Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Removed 2 libraries with vulnerabilities #239

Merged
merged 1 commit into from
Sep 19, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
@@ -1,7 +1,5 @@
package org.ergoplatform.appkit;

import com.google.common.base.Strings;

import org.ergoplatform.appkit.config.ErgoNodeConfig;
import org.ergoplatform.appkit.impl.BlockchainContextBuilderImpl;
import org.ergoplatform.appkit.impl.NodeAndExplorerDataSourceImpl;
Expand Down Expand Up @@ -52,7 +50,7 @@ public class RestApiErgoClient implements ErgoClient {
nodeClient.configureFromOkClientBuilder(httpClientBuilder);

ExplorerApiClient explorerClient;
if (!Strings.isNullOrEmpty(explorerUrl)) {
if (explorerUrl != null && !explorerUrl.isEmpty()) {
explorerClient = new ExplorerApiClient(explorerUrl);
explorerClient.configureFromOkClientBuilder(httpClientBuilder);
} else {
Expand Down
9 changes: 9 additions & 0 deletions appkit/src/test/scala/org/ergoplatform/appkit/FileUtil.scala
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
package org.ergoplatform.appkit

import java.io.File
import java.nio.charset.Charset
import java.nio.file.Files

object FileUtil {
def read(file: File): String = new String(Files.readAllBytes(file.toPath), Charset.defaultCharset())
}
3 changes: 1 addition & 2 deletions build.sbt
Original file line number Diff line number Diff line change
Expand Up @@ -189,8 +189,7 @@ lazy val common = (project in file("common"))
libraryDependencies ++= Seq(
sigmaState,
ergoWallet,
"com.google.guava" % "guava" % "23.0",
"commons-io" % "commons-io" % "2.5"
"com.google.code.findbugs" % "jsr305" % "1.3.9"
),
publish / skip := true
)
Expand Down
9 changes: 4 additions & 5 deletions common/src/main/java/org/ergoplatform/appkit/Address.java
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
package org.ergoplatform.appkit;

import com.google.common.base.Objects;
import org.ergoplatform.ErgoAddress;
import org.ergoplatform.ErgoAddressEncoder;
import org.ergoplatform.P2PKAddress;
Expand All @@ -22,7 +21,7 @@
import sigmastate.utils.Helpers;
import sigma.GroupElement;

import static com.google.common.base.Preconditions.checkArgument;
import java.util.Objects;

public class Address {
private final String _base58String;
Expand Down Expand Up @@ -86,7 +85,7 @@ public NetworkType getNetworkType() {
* @throws IllegalArgumentException if this instance is not P2PK address
*/
public P2PKAddress asP2PK() {
checkArgument(isP2PK(), "This instance %s is not P2PKAddress", this);
InternalUtil.checkArgument(isP2PK(), "This instance %s is not P2PKAddress", this);
return (P2PKAddress) _address;
}

Expand All @@ -100,7 +99,7 @@ public P2PKAddress asP2PK() {
* @throws IllegalArgumentException if this instance is not P2S address
*/
public Pay2SAddress asP2S() {
checkArgument(isP2S(), "This instance %s is not Pay2SAddress", this);
InternalUtil.checkArgument(isP2S(), "This instance %s is not Pay2SAddress", this);
return (Pay2SAddress) _address;
}

Expand Down Expand Up @@ -279,7 +278,7 @@ public String toString() {

@Override
public int hashCode() {
return Objects.hashCode(_address.hashCode(), _address.networkPrefix());
return Objects.hash(_address.hashCode(), _address.networkPrefix());
satsen marked this conversation as resolved.
Show resolved Hide resolved
}

@Override
Expand Down
10 changes: 0 additions & 10 deletions common/src/main/java/org/ergoplatform/appkit/FileUtil.scala

This file was deleted.

24 changes: 24 additions & 0 deletions common/src/main/java/org/ergoplatform/appkit/InternalUtil.java
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
package org.ergoplatform.appkit;

import javax.annotation.Nullable;

public class InternalUtil {

public static void checkArgument(boolean expression, @Nullable Object errorMessage) {
if (!expression) {
throw new IllegalArgumentException(String.valueOf(errorMessage));
}
}

public static void checkArgument(boolean expression, String errorMessageFormat, Object... errorMessageArgs) {
if (!expression) {
throw new IllegalArgumentException(String.format(errorMessageFormat, errorMessageArgs));
}
}

public static void checkState(boolean expression, @Nullable Object errorMessage) {
if (!expression) {
throw new IllegalStateException(String.valueOf(errorMessage));
}
}
}
Original file line number Diff line number Diff line change
@@ -1,12 +1,13 @@
package org.ergoplatform.appkit

