @@ class Test { } } ``` + +### Generating: Kotlin using _KotlinX Serialization_: + +```kotlin + +@Serializable +data class GoImports( + val imports: List, +) + +@Serializable +data class GoImport( + val path: String, + val symbols: List, +) + +@Serializable +data class GoUrl( + val url: String, +) + +val osvSchema = OsvSchema( + schemaVersion = "1.3.1", + id = "GO-2020-0015", + modified = LocalDateTime(2023, 6, 12, 18, 45, 41), + published = LocalDateTime(2021, 4, 14, 20, 4, 52), + aliases = listOf("CVE-2020-14040", "GHSA-5rcv-m4m3-hfh7"), + summary = "Infinite loop when decoding some inputs in golang.org/x/text", + details = "An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to transform.String. If used to parse user supplied input, this may be used as a denial of service vector.", + affected = listOf( + Affected( + `package` = Package( + ecosystem = "Go", + name = "golang.org/x/text", + ), + ranges = listOf( + Range( + type = RangeType.SEMVER, + events = listOf( + Event(introduced = "0"), + Event(fixed = "0.3.3"), + ), + ), + ), + ecosystemSpecific = GoImports( + imports = listOf( + GoImport( + path = "golang.org/x/text/encoding/unicode", + symbols = listOf("bomOverride.Transform", "utf16Decoder.Transform"), + ), + GoImport( + path = "golang.org/x/text/transform", + symbols = listOf("String"), + ), + ), + ), + ) + ), + references = listOf( + Reference( + type = ReferenceType.FIX, + url = "https://go.dev/cl/238238", + ), + Reference( + type = ReferenceType.FIX, + url = "https://go.googlesource.com/text/+/23ae387dee1f90d29a23c0e87ee0b46038fbed0e", + ), + Reference( + type = ReferenceType.REPORT, + url = "https://go.dev/issue/39491", + ), + Reference( + type = ReferenceType.WEB, + url = "https://groups.google.com/g/golang-announce/c/bXVeAmGOqz0", + ), + ), + credits = listOf( + Credit(name = "@abacabadabacaba"), + Credit(name = "Anton Gyllenberg"), + ), + databaseSpecific = GoUrl(url = "https://pkg.go.dev/vuln/GO-2020-0015"), +) +``` + +### Generating: Java using _Jackson Annotations_ + +```java +package com.saveourtool.osv4k; + +import kotlinx.datetime.LocalDateTime; + +import java.util.Arrays; +import java.util.Collections; +import java.util.List; + +public final class GoExamples { + private GoExamples() {} + + public static class GoImports { + private final List imports; + + public GoImports(List imports) { + this.imports = imports; + } + + public List getImports() { + return Collections.unmodifiableList(imports); + } + } + + public static class GoImport { + private final String path; + private final List symbols; + + public GoImport(String path, List symbols) { + this.path = path; + this.symbols = symbols; + } + + public String getPath() { + return path; + } + + public List getSymbols() { + return Collections.unmodifiableList(symbols); + } + } + + public static class GoUrl { + private final String url; + + public GoUrl(String url) { + this.url = url; + } + + public String getUrl() { + return url; + } + } + + public static OsvSchema go_2020_00115() { + return new OsvSchema( + "1.3.1", + "GO-2020-0015", + new LocalDateTime(2023, 6, 12, 18, 45, 41, 0), + new LocalDateTime(2021, 4, 14, 20, 4, 52, 0), + null, + Arrays.asList("CVE-2020-14040", "GHSA-5rcv-m4m3-hfh7"), + null, + "Infinite loop when decoding some inputs in golang.org/x/text", + "An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to transform.String. If used to parse user supplied input, this may be used as a denial of service vector.", + null, + Arrays.asList( + new Affected( + new Package( + "Go", + "golang.org/x/text", + null + ), + null, + Arrays.asList( + new Range<>( + RangeType.SEMVER, + null, + Arrays.asList( + new