From 70224ad674038f4eb0c08cc71f9eb9f6199e2921 Mon Sep 17 00:00:00 2001 From: Michael Sverdlov Date: Mon, 4 Sep 2023 12:48:55 +0300 Subject: [PATCH 1/6] Update core dependency (#2181) --- go.mod | 4 ++-- go.sum | 8 ++++---- pip_test.go | 2 +- scan/cli.go | 8 ++++---- xray_test.go | 4 ++-- 5 files changed, 13 insertions(+), 13 deletions(-) diff --git a/go.mod b/go.mod index ec2780edd..6e56d863c 100644 --- a/go.mod +++ b/go.mod @@ -125,10 +125,10 @@ require ( // replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20230828134416-f0db33dd9344 -replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230831153853-3ddf531482e7 +replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230904093105-ce71e69b2f07 // replace github.com/jfrog/gofrog => github.com/jfrog/gofrog v1.2.6-0.20230418122323-2bf299dd6d27 -replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go v1.28.1-0.20230831152946-6ed2ae1aa57f +replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go v1.28.1-0.20230904070427-f3f2a103d9e2 replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20230831151231-e5e7bd035ddc diff --git a/go.sum b/go.sum index 4f38367f0..e24e596de 100644 --- a/go.sum +++ b/go.sum @@ -239,10 +239,10 @@ github.com/jfrog/build-info-go v1.8.9-0.20230831151231-e5e7bd035ddc h1:pqu82clhP github.com/jfrog/build-info-go v1.8.9-0.20230831151231-e5e7bd035ddc/go.mod h1:QEskae5fQpjeY2PBzsjWtUQVskYSNDF2sSmw/Gx44dQ= github.com/jfrog/gofrog v1.3.0 h1:o4zgsBZE4QyDbz2M7D4K6fXPTBJht+8lE87mS9bw7Gk= github.com/jfrog/gofrog v1.3.0/go.mod h1:IFMc+V/yf7rA5WZ74CSbXe+Lgf0iApEQLxRZVzKRUR0= -github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230831153853-3ddf531482e7 h1:G60mVnOYqtVJ0UQpkYS2kmbqYZ59q1g8XivZt9W0tUg= -github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230831153853-3ddf531482e7/go.mod h1:eQJU+jDTcPVqOeHNheURqkMEMXDVNQFKKjcyVEa0058= -github.com/jfrog/jfrog-client-go v1.28.1-0.20230831152946-6ed2ae1aa57f h1:S6l0o2sKFLRJ+QYVB5U/PJhrnwFSmKFFY7eHpRPRH8A= -github.com/jfrog/jfrog-client-go v1.28.1-0.20230831152946-6ed2ae1aa57f/go.mod h1:uUnMrqHX7Xi+OCaZEE4b3BtsmGeOSCB7XqaEWVXEH/E= +github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230904093105-ce71e69b2f07 h1:8bqiTnKxyZkqZNXYf+9cFxL7P15qZ5VtP50McAMBKEw= +github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230904093105-ce71e69b2f07/go.mod h1:eQJU+jDTcPVqOeHNheURqkMEMXDVNQFKKjcyVEa0058= +github.com/jfrog/jfrog-client-go v1.28.1-0.20230904070427-f3f2a103d9e2 h1:uPDFvUv+3kAUyTR6gAhROAgsjnPe2jsxzqJSkjbIHmE= +github.com/jfrog/jfrog-client-go v1.28.1-0.20230904070427-f3f2a103d9e2/go.mod h1:uUnMrqHX7Xi+OCaZEE4b3BtsmGeOSCB7XqaEWVXEH/E= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/jszwec/csvutil v1.8.0 h1:G7vS2LGdpZZDH1HmHeNbxOaJ/ZnJlpwGFvOkTkJzzNk= diff --git a/pip_test.go b/pip_test.go index f7bcc9a96..baba851d5 100644 --- a/pip_test.go +++ b/pip_test.go @@ -4,7 +4,7 @@ import ( biutils "github.com/jfrog/build-info-go/utils" "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" coretests "github.com/jfrog/jfrog-cli-core/v2/utils/tests" - "github.com/jfrog/jfrog-cli-core/v2/xray/audit/python" + "github.com/jfrog/jfrog-cli-core/v2/xray/commands/audit/sca/python" clientTestUtils "github.com/jfrog/jfrog-client-go/utils/tests" "os" "path/filepath" diff --git a/scan/cli.go b/scan/cli.go index a99b94e1d..5093214ab 100644 --- a/scan/cli.go +++ b/scan/cli.go @@ -16,7 +16,7 @@ import ( corecommondocs "github.com/jfrog/jfrog-cli-core/v2/docs/common" coreconfig "github.com/jfrog/jfrog-cli-core/v2/utils/config" "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" - audit "github.com/jfrog/jfrog-cli-core/v2/xray/commands/audit/generic" + "github.com/jfrog/jfrog-cli-core/v2/xray/commands/audit" "github.com/jfrog/jfrog-cli-core/v2/xray/commands/scan" "github.com/jfrog/jfrog-cli/docs/common" auditdocs "github.com/jfrog/jfrog-cli/docs/scan/audit" @@ -172,7 +172,7 @@ func GetCommands() []cli.Command { } func AuditCmd(c *cli.Context) error { - auditCmd, err := createGenericAuditCmd(c) + auditCmd, err := createAuditCmd(c) if err != nil { return err } @@ -198,7 +198,7 @@ func AuditCmd(c *cli.Context) error { func AuditSpecificCmd(c *cli.Context, technology coreutils.Technology) error { cliutils.LogNonGenericAuditCommandDeprecation(c.Command.Name) - auditCmd, err := createGenericAuditCmd(c) + auditCmd, err := createAuditCmd(c) if err != nil { return err } @@ -234,7 +234,7 @@ func CurationCmd(c *cli.Context) error { return progressbar.ExecWithProgress(curationAuditCommand) } -func createGenericAuditCmd(c *cli.Context) (*audit.GenericAuditCommand, error) { +func createAuditCmd(c *cli.Context) (*audit.AuditCommand, error) { auditCmd := audit.NewGenericAuditCommand() err := validateXrayContext(c) if err != nil { diff --git a/xray_test.go b/xray_test.go index fd3ff3150..3698bb151 100644 --- a/xray_test.go +++ b/xray_test.go @@ -703,9 +703,9 @@ func verifySimpleJsonJasResults(t *testing.T, content string, minIacViolations, assert.GreaterOrEqual(t, len(results.Iacs), minIacViolations, "Found less IaC then expected") var applicableResults, notApplicableResults int for _, vuln := range results.Vulnerabilities { - if vuln.Applicable == utils.NotApplicableStringValue { + if vuln.Applicable == string(utils.NotApplicable) { notApplicableResults++ - } else if vuln.Applicable == utils.ApplicableStringValue { + } else if vuln.Applicable == string(utils.Applicable) { applicableResults++ } } From f2ef83f64cf4a7030381059b52c670a7689e3268 Mon Sep 17 00:00:00 2001 From: Michael Sverdlov Date: Mon, 4 Sep 2023 20:38:58 +0300 Subject: [PATCH 2/6] Update Cli-Core (#2182) --- .github/workflows/frogbot-scan-repository.yml | 1 + go.mod | 2 +- go.sum | 4 +-- scan/cli.go | 3 +- xray_test.go | 36 +++++++++---------- 5 files changed, 23 insertions(+), 23 deletions(-) diff --git a/.github/workflows/frogbot-scan-repository.yml b/.github/workflows/frogbot-scan-repository.yml index 01b568f67..23f4e003f 100644 --- a/.github/workflows/frogbot-scan-repository.yml +++ b/.github/workflows/frogbot-scan-repository.yml @@ -10,6 +10,7 @@ permissions: security-events: write jobs: scan-repository: + name: Scan Repository (${{ matrix.branch }}) runs-on: ubuntu-latest strategy: matrix: diff --git a/go.mod b/go.mod index 6e56d863c..370930136 100644 --- a/go.mod +++ b/go.mod @@ -125,7 +125,7 @@ require ( // replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20230828134416-f0db33dd9344 -replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230904093105-ce71e69b2f07 +replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230904170814-03a7938bae94 // replace github.com/jfrog/gofrog => github.com/jfrog/gofrog v1.2.6-0.20230418122323-2bf299dd6d27 diff --git a/go.sum b/go.sum index e24e596de..c7b107794 100644 --- a/go.sum +++ b/go.sum @@ -239,8 +239,8 @@ github.com/jfrog/build-info-go v1.8.9-0.20230831151231-e5e7bd035ddc h1:pqu82clhP github.com/jfrog/build-info-go v1.8.9-0.20230831151231-e5e7bd035ddc/go.mod h1:QEskae5fQpjeY2PBzsjWtUQVskYSNDF2sSmw/Gx44dQ= github.com/jfrog/gofrog v1.3.0 h1:o4zgsBZE4QyDbz2M7D4K6fXPTBJht+8lE87mS9bw7Gk= github.com/jfrog/gofrog v1.3.0/go.mod h1:IFMc+V/yf7rA5WZ74CSbXe+Lgf0iApEQLxRZVzKRUR0= -github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230904093105-ce71e69b2f07 h1:8bqiTnKxyZkqZNXYf+9cFxL7P15qZ5VtP50McAMBKEw= -github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230904093105-ce71e69b2f07/go.mod h1:eQJU+jDTcPVqOeHNheURqkMEMXDVNQFKKjcyVEa0058= +github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230904170814-03a7938bae94 h1:rAV/hUZNruzYOfGUqE5ubPY55NMtS59llfTcWGwofSg= +github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230904170814-03a7938bae94/go.mod h1:eQJU+jDTcPVqOeHNheURqkMEMXDVNQFKKjcyVEa0058= github.com/jfrog/jfrog-client-go v1.28.1-0.20230904070427-f3f2a103d9e2 h1:uPDFvUv+3kAUyTR6gAhROAgsjnPe2jsxzqJSkjbIHmE= github.com/jfrog/jfrog-client-go v1.28.1-0.20230904070427-f3f2a103d9e2/go.mod h1:uUnMrqHX7Xi+OCaZEE4b3BtsmGeOSCB7XqaEWVXEH/E= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= diff --git a/scan/cli.go b/scan/cli.go index 5093214ab..0cb030a7c 100644 --- a/scan/cli.go +++ b/scan/cli.go @@ -2,7 +2,6 @@ package scan import ( "github.com/jfrog/jfrog-cli-core/v2/xray/commands/curation" - xrCmdUtils "github.com/jfrog/jfrog-cli-core/v2/xray/commands/utils" xrutils "github.com/jfrog/jfrog-cli-core/v2/xray/utils" curationdocs "github.com/jfrog/jfrog-cli/docs/scan/curation" "os" @@ -208,7 +207,7 @@ func AuditSpecificCmd(c *cli.Context, technology coreutils.Technology) error { } func CurationCmd(c *cli.Context) error { - threads, err := xrCmdUtils.DetectNumOfThreads(c.Int("threads")) + threads, err := curation.DetectNumOfThreads(c.Int("threads")) if err != nil { return err } diff --git a/xray_test.go b/xray_test.go index 3698bb151..6825ec193 100644 --- a/xray_test.go +++ b/xray_test.go @@ -6,6 +6,7 @@ import ( "flag" "fmt" biutils "github.com/jfrog/build-info-go/utils" + "github.com/jfrog/jfrog-cli-core/v2/xray/scangraph" "net/http" "net/http/httptest" "os" @@ -24,13 +25,12 @@ import ( artUtils "github.com/jfrog/jfrog-cli-core/v2/artifactory/utils" "github.com/jfrog/jfrog-cli-core/v2/artifactory/utils/container" coreCmd "github.com/jfrog/jfrog-cli-core/v2/common/commands" - tests2 "github.com/jfrog/jfrog-cli-core/v2/common/tests" + commontests "github.com/jfrog/jfrog-cli-core/v2/common/tests" "github.com/jfrog/jfrog-cli-core/v2/utils/config" "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" coretests "github.com/jfrog/jfrog-cli-core/v2/utils/tests" coreCuration "github.com/jfrog/jfrog-cli-core/v2/xray/commands/curation" "github.com/jfrog/jfrog-cli-core/v2/xray/commands/scan" - commands "github.com/jfrog/jfrog-cli-core/v2/xray/commands/utils" "github.com/jfrog/jfrog-cli-core/v2/xray/formats" "github.com/jfrog/jfrog-cli-core/v2/xray/utils" "github.com/jfrog/jfrog-cli/inttestutils" @@ -114,13 +114,13 @@ func TestXrayBinaryScanSimpleJsonWithProgress(t *testing.T) { } func testXrayBinaryScan(t *testing.T, format string) string { - initXrayTest(t, commands.GraphScanMinXrayVersion) + initXrayTest(t, scangraph.GraphScanMinXrayVersion) binariesPath := filepath.Join(filepath.FromSlash(tests.GetTestResourcesPath()), "xray", "binaries", "*") return xrayCli.RunCliCmdWithOutput(t, "scan", binariesPath, "--licenses", "--format="+format) } func TestXrayBinaryScanWithBypassArchiveLimits(t *testing.T) { - initXrayTest(t, commands.BypassArchiveLimitsMinXrayVersion) + initXrayTest(t, scan.BypassArchiveLimitsMinXrayVersion) unsetEnv := clientTestUtils.SetEnvWithCallbackAndAssert(t, "JF_INDEXER_COMPRESS_MAXENTITIES", "10") defer unsetEnv() binariesPath := filepath.Join(filepath.FromSlash(tests.GetTestResourcesPath()), "xray", "binaries", "*") @@ -148,7 +148,7 @@ func TestXrayAuditNpmSimpleJson(t *testing.T) { } func testXrayAuditNpm(t *testing.T, format string) string { - initXrayTest(t, commands.GraphScanMinXrayVersion) + initXrayTest(t, scangraph.GraphScanMinXrayVersion) tempDirPath, createTempDirCallback := coretests.CreateTempDirWithCallbackAndAssert(t) defer createTempDirCallback() npmProjectPath := filepath.Join(filepath.FromSlash(tests.GetTestResourcesPath()), "xray", "npm") @@ -191,7 +191,7 @@ func TestXrayAuditYarnV1SimpleJson(t *testing.T) { } func testXrayAuditYarn(t *testing.T, projectDirName string, yarnCmd func()) { - initXrayTest(t, commands.GraphScanMinXrayVersion) + initXrayTest(t, scangraph.GraphScanMinXrayVersion) tempDirPath, createTempDirCallback := coretests.CreateTempDirWithCallbackAndAssert(t) defer createTempDirCallback() yarnProjectPath := filepath.Join(filepath.FromSlash(tests.GetTestResourcesPath()), "xray", projectDirName) @@ -228,7 +228,7 @@ func TestXrayAuditNugetMultiProject(t *testing.T) { } func testXrayAuditNuget(t *testing.T, projectName, format string) string { - initXrayTest(t, commands.GraphScanMinXrayVersion) + initXrayTest(t, scangraph.GraphScanMinXrayVersion) tempDirPath, createTempDirCallback := coretests.CreateTempDirWithCallbackAndAssert(t) defer createTempDirCallback() projectPath := filepath.Join(filepath.FromSlash(tests.GetTestResourcesPath()), "xray", "nuget", projectName) @@ -254,7 +254,7 @@ func TestXrayAuditGradleSimpleJson(t *testing.T) { } func testXrayAuditGradle(t *testing.T, format string) string { - initXrayTest(t, commands.GraphScanMinXrayVersion) + initXrayTest(t, scangraph.GraphScanMinXrayVersion) tempDirPath, createTempDirCallback := coretests.CreateTempDirWithCallbackAndAssert(t) defer createTempDirCallback() gradleProjectPath := filepath.Join(filepath.FromSlash(tests.GetTestResourcesPath()), "xray", "gradle") @@ -278,7 +278,7 @@ func TestXrayAuditMavenSimpleJson(t *testing.T) { } func testXrayAuditMaven(t *testing.T, format string) string { - initXrayTest(t, commands.GraphScanMinXrayVersion) + initXrayTest(t, scangraph.GraphScanMinXrayVersion) tempDirPath, createTempDirCallback := coretests.CreateTempDirWithCallbackAndAssert(t) defer createTempDirCallback() mvnProjectPath := filepath.Join(filepath.FromSlash(tests.GetTestResourcesPath()), "xray", "maven") @@ -292,7 +292,7 @@ func testXrayAuditMaven(t *testing.T, format string) string { } func TestXrayAuditNoTech(t *testing.T) { - initXrayTest(t, commands.GraphScanMinXrayVersion) + initXrayTest(t, scangraph.GraphScanMinXrayVersion) tempDirPath, createTempDirCallback := coretests.CreateTempDirWithCallbackAndAssert(t) defer createTempDirCallback() prevWd := changeWD(t, tempDirPath) @@ -303,7 +303,7 @@ func TestXrayAuditNoTech(t *testing.T) { } func TestXrayAuditDetectTech(t *testing.T) { - initXrayTest(t, commands.GraphScanMinXrayVersion) + initXrayTest(t, scangraph.GraphScanMinXrayVersion) tempDirPath, createTempDirCallback := coretests.CreateTempDirWithCallbackAndAssert(t) defer createTempDirCallback() mvnProjectPath := filepath.Join(filepath.FromSlash(tests.GetTestResourcesPath()), "xray", "maven") @@ -321,7 +321,7 @@ func TestXrayAuditDetectTech(t *testing.T) { } func TestXrayAuditMultiProjects(t *testing.T) { - initXrayTest(t, commands.GraphScanMinXrayVersion) + initXrayTest(t, scangraph.GraphScanMinXrayVersion) tempDirPath, createTempDirCallback := coretests.CreateTempDirWithCallbackAndAssert(t) defer createTempDirCallback() multiProject := filepath.Join(filepath.FromSlash(tests.GetTestResourcesPath()), "xray") @@ -359,7 +359,7 @@ func TestXrayAuditPipSimpleJsonWithRequirementsFile(t *testing.T) { } func testXrayAuditPip(t *testing.T, format, requirementsFile string) string { - initXrayTest(t, commands.GraphScanMinXrayVersion) + initXrayTest(t, scangraph.GraphScanMinXrayVersion) tempDirPath, createTempDirCallback := coretests.CreateTempDirWithCallbackAndAssert(t) defer createTempDirCallback() pipProjectPath := filepath.Join(filepath.FromSlash(tests.GetTestResourcesPath()), "xray", "python", "pip") @@ -388,7 +388,7 @@ func TestXrayAuditPipenvSimpleJson(t *testing.T) { } func testXrayAuditPipenv(t *testing.T, format string) string { - initXrayTest(t, commands.GraphScanMinXrayVersion) + initXrayTest(t, scangraph.GraphScanMinXrayVersion) tempDirPath, createTempDirCallback := coretests.CreateTempDirWithCallbackAndAssert(t) defer createTempDirCallback() pipenvProjectPath := filepath.Join(filepath.FromSlash(tests.GetTestResourcesPath()), "xray", "python", "pipenv") @@ -450,7 +450,7 @@ func TestXrayAuditPoetrySimpleJson(t *testing.T) { } func testXrayAuditPoetry(t *testing.T, format string) string { - initXrayTest(t, commands.GraphScanMinXrayVersion) + initXrayTest(t, scangraph.GraphScanMinXrayVersion) tempDirPath, createTempDirCallback := coretests.CreateTempDirWithCallbackAndAssert(t) defer createTempDirCallback() poetryProjectPath := filepath.Join(filepath.FromSlash(tests.GetTestResourcesPath()), "xray", "python", "poetry") @@ -615,7 +615,7 @@ func runDockerScan(t *testing.T, imageName, watchName string, minViolations, min func createTestWatch(t *testing.T) (string, func()) { trueValue := true - xrayManager, err := commands.CreateXrayServiceManager(xrayDetails) + xrayManager, err := utils.CreateXrayServiceManager(xrayDetails) assert.NoError(t, err) // Create new default policy. policyParams := xrayUtils.PolicyParams{ @@ -679,7 +679,7 @@ func TestXrayAuditJasNoViolationsSimpleJson(t *testing.T) { } func testXrayAuditJas(t *testing.T, format string, project string) string { - initXrayTest(t, commands.GraphScanMinXrayVersion) + initXrayTest(t, scangraph.GraphScanMinXrayVersion) tempDirPath, createTempDirCallback := coretests.CreateTempDirWithCallbackAndAssert(t) defer createTempDirCallback() projectDir := filepath.Join(filepath.FromSlash(tests.GetTestResourcesPath()), filepath.Join("xray", project)) @@ -803,7 +803,7 @@ func getCurationExpectedResponse(config *config.ServerDetails) []coreCuration.Pa