Sca features vulfixes (#64)

* To close the issue #AB1976 * For the fix of defect #AB 1832 : SCA job configuration not indicating on UI on test connection without providing credentials and account * Changes for exploitable path and private registry and Environment variables Changes for exploitable path and private registry and Environment variables * Changes for Exploitable path added projectFullPath and Project ID field Changes for Exploitable path added projectFullPath and Project ID field * Various changes to get UI and backend logic working * SCA feature changes related to help, ui and exploitable parameters This commit has been tested for all SCA features with and without SAST but limited to checking values (not via SCA Agent). * Increment version - sca features release * Updated help files for allow global SAST comment to be part of build comment. Added help file for SAST global comment * Changes for null check scaSastcredential Id fixed AB#2065 * package upgrades to fix vulnerabilities * Fixed AB#2071 Typo in the variable name between config.jelly and validation code. Missed during conflict resolution. * Updated the help file Updated the help file to remove the space in the example and corrected typo Co-authored-by: sangam chitmugre <[email protected]> Co-authored-by: umeshwaghode <[email protected]>
jenkinsci · May 17, 2021 · 68ea4cf · 68ea4cf
1 parent 0951ec0
commit 68ea4cf
Show file tree

Hide file tree

Showing 17 changed files with 414 additions and 35 deletions.
diff --git a/build.gradle b/build.gradle
@@ -44,10 +44,27 @@ dependencies {
     compileOnly 'com.intellij:annotations:12.0',
             'org.slf4j:slf4j-api:1.6.1'
 
-    compile 'com.checkmarx:cx-client-common:2021.1.145',
+    compile 'com.checkmarx:cx-client-common:2021.2.159',
             'com.checkmarx:cx-config-provider:1.0.14',
             'com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.10.5',
             'com.fasterxml.jackson.datatype:jackson-datatype-jdk8:2.10.5'
+            constraints {
+		        implementation('io.vertx:vertx-web:3.9.7') {
+		            because 'previous versions have a bug impacting this application'
+		        }
+		        implementation('commons-beanutils:commons-beanutils:1.9.4') {
+		            because 'previous versions have a bug impacting this application'
+		        }
+		        implementation('io.netty:netty-codec-http:4.1.60.Final') {
+		            because 'previous versions have a bug impacting this application'
+		        }
+		        implementation('org.apache.httpcomponents:httpclient:4.5.13') {
+		            because 'previous versions have a bug impacting this application'
+		        }
+		        implementation('commons-io:commons-io:2.7') {
+		            because 'previous versions have a bug impacting this application'
+		        }
+		    }
 
     optionalJenkinsPlugins 'org.jenkins-ci.main:maven-plugin:1.509.4@jar',
             'org.jenkins-ci.plugins:credentials:2.1.19@jar'

diff --git a/gradle.properties b/gradle.properties
@@ -1,6 +1,6 @@
 description = Provides automatic scan of code by Checkmarx server and shows results summary and trend in Jenkins interface.
 group = com.checkmarx.jenkins
-version = 2021.1.2
+version = 2021.2.94
 
 repositoryVersion=
 

diff --git a/src/main/java/com/checkmarx/jenkins/CxLoggerAdapter.java b/src/main/java/com/checkmarx/jenkins/CxLoggerAdapter.java
@@ -16,6 +16,8 @@ public class CxLoggerAdapter implements Logger {
     private static final String TRACE_PREFIX = "[Cx-Trace]: ";
 
     private final PrintStream log;
+    private boolean debugEnabled;
+    private boolean traceEnabled;
 
     public CxLoggerAdapter(PrintStream log) {
         this.log = log;
@@ -28,7 +30,7 @@ public String getName() {
 
 
     public boolean isDebugEnabled() {
-        return true;
+        return debugEnabled;
     }
 
     @Override
@@ -45,9 +47,18 @@ public boolean isWarnEnabled() {
     public boolean isErrorEnabled() {
         return true;
     }
+
+    public final void setDebugEnabled(boolean debugEnabled) {
+		this.debugEnabled = debugEnabled;
+	}
+
+	public final void setTraceEnabled(boolean traceEnabled) {
+		this.traceEnabled = traceEnabled;
+	}
 
-    public void debug(String s) {
-        log.println(DEBUG_PREFIX + s);
+	public void debug(String s) {
+		if(isDebugEnabled())
+			log.println(DEBUG_PREFIX + s);
     }
 
     public void debug(String s, Throwable throwable) {
@@ -218,11 +229,12 @@ public void error(Marker marker, String msg, Throwable t) {
     }
 
     public boolean isTraceEnabled() {
-        return false;
+        return traceEnabled;
     }
 
     public void trace(String s) {
-        log.println(TRACE_PREFIX + s);
+    	if (this.isTraceEnabled())
+    		log.println(TRACE_PREFIX + s);
     }
 
     public void trace(String s, Object o) {