Skip to content

Commit

Permalink
fix: P4ADEV-1845 fix CVE (#7)
Browse files Browse the repository at this point in the history
  • Loading branch information
@antonioT90
antonioT90 authored Jan 2, 2025
1 parent e510fd1 commit aaa5192
Show file tree
Hide file tree
Showing 7 changed files with 129 additions and 124 deletions.
24 changes: 12 additions & 12 deletions build.gradle.kts
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,11 @@
plugins {
java
id("org.springframework.boot") version "3.3.5"
id("io.spring.dependency-management") version "1.1.6"
id("org.springframework.boot") version "3.4.1"
id("io.spring.dependency-management") version "1.1.7"
jacoco
id("org.sonarqube") version "5.1.0.4882"
id("org.sonarqube") version "6.0.1.5171"
id("com.github.ben-manes.versions") version "0.51.0"
id("org.openapi.generator") version "7.9.0"
id("org.openapi.generator") version "7.10.0"
}

group = "it.gov.pagopa.payhub"
Expand Down Expand Up @@ -36,10 +36,10 @@ repositories {
}
}

val springDocOpenApiVersion = "2.6.0"
val springDocOpenApiVersion = "2.7.0"
val openApiToolsVersion = "0.2.6"
val micrometerVersion = "1.4.0"
val p4paActivitiesVersion = "1.16.0"
val micrometerVersion = "1.4.1"
val p4paActivitiesVersion = "1.23.3"
val postgresJdbcVersion = "42.7.4"

