From f5b6120d04418034f0d44dfb305b809ef0f1eba4 Mon Sep 17 00:00:00 2001 From: Malavika Date: Mon, 24 Feb 2025 15:12:26 +0530 Subject: [PATCH 1/3] sonar fixes --- src/ArtifactoryUploader/ArtifactoryUploader.cs | 2 +- src/ArtifactoryUploader/JfrogRepoUpdater.cs | 2 +- src/LCT.PackageIdentifier/NpmProcessor.cs | 5 ++++- src/LCT.PackageIdentifier/NugetDevDependencyParser.cs | 4 ++-- src/LCT.PackageIdentifier/NugetProcessor.cs | 5 ++++- src/LCT.SW360PackageCreator/CreatorValidator.cs | 2 +- 6 files changed, 13 insertions(+), 7 deletions(-) diff --git a/src/ArtifactoryUploader/ArtifactoryUploader.cs b/src/ArtifactoryUploader/ArtifactoryUploader.cs index 7ff1acdc..b1d9175e 100644 --- a/src/ArtifactoryUploader/ArtifactoryUploader.cs +++ b/src/ArtifactoryUploader/ArtifactoryUploader.cs @@ -95,7 +95,7 @@ async Task TryGetPackageInfo(ComponentsToArtifactory component) // Handle DEBIAN package name mismatch - if (component.ComponentType == "DEBIAN" && packageInfo?.Name != component.JfrogPackageName) + if (component.ComponentType == "DEBIAN" && packageInfo != null && packageInfo.Name != component.JfrogPackageName) { component.CopyPackageApiUrl = component.CopyPackageApiUrl.Replace(component.JfrogPackageName, packageInfo.Name); } diff --git a/src/ArtifactoryUploader/JfrogRepoUpdater.cs b/src/ArtifactoryUploader/JfrogRepoUpdater.cs index 95d749ad..83e7f788 100644 --- a/src/ArtifactoryUploader/JfrogRepoUpdater.cs +++ b/src/ArtifactoryUploader/JfrogRepoUpdater.cs @@ -28,7 +28,7 @@ public static async Task UpdateJfrogRepoPathForSucessfullyUploadedItems(Bom List uploadedPackages = PackageUploadInformation.GetUploadePackageDetails(displayPackagesInfo); // Get the details of all the dest repo names from jfrog at once - List destRepoNames = uploadedPackages.Select(x => x.DestRepoName)?.Distinct()?.ToList() ?? new List(); + List destRepoNames = uploadedPackages.Select(x => x.DestRepoName).Distinct().ToList(); List jfrogPackagesListAql = await GetJfrogRepoInfoForAllTypePackages(destRepoNames); // Update the repo path diff --git a/src/LCT.PackageIdentifier/NpmProcessor.cs b/src/LCT.PackageIdentifier/NpmProcessor.cs index 0d610c6f..c663e98d 100644 --- a/src/LCT.PackageIdentifier/NpmProcessor.cs +++ b/src/LCT.PackageIdentifier/NpmProcessor.cs @@ -693,7 +693,10 @@ public AqlResult GetJfrogArtifactoryRepoDetials(List aqlResultList, jfrogRepoPath = GetJfrogRepoPath(aqlResult); } - aqlResult.Repo ??= NotFoundInRepo; + if (aqlResult != null) + { + aqlResult.Repo ??= NotFoundInRepo; + } return aqlResult; } diff --git a/src/LCT.PackageIdentifier/NugetDevDependencyParser.cs b/src/LCT.PackageIdentifier/NugetDevDependencyParser.cs index bad539e8..d5d89d80 100644 --- a/src/LCT.PackageIdentifier/NugetDevDependencyParser.cs +++ b/src/LCT.PackageIdentifier/NugetDevDependencyParser.cs @@ -184,7 +184,7 @@ private static void GetDirectDependencies(string filePath) var readValue = File.ReadAllText(filePath); JObject serializedContent = JObject.Parse(readValue); JToken projectFramworks = serializedContent["project"]["frameworks"]; - if (projectFramworks == null && !projectFramworks.HasValues) + if (projectFramworks == null || !projectFramworks.HasValues) { return; } @@ -203,7 +203,7 @@ private static void GetDirectDependencies(string filePath) if (projectDependencies.HasValues) { - directDepCollection = projectDependencies.Children().OfType()?.ToList() ?? new List(); + directDepCollection = projectDependencies.Children().OfType().ToList(); } foreach (var child in directDepCollection) { diff --git a/src/LCT.PackageIdentifier/NugetProcessor.cs b/src/LCT.PackageIdentifier/NugetProcessor.cs index e554e996..da538204 100644 --- a/src/LCT.PackageIdentifier/NugetProcessor.cs +++ b/src/LCT.PackageIdentifier/NugetProcessor.cs @@ -338,7 +338,10 @@ public AqlResult GetJfrogArtifactoryRepoDetials(List aqlResultList, aqlResult = aqlResults.FirstOrDefault(x => x.Repo.Equals(repoName)); jfrogRepoPath = GetJfrogRepoPath(aqlResult); } - aqlResult.Repo ??= repoName; + if (aqlResult != null) + { + aqlResult.Repo ??= repoName; + } return aqlResult; } diff --git a/src/LCT.SW360PackageCreator/CreatorValidator.cs b/src/LCT.SW360PackageCreator/CreatorValidator.cs index fa2614b3..333923fa 100644 --- a/src/LCT.SW360PackageCreator/CreatorValidator.cs +++ b/src/LCT.SW360PackageCreator/CreatorValidator.cs @@ -85,7 +85,7 @@ public static async Task TriggerFossologyValidation(CommonAppSettings appSetting else { int currentPage = page; - int totalPages = (int)(releaseResponse?.Page?.TotalPages); + int totalPages = (int)(releaseResponse?.Page?.TotalPages ?? 0); if (currentPage < totalPages - 1) { page = currentPage + 1; From 6a2affb9b08273ddb7844a30b35a01ed286cb719 Mon Sep 17 00:00:00 2001 From: Malavika Date: Mon, 24 Feb 2025 16:41:42 +0530 Subject: [PATCH 2/3] added sonar fixes --- src/LCT.Common/TelemetryHelper.cs | 2 +- src/LCT.PackageIdentifier/ConanProcessor.cs | 14 ++++++++++++-- src/LCT.PackageIdentifier/MavenProcessor.cs | 5 ++++- 3 files changed, 17 insertions(+), 4 deletions(-) diff --git a/src/LCT.Common/TelemetryHelper.cs b/