Open
Conversation
The previous implementation of `prepareIV` used `java.util.Random` seeded with `System.currentTimeMillis()`, which is predictable and insecure for cryptographic operations. This change replaces it with `java.security.SecureRandom` to generate a cryptographically strong random IV. This fixes a security vulnerability where the IV could be predicted, potentially compromising the encryption. Also removed unused imports: - `java.nio.charset.StandardCharsets` - `java.security.MessageDigest` - `java.util.Arrays` - `java.util.Random` Co-authored-by: G30RG3-GJ <203693057+G30RG3-GJ@users.noreply.github.com>
- Modified `showErrorMessage(Exception ex, String title, String content)` to include `styleAlert(alert)`. This ensures consistent styling for this overload and fixes a missing style application.
- Modified `showErrorMessage(Exception ex)` to delegate to `showErrorMessage(Exception ex, String title, String content)`, eliminating duplicated logic for alert creation and configuration.
- Preserved existing behavior for title and header text ("Error occured" / "Error Occured").
Co-authored-by: G30RG3-GJ <203693057+G30RG3-GJ@users.noreply.github.com>
…3569 🔒 Fix predictable IV generation in EncryptionUtil
…tion-14676278107199138789 Refactor AlertMaker to reduce code duplication
Co-authored-by: G30RG3-GJ <203693057+G30RG3-GJ@users.noreply.github.com>
- Refactored `DataHelper.insertNewBook` to accept `java.sql.Connection` for better testability. - Added `DataHelperTest` using JUnit 4 and Mockito to verify SQL execution. - Added test dependencies in `libs/test/`. - Included stubs for `DatabaseHandler` and `MemberListController` in `test/stubs/` to enable compilation in non-JavaFX environments. - Added `run_tests.sh` script to facilitate test execution. Co-authored-by: G30RG3-GJ <203693057+G30RG3-GJ@users.noreply.github.com>
- Added JUnit 4.13.2, Hamcrest Core 1.3, and GreenMail 1.6.15 to libs/test/ - Updated nbproject/project.properties to include new test libs in classpath - Created test/library/assistant/email/EmailUtilTest.java with integration test logic - Verified test passes with mocked SMTP server Co-authored-by: G30RG3-GJ <203693057+G30RG3-GJ@users.noreply.github.com>
…10603895794473152871 🧹 Remove unused main methods from Loader classes
…65157879989 Add integration test for EmailUtil
…16503906619777 Add test for DataHelper.insertNewBook
Moved the email validation Pattern to a static final constant in LibraryAssistantUtil.java to avoid recompiling the regex pattern every time validateEmailAddress is called. Benchmark showed ~5x performance improvement. Co-authored-by: G30RG3-GJ <203693057+G30RG3-GJ@users.noreply.github.com>
…10615770482714053210 ⚡ Optimize email validation regex compilation
- Replaced broad `catch (Exception)` with specific `catch (SQLException)` in `DatabaseExporter.call()`. - Updated `createBackup()` signature to throw `SQLException`. - Wrapped `AlertMaker.showErrorMessage(exp)` in `Platform.runLater()` to ensure UI interaction occurs on the JavaFX Application Thread. - Cleaned up unused imports. This change improves maintainability by not masking RuntimeExceptions and fixes a potential threading issue when reporting errors from a background Task. Co-authored-by: G30RG3-GJ <203693057+G30RG3-GJ@users.noreply.github.com>
…atabaseexporter-13287825710667073782 🧹 [code health] Narrow exception catching in DatabaseExporter and fix threading issue
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.