dependencies {
Expand Down Expand Up @@ -118,18 +118,18 @@ springBoot {

openApiGenerate {
generatorName.set("spring")
inputSpec.set("$rootDir/openapi/template-payments-java-repository.openapi.yaml")
inputSpec.set("$rootDir/openapi/p4pa-workflow-worker.openapi.yaml")
outputDir.set("$projectDir/build/generated")
apiPackage.set("it.gov.pagopa.template.controller.generated")
modelPackage.set("it.gov.pagopa.template.model.generated")
apiPackage.set("it.gov.pagopa.pu.worker.controller.generated")
modelPackage.set("it.gov.pagopa.pu.worker.dto.generated")
configOptions.set(mapOf(
"dateLibrary" to "java8",
"requestMappingMode" to "api_interface",
"useSpringBoot3" to "true",
"interfaceOnly" to "true",
"useTags" to "true",
"generateConstructorWithAllArgs" to "false",
"generatedConstructorWithRequiredArgs" to "false",
"additionalModelTypeAnnotations" to "@lombok.Data @lombok.Builder @lombok.AllArgsConstructor @lombok.RequiredArgsConstructor"
"generatedConstructorWithRequiredArgs" to "true",
"additionalModelTypeAnnotations" to "@lombok.Data @lombok.Builder @lombok.AllArgsConstructor"
))
}
137 changes: 69 additions & 68 deletions gradle.lockfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,89 +2,90 @@
# Manual edits can break the build and are not advised.
# This file is expected to be part of source control.
aopalliance:aopalliance:1.0=compileClasspath
ch.qos.logback:logback-classic:1.5.11=compileClasspath
ch.qos.logback:logback-core:1.5.11=compileClasspath
com.fasterxml.jackson.core:jackson-annotations:2.17.2=compileClasspath
com.fasterxml.jackson.core:jackson-core:2.17.2=compileClasspath
com.fasterxml.jackson.core:jackson-databind:2.17.2=compileClasspath
com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:2.17.2=compileClasspath
com.fasterxml.jackson.datatype:jackson-datatype-jdk8:2.17.2=compileClasspath
com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.17.2=compileClasspath
com.fasterxml.jackson.module:jackson-module-parameter-names:2.17.2=compileClasspath
com.fasterxml.jackson:jackson-bom:2.17.2=compileClasspath
ch.qos.logback:logback-classic:1.5.12=compileClasspath
ch.qos.logback:logback-core:1.5.12=compileClasspath
com.fasterxml.jackson.core:jackson-annotations:2.18.2=compileClasspath
com.fasterxml.jackson.core:jackson-core:2.18.2=compileClasspath
com.fasterxml.jackson.core:jackson-databind:2.18.2=compileClasspath
com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:2.18.2=compileClasspath
com.fasterxml.jackson.datatype:jackson-datatype-jdk8:2.18.2=compileClasspath
com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.18.2=compileClasspath
com.fasterxml.jackson.module:jackson-module-parameter-names:2.18.2=compileClasspath
com.fasterxml.jackson:jackson-bom:2.18.2=compileClasspath
com.zaxxer:HikariCP:5.1.0=compileClasspath
io.micrometer:context-propagation:1.1.2=compileClasspath
io.micrometer:micrometer-commons:1.13.6=compileClasspath
io.micrometer:micrometer-core:1.13.6=compileClasspath
io.micrometer:micrometer-jakarta9:1.13.6=compileClasspath
io.micrometer:micrometer-observation:1.13.6=compileClasspath
io.micrometer:micrometer-tracing-bridge-otel:1.4.0=compileClasspath
io.micrometer:micrometer-tracing:1.3.5=compileClasspath
io.micrometer:micrometer-commons:1.14.2=compileClasspath
io.micrometer:micrometer-core:1.14.2=compileClasspath
io.micrometer:micrometer-jakarta9:1.14.2=compileClasspath
io.micrometer:micrometer-observation:1.14.2=compileClasspath
io.micrometer:micrometer-tracing-bridge-otel:1.4.1=compileClasspath
io.micrometer:micrometer-tracing:1.4.1=compileClasspath
io.opentelemetry.instrumentation:opentelemetry-instrumentation-api-incubator:2.9.0-alpha=compileClasspath
io.opentelemetry.instrumentation:opentelemetry-instrumentation-api:2.9.0=compileClasspath
io.opentelemetry.semconv:opentelemetry-semconv:1.25.0-alpha=compileClasspath
io.opentelemetry:opentelemetry-api:1.37.0=compileClasspath
io.opentelemetry:opentelemetry-context:1.37.0=compileClasspath
io.opentelemetry:opentelemetry-extension-trace-propagators:1.37.0=compileClasspath
io.opentelemetry:opentelemetry-sdk-common:1.37.0=compileClasspath
io.opentelemetry:opentelemetry-sdk-logs:1.37.0=compileClasspath
io.opentelemetry:opentelemetry-sdk-metrics:1.37.0=compileClasspath
io.opentelemetry:opentelemetry-sdk-trace:1.37.0=compileClasspath
io.opentelemetry:opentelemetry-sdk:1.37.0=compileClasspath
io.swagger.core.v3:swagger-annotations-jakarta:2.2.22=compileClasspath
io.swagger.core.v3:swagger-core-jakarta:2.2.22=compileClasspath
io.swagger.core.v3:swagger-models-jakarta:2.2.22=compileClasspath
it.gov.pagopa.payhub:p4pa-payhub-activities:1.16.0=compileClasspath
io.opentelemetry:opentelemetry-api:1.43.0=compileClasspath
io.opentelemetry:opentelemetry-context:1.43.0=compileClasspath
io.opentelemetry:opentelemetry-extension-trace-propagators:1.43.0=compileClasspath
io.opentelemetry:opentelemetry-sdk-common:1.43.0=compileClasspath
io.opentelemetry:opentelemetry-sdk-logs:1.43.0=compileClasspath
io.opentelemetry:opentelemetry-sdk-metrics:1.43.0=compileClasspath
io.opentelemetry:opentelemetry-sdk-trace:1.43.0=compileClasspath
io.opentelemetry:opentelemetry-sdk:1.43.0=compileClasspath
io.swagger.core.v3:swagger-annotations-jakarta:2.2.25=compileClasspath
io.swagger.core.v3:swagger-core-jakarta:2.2.25=compileClasspath
io.swagger.core.v3:swagger-models-jakarta:2.2.25=compileClasspath
it.gov.pagopa.payhub:p4pa-payhub-activities:1.23.3=compileClasspath
jakarta.activation:jakarta.activation-api:2.1.3=compileClasspath
jakarta.annotation:jakarta.annotation-api:2.1.1=compileClasspath
jakarta.persistence:jakarta.persistence-api:3.1.0=compileClasspath
jakarta.transaction:jakarta.transaction-api:2.0.1=compileClasspath
jakarta.validation:jakarta.validation-api:3.0.2=compileClasspath
jakarta.xml.bind:jakarta.xml.bind-api:4.0.2=compileClasspath