func curationServer(t *testing.T, expectedRequest map[string]bool, requestToFail map[string]bool) (*httptest.Server, *config.ServerDetails) { mapLockReadWrite := sync.Mutex{} - serverMock, config, _ := tests2.CreateRtRestsMockServer(t, func(w http.ResponseWriter, r *http.Request) { + serverMock, config, _ := commontests.CreateRtRestsMockServer(t, func(w http.ResponseWriter, r *http.Request) { if r.Method == http.MethodHead { mapLockReadWrite.Lock() if _, exist := expectedRequest[r.RequestURI]; exist { From 6beb362969d0812a5dc443c9cdc28a49de746773 Mon Sep 17 00:00:00 2001 From: Michael Sverdlov Date: Mon, 4 Sep 2023 21:25:54 +0300 Subject: [PATCH 3/6] Improve actions cache (#2183) --- .github/workflows/analysis.yml | 2 +- .github/workflows/frogbot-scan-repository.yml | 2 +- .github/workflows/mavenTests.yml | 2 +- .github/workflows/nugetTests.yml | 2 +- .github/workflows/xrayTests.yml | 6 ++++-- 5 files changed, 8 insertions(+), 6 deletions(-) diff --git a/.github/workflows/analysis.yml b/.github/workflows/analysis.yml index e78785890..1d9be52f3 100644 --- a/.github/workflows/analysis.yml +++ b/.github/workflows/analysis.yml @@ -31,7 +31,7 @@ jobs: with: path: ~/go/pkg/mod key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} - restore-keys: ${{ runner.os }}-go + restore-keys: ${{ runner.os }}-go- - name: Run Go vet run: go vet -v ./... diff --git a/.github/workflows/frogbot-scan-repository.yml b/.github/workflows/frogbot-scan-repository.yml index 23f4e003f..b80238da9 100644 --- a/.github/workflows/frogbot-scan-repository.yml +++ b/.github/workflows/frogbot-scan-repository.yml @@ -10,7 +10,7 @@ permissions: security-events: write jobs: scan-repository: - name: Scan Repository (${{ matrix.branch }}) + name: Scan Repository (${{ matrix.branch }} branch) runs-on: ubuntu-latest strategy: matrix: diff --git a/.github/workflows/mavenTests.yml b/.github/workflows/mavenTests.yml index 25d0f1f10..a7f55587c 100644 --- a/.github/workflows/mavenTests.yml +++ b/.github/workflows/mavenTests.yml @@ -35,7 +35,7 @@ jobs: with: path: ~/go/pkg/mod key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} - restore-keys: ${{ runner.os }}-go + restore-keys: ${{ runner.os }}-go- - name: Setup Maven v3.8.8 for macOS uses: stCarolas/setup-maven@v4.5 with: diff --git a/.github/workflows/nugetTests.yml b/.github/workflows/nugetTests.yml index c17fadd48..262dabb50 100644 --- a/.github/workflows/nugetTests.yml +++ b/.github/workflows/nugetTests.yml @@ -43,7 +43,7 @@ jobs: with: path: ~/go/pkg/mod key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} - restore-keys: ${{ runner.os }}-go + restore-keys: ${{ runner.os }}-go- - name: Setup Artifactory run: | go install github.com/jfrog/jfrog-testing-infra/local-rt-setup@latest diff --git a/.github/workflows/xrayTests.yml b/.github/workflows/xrayTests.yml index 83d8a6f64..afb659a97 100644 --- a/.github/workflows/xrayTests.yml +++ b/.github/workflows/xrayTests.yml @@ -61,9 +61,11 @@ jobs: uses: actions/checkout@v3 with: ref: ${{ github.event.pull_request.head.sha }} - - name: Run Xray tests + + - name: Run Xray tests (without Docker Scan) run: go test -v github.com/jfrog/jfrog-cli --timeout 0 --test.xray --jfrog.url=${{ secrets.PLATFORM_URL }} --jfrog.adminToken=${{ secrets.PLATFORM_ADMIN_TOKEN }} --jfrog.user=${{ secrets.PLATFORM_USER }} --test.containerRegistry=${{ secrets.CONTAINER_REGISTRY }} if: ${{ matrix.os != 'ubuntu' }} - - name: Run Docker scan and Xray tests + + - name: Run Xray tests (with Docker Scan, only on Ubuntu) run: go test -v github.com/jfrog/jfrog-cli --timeout 0 --test.xray --test.dockerScan --jfrog.url=${{ secrets.PLATFORM_URL }} --jfrog.adminToken=${{ secrets.PLATFORM_ADMIN_TOKEN }} --test.containerRegistry=${{ secrets.CONTAINER_REGISTRY }} if: ${{ matrix.os == 'ubuntu' }} From 30b7b6a51e2bb29a0c111936f51ad7451e2c1d9b Mon Sep 17 00:00:00 2001 From: Michael Sverdlov Date: Thu, 7 Sep 2023 13:12:09 +0300 Subject: [PATCH 4/6] Run Xray tests with latest analyzer manager version (#2186) * copy dir Signed-off-by: Michael Sverdlov * copy dir Signed-off-by: Michael Sverdlov --------- Signed-off-by: Michael Sverdlov --- .github/workflows/xrayTests.yml | 2 ++ go.mod | 6 +++--- go.sum | 12 ++++++------ 3 files changed, 11 insertions(+), 9 deletions(-) diff --git a/.github/workflows/xrayTests.yml b/.github/workflows/xrayTests.yml index afb659a97..a8f2df07d 100644 --- a/.github/workflows/xrayTests.yml +++ b/.github/workflows/xrayTests.yml @@ -23,6 +23,8 @@ jobs: runs-on: ${{ matrix.os }}-latest env: GRADLE_OPTS: -Dorg.gradle.daemon=false + # Run Xray tests with latest Analyzer + JFROG_CLI_ANALYZER_MANAGER_VERSION: "[RELEASE]" steps: - name: Install Go uses: actions/setup-go@v3 diff --git a/go.mod b/go.mod index 370930136..7f67c2b4b 100644 --- a/go.mod +++ b/go.mod @@ -125,10 +125,10 @@ require ( // replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20230828134416-f0db33dd9344 -replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230904170814-03a7938bae94 +replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230907095444-fd00f19be95d // replace github.com/jfrog/gofrog => github.com/jfrog/gofrog v1.2.6-0.20230418122323-2bf299dd6d27 -replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go v1.28.1-0.20230904070427-f3f2a103d9e2 +replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go v1.28.1-0.20230906115540-2c3c91d271d6 -replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20230831151231-e5e7bd035ddc +replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20230905120411-62d1bdd4eb38 