From defa6c3b69ef770722982cdb342381db2f9371e4 Mon Sep 17 00:00:00 2001 From: "Stein.Codes" <108551786+caytec@users.noreply.github.com> Date: Wed, 1 Nov 2023 15:41:08 +0100 Subject: [PATCH] refactor: Java Security Ultimate Security Repo Scanner 2023 (#1455) Disclaimer: Automated Commit Alert Please be aware that this commit, generated through automated processes, may contain false alerts or not be precisely targeted. This automated commit is part of a large-scale effort to enhance software security over time. It is sent to various repositories to improve code quality and security. Exercise caution when reviewing the changes, and ensure that any necessary adjustments are made to maintain the integrity and functionality of the software. Use this link to re-run the recipe: https://app.moderne.io/recipes/builder/TkgUEiqd7?organizationId=RWNsaXBzZSBGb3VuZGF0aW9u Co-authored-by: Moderne --- .../hawkbit/artifact/repository/ArtifactFilesystemTest.java | 3 ++- .../artifact/repository/AbstractArtifactRepository.java | 2 +- .../eclipse/hawkbit/repository/test/util/TargetTestData.java | 3 ++- .../hawkbit/ui/management/bulkupload/BulkUploadHandler.java | 2 +- 4 files changed, 6 insertions(+), 4 deletions(-) diff --git a/hawkbit-artifact-repository-filesystem/src/test/java/org/eclipse/hawkbit/artifact/repository/ArtifactFilesystemTest.java b/hawkbit-artifact-repository-filesystem/src/test/java/org/eclipse/hawkbit/artifact/repository/ArtifactFilesystemTest.java index ad8687068..cccfbd226 100644 --- a/hawkbit-artifact-repository-filesystem/src/test/java/org/eclipse/hawkbit/artifact/repository/ArtifactFilesystemTest.java +++ b/hawkbit-artifact-repository-filesystem/src/test/java/org/eclipse/hawkbit/artifact/repository/ArtifactFilesystemTest.java @@ -14,6 +14,7 @@ import static org.assertj.core.api.Assertions.assertThat; import java.io.File; import java.io.FileNotFoundException; import java.io.IOException; +import java.nio.file.Files; import org.apache.commons.io.IOUtils; import org.assertj.core.api.Assertions; @@ -46,7 +47,7 @@ public class ArtifactFilesystemTest { @Test @Description("Verifies that an InputStream can be opened if file exists") public void getInputStreamOfExistingFile() throws IOException { - final File createTempFile = File.createTempFile(ArtifactFilesystemTest.class.getSimpleName(), ""); + final File createTempFile = Files.createTempFile(ArtifactFilesystemTest.class.getSimpleName(), "").toFile(); createTempFile.deleteOnExit(); final ArtifactFilesystem underTest = new ArtifactFilesystem(createTempFile, diff --git a/hawkbit-core/src/main/java/org/eclipse/hawkbit/artifact/repository/AbstractArtifactRepository.java b/hawkbit-core/src/main/java/org/eclipse/hawkbit/artifact/repository/AbstractArtifactRepository.java index 4641a3a08..ef4751a04 100644 --- a/hawkbit-core/src/main/java/org/eclipse/hawkbit/artifact/repository/AbstractArtifactRepository.java +++ b/hawkbit-core/src/main/java/org/eclipse/hawkbit/artifact/repository/AbstractArtifactRepository.java @@ -118,7 +118,7 @@ public abstract class AbstractArtifactRepository implements ArtifactRepository { private static File createTempFile() { try { - return File.createTempFile(TEMP_FILE_PREFIX, TEMP_FILE_SUFFIX); + return Files.createTempFile(TEMP_FILE_PREFIX, TEMP_FILE_SUFFIX).toFile(); } catch (final IOException e) { throw new ArtifactStoreException("Cannot create tempfile", e); } diff --git a/hawkbit-repository/hawkbit-repository-test/src/main/java/org/eclipse/hawkbit/repository/test/util/TargetTestData.java b/hawkbit-repository/hawkbit-repository-test/src/main/java/org/eclipse/hawkbit/repository/test/util/TargetTestData.java index f8f37087d..cf4872acc 100644 --- a/hawkbit-repository/hawkbit-repository-test/src/main/java/org/eclipse/hawkbit/repository/test/util/TargetTestData.java +++ b/hawkbit-repository/hawkbit-repository-test/src/main/java/org/eclipse/hawkbit/repository/test/util/TargetTestData.java @@ -9,6 +9,7 @@ */ package org.eclipse.hawkbit.repository.test.util; +import java.security.SecureRandom; import java.util.Random; import org.eclipse.hawkbit.repository.model.Target; @@ -20,7 +21,7 @@ public class TargetTestData { public static final String ATTRIBUTE_VALUE_VALID; static { - final Random rand = new Random(); + final Random rand = new SecureRandom(); ATTRIBUTE_KEY_TOO_LONG = generateRandomStringWithLength(Target.CONTROLLER_ATTRIBUTE_KEY_SIZE + 1, rand); ATTRIBUTE_KEY_VALID = generateRandomStringWithLength(Target.CONTROLLER_ATTRIBUTE_KEY_SIZE, rand); ATTRIBUTE_VALUE_TOO_LONG = generateRandomStringWithLength(Target.CONTROLLER_ATTRIBUTE_VALUE_SIZE + 1, rand); diff --git a/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/management/bulkupload/BulkUploadHandler.java b/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/management/bulkupload/BulkUploadHandler.java index df048cea5..e7f9e26ee 100644 --- a/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/management/bulkupload/BulkUploadHandler.java +++ b/hawkbit-ui/src/main/java/org/eclipse/hawkbit/ui/management/bulkupload/BulkUploadHandler.java @@ -110,7 +110,7 @@ public class BulkUploadHandler implements SucceededListener, FailedListener, Rec @Override public OutputStream receiveUpload(final String filename, final String mimeType) { try { - tempFile = File.createTempFile("temp", ".csv"); + tempFile = Files.createTempFile("temp", ".csv").toFile(); return new FileOutputStream(tempFile); } catch (final FileNotFoundException e) {