org.antlr:antlr4-runtime:4.13.0=compileClasspath
org.apache.commons:commons-lang3:3.14.0=compileClasspath
org.apache.logging.log4j:log4j-api:2.23.1=compileClasspath
org.apache.logging.log4j:log4j-to-slf4j:2.23.1=compileClasspath
org.apache.tomcat.embed:tomcat-embed-core:10.1.31=compileClasspath
org.apache.tomcat.embed:tomcat-embed-el:10.1.31=compileClasspath
org.apache.tomcat.embed:tomcat-embed-websocket:10.1.31=compileClasspath
org.apache.commons:commons-lang3:3.17.0=compileClasspath
org.apache.logging.log4j:log4j-api:2.24.3=compileClasspath
org.apache.logging.log4j:log4j-to-slf4j:2.24.3=compileClasspath
org.apache.tomcat.embed:tomcat-embed-core:10.1.34=compileClasspath
org.apache.tomcat.embed:tomcat-embed-el:10.1.34=compileClasspath
org.apache.tomcat.embed:tomcat-embed-websocket:10.1.34=compileClasspath
org.aspectj:aspectjweaver:1.9.22.1=compileClasspath
org.hibernate.orm:hibernate-core:6.5.3.Final=compileClasspath
org.hibernate.orm:hibernate-core:6.6.4.Final=compileClasspath
org.jspecify:jspecify:1.0.0=compileClasspath
org.openapitools:jackson-databind-nullable:0.2.6=compileClasspath
org.postgresql:postgresql:42.7.4=compileClasspath
org.projectlombok:lombok:1.18.34=compileClasspath
org.projectlombok:lombok:1.18.36=compileClasspath
org.slf4j:jul-to-slf4j:2.0.16=compileClasspath
org.slf4j:slf4j-api:2.0.16=compileClasspath
org.springdoc:springdoc-openapi-starter-common:2.6.0=compileClasspath
org.springdoc:springdoc-openapi-starter-webmvc-api:2.6.0=compileClasspath
org.springdoc:springdoc-openapi-starter-webmvc-ui:2.6.0=compileClasspath
org.springframework.boot:spring-boot-actuator-autoconfigure:3.3.5=compileClasspath
org.springframework.boot:spring-boot-actuator:3.3.5=compileClasspath
org.springframework.boot:spring-boot-autoconfigure:3.3.5=compileClasspath
org.springframework.boot:spring-boot-starter-actuator:3.3.5=compileClasspath
org.springframework.boot:spring-boot-starter-aop:3.3.5=compileClasspath
org.springframework.boot:spring-boot-starter-data-jpa:3.3.5=compileClasspath
org.springframework.boot:spring-boot-starter-jdbc:3.3.5=compileClasspath
org.springframework.boot:spring-boot-starter-json:3.3.5=compileClasspath
org.springframework.boot:spring-boot-starter-logging:3.3.5=compileClasspath
org.springframework.boot:spring-boot-starter-tomcat:3.3.5=compileClasspath
org.springframework.boot:spring-boot-starter-web:3.3.5=compileClasspath
org.springframework.boot:spring-boot-starter:3.3.5=compileClasspath
org.springframework.boot:spring-boot:3.3.5=compileClasspath
org.springframework.data:spring-data-commons:3.3.5=compileClasspath
org.springframework.data:spring-data-jpa:3.3.5=compileClasspath
org.springframework:spring-aop:6.1.14=compileClasspath
org.springframework:spring-aspects:6.1.14=compileClasspath
org.springframework:spring-beans:6.1.14=compileClasspath
org.springframework:spring-context:6.1.14=compileClasspath
org.springframework:spring-core:6.1.14=compileClasspath
org.springframework:spring-expression:6.1.14=compileClasspath
org.springframework:spring-jcl:6.1.14=compileClasspath
org.springframework:spring-jdbc:6.1.14=compileClasspath
org.springframework:spring-orm:6.1.14=compileClasspath
org.springframework:spring-tx:6.1.14=compileClasspath
org.springframework:spring-web:6.1.14=compileClasspath
org.springframework:spring-webmvc:6.1.14=compileClasspath
org.webjars:swagger-ui:5.17.14=compileClasspath
org.yaml:snakeyaml:2.2=compileClasspath
org.springdoc:springdoc-openapi-starter-common:2.7.0=compileClasspath
org.springdoc:springdoc-openapi-starter-webmvc-api:2.7.0=compileClasspath
org.springdoc:springdoc-openapi-starter-webmvc-ui:2.7.0=compileClasspath
org.springframework.boot:spring-boot-actuator-autoconfigure:3.4.1=compileClasspath
org.springframework.boot:spring-boot-actuator:3.4.1=compileClasspath
org.springframework.boot:spring-boot-autoconfigure:3.4.1=compileClasspath
org.springframework.boot:spring-boot-starter-actuator:3.4.1=compileClasspath
org.springframework.boot:spring-boot-starter-data-jpa:3.4.1=compileClasspath
org.springframework.boot:spring-boot-starter-jdbc:3.4.1=compileClasspath
org.springframework.boot:spring-boot-starter-json:3.4.1=compileClasspath
org.springframework.boot:spring-boot-starter-logging:3.4.1=compileClasspath
org.springframework.boot:spring-boot-starter-tomcat:3.4.1=compileClasspath
org.springframework.boot:spring-boot-starter-web:3.4.1=compileClasspath
org.springframework.boot:spring-boot-starter:3.4.1=compileClasspath
org.springframework.boot:spring-boot:3.4.1=compileClasspath
org.springframework.data:spring-data-commons:3.4.1=compileClasspath
org.springframework.data:spring-data-jpa:3.4.1=compileClasspath
org.springframework:spring-aop:6.2.1=compileClasspath
org.springframework:spring-aspects:6.2.1=compileClasspath
org.springframework:spring-beans:6.2.1=compileClasspath
org.springframework:spring-context:6.2.1=compileClasspath
org.springframework:spring-core:6.2.1=compileClasspath
org.springframework:spring-expression:6.2.1=compileClasspath
org.springframework:spring-jcl:6.2.1=compileClasspath
org.springframework:spring-jdbc:6.2.1=compileClasspath
org.springframework:spring-orm:6.2.1=compileClasspath
org.springframework:spring-tx:6.2.1=compileClasspath
org.springframework:spring-web:6.2.1=compileClasspath
org.springframework:spring-webmvc:6.2.1=compileClasspath
org.webjars:swagger-ui:5.18.2=compileClasspath
org.webjars:webjars-locator-lite:1.0.1=compileClasspath
org.yaml:snakeyaml:2.3=compileClasspath
empty=
0 ...ate-payments-java-repository.openapi.yaml → openapi/p4pa-workflow-worker.openapi.yaml
View file
File renamed without changes.
40 changes: 18 additions & 22 deletions src/main/java/it/gov/pagopa/pu/worker/ingestionflowfile/mapper/IngestionFlowFileMapper.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,66 +2,62 @@

import it.gov.pagopa.payhub.activities.dto.IngestionFlowFileDTO;
import it.gov.pagopa.payhub.activities.dto.OrganizationDTO;
import it.gov.pagopa.payhub.activities.enums.IngestionFlowFileType;
import it.gov.pagopa.pu.worker.ingestionflowfile.model.IngestionFlowFile;

import org.springframework.stereotype.Component;

import java.util.Date;

@Component
public class IngestionFlowFileMapper {

public IngestionFlowFile mapIngestionFlowFileDTO2Model(IngestionFlowFileDTO dto) {
return IngestionFlowFile.builder()
.ingestionFlowFileId(dto.getIngestionFlowFileId())
.flowFileType(dto.getFlowFileType().name())
.flowFileType(dto.getFlowFileType())
.version(dto.getVersion())
.org(dto.getOrg().getOrgId())
.organizationId(dto.getOrg().getOrgId())
.status(dto.getStatus())
.iuf(dto.getIuf())
.numTotalRows(dto.getNumTotalRows().intValue())
.numCorrectlyImportedRows(dto.getNumCorrectlyImportedRows().intValue())
.creationDate(dto.getCreationDate().toInstant())
.lastUpdateDate(dto.getLastUpdateDate().toInstant())
.operatorExternalUserId(dto.getOperatorExternalUserId())
.numTotalRows(dto.getNumTotalRows())
.numCorrectlyImportedRows(dto.getNumCorrectlyImportedRows())
.creationDate(dto.getCreationDate())
.lastUpdateDate(dto.getLastUpdateDate())
.flagActive(dto.isFlagActive())
.operatorName(dto.getOperatorName())
.flagSpontaneous(dto.getFlagSpontaneous())
.filePathName(dto.getFilePath())
.filePathName(dto.getFilePathName())
.fileName(dto.getFileName())
.pdfGenerated(dto.getPdfGenerated().intValue())
.codRequestToken(dto.getCodRequestToken())
.codError(dto.getCodError())
.pspIdentifier(dto.getPspIdentifier())
.flowDateTime(dto.getFlowDateTime())
.fileSourceCode(dto.getFileSourceCode())
.fileSize(dto.getFileSize())
.discardFileName(dto.getDiscardFileName())
.build();
}

public IngestionFlowFileDTO mapIngestionFlowFile2DTO(IngestionFlowFile model) {
return IngestionFlowFileDTO.builder()
.ingestionFlowFileId(model.getIngestionFlowFileId())
.flowFileType(IngestionFlowFileType.valueOf(model.getFlowFileType()))
.operatorExternalUserId(model.getOperatorExternalUserId())
.flowFileType(model.getFlowFileType())
.version(model.getVersion())
.org(OrganizationDTO.builder().orgId(model.getOrg()).build())
.org(OrganizationDTO.builder().orgId(model.getOrganizationId()).build())
.status(model.getStatus())
.iuf(model.getIuf())
.numTotalRows(Long.valueOf(model.getNumTotalRows()))
.numCorrectlyImportedRows(Long.valueOf(model.getNumCorrectlyImportedRows()))
.creationDate(Date.from(model.getCreationDate()))
.lastUpdateDate(Date.from(model.getLastUpdateDate()))
.numTotalRows(model.getNumTotalRows())
.numCorrectlyImportedRows(model.getNumCorrectlyImportedRows())
.creationDate(model.getCreationDate())
.lastUpdateDate(model.getLastUpdateDate())
.flagActive(model.isFlagActive())
.operatorName(model.getOperatorName())
.flagSpontaneous(model.isFlagSpontaneous())
.filePath(model.getFilePathName())
.filePathName(model.getFilePathName())
.fileName(model.getFileName())
.pdfGenerated(Long.valueOf(model.getPdfGenerated()))
.codRequestToken(model.getCodRequestToken())
.codError(model.getCodError())
.pspIdentifier(model.getPspIdentifier())
.flowDateTime(model.getFlowDateTime())
.fileSourceCode(model.getFileSourceCode())
.fileSize(model.getFileSize())
.discardFileName(model.getDiscardFileName())
.build();
}
Expand Down
16 changes: 8 additions & 8 deletions src/main/java/it/gov/pagopa/pu/worker/ingestionflowfile/model/IngestionFlowFile.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
package it.gov.pagopa.pu.worker.ingestionflowfile.model;

import it.gov.pagopa.payhub.activities.enums.IngestionFlowFileType;
import jakarta.persistence.*;
import lombok.AllArgsConstructor;
import lombok.Builder;
Expand All @@ -22,26 +23,25 @@ public class IngestionFlowFile implements Serializable {
@GeneratedValue(strategy = GenerationType.SEQUENCE, generator = "ingestion_flow_file_generator")
@SequenceGenerator(name = "ingestion_flow_file_generator", sequenceName = "ingestion_flow_file_seq", allocationSize = 1)
private Long ingestionFlowFileId;
private String flowFileType;
private IngestionFlowFileType flowFileType;
private int version;
private Long org;
private Long organizationId;
private String status;
private String iuf;
private int numTotalRows;
private int numCorrectlyImportedRows;
private Long numTotalRows;
private Long numCorrectlyImportedRows;
private Instant creationDate;
private Instant lastUpdateDate;
private boolean flagActive;
private String operatorName;
private String operatorExternalUserId;
private boolean flagSpontaneous;
private String filePathName;
private String fileName;
private int pdfGenerated;
private Integer pdfGenerated;
private String codRequestToken;
private String codError;
private String pspIdentifier;
private LocalDateTime flowDateTime;
private String state;
private Long fileSize;
private String fileSourceCode;
private String discardFileName;
}
10 changes: 10 additions & 0 deletions src/main/java/it/gov/pagopa/pu/worker/paymentsreporting/PaymentsReportingDaoImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,4 +30,14 @@ public List<PaymentsReportingDTO> saveAll(List<PaymentsReportingDTO> dtos) {
.map(paymentsReportingMapper::mapPaymentsReporting2DTO)
.toList();
}

@Override
public List<PaymentsReportingDTO> findByOrganizationIdAndIuf(Long organizationId, String iuf) {
return List.of(); // TODO
}

@Override
public PaymentsReportingDTO findBySemanticKey(Long orgId, String iuv, String iur, int transferIndex) {
return null; // TODO
}
}
Loading

0 comments on commit aaa5192

Please sign in to comment.