diff --git a/go.sum b/go.sum index c7b107794..f5dd5a740 100644 --- a/go.sum +++ b/go.sum @@ -235,14 +235,14 @@ github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOl github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= github.com/jedib0t/go-pretty/v6 v6.4.7 h1:lwiTJr1DEkAgzljsUsORmWsVn5MQjt1BPJdPCtJ6KXE= github.com/jedib0t/go-pretty/v6 v6.4.7/go.mod h1:Ndk3ase2CkQbXLLNf5QDHoYb6J9WtVfmHZu9n8rk2xs= -github.com/jfrog/build-info-go v1.8.9-0.20230831151231-e5e7bd035ddc h1:pqu82clhPKyUKJcljMuxYa+kviaWnHycLNCLqZZNl30= -github.com/jfrog/build-info-go v1.8.9-0.20230831151231-e5e7bd035ddc/go.mod h1:QEskae5fQpjeY2PBzsjWtUQVskYSNDF2sSmw/Gx44dQ= +github.com/jfrog/build-info-go v1.8.9-0.20230905120411-62d1bdd4eb38 h1:XyAcwWP2a6a5RL861gkfgQ7MUaQ7mmDkUVoD6kMtUtQ= +github.com/jfrog/build-info-go v1.8.9-0.20230905120411-62d1bdd4eb38/go.mod h1:QEskae5fQpjeY2PBzsjWtUQVskYSNDF2sSmw/Gx44dQ= github.com/jfrog/gofrog v1.3.0 h1:o4zgsBZE4QyDbz2M7D4K6fXPTBJht+8lE87mS9bw7Gk= github.com/jfrog/gofrog v1.3.0/go.mod h1:IFMc+V/yf7rA5WZ74CSbXe+Lgf0iApEQLxRZVzKRUR0= -github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230904170814-03a7938bae94 h1:rAV/hUZNruzYOfGUqE5ubPY55NMtS59llfTcWGwofSg= -github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230904170814-03a7938bae94/go.mod h1:eQJU+jDTcPVqOeHNheURqkMEMXDVNQFKKjcyVEa0058= -github.com/jfrog/jfrog-client-go v1.28.1-0.20230904070427-f3f2a103d9e2 h1:uPDFvUv+3kAUyTR6gAhROAgsjnPe2jsxzqJSkjbIHmE= -github.com/jfrog/jfrog-client-go v1.28.1-0.20230904070427-f3f2a103d9e2/go.mod h1:uUnMrqHX7Xi+OCaZEE4b3BtsmGeOSCB7XqaEWVXEH/E= +github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230907095444-fd00f19be95d h1:7Qlsj5PkqSfayuNaM07L8W+H0bBqEGd+iPusoJOU6w8= +github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230907095444-fd00f19be95d/go.mod h1:PCRqGSz6tKQNtiITSk9WZGflJjno/Vg4DvXPLkH6xO8= +github.com/jfrog/jfrog-client-go v1.28.1-0.20230906115540-2c3c91d271d6 h1:9mNCAUu/uHx80s4rMc9PeI1lllrZ1MOPUesIMglFoTY= +github.com/jfrog/jfrog-client-go v1.28.1-0.20230906115540-2c3c91d271d6/go.mod h1:soD5VL3X+G+0KKUNSlb0CSdF9nwHsQZCr0xqOGedAHM= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/jszwec/csvutil v1.8.0 h1:G7vS2LGdpZZDH1HmHeNbxOaJ/ZnJlpwGFvOkTkJzzNk= From f449065544f07109862005a68e82d769cf80e0b4 Mon Sep 17 00:00:00 2001 From: Eran Turgeman <81029514+eranturgeman@users.noreply.github.com> Date: Mon, 11 Sep 2023 09:36:34 +0300 Subject: [PATCH 5/6] Updating and Adding new tests for NuGet projects (#2187) --- .../{single => single4.0}/core/Multi1.cs | 0 .../core/Properties/AssemblyInfo.cs | 0 .../{single => single4.0}/core/core.csproj | 0 .../{single => single4.0}/core/core.nuspec | 0 .../core/packages.config | 0 .../nuget/{single => single4.0}/example.sln | 0 .../ClassLibrary1/ClassLibrary1.csproj | 22 ++++ .../xray/nuget/single5.0/TestSolution.sln | 29 +++++ xray_test.go | 113 +++++++++++++++--- 9 files changed, 148 insertions(+), 16 deletions(-) rename testdata/xray/nuget/{single => single4.0}/core/Multi1.cs (100%) rename testdata/xray/nuget/{single => single4.0}/core/Properties/AssemblyInfo.cs (100%) rename testdata/xray/nuget/{single => single4.0}/core/core.csproj (100%) rename testdata/xray/nuget/{single => single4.0}/core/core.nuspec (100%) rename testdata/xray/nuget/{single => single4.0}/core/packages.config (100%) rename testdata/xray/nuget/{single => single4.0}/example.sln (100%) create mode 100644 testdata/xray/nuget/single5.0/ClassLibrary1/ClassLibrary1.csproj create mode 100644 testdata/xray/nuget/single5.0/TestSolution.sln diff --git a/testdata/xray/nuget/single/core/Multi1.cs b/testdata/xray/nuget/single4.0/core/Multi1.cs similarity index 100% rename from testdata/xray/nuget/single/core/Multi1.cs rename to testdata/xray/nuget/single4.0/core/Multi1.cs diff --git a/testdata/xray/nuget/single/core/Properties/AssemblyInfo.cs b/testdata/xray/nuget/single4.0/core/Properties/AssemblyInfo.cs similarity index 100% rename from testdata/xray/nuget/single/core/Properties/AssemblyInfo.cs rename to testdata/xray/nuget/single4.0/core/Properties/AssemblyInfo.cs diff --git a/testdata/xray/nuget/single/core/core.csproj b/testdata/xray/nuget/single4.0/core/core.csproj similarity index 100% rename from testdata/xray/nuget/single/core/core.csproj rename to testdata/xray/nuget/single4.0/core/core.csproj diff --git a/testdata/xray/nuget/single/core/core.nuspec b/testdata/xray/nuget/single4.0/core/core.nuspec similarity index 100% rename from testdata/xray/nuget/single/core/core.nuspec rename to testdata/xray/nuget/single4.0/core/core.nuspec diff --git a/testdata/xray/nuget/single/core/packages.config b/testdata/xray/nuget/single4.0/core/packages.config similarity index 100% rename from testdata/xray/nuget/single/core/packages.config rename to testdata/xray/nuget/single4.0/core/packages.config diff --git a/testdata/xray/nuget/single/example.sln b/testdata/xray/nuget/single4.0/example.sln similarity index 100% rename from testdata/xray/nuget/single/example.sln rename to testdata/xray/nuget/single4.0/example.sln diff --git a/testdata/xray/nuget/single5.0/ClassLibrary1/ClassLibrary1.csproj b/testdata/xray/nuget/single5.0/ClassLibrary1/ClassLibrary1.csproj new file mode 100644 index 000000000..849a472aa --- /dev/null +++ b/testdata/xray/nuget/single5.0/ClassLibrary1/ClassLibrary1.csproj @@ -0,0 +1,22 @@ + + + + netstandard2.0 + AnyCPU;x64 + Some Compnay + Some product + Copyright © 2020 by Foobar. + 1.0.0 + + + + + + + + + + + + + diff --git a/testdata/xray/nuget/single5.0/TestSolution.sln b/testdata/xray/nuget/single5.0/TestSolution.sln