From d50dd71573d52d79e7d556a20c3aabb200e74ed8 Mon Sep 17 00:00:00 2001
From: colin-lamed <9568290+colin-lamed@users.noreply.github.com>
Date: Fri, 29 Nov 2024 15:55:14 +0000
Subject: [PATCH] Fix vulnerabilities sorting
---
.../CatalogueController.scala | 2 +-
.../service/CatalogueErrorHandler.scala | 6 ++--
.../service/SearchByUrlService.scala | 13 ++++-----
.../vulnerabilities/model.scala | 29 +++++++------------
.../view/VulnerabilitiesListPage.scala.html | 2 +-
.../view/VulnerabilityDetails.scala.html | 4 +--
build.sbt | 14 ++++-----
project/plugins.sbt | 4 +--
.../VulnerabilitiesConnectorSpec.scala | 7 ++---
9 files changed, 35 insertions(+), 46 deletions(-)
diff --git a/app/uk/gov/hmrc/cataloguefrontend/CatalogueController.scala b/app/uk/gov/hmrc/cataloguefrontend/CatalogueController.scala
index aca51ae64..23bd7b752 100644
--- a/app/uk/gov/hmrc/cataloguefrontend/CatalogueController.scala
+++ b/app/uk/gov/hmrc/cataloguefrontend/CatalogueController.scala
@@ -219,7 +219,7 @@ class CatalogueController @Inject() (
)
canMarkForDecommissioning <- hasMarkForDecommissioningAuthorisation(repositoryName)
lifecycle <- serviceCommissioningStatusConnector.getLifecycle(serviceName)
- isGuest = request.session.get(AuthController.SESSION_USERNAME).exists(_.startsWith("guest-"))
+ isGuest = request.session.get(AuthController.SESSION_USERNAME).exists(_.startsWith("guest-"))
yield
Ok(serviceInfoPage(
serviceName = serviceName,
diff --git a/app/uk/gov/hmrc/cataloguefrontend/service/CatalogueErrorHandler.scala b/app/uk/gov/hmrc/cataloguefrontend/service/CatalogueErrorHandler.scala
index a1cf04a39..1534d300e 100644
--- a/app/uk/gov/hmrc/cataloguefrontend/service/CatalogueErrorHandler.scala
+++ b/app/uk/gov/hmrc/cataloguefrontend/service/CatalogueErrorHandler.scala
@@ -32,11 +32,11 @@ class CatalogueErrorHandler @Inject()(
override val ec: ExecutionContext
) extends FrontendErrorHandler:
- override def standardErrorTemplate(pageTitle: String, heading: String, message: String)(using request: RequestHeader): Future[Html] =
+ override def standardErrorTemplate(pageTitle: String, heading: String, message: String)(using RequestHeader): Future[Html] =
Future.successful(error_template(pageTitle, heading, message))
- override def notFoundTemplate(using request: RequestHeader): Future[Html] =
+ override def notFoundTemplate(using RequestHeader): Future[Html] =
Future.successful(error_404_template())
- def forbiddenTemplate(using request: RequestHeader): Html =
+ def forbiddenTemplate(using RequestHeader): Html =
error_403_template()
diff --git a/app/uk/gov/hmrc/cataloguefrontend/service/SearchByUrlService.scala b/app/uk/gov/hmrc/cataloguefrontend/service/SearchByUrlService.scala
index 70b0e0e1c..4be58d42b 100644
--- a/app/uk/gov/hmrc/cataloguefrontend/service/SearchByUrlService.scala
+++ b/app/uk/gov/hmrc/cataloguefrontend/service/SearchByUrlService.scala
@@ -24,17 +24,17 @@ import uk.gov.hmrc.cataloguefrontend.connector.RouteConfigurationConnector
import uk.gov.hmrc.cataloguefrontend.model.Environment
import uk.gov.hmrc.http.HeaderCarrier
-import scala.concurrent.{ExecutionContext, Future}
+import scala.concurrent.Future
@Singleton
class SearchByUrlService @Inject() (
routeConfigurationConnector: RouteConfigurationConnector
-)(using ec: ExecutionContext):
+):
def searchFrontendPath(
term : Option[String]
, environment: Option[Environment] = Some(Environment.Production)
- )(using
+ )(using
HeaderCarrier
): Future[Seq[Route]] =
if isValidSearchTerm(term)
@@ -48,7 +48,7 @@ class SearchByUrlService @Inject() (
then
false
else
- try {
+ try
val url = URI(term.get)
Option(url.getPath).getOrElse("").nonEmpty
@@ -57,9 +57,8 @@ class SearchByUrlService @Inject() (
&& Option(url.getPath).getOrElse("").contains("tax.service.gov.uk")
&& url.getPath.substring(url.getPath.indexOf(".gov.uk") + 7).trim.nonEmpty
)
- } catch {
+ catch
case e: URISyntaxException => false
- }
private def takeUrlPath(term: String): String =
val url = URI(term)
@@ -70,7 +69,7 @@ class SearchByUrlService @Inject() (
else if Option(url.getHost).getOrElse("").trim.isEmpty
&& Option(url.getPath).getOrElse("").contains("tax.service.gov.uk")
then
- url.getPath.substring(url.getPath.indexOf(".gov.uk") + 7).trim
+ url.getPath.substring(url.getPath.indexOf(".gov.uk") + 7).trim
else
url.getPath.trim
diff --git a/app/uk/gov/hmrc/cataloguefrontend/vulnerabilities/model.scala b/app/uk/gov/hmrc/cataloguefrontend/vulnerabilities/model.scala
index 8364fcbb7..869ca2519 100644
--- a/app/uk/gov/hmrc/cataloguefrontend/vulnerabilities/model.scala
+++ b/app/uk/gov/hmrc/cataloguefrontend/vulnerabilities/model.scala
@@ -17,7 +17,7 @@
package uk.gov.hmrc.cataloguefrontend.vulnerabilities
import play.api.libs.functional.syntax._
-import play.api.libs.json.{Format, Reads, __}
+import play.api.libs.json.{Reads, __}
import uk.gov.hmrc.cataloguefrontend.model.{ServiceName, Version, VersionRange}
import java.time.Instant
@@ -25,14 +25,8 @@ import scala.collection.Seq
case class VulnerableComponent(
component: String,
- version: String
+ version : Version
):
-// Note two edge cases which would otherwise break the dependency explorer links are handled below:
-// 1. A vulnerable version may have another `.` after the patch version.
-// 2. An artefact may have a trailing `_someVersionNumber`.
- def cleansedVersion: String =
- version.split("\\.").take(3).mkString(".")
-
def group: String =
component.stripPrefix("gav://").split(":")(0)
@@ -40,20 +34,19 @@ case class VulnerableComponent(
component.stripPrefix("gav://").split(":")(1).split("_")(0)
def versionRange: VersionRange =
- val v = Version(cleansedVersion)
- VersionRange(s"[${v.major}.${v.minor}.${v.patch}]")
+ VersionRange(s"[${version.major}.${version.minor}.${version.patch}]")
def componentWithoutPrefix: Option[String] =
component.split("://").lift(1)
end VulnerableComponent
-object VulnerableComponent {
- val format: Format[VulnerableComponent] =
- ( (__ \ "component").format[String]
- ~ (__ \ "version" ).format[String]
- )(apply, vc => Tuple.fromProductTyped(vc))
-}
+object VulnerableComponent:
+ val reads: Reads[VulnerableComponent] =
+ given Reads[Version] = Version.format
+ ( (__ \ "component").read[String]
+ ~ (__ \ "version" ).read[Version]
+ )(apply)
case class DistinctVulnerability(
vulnerableComponentName : String,
@@ -74,7 +67,7 @@ case class DistinctVulnerability(
object DistinctVulnerability {
val reads: Reads[DistinctVulnerability] =
- given Format[VulnerableComponent] = VulnerableComponent.format
+ given Reads[VulnerableComponent] = VulnerableComponent.reads
( (__ \ "vulnerableComponentName" ).read[String]
~ (__ \ "vulnerableComponentVersion").read[String]
~ (__ \ "vulnerableComponents" ).read[Seq[VulnerableComponent]]
@@ -94,7 +87,7 @@ object DistinctVulnerability {
case class VulnerabilityOccurrence(
service : ServiceName,
serviceVersion : String,
- componentPathInSlug: String,
+ componentPathInSlug: String
)
object VulnerabilityOccurrence {
diff --git a/app/uk/gov/hmrc/cataloguefrontend/vulnerabilities/view/VulnerabilitiesListPage.scala.html b/app/uk/gov/hmrc/cataloguefrontend/vulnerabilities/view/VulnerabilitiesListPage.scala.html
index 66aebf5b5..c939fb3b7 100644
--- a/app/uk/gov/hmrc/cataloguefrontend/vulnerabilities/view/VulnerabilitiesListPage.scala.html
+++ b/app/uk/gov/hmrc/cataloguefrontend/vulnerabilities/view/VulnerabilitiesListPage.scala.html
@@ -128,7 +128,7 @@ Vulnerabilities
}
- @maybeSummaries.map{ summaries =>
+ @maybeSummaries.map { summaries =>
@if(summaries.nonEmpty) {