Event("0", null, null, null), + new Event(null, "0.3.3", null, null) + ), + null + ) + ), + null, + new GoImports( + Arrays.asList( + new GoImport( + "golang.org/x/text/encoding/unicode", + Arrays.asList("bomOverride.Transform", "utf16Decoder.Transform") + ), + new GoImport( + "golang.org/x/text/transform", + Arrays.asList("String") + ) + ) + ), + null + ) + ), + Arrays.asList( + new Reference(ReferenceType.FIX, "https://go.dev/cl/238238"), + new Reference(ReferenceType.FIX, "https://go.googlesource.com/text/+/23ae387dee1f90d29a23c0e87ee0b46038fbed0e" ), + new Reference(ReferenceType.REPORT, "https://go.dev/issue/39491"), + new Reference(ReferenceType.WEB, "https://groups.google.com/g/golang-announce/c/bXVeAmGOqz0") + ), + Arrays.asList( + new Credit("@abacabadabacaba", null, null), + new Credit("Anton Gyllenberg", null, null) + ), + new GoUrl("https://pkg.go.dev/vuln/GO-2020-0015") + ); + } +} +``` \ No newline at end of file diff --git a/src/commonMain/kotlin/com/saveourtool/osv4k/OsvSchema.kt b/src/commonMain/kotlin/com/saveourtool/osv4k/OsvSchema.kt index 357501e..42e0775 100644 --- a/src/commonMain/kotlin/com/saveourtool/osv4k/OsvSchema.kt +++ b/src/commonMain/kotlin/com/saveourtool/osv4k/OsvSchema.kt @@ -227,7 +227,7 @@ data class OsvSchema( defaultValue = "", access = JsonPropertyAccess.AUTO ) - val affected: List>? = null, + val affected: List>? = null, @JsonProperty( value = "references", namespace = "", @@ -286,7 +286,7 @@ data class OsvSchema( "BACKTICKS_PROHIBITED", "GENERIC_NAME" ) -data class Affected( +data class Affected( @JsonProperty( value = "package", namespace = "", diff --git a/src/jvmTest/java/com/saveourtool/osv4k/GoExamples.java b/src/jvmTest/java/com/saveourtool/osv4k/GoExamples.java new file mode 100644 index 0000000..04cd456 --- /dev/null +++ b/src/jvmTest/java/com/saveourtool/osv4k/GoExamples.java @@ -0,0 +1,114 @@ +package com.saveourtool.osv4k; + +import kotlinx.datetime.LocalDateTime; + +import java.util.Arrays; +import java.util.Collections; +import java.util.List; + +public final class GoExamples { + private GoExamples() {} + + public static class GoImports { + private final List imports; + + public GoImports(List imports) { + this.imports = imports; + } + + public List getImports() { + return Collections.unmodifiableList(imports); + } + } + + public static class GoImport { + private final String path; + private final List symbols; + + public GoImport(String path, List symbols) { + this.path = path; + this.symbols = symbols; + } + + public String getPath() { + return path; + } + + public List getSymbols() { + return Collections.unmodifiableList(symbols); + } + } + + public static class GoUrl { + private final String url; + + public GoUrl(String url) { + this.url = url; + } + + public String getUrl() { + return url; + } + } + + public static OsvSchema go_2020_00115() { + return new OsvSchema( + "1.3.1", + "GO-2020-0015", + new LocalDateTime(2023, 6, 12, 18, 45, 41, 0), + new LocalDateTime(2021, 4, 14, 20, 4, 52, 0), + null, + Arrays.asList("CVE-2020-14040", "GHSA-5rcv-m4m3-hfh7"), + null, + "Infinite loop when decoding some inputs in golang.org/x/text", + "An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to transform.String. If used to parse user supplied input, this may be used as a denial of service vector.", + null, + Arrays.asList( + new Affected( + new Package( + "Go", + "golang.org/x/text", + null + ), + null, + Arrays.asList( + new Range<>( + RangeType.SEMVER, + null, + Arrays.asList( + new Event("0", null, null, null), + new Event(null, "0.3.3", null, null) + ), + null + ) + ), + null, + new GoImports( + Arrays.asList( + new GoImport( + "golang.org/x/text/encoding/unicode", + Arrays.asList("bomOverride.Transform", "utf16Decoder.Transform") + ), + new GoImport( + "golang.org/x/text/transform", + Arrays.asList("String") + ) + ) + ), + null + ) + ), + Arrays.asList( + new Reference(ReferenceType.FIX, "https://go.dev/cl/238238"), + new Reference(ReferenceType.FIX, "https://go.googlesource.com/text/+/23ae387dee1f90d29a23c0e87ee0b46038fbed0e" ), + new Reference(ReferenceType.REPORT, "https://go.dev/issue/39491"), + new Reference(ReferenceType.WEB, "https://groups.google.com/g/golang-announce/c/bXVeAmGOqz0") + ), + Arrays.asList( + new Credit("@abacabadabacaba", null, null), + new Credit("Anton Gyllenberg", null, null) + ), + new GoUrl("https://pkg.go.dev/vuln/GO-2020-0015") + ); + } +} diff --git a/src/jvmTest/java/com/saveourtool/osv4k/OsvSchemaJacksonJavaTestUtil.java b/src/jvmTest/java/com/saveourtool/osv4k/OsvSchemaJacksonJavaTestUtil.java index 6885575..7ec12c6 100644 --- a/src/jvmTest/java/com/saveourtool/osv4k/OsvSchemaJacksonJavaTestUtil.java +++ b/src/jvmTest/java/com/saveourtool/osv4k/OsvSchemaJacksonJavaTestUtil.java @@ -6,7 +6,6 @@ import com.fasterxml.jackson.databind.ObjectWriter; import org.intellij.lang.annotations.Language; -import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertNotNull; @@ -22,13 +21,6 @@ static void doEncodeDecodeAndCompare( ) throws JsonProcessingException { final OsvSchema result = objectMapper.readValue(originalContent, OsvSchema.class); assertNotNull(result); - compareJsonContent(originalContent, prettyWriter.writeValueAsString(result)); - } - - private static void compareJsonContent( - final String contentExpected, - final String contentActual - ) throws JsonProcessingException { - assertEquals(objectMapper.readTree(contentExpected), objectMapper.readTree(contentActual)); + OsvSchemaJacksonTestUtil.INSTANCE.compareJsonContent(originalContent, prettyWriter.writeValueAsString(result)); } } \ No newline at end of file diff --git a/src/jvmTest/kotlin/com/saveourtool/osv4k/GoJacksonTest.kt b/src/jvmTest/kotlin/com/saveourtool/osv4k/GoJacksonTest.kt index 6ff2120..887caeb 100644 --- a/src/jvmTest/kotlin/com/saveourtool/osv4k/GoJacksonTest.kt +++ b/src/jvmTest/kotlin/com/saveourtool/osv4k/GoJacksonTest.kt @@ -6,14 +6,96 @@ package com.saveourtool.osv4k +import com.saveourtool.osv4k.OsvSchemaJacksonTestUtil.compareJsonContent import com.saveourtool.osv4k.OsvSchemaJacksonTestUtil.doEncodeDecodeAndCompare +import kotlinx.datetime.LocalDateTime +import kotlinx.serialization.Serializable +import kotlinx.serialization.encodeToString +import kotlinx.serialization.json.Json import kotlin.test.Test +@Serializable +data class GoImports( + val imports: List, +) + +@Serializable +data class GoImport( + val path: String, + val symbols: List, +) + +@Serializable +data class GoUrl( + val url: String, +) + class GoJacksonTest { @Test fun `GO-2020-0015`() { - doEncodeDecodeAndCompare( - """ + val osvSchema = OsvSchema( + schemaVersion = "1.3.1", + id = "GO-2020-0015", + modified = LocalDateTime(2023, 6, 12, 18, 45, 41), + published = LocalDateTime(2021, 4, 14, 20, 4, 52), + aliases = listOf("CVE-2020-14040", "GHSA-5rcv-m4m3-hfh7"), + summary = "Infinite loop when decoding some inputs in golang.org/x/text", + details = "An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to transform.String. If used to parse user supplied input, this may be used as a denial of service vector.", + affected = listOf( + Affected( + `package` = Package( + ecosystem = "Go", + name = "golang.org/x/text", + ), + ranges = listOf( + Range( + type = RangeType.SEMVER, + events = listOf( + Event(introduced = "0"), + Event(fixed = "0.3.3"), + ), + ), + ), + ecosystemSpecific = GoImports( + imports = listOf( + GoImport( + path = "golang.org/x/text/encoding/unicode", + symbols = listOf("bomOverride.Transform", "utf16Decoder.Transform"), + ), + GoImport( + path = "golang.org/x/text/transform", + symbols = listOf("String"), + ), + ), + ), + ) + ), + references = listOf( + Reference( + type = ReferenceType.FIX, + url = "https://go.dev/cl/238238", + ), + Reference( + type = ReferenceType.FIX, + url = "https://go.googlesource.com/text/+/23ae387dee1f90d29a23c0e87ee0b46038fbed0e", + ), + Reference( + type = ReferenceType.REPORT, + url = "https://go.dev/issue/39491", + ), + Reference( + type = ReferenceType.WEB, + url = "https://groups.google.com/g/golang-announce/c/bXVeAmGOqz0", + ), + ), + credits = listOf( + Credit(name = "@abacabadabacaba"), + Credit(name = "Anton Gyllenberg"), + ), + databaseSpecific = GoUrl(url = "https://pkg.go.dev/vuln/GO-2020-0015"), + ) + + val testedContent = """ { "schema_version": "1.3.1", "id": "GO-2020-0015", @@ -94,7 +176,9 @@ class GoJacksonTest { } } """.trimIndent() - ) + compareJsonContent(testedContent, Json.encodeToString(osvSchema)) + compareJsonContent(testedContent, OsvSchemaJacksonTestUtil.encode(GoExamples.go_2020_00115())) + doEncodeDecodeAndCompare(testedContent) } @Test diff --git a/src/jvmTest/kotlin/com/saveourtool/osv4k/OsvSchemaJacksonTestUtil.kt b/src/jvmTest/kotlin/com/saveourtool/osv4k/OsvSchemaJacksonTestUtil.kt index 1a8f757..45fa3dc 100644 --- a/src/jvmTest/kotlin/com/saveourtool/osv4k/OsvSchemaJacksonTestUtil.kt +++ b/src/jvmTest/kotlin/com/saveourtool/osv4k/OsvSchemaJacksonTestUtil.kt @@ -1,5 +1,6 @@ package com.saveourtool.osv4k +import com.fasterxml.jackson.core.JsonProcessingException import com.fasterxml.jackson.databind.ObjectMapper import org.intellij.lang.annotations.Language import kotlin.test.assertEquals @@ -24,10 +25,14 @@ object OsvSchemaJacksonTestUtil { OsvSchemaJavaTestUtil.doEncodeDecodeAndCompare(originalContent) } - private fun compareJsonContent( + fun compareJsonContent( contentExpected: String, contentActual: String, ) { assertEquals(objectMapper.readTree(contentExpected), objectMapper.readTree(contentActual)) } + + fun encode( + value: T + ): String = objectMapper.writeValueAsString(value) } From 126db2145a54bc506c40ae441e96809bf3f2e7f1 Mon Sep 17 00:00:00 2001 From: Nariman Abdullin Date: Tue, 1 Aug 2023 11:42:39 +0300 Subject: [PATCH 4/5] diktatFix & detektAll --- src/commonMain/kotlin/com/saveourtool/osv4k/OsvSchema.kt | 9 +++++---- .../kotlin/com/saveourtool/osv4k/GoJacksonTest.kt | 7 +++++-- .../com/saveourtool/osv4k/OsvSchemaJacksonTestUtil.kt | 9 ++++++++- 3 files changed, 18 insertions(+), 7 deletions(-) diff --git a/src/commonMain/kotlin/com/saveourtool/osv4k/OsvSchema.kt b/src/commonMain/kotlin/com/saveourtool/osv4k/OsvSchema.kt index 42e0775..9bec97d 100644 --- a/src/commonMain/kotlin/com/saveourtool/osv4k/OsvSchema.kt +++ b/src/commonMain/kotlin/com/saveourtool/osv4k/OsvSchema.kt @@ -13,6 +13,11 @@ typealias RawOsvSchema = OsvSchema( + val osvSchema: OsvSchema = OsvSchema( schemaVersion = "1.3.1", id = "GO-2020-0015", modified = LocalDateTime(2023, 6, 12, 18, 45, 41), diff --git a/src/jvmTest/kotlin/com/saveourtool/osv4k/OsvSchemaJacksonTestUtil.kt b/src/jvmTest/kotlin/com/saveourtool/osv4k/OsvSchemaJacksonTestUtil.kt index 45fa3dc..c0de309 100644 --- a/src/jvmTest/kotlin/com/saveourtool/osv4k/OsvSchemaJacksonTestUtil.kt +++ b/src/jvmTest/kotlin/com/saveourtool/osv4k/OsvSchemaJacksonTestUtil.kt @@ -1,6 +1,5 @@ package com.saveourtool.osv4k -import com.fasterxml.jackson.core.JsonProcessingException import com.fasterxml.jackson.databind.ObjectMapper import org.intellij.lang.annotations.Language import kotlin.test.assertEquals @@ -25,6 +24,10 @@ object OsvSchemaJacksonTestUtil { OsvSchemaJavaTestUtil.doEncodeDecodeAndCompare(originalContent) } + /** + * @param contentExpected + * @param contentActual + */ fun compareJsonContent( contentExpected: String, contentActual: String, @@ -32,6 +35,10 @@ object OsvSchemaJacksonTestUtil { assertEquals(objectMapper.readTree(contentExpected), objectMapper.readTree(contentActual)) } + /** + * @param value + * @return encoded value + */ fun encode( value: T ): String = objectMapper.writeValueAsString(value) From d2673cd823cfef28ecf59d2a187569d6780fbf67 Mon Sep 17 00:00:00 2001 From: Nariman Abdullin Date: Tue, 1 Aug 2023 11:53:53 +0300 Subject: [PATCH 5/5] added dependencies.yml --- .github/workflows/dependencies.yml | 51 ++++++++++++++++++++++++++++++ README.md | 2 +- 2 files changed, 52 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/dependencies.yml diff --git a/.github/workflows/dependencies.yml b/.github/workflows/dependencies.yml new file mode 100644 index 0000000..548411d --- /dev/null +++ b/.github/workflows/dependencies.yml @@ -0,0 +1,51 @@ +name: 'Dependencies' + +on: + push: + branches: + - 'main' + +env: + GRADLE_OPTS: -Dorg.gradle.daemon=true -Dorg.gradle.parallel=true -Dorg.gradle.welcome=never + +jobs: + dependencies: + name: 'Dependencies' + runs-on: ubuntu-latest + + # The Dependency Submission API requires write permission. + permissions: + contents: write + + steps: + - uses: actions/checkout@v3 + with: + # Fetch Git tags, so that semantic version can be calculated. + # Alternatively, run `git fetch --prune --unshallow --tags` as the + # next step, see + # https://github.com/actions/checkout/issues/206#issuecomment-607496604. + fetch-depth: 0 + + - name: 'Set up Java 11' + uses: actions/setup-java@v3 + with: + distribution: temurin + java-version: 11 + + - name: 'Set up Gradle' + id: build + uses: gradle/gradle-build-action@v2 + with: + gradle-version: wrapper + + # `gradlew :dependencies --configuration compileClasspath` + - name: 'Run snapshot action' + uses: mikepenz/gradle-dependency-submission@v0.9.0 + with: + use-gradlew: true + gradle-build-module: |- + : + # `compileClasspath` configuration has no dependencies in multiplatform + # projects. + gradle-build-configuration: |- + compileClasspath \ No newline at end of file diff --git a/README.md b/README.md index 9908740..d2a9524 100644 --- a/README.md +++ b/README.md @@ -4,7 +4,7 @@ [![GitHub release](https://img.shields.io/github/release/saveourtool/osv4k.svg)](https://github.com/saveourtool/osv4k/releases/) [![Maven Central](https://img.shields.io/maven-central/v/com.saveourtool.osv4k/osv4k.svg)](https://search.maven.org/#search%7Cga%7C1%7Cg%3A%22com.saveourtool.osv4k%22) [![javadoc](https://javadoc.io/badge2/com.saveourtool.osv4k/osv4k/javadoc.svg)](https://javadoc.io/doc/com.saveourtool.osv4k/osv4k) -[![Build](https://github.com/saveourtool/osv4k/actions/workflows/build.yml/badge.svg?branch=main)](https://github.com/saveourtool/osv4k/actions/workflows/build.yml?query=branch%3Amain) +[![Build and test](https://github.com/saveourtool/osv4k/actions/workflows/build_and_test.yml/badge.svg?branch=main)](https://github.com/saveourtool/osv4k/actions/workflows/build_and_test.yml?query=branch%3Amain) [![Dependencies](https://github.com/saveourtool/osv4k/actions/workflows/dependencies.yml/badge.svg?branch=main)](https://github.com/saveourtool/osv4k/actions/workflows/dependencies.yml?query=branch%3Amain) _Kotlin_ model for [OSV](https://ossf.github.io/osv-schema/) Schema.