new file mode 100644 index 000000000..28ab809cb --- /dev/null +++ b/testdata/xray/nuget/single5.0/TestSolution.sln @@ -0,0 +1,29 @@ + +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio Version 16 +VisualStudioVersion = 16.0.32106.194 +MinimumVisualStudioVersion = 10.0.40219.1 +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "ClassLibrary1", "ClassLibrary1\ClassLibrary1.csproj", "{D9C89660-69F8-46E2-B9C4-78E9B505E8B1}" +EndProject +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + Debug|Any CPU = Debug|Any CPU + Release|Any CPU = Release|Any CPU + EndGlobalSection + GlobalSection(ProjectConfigurationPlatforms) = postSolution + {757C1D5A-BAA9-453F-B612-A0571390976B}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {757C1D5A-BAA9-453F-B612-A0571390976B}.Debug|Any CPU.Build.0 = Debug|Any CPU + {757C1D5A-BAA9-453F-B612-A0571390976B}.Release|Any CPU.ActiveCfg = Release|Any CPU + {757C1D5A-BAA9-453F-B612-A0571390976B}.Release|Any CPU.Build.0 = Release|Any CPU + {D9C89660-69F8-46E2-B9C4-78E9B505E8B1}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {D9C89660-69F8-46E2-B9C4-78E9B505E8B1}.Debug|Any CPU.Build.0 = Debug|Any CPU + {D9C89660-69F8-46E2-B9C4-78E9B505E8B1}.Release|Any CPU.ActiveCfg = Release|Any CPU + {D9C89660-69F8-46E2-B9C4-78E9B505E8B1}.Release|Any CPU.Build.0 = Release|Any CPU + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection + GlobalSection(ExtensibilityGlobals) = postSolution + SolutionGuid = {D8547989-C4F7-4FCC-95BB-F7478F7D2484} + EndGlobalSection +EndGlobal diff --git a/xray_test.go b/xray_test.go index 6825ec193..8137e826f 100644 --- a/xray_test.go +++ b/xray_test.go @@ -210,24 +210,102 @@ func runXrayAuditYarnWithOutput(t *testing.T, format string) string { return xrayCli.RunCliCmdWithOutput(t, "audit", "--yarn", "--licenses", "--format="+format) } -// Tests NuGet audit by providing simple NuGet project and asserts any error. +// Tests NuGet audit by providing simple NuGet project + multi-project NuGet project and asserts any error. func TestXrayAuditNugetJson(t *testing.T) { - output := testXrayAuditNuget(t, "single", string(utils.Json)) - verifyJsonScanResults(t, output, 0, 2, 0) + var testdata = []struct { + projectName string + format string + restoreTech string + minVulnerabilities int + minLicences int + }{ + { + projectName: "single4.0", + format: string(utils.Json), + restoreTech: "nuget", + minVulnerabilities: 2, + minLicences: 0, + }, + { + projectName: "single5.0", + format: string(utils.Json), + restoreTech: "dotnet", + minVulnerabilities: 3, + minLicences: 2, + }, + { + projectName: "single5.0", + format: string(utils.Json), + restoreTech: "", + minVulnerabilities: 3, + minLicences: 2, + }, + { + projectName: "multi", + format: string(utils.Json), + restoreTech: "dotnet", + minVulnerabilities: 5, + minLicences: 3, + }, + { + projectName: "multi", + format: string(utils.Json), + restoreTech: "", + minVulnerabilities: 5, + minLicences: 3, + }, + } + for _, test := range testdata { + runInstallCommand := test.restoreTech != "" + t.Run(fmt.Sprintf("projectName:%s,runInstallCommand:%t", test.projectName, runInstallCommand), + func(t *testing.T) { + output := testXrayAuditNuget(t, test.projectName, test.format, test.restoreTech) + verifyJsonScanResults(t, output, 0, test.minVulnerabilities, test.minLicences) + }) + } } func TestXrayAuditNugetSimpleJson(t *testing.T) { - output := testXrayAuditNuget(t, "single", string(utils.SimpleJson)) - verifySimpleJsonScanResults(t, output, 2, 0) -} - -// Tests NuGet audit by providing a multi-project NuGet project and asserts any error. -func TestXrayAuditNugetMultiProject(t *testing.T) { - output := testXrayAuditNuget(t, "multi", string(utils.Json)) - verifyJsonScanResults(t, output, 0, 5, 0) + var testdata = []struct { + projectName string + format string + restoreTech string + minVulnerabilities int + minLicences int + }{ + { + projectName: "single4.0", + format: string(utils.SimpleJson), + restoreTech: "nuget", + minVulnerabilities: 2, + minLicences: 0, + }, + { + projectName: "single5.0", + format: string(utils.SimpleJson), + restoreTech: "dotnet", + minVulnerabilities: 3, + minLicences: 2, + }, + { + projectName: "single5.0", + format: string(utils.SimpleJson), + restoreTech: "", + minVulnerabilities: 3, + minLicences: 2, + }, + } + for _, test := range testdata { + runInstallCommand := test.restoreTech != "" + t.Run(fmt.Sprintf("projectName:%s,runInstallCommand:%t", test.projectName, runInstallCommand), + func(t *testing.T) { + output := testXrayAuditNuget(t, test.projectName, test.format, test.restoreTech) + verifySimpleJsonScanResults(t, output, test.minVulnerabilities, test.minLicences) + }) + } } -func testXrayAuditNuget(t *testing.T, projectName, format string) string { +func testXrayAuditNuget(t *testing.T, projectName, format string, restoreTech string) string { initXrayTest(t, scangraph.GraphScanMinXrayVersion) tempDirPath, createTempDirCallback := coretests.CreateTempDirWithCallbackAndAssert(t) defer createTempDirCallback() @@ -238,9 +316,12 @@ func testXrayAuditNuget(t *testing.T, projectName, format string) string { defer clientTestUtils.ChangeDirAndAssert(t, prevWd) // Add dummy descriptor file to check that we run only specific audit addDummyPackageDescriptor(t, false) - // Run NuGet restore before executing jfrog xr audit (NuGet) - assert.NoError(t, exec.Command("nuget", "restore").Run()) - return xrayCli.RunCliCmdWithOutput(t, "audit", "--nuget", "--format="+format) + // Run NuGet/Dotnet restore before executing jfrog xr audit (NuGet) + if restoreTech != "" { + _, err := exec.Command(restoreTech, "restore").CombinedOutput() + assert.NoError(t, err) + } + return xrayCli.RunCliCmdWithOutput(t, "audit", "--nuget", "--format="+format, "--licenses") } func TestXrayAuditGradleJson(t *testing.T) { @@ -328,7 +409,7 @@ func TestXrayAuditMultiProjects(t *testing.T) { // Copy the multi project from the testdata to a temp dir assert.NoError(t, biutils.CopyDir(multiProject, tempDirPath, true, nil)) workingDirsFlag := fmt.Sprintf("--working-dirs=%s, %s ,%s, %s", - filepath.Join(tempDirPath, "maven"), filepath.Join(tempDirPath, "nuget", "single"), + filepath.Join(tempDirPath, "maven"), filepath.Join(tempDirPath, "nuget", "single4.0"), filepath.Join(tempDirPath, "python", "pip"), filepath.Join(tempDirPath, "jas-test")) // Configure a new server named "default" createJfrogHomeConfig(t, true) From cc6d3e131c0130b0814ce6c85114d6a4e77f2c91 Mon Sep 17 00:00:00 2001 From: Eyal Ben Moshe Date: Mon, 11 Sep 2023 18:25:27 +0300 Subject: [PATCH 6/6] Promote version to 2.46.3 (#2198) --- build/npm/v2-jf/package-lock.json | 2 +- build/npm/v2-jf/package.json | 2 +- build/npm/v2/package-lock.json | 2 +- build/npm/v2/package.json | 2 +- go.mod | 26 ++++++++++---------- go.sum | 40 +++++++++++++++---------------- utils/cliutils/cli_consts.go | 2 +- 7 files changed, 38 insertions(+), 38 deletions(-) diff --git a/build/npm/v2-jf/package-lock.json b/build/npm/v2-jf/package-lock.json index 4657dffc3..75b78f3f4 100644 --- a/build/npm/v2-jf/package-lock.json +++ b/build/npm/v2-jf/package-lock.json @@ -1,5 +1,5 @@ { "name": "jfrog-cli-v2-jf", - "version": "2.46.2", + "version": "2.46.3", "lockfileVersion": 1 } diff --git a/build/npm/v2-jf/package.json b/build/npm/v2-jf/package.json index 8285fd5af..d8e22f930 100644 --- a/build/npm/v2-jf/package.json +++ b/build/npm/v2-jf/package.json @@ -1,6 +1,6 @@ { "name": "jfrog-cli-v2-jf", - "version": "2.46.2", + "version": "2.46.3", "description": "🐸 Command-line interface for JFrog Artifactory, Xray, Distribution, Pipelines and Mission Control 🐸", "homepage": "https://github.com/jfrog/jfrog-cli", "preferGlobal": true, diff --git a/build/npm/v2/package-lock.json b/build/npm/v2/package-lock.json index 894036f90..7128c0b7d 100644 --- a/build/npm/v2/package-lock.json +++ b/build/npm/v2/package-lock.json @@ -1,5 +1,5 @@ { "name": "jfrog-cli-v2", - "version": "2.46.2", + "version": "2.46.3", "lockfileVersion": 1 } diff --git a/build/npm/v2/package.json b/build/npm/v2/package.json index 84ad3f5d9..4fde475a8 100644 --- a/build/npm/v2/package.json +++ b/build/npm/v2/package.json @@ -1,6 +1,6 @@ { "name": "jfrog-cli-v2", - "version": "2.46.2", + "version": "2.46.3", "description": "🐸 Command-line interface for JFrog Artifactory, Xray, Distribution, Pipelines and Mission Control 🐸", "homepage": "https://github.com/jfrog/jfrog-cli", "preferGlobal": true, diff --git a/go.mod b/go.mod index 7f67c2b4b..d7e0ceb82 100644 --- a/go.mod +++ b/go.mod @@ -7,10 +7,10 @@ require ( github.com/buger/jsonparser v1.1.1 github.com/go-git/go-git/v5 v5.8.1 github.com/gocarina/gocsv v0.0.0-20230616125104-99d496ca653d - github.com/jfrog/build-info-go v1.9.9 + github.com/jfrog/build-info-go v1.9.10 github.com/jfrog/gofrog v1.3.0 - github.com/jfrog/jfrog-cli-core/v2 v2.41.4 - github.com/jfrog/jfrog-client-go v1.31.6 + github.com/jfrog/jfrog-cli-core/v2 v2.41.5 + github.com/jfrog/jfrog-client-go v1.32.1 github.com/jszwec/csvutil v1.8.0 github.com/mholt/archiver/v3 v3.5.1 github.com/stretchr/testify v1.8.4 @@ -18,8 +18,8 @@ require ( github.com/urfave/cli v1.22.14 github.com/vbauerster/mpb/v7 v7.5.3 github.com/xeipuuv/gojsonschema v1.2.0 - golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63 - golang.org/x/term v0.11.0 + golang.org/x/exp v0.0.0-20230905200255-921286631fa9 + golang.org/x/term v0.12.0 gopkg.in/yaml.v2 v2.4.0 ) @@ -108,13 +108,13 @@ require ( github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8 // indirect github.com/xo/terminfo v0.0.0-20210125001918-ca9a967f8778 // indirect - golang.org/x/crypto v0.12.0 // indirect + golang.org/x/crypto v0.13.0 // indirect golang.org/x/mod v0.12.0 // indirect - golang.org/x/net v0.14.0 // indirect + golang.org/x/net v0.15.0 // indirect golang.org/x/sync v0.3.0 // indirect - golang.org/x/sys v0.11.0 // indirect - golang.org/x/text v0.12.0 // indirect - golang.org/x/tools v0.12.1-0.20230815132531-74c255bcf846 // indirect + golang.org/x/sys v0.12.0 // indirect + golang.org/x/text v0.13.0 // indirect + golang.org/x/tools v0.13.0 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20230525234030-28d5490b6b19 // indirect google.golang.org/grpc v1.57.0 // indirect google.golang.org/protobuf v1.30.0 // indirect @@ -125,10 +125,10 @@ require ( // replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20230828134416-f0db33dd9344 -replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230907095444-fd00f19be95d +// replace github.com/jfrog/jfrog-cli-core/v2 => github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230907095444-fd00f19be95d // replace github.com/jfrog/gofrog => github.com/jfrog/gofrog v1.2.6-0.20230418122323-2bf299dd6d27 -replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go v1.28.1-0.20230906115540-2c3c91d271d6 +// replace github.com/jfrog/jfrog-client-go => github.com/jfrog/jfrog-client-go v1.28.1-0.20230906115540-2c3c91d271d6 -replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20230905120411-62d1bdd4eb38 +// replace github.com/jfrog/build-info-go => github.com/jfrog/build-info-go v1.8.9-0.20230905120411-62d1bdd4eb38 diff --git a/go.sum b/go.sum index f5dd5a740..172de0208 100644 --- a/go.sum +++ b/go.sum @@ -235,14 +235,14 @@ github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOl github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo= github.com/jedib0t/go-pretty/v6 v6.4.7 h1:lwiTJr1DEkAgzljsUsORmWsVn5MQjt1BPJdPCtJ6KXE= github.com/jedib0t/go-pretty/v6 v6.4.7/go.mod h1:Ndk3ase2CkQbXLLNf5QDHoYb6J9WtVfmHZu9n8rk2xs= -github.com/jfrog/build-info-go v1.8.9-0.20230905120411-62d1bdd4eb38 h1:XyAcwWP2a6a5RL861gkfgQ7MUaQ7mmDkUVoD6kMtUtQ= -github.com/jfrog/build-info-go v1.8.9-0.20230905120411-62d1bdd4eb38/go.mod h1:QEskae5fQpjeY2PBzsjWtUQVskYSNDF2sSmw/Gx44dQ= +github.com/jfrog/build-info-go v1.9.10 h1:uXnDLVxpqxoAMpXcki00QaBB+M2BoGMMpHODPkmmYOY= +github.com/jfrog/build-info-go v1.9.10/go.mod h1:ujJ8XQZMdT2tMkLSMJNyDd1pCY+duwHdjV+9or9FLIg= github.com/jfrog/gofrog v1.3.0 h1:o4zgsBZE4QyDbz2M7D4K6fXPTBJht+8lE87mS9bw7Gk= github.com/jfrog/gofrog v1.3.0/go.mod h1:IFMc+V/yf7rA5WZ74CSbXe+Lgf0iApEQLxRZVzKRUR0= -github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230907095444-fd00f19be95d h1:7Qlsj5PkqSfayuNaM07L8W+H0bBqEGd+iPusoJOU6w8= -github.com/jfrog/jfrog-cli-core/v2 v2.31.1-0.20230907095444-fd00f19be95d/go.mod h1:PCRqGSz6tKQNtiITSk9WZGflJjno/Vg4DvXPLkH6xO8= -github.com/jfrog/jfrog-client-go v1.28.1-0.20230906115540-2c3c91d271d6 h1:9mNCAUu/uHx80s4rMc9PeI1lllrZ1MOPUesIMglFoTY= -github.com/jfrog/jfrog-client-go v1.28.1-0.20230906115540-2c3c91d271d6/go.mod h1:soD5VL3X+G+0KKUNSlb0CSdF9nwHsQZCr0xqOGedAHM= +github.com/jfrog/jfrog-cli-core/v2 v2.41.5 h1:+hQs69dXhNrDIDsBlEPcmLgywfkzyKrIsCZtBW486PU= +github.com/jfrog/jfrog-cli-core/v2 v2.41.5/go.mod h1:HCMfdtCy2B81EF8YiQlsfbG3CsLk/VeqoWGNYoSUz8Q= +github.com/jfrog/jfrog-client-go v1.32.1 h1:RQmuPSLsF5222vZJzwkgHSZMMJF83ExS7SwIvh4P+H8= +github.com/jfrog/jfrog-client-go v1.32.1/go.mod h1:362+oa7uTTYurzBs1L0dmUTlLo7uhpAU/pwM5Zb9clg= github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU= github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk= github.com/jszwec/csvutil v1.8.0 h1:G7vS2LGdpZZDH1HmHeNbxOaJ/ZnJlpwGFvOkTkJzzNk= @@ -431,8 +431,8 @@ golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0 golang.org/x/crypto v0.0.0-20220722155217-630584e8d5aa/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/crypto v0.3.1-0.20221117191849-2c476679df9a/go.mod h1:hebNnKkNXi2UzZN1eVRvBB7co0a+JxK6XbPiWVs/3J4= golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU= -golang.org/x/crypto v0.12.0 h1:tFM/ta59kqch6LlvYnPa0yx5a83cL2nHflFhYKvv9Yk= -golang.org/x/crypto v0.12.0/go.mod h1:NF0Gs7EO5K4qLn+Ylc+fih8BSTeIjAP05siRnAh98yw= +golang.org/x/crypto v0.13.0 h1:mvySKfSWJ+UKUii46M40LOvyWfN0s2U+46/jDd0e6Ck= +golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliYc= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -443,8 +443,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63 h1:m64FZMko/V45gv0bNmrNYoDEq8U5YUhetc9cBWKS1TQ= -golang.org/x/exp v0.0.0-20230817173708-d852ddb80c63/go.mod h1:0v4NqG35kSWCMzLaMeX+IQrlSnVE/bqGSyC2cz/9Le8= +golang.org/x/exp v0.0.0-20230905200255-921286631fa9 h1:GoHiUyI/Tp2nVkLI2mCxVkOjsbSXD66ic0XW0js0R9g= +golang.org/x/exp v0.0.0-20230905200255-921286631fa9/go.mod h1:S2oDrQGGwySpoQPVqRShND87VCbxmc6bL1Yd2oYrm6k= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -508,8 +508,8 @@ golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug golang.org/x/net v0.2.0/go.mod h1:KqCZLdyyvdV855qA2rE3GC2aiw5xGR5TEjj8smXukLY= golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc= -golang.org/x/net v0.14.0 h1:BONx9s002vGdD9umnlX1Po8vOZmrgH34qlHcD1MfK14= -golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI= +golang.org/x/net v0.15.0 h1:ugBLEUaxABaB5AJqW9enI0ACdci2RUd4eP51NTBvuJ8= +golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -598,15 +598,15 @@ golang.org/x/sys v0.2.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM= -golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o= +golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.2.0/go.mod h1:TVmDHMZPmdnySmBfhjOoOdhjzdE1h4u1VwSiw2l1Nuc= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U= -golang.org/x/term v0.11.0 h1:F9tnn/DA/Im8nCwm+fX+1/eBwi4qFjRT++MhtVC4ZX0= -golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU= +golang.org/x/term v0.12.0 h1:/ZfYdc3zq+q02Rv9vGqTeSItdzZTSNDmfTi0mBAuidU= +golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -619,8 +619,8 @@ golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.12.0 h1:k+n5B8goJNdU7hSvEtMUz3d1Q6D/XW4COJSJR6fN0mc= -golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= +golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= +golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -676,8 +676,8 @@ golang.org/x/tools v0.0.0-20210108195828-e2f9c7f1fc8e/go.mod h1:emZCQorbCU4vsT4f golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0= golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/tools v0.12.1-0.20230815132531-74c255bcf846 h1:Vve/L0v7CXXuxUmaMGIEK/dEeq7uiqb5qBgQrZzIE7E= -golang.org/x/tools v0.12.1-0.20230815132531-74c255bcf846/go.mod h1:Sc0INKfu04TlqNoRA1hgpFZbhYXHPr4V5DzpSBTPqQM= +golang.org/x/tools v0.13.0 h1:Iey4qkscZuv0VvIt8E0neZjtPVQFSc870HQ448QgEmQ= +golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/utils/cliutils/cli_consts.go b/utils/cliutils/cli_consts.go index bc0d2f16a..95ceaaa4c 100644 --- a/utils/cliutils/cli_consts.go +++ b/utils/cliutils/cli_consts.go @@ -4,7 +4,7 @@ import "time" const ( // General CLI constants - CliVersion = "2.46.2" + CliVersion = "2.46.3" ClientAgent = "jfrog-cli-go" // CLI base commands constants: