Skip to content

Commit 6fccb2a

Browse files
nwithan8nwithan8
authored
Implement required utility functions from Apache, drop vulnerable Apache dependencies (#24)
- Extract, rewrite the few Apache functions we need into ApachePatch - Drop Apache-related code - Drop all Apache dependencies - Move several public utilities into internal utilities to consolidate - Delete utilities that weren't being used (dead code) - Add citation, license for modified Apache code - Explicitly target Java 8 during compilation, to avoid an 8 vs. 11 discrepancy: https://stackoverflow.com/a/61267496/13343799 - Fix Javadoc generation issue - Adjust Makefile to not re-compile code prior to testing
1 parent 8afd0df commit 6fccb2a

File tree

22 files changed

+439
-560
lines changed

22 files changed

+439
-560
lines changed

.github/workflows/ci.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ jobs:
1111
runs-on: ubuntu-20.04
1212
strategy:
1313
matrix:
14-
javaversion: [ "8", "9", "10", "11", "12", "13", "14", "15", "16", "17", "18", "19" ]
14+
java_version: [ "8", "9", "10", "11", "12", "13", "14", "15", "16", "17", "18", "19" ]
1515
steps:
1616
- uses: actions/checkout@v3
1717
- name: Load Maven dependencies cache
@@ -30,12 +30,12 @@ jobs:
3030
java-version: "19" # Always use the latest JDK for building
3131
- name: Compile
3232
run: make build
33-
- name: Set up Java ${{ matrix.javaversion }}
33+
- name: Set up Java ${{ matrix.java_version }}
3434
uses: actions/setup-java@v3
3535
with:
3636
distribution: "zulu"
37-
java-version: ${{ matrix.javaversion }}
38-
- name: Run test with Java ${{ matrix.javaversion }}
37+
java-version: ${{ matrix.java_version }}
38+
- name: Run test with Java ${{ matrix.java_version }}
3939
run: make test
4040
coverage:
4141
runs-on: ubuntu-20.04

Makefile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -51,6 +51,6 @@ scan:
5151

5252
## test - Test the project
5353
test:
54-
mvn --batch-mode install -Dgpg.skip=true -Dcheckstyle.skip=true -Dcheckstyle.skip=true -Ddependency-check.skip=true -Djavadoc.skip=true
54+
mvn surefire:test
5555

5656
.PHONY: help build clean coverage install-checkstyle install lint publish publish-dry release scan test

pom.xml

Lines changed: 21 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -36,18 +36,14 @@
3636
</scm>
3737

3838
<dependencies>
39-
<!-- https://mvnrepository.com/artifact/org.apache.httpcomponents/httpclient -->
40-
<dependency>
41-
<groupId>org.apache.httpcomponents</groupId>
42-
<artifactId>httpclient</artifactId>
43-
<version>4.5.13</version>
44-
</dependency>
4539
<dependency>
40+
<!-- https://mvnrepository.com/artifact/com.google.code.gson/gson -->
4641
<groupId>com.google.code.gson</groupId>
4742
<artifactId>gson</artifactId>
4843
<version>2.8.9</version>
4944
</dependency>
5045
<dependency>
46+
<!-- https://mvnrepository.com/artifact/junit/junit -->
5147
<groupId>junit</groupId>
5248
<artifactId>junit</artifactId>
5349
<version>4.13.2</version>
@@ -62,15 +58,9 @@
6258
<dependency>
6359
<groupId>org.jetbrains</groupId>
6460
<artifactId>annotations</artifactId>
65-
<version>23.0.0</version>
61+
<version>23.1.0</version>
6662
<scope>compile</scope>
6763
</dependency>
68-
<!-- https://mvnrepository.com/artifact/commons-beanutils/commons-beanutils -->
69-
<dependency>
70-
<groupId>commons-beanutils</groupId>
71-
<artifactId>commons-beanutils</artifactId>
72-
<version>1.9.4</version>
73-
</dependency>
7464
</dependencies>
7565

7666
<organization>
@@ -91,7 +81,19 @@
9181
<properties>
9282
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
9383
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
84+
<maven.compiler.release>8</maven.compiler.release>
9485
</properties>
86+
<profiles>
87+
<profile>
88+
<id>java8-doclint-disabled</id>
89+
<activation>
90+
<jdk>[1.8,)</jdk>
91+
</activation>
92+
<properties>
93+
<javadoc.opts>none</javadoc.opts>
94+
</properties>
95+
</profile>
96+
</profiles>
9597
<build>
9698
<resources>
9799
<resource>
@@ -146,21 +148,19 @@
146148
</executions>
147149
</plugin>
148150
<plugin>
151+
<!-- Configuration via https://stackoverflow.com/a/16743137/13343799 -->
149152
<groupId>org.apache.maven.plugins</groupId>
150153
<artifactId>maven-javadoc-plugin</artifactId>
151-
<configuration>
152-
<source>8</source>
153-
<doclint>-html</doclint>
154-
<quiet>true</quiet>
155-
<additionalparam>-Xdoclint:none</additionalparam>
156-
</configuration>
157154
<version>3.3.1</version>
158155
<executions>
159156
<execution>
160157
<id>attach-javadocs</id>
161158
<goals>
162159
<goal>jar</goal>
163160
</goals>
161+
<configuration>
162+
<doclint>${javadoc.opts}</doclint>
163+
</configuration>
164164
</execution>
165165
</executions>
166166
</plugin>
@@ -183,8 +183,7 @@
183183
<artifactId>maven-compiler-plugin</artifactId>
184184
<version>3.9.0</version>
185185
<configuration>
186-
<source>1.8</source>
187-
<target>1.8</target>
186+
<release>8</release>
188187
</configuration>
189188
</plugin>
190189
<plugin>
@@ -262,7 +261,7 @@
262261
<plugin>
263262
<groupId>org.owasp</groupId>
264263
<artifactId>dependency-check-maven</artifactId>
265-
<version>7.2.1</version>
264+
<version>7.4.4</version>
266265
<configuration>
267266
<failBuildOnCVSS>7</failBuildOnCVSS>
268267
<junitFailOnCVSS>7</junitFailOnCVSS>

src/main/java/com/easypost/easyvcr/Cassette.java

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,8 @@
11
package com.easypost.easyvcr;
22

3-
import com.easypost.easyvcr.internalutilities.Files;
4-
import com.easypost.easyvcr.internalutilities.Tools;
5-
import com.easypost.easyvcr.internalutilities.json.Serialization;
3+
import com.easypost.easyvcr.internal.Files;
4+
import com.easypost.easyvcr.internal.Utilities;
5+
import com.easypost.easyvcr.internal.json.Serialization;
66
import com.easypost.easyvcr.requestelements.HttpInteraction;
77
import com.google.gson.JsonElement;
88
import com.google.gson.JsonParser;
@@ -40,7 +40,7 @@ public final class Cassette {
4040
*/
4141
public Cassette(String folderPath, String cassetteName) {
4242
name = cassetteName;
43-
filePath = Tools.getFilePath(folderPath, cassetteName + ".json");
43+
filePath = Utilities.getFilePath(folderPath, cassetteName + ".json");
4444
}
4545

4646
/**
@@ -62,7 +62,7 @@ public int numInteractions() {
6262
* @return The cassette file as a File object.
6363
*/
6464
private File getFile() {
65-
return Tools.getFile(filePath);
65+
return Utilities.getFile(filePath);
6666
}
6767

6868
/**

src/main/java/com/easypost/easyvcr/Censors.java

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,9 @@
11
package com.easypost.easyvcr;
22

3-
import com.easypost.easyvcr.internalutilities.Tools;
4-
import com.easypost.easyvcr.internalutilities.json.Serialization;
3+
import com.easypost.easyvcr.internal.Utilities;
4+
import com.easypost.easyvcr.internal.json.Serialization;
55
import com.google.gson.JsonParseException;
6-
import org.apache.http.NameValuePair;
7-
import org.apache.http.client.utils.URLEncodedUtils;
6+
import com.easypost.easyvcr.internal.ApachePatch;
87

98
import java.net.URI;
109
import java.nio.charset.StandardCharsets;
@@ -17,7 +16,7 @@
1716
/**
1817
* Censoring capabilities for EasyVCR.
1918
*/
20-
@SuppressWarnings("unchecked")
19+
@SuppressWarnings ("unchecked")
2120
public final class Censors {
2221
/**
2322
* The body elements to censor.
@@ -113,7 +112,7 @@ private static List<Object> applyJsonCensors(List<Object> list, String censorTex
113112
} else if (Utilities.isList(value)) {
114113
// recursively censor list elements
115114
try {
116-
// change the value if can be parsed as a list
115+
// change the value if it can be parsed as a list
117116
value = applyJsonCensors((List<Object>) value, censorText, elementsToCensor);
118117
} catch (ClassCastException e) {
119118
// otherwise, skip censoring
@@ -165,15 +164,15 @@ private static Map<String, Object> applyJsonCensors(Map<String, Object> dictiona
165164
if (Utilities.isDictionary(value)) {
166165
// recursively censor inner dictionaries
167166
try {
168-
// change the value if can be parsed as a dictionary
167+
// change the value if it can be parsed as a dictionary
169168
value = applyJsonCensors((Map<String, Object>) value, censorText, elementsToCensor);
170169
} catch (ClassCastException e) {
171170
// otherwise, skip censoring
172171
}
173172
} else if (Utilities.isList(value)) {
174173
// recursively censor list elements
175174
try {
176-
// change the value if can be parsed as a list
175+
// change the value if it can be parsed as a list
177176
value = applyJsonCensors((List<Object>) value, censorText, elementsToCensor);
178177
} catch (ClassCastException e) {
179178
// otherwise, skip censoring
@@ -292,8 +291,7 @@ public static Map<String, List<String>> applyHeaderCensors(Map<String, List<Stri
292291
* @param pathElementsToCensor The path elements to censor.
293292
* @return Censored URL string.
294293
*/
295-
public static String applyUrlCensors(String url, String censorText,
296-
List<CensorElement> queryParamsToCensor,
294+
public static String applyUrlCensors(String url, String censorText, List<CensorElement> queryParamsToCensor,
297295
List<RegexCensorElement> pathElementsToCensor) {
298296
if (url == null || url.length() == 0) {
299297
// short circuit if url is null
@@ -342,8 +340,10 @@ public static String applyUrlCensors(String url, String censorText,
342340
}
343341
}
344342

345-
List<NameValuePair> censoredQueryParametersList = Tools.mapToQueryParameters(queryParameters);
346-
censoredQueryString = URLEncodedUtils.format(censoredQueryParametersList, StandardCharsets.UTF_8);
343+
List<ApachePatch.NameValuePair> censoredQueryParametersList =
344+
Utilities.mapToQueryParameters(queryParameters);
345+
censoredQueryString =
346+
ApachePatch.URLEncodedUtils.format(censoredQueryParametersList, StandardCharsets.UTF_8);
347347
}
348348
}
349349

src/main/java/com/easypost/easyvcr/MatchRules.java

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
package com.easypost.easyvcr;
22

3-
import com.easypost.easyvcr.internalutilities.Tools;
3+
import com.easypost.easyvcr.internal.Utilities;
44
import com.easypost.easyvcr.requestelements.Request;
55

66
import java.util.ArrayList;
@@ -83,8 +83,8 @@ public MatchRules byBody(List<CensorElement> ignoredElements) {
8383
recordedBody = Utilities.removeJsonElements(recordedBody, ignoredElements);
8484

8585
// convert body to base64string to assist comparison by removing special characters
86-
receivedBody = Tools.toBase64String(receivedBody);
87-
recordedBody = Tools.toBase64String(recordedBody);
86+
receivedBody = Utilities.toBase64String(receivedBody);
87+
recordedBody = Utilities.toBase64String(recordedBody);
8888
return receivedBody.equalsIgnoreCase(recordedBody);
8989
});
9090
return this;
@@ -135,8 +135,8 @@ public MatchRules byFullUrl() {
135135
public MatchRules byFullUrl(boolean exact) {
136136
if (exact) {
137137
by((received, recorded) -> {
138-
String receivedUri = Tools.toBase64String(received.getUriString());
139-
String recordedUri = Tools.toBase64String(recorded.getUriString());
138+
String receivedUri = Utilities.toBase64String(received.getUriString());
139+
String recordedUri = Utilities.toBase64String(recorded.getUriString());
140140
return receivedUri.equalsIgnoreCase(recordedUri);
141141
});
142142
} else {

src/main/java/com/easypost/easyvcr/Utilities.java

Lines changed: 0 additions & 78 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,7 @@
11
package com.easypost.easyvcr;
22

3-
import org.apache.http.NameValuePair;
4-
import org.apache.http.client.utils.URLEncodedUtils;
5-
63
import javax.net.ssl.HttpsURLConnection;
74
import java.net.HttpURLConnection;
8-
import java.net.URI;
9-
import java.nio.charset.StandardCharsets;
10-
import java.util.Collections;
115
import java.util.List;
126
import java.util.Map;
137

@@ -36,76 +30,4 @@ public static boolean responseCameFromRecording(HttpURLConnection connection) {
3630
}
3731
return false;
3832
}
39-
40-
/**
41-
* Check if the object is a dictionary.
42-
* @param obj The object to check.
43-
* @return True if the object is a dictionary.
44-
*/
45-
public static boolean isDictionary(Object obj) {
46-
return obj instanceof Map;
47-
}
48-
49-
/**
50-
* Check if the object is a list.
51-
* @param obj The object to check.
52-
* @return True if the object is a list.
53-
*/
54-
public static boolean isList(Object obj) {
55-
return obj instanceof List;
56-
}
57-
58-
/**
59-
* Remove elements from a JSON string.
60-
* @param json The JSON string to remove elements from.
61-
* @param elements The elements to remove.
62-
* @return The JSON string without the elements.
63-
*/
64-
public static String removeJsonElements(String json, List<CensorElement> elements) {
65-
if (json == null || elements == null) {
66-
return json;
67-
}
68-
69-
return Censors.censorJsonData(json, "FILTERED", elements);
70-
}
71-
72-
/**
73-
* Convert a URI's query parameters to a Map.
74-
*
75-
* @param uri The URI.
76-
* @return The Map of query parameters.
77-
*/
78-
public static Map<String, String> queryParametersToMap(URI uri) {
79-
List<NameValuePair> receivedQueryDict = URLEncodedUtils.parse(uri, StandardCharsets.UTF_8);
80-
if (receivedQueryDict == null || receivedQueryDict.size() == 0) {
81-
return Collections.emptyMap();
82-
}
83-
Map<String, String> queryDict = new java.util.Hashtable<>();
84-
for (NameValuePair pair : receivedQueryDict) {
85-
queryDict.put(pair.getName(), pair.getValue());
86-
}
87-
return queryDict;
88-
}
89-
90-
/**
91-
* Extract the path from a URI.
92-
*
93-
* @param uri The URI to extract the path from.
94-
* @return The path.
95-
*/
96-
public static String extractPathFromUri(URI uri) {
97-
String uriString = uri.toString();
98-
99-
// strip the query parameters
100-
uriString = uriString.replace(uri.getQuery(), "");
101-
102-
if (uriString.endsWith("?")) {
103-
uriString = uriString.substring(0, uriString.length() - 1);
104-
}
105-
106-
// strip the scheme
107-
uriString = uriString.replace(uri.getScheme() + "://", "");
108-
109-
return uriString;
110-
}
11133
}

src/main/java/com/easypost/easyvcr/clients/httpurlconnection/RecordableHttpURLConnection.java

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -6,8 +6,8 @@
66
import com.easypost.easyvcr.RecordingExpirationException;
77
import com.easypost.easyvcr.VCRException;
88
import com.easypost.easyvcr.interactionconverters.HttpUrlConnectionInteractionConverter;
9-
import com.easypost.easyvcr.internalutilities.ConsoleFallbackLogger;
10-
import com.easypost.easyvcr.internalutilities.ExpirationActionExtensions;
9+
import com.easypost.easyvcr.internal.ConsoleFallbackLogger;
10+
import com.easypost.easyvcr.internal.ExpirationActionExtensions;
1111
import com.easypost.easyvcr.requestelements.HttpInteraction;
1212
import com.easypost.easyvcr.requestelements.Request;
1313

@@ -28,8 +28,8 @@
2828
import java.util.Map;
2929
import java.util.function.Function;
3030

31-
import static com.easypost.easyvcr.internalutilities.Tools.createInputStream;
32-
import static com.easypost.easyvcr.internalutilities.Tools.simulateDelay;
31+
import static com.easypost.easyvcr.internal.Utilities.createInputStream;
32+
import static com.easypost.easyvcr.internal.Utilities.simulateDelay;
3333

3434
public final class RecordableHttpURLConnection extends HttpURLConnection {
3535

0 commit comments

Comments
 (0)