import java.io.File
import com.google.common.io.Files
import org.ergoplatform.sdk.JavaHelpers
import org.scalatest.matchers.should.Matchers
import org.scalatest.propspec.AnyPropSpec
import org.scalatestplus.scalacheck.ScalaCheckDrivenPropertyChecks

import java.nio.file.Files

class SecretStorageSpec extends AnyPropSpec with Matchers with ScalaCheckDrivenPropertyChecks
with AppkitTestingCommon {
val mnemonicWithPassword = Mnemonic.create("phrase".toCharArray, "mnemonic pass".toCharArray)
Expand Down Expand Up @@ -69,7 +70,7 @@ class SecretStorageSpec extends AnyPropSpec with Matchers with ScalaCheckDrivenP
}

def withTempDir(block: File => Unit): Unit = {
val dir = Files.createTempDir()
val dir = Files.createTempDirectory("").toFile
aslesarenko marked this conversation as resolved.
Show resolved Hide resolved
try {
block(dir)
}
Expand Down
Original file line number Diff line number Diff line change
@@ -1,10 +1,8 @@
package org.ergoplatform.appkit;

import static com.google.common.base.Preconditions.checkState;
import static org.ergoplatform.appkit.BlockchainContext.DEFAULT_LIMIT_FOR_API;
import static org.ergoplatform.appkit.Parameters.MinFee;

import com.google.common.base.Preconditions;
import org.ergoplatform.sdk.ErgoToken;
import org.ergoplatform.sdk.SecretString;

Expand Down Expand Up @@ -63,7 +61,7 @@ public static BoxOperations createForSenders(List<Address> senders, BlockchainCo
*/
public static BoxOperations createForEip3Prover(ErgoProver senderProver, BlockchainContext ctx) {
List<Address> eip3Addresses = senderProver.getEip3Addresses();
checkState(eip3Addresses.size() > 0,
InternalUtil.checkState(!eip3Addresses.isEmpty(),
"EIP-3 addresses are not derived in the prover (use ErgoProverBuilder.withEip3Secret)");
return new BoxOperations(ctx, eip3Addresses, senderProver);
}
Expand Down Expand Up @@ -433,7 +431,7 @@ private static CoveringBoxes getCoveringBoxesFor(long amountToSpend,
Function<Integer, List<InputBox>> inputBoxesLoader,
int maxBoxesToSelect) {
SelectTokensHelper tokensRemaining = new SelectTokensHelper(tokensToSpend);
Preconditions.checkArgument(amountToSpend > 0 ||
InternalUtil.checkArgument(amountToSpend > 0 ||
!tokensRemaining.areTokensCovered(), "amountToSpend or tokens to spend should be > 0");
ArrayList<InputBox> selectedCoveringBoxes = new ArrayList<>();
long remainingAmountToCover = amountToSpend;
Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,5 @@
package org.ergoplatform.appkit.impl;

import com.google.common.base.Preconditions;

import org.ergoplatform.appkit.Address;
import org.ergoplatform.appkit.ErgoClient;
import org.ergoplatform.appkit.ErgoClientException;
Expand Down
Original file line number Diff line number Diff line change
@@ -1,7 +1,5 @@
package org.ergoplatform.appkit.impl

import com.google.common.base.Preconditions
import com.google.common.base.Preconditions.checkState
import org.ergoplatform.SigmaConstants
import org.ergoplatform.appkit._
import org.ergoplatform.sdk.ErgoToken
Expand Down Expand Up @@ -65,7 +63,7 @@ class OutBoxBuilderImpl(_txB: UnsignedTransactionBuilderImpl) extends OutBoxBuil


override def registers(registers: ErgoValue[_]*): OutBoxBuilderImpl = {
Preconditions.checkArgument(registers.nonEmpty,
InternalUtil.checkArgument(registers.nonEmpty,
"At least one register should be specified": Any)
_registers.clear()
_registers ++= registers
Expand All @@ -78,7 +76,7 @@ class OutBoxBuilderImpl(_txB: UnsignedTransactionBuilderImpl) extends OutBoxBuil
}

override def build: OutBox = {
checkState(_contract != null, "Contract is not defined": Any)
InternalUtil.checkState(_contract != null, "Contract is not defined")
val tree = _contract.getErgoTree
val ergoBoxCandidate = AppkitHelpers.createBoxCandidate(
_value, tree, _tokens.toSeq, _registers.toSeq,
Expand Down
Loading