devonfw#103: some final cleanup

MattesMrzik · Jan 2, 2024 · fd64100 · fd64100
1 parent b19b877
commit fd64100
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 12 deletions.
diff --git a/cli/src/main/java/com/devonfw/tools/ide/url/model/file/UrlSecurityJsonFile.java b/cli/src/main/java/com/devonfw/tools/ide/url/model/file/UrlSecurityJsonFile.java
@@ -64,8 +64,8 @@ public boolean addSecurityWarning(VersionRange versionRange) {
    *
    * @param versionRange the version range, specifying the versions of the tool to which the security risk applies.
    * @param matchedCpe the matched CPE.
-   * @param interval the interval of vulnerability that was used to determine the {@link VersionRange}. This is used to
-   *        check if the mapping from CPE version to UrlVersion was correct.
+   * @param interval the interval of vulnerability that was used to determine the {@link VersionRange}. This can be used
+   *        to manually check if the mapping from CPE version to UrlVersion was correct.
    * @param severity the severity of the security risk.
    * @param severityVersion Indicating from which version the {@code severity} was obtained. As of December 2023, this
    *        is either v2 or v3.

diff --git a/cli/src/main/java/com/devonfw/tools/ide/util/MapUtil.java b/cli/src/main/java/com/devonfw/tools/ide/util/MapUtil.java
@@ -14,7 +14,7 @@ public class MapUtil {
    * Creates a {@link HashMap} with the given {@code keys} and {@code values} which are passed as {@link List lists}.
    * The map is populated by iterating through both lists simultaneously until one of the list is exhausted.
    */
-  public static <K, V> Map<K, V> createMapWithLists(List<K> keys, List<V> values) {
+  public static <K, V> Map<K, V> createMapfromLists(List<K> keys, List<V> values) {
 
     Map<K, V> resultMap = new HashMap<>();
 

diff --git a/security/src/main/java/com/devonfw/tools/security/BuildSecurityJsonFiles.java b/security/src/main/java/com/devonfw/tools/security/BuildSecurityJsonFiles.java
@@ -9,7 +9,7 @@
 import java.util.List;
 import java.util.Locale;
 import java.util.Map;
-import java.util.Optional;
+import java.util.Objects;
 import java.util.Set;
 import java.util.stream.Collectors;
 
@@ -59,6 +59,8 @@
 import com.devonfw.tools.ide.version.VersionRange;
 
 // TODO Doesn't yet work with versions defined like this /<tool>/<edition>/latest
+// TODO Sometimes when running this class is takes a long time to finish. Maybe this is because of the OWASP package, which
+// is updating the vulnerabilities. A dirty fix is to stop the program and restart it. 
 
 /**
  * This class is used to build the {@link UrlSecurityJsonFile} files for IDEasy. It scans the
@@ -133,7 +135,7 @@ private static void run() {
           .map(VersionIdentifier::toString).toList();
       List<String> sortedCpeVersions = sortedVersions.stream().map(urlUpdater::mapUrlVersionToCpeVersion)
           .collect(Collectors.toList());
-      Map<String, String> cpeToUrlVersion = MapUtil.createMapWithLists(sortedCpeVersions, sortedVersions);
+      Map<String, String> cpeToUrlVersion = MapUtil.createMapfromLists(sortedCpeVersions, sortedVersions);
 
       Set<Vulnerability> vulnerabilities = dependency.getVulnerabilities(true);
       for (Vulnerability vulnerability : vulnerabilities) {
@@ -174,7 +176,8 @@ private static void addVulnerabilityToSecurityFile(Vulnerability vulnerability,
 
     if (vulnerability.getCvssV2() == null && vulnerability.getCvssV3() == null) {
       // TODO if this ever happens, add a case that handles this
-      throw new RuntimeException("Vulnerability without severity found: " + vulnerability.getName());
+      throw new RuntimeException("Vulnerability without severity found: " + vulnerability.getName() + "\\n"
+          + " Please contact https://github.com/devonfw/IDEasy and make a request to get this feature implemented.");
     }
     boolean hasV3Severity = vulnerability.getCvssV3() != null;
     double severityDouble = hasV3Severity ? vulnerability.getCvssV3().getBaseScore()
@@ -287,15 +290,11 @@ public static VersionRange getVersionRangeFromInterval(String si, String se, Str
       }
       return VersionRange.of(s + VersionRange.getVersionSeparator() + s);
     }
-    se = Optional.ofNullable(se).orElse("");
-    si = Optional.ofNullable(si).orElse("");
-    ee = Optional.ofNullable(ee).orElse("");
-    ei = Optional.ofNullable(ei).orElse("");
 
-    String leftBoundary = se.isEmpty() ? VersionRange.getStartIncludingPrefix() + si
+    String leftBoundary = se == null ? VersionRange.getStartIncludingPrefix() + Objects.toString(si, "")
         : VersionRange.getStartExcludingPrefix() + se;
 
-    String rightBoundary = ee.isEmpty() ? ei + VersionRange.getEndIncludingSuffix()
+    String rightBoundary = ee == null ? Objects.toString(ei, "") + VersionRange.getEndIncludingSuffix()
         : ee + VersionRange.getEndExcludingSuffix();
 
     return VersionRange.of(leftBoundary + VersionRange.getVersionSeparator() + rightBoundary);