Skip to content

feat: ArtifactoryAnalyzer updated to use the HTTPClient5-based Downloader and skip unusable results #7293

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jeremylong merged 3 commits into from
Jan 25, 2025
Merged

feat: ArtifactoryAnalyzer updated to use the HTTPClient5-based Downloader and skip unusable results #7293

jeremylong merged 3 commits into from
Jan 25, 2025

Conversation

@aikebah
Copy link
Collaborator

@aikebah aikebah commented Jan 8, 2025

Description of Change

Make ArtifactoryAnalyzer use the Downloader class to finalize the migration of HTTP-traffic to use the Apache HTTPClient5 finalizing the work still left after #6949

Make ArtifactoryAnalyzer skip results that do not fit the expectations (matching hashes and a maven-like G/A/V path structure) and attempt to find further matches in the remaining search results instead of throwing an exception on a first unexpected result entry format.

Related issues

Fixes #5868
Fixes #7254

Have test cases been added to cover the new functionality?

yes a testcase was added for the fix of #5868

@aikebah
feat: Update ArtifactoryAnalyser to use apache HTTPClient5 like the r…
dae5307 
…eset of DependencyCheck

Also mitigate issue #5868 by skipping (with a warning log) unusable results instead of throwing an exception so that multi-result responses can be handled.
@boring-cyborg boring-cyborg bot added core changes to core tests test cases utils changes to utils labels Jan 8, 2025
@aikebah
Copy link
Collaborator Author

aikebah commented Jan 8, 2025

Marked as a draft PR awaiting results from the community on live-testing a snapshot build against an Artifactory Pro instance.

@aikebah
fix: Resolve a too strict validation of UnknownHostException message …
242be38 
…that turns out to have runtime platform differences
jeremylong
jeremylong previously approved these changes Jan 11, 2025
View reviewed changes
Copy link
Collaborator

@jeremylong jeremylong left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@aikebah
fix: Make ArtifactorySearchResponseHandler gracefully handle absence …
02889c9 
…of detail

Resolves the NPE reported in jeremylong/DependencyCheck#7254 (comment)

Logs a warning for each entry in the response that does not have the checksums block that is to be expected for any
request that has the `X-Result-Detail: info` HTTP header.
@aikebah aikebah marked this pull request as ready for review January 24, 2025 20:39
@jeremylong jeremylong merged commit 406ea7f into main Jan 25, 2025
9 checks passed
@jeremylong jeremylong deleted the feat/artifactory branch January 25, 2025 12:48
@jeremylong jeremylong added this to the 12.0.2 milestone Jan 25, 2025
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Feb 25, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@jeremylong jeremylong jeremylong approved these changes

Assignees

No one assigned

Labels

core changes to core tests test cases utils changes to utils

Projects

None yet

Milestone

12.0.2

2 participants

@aikebah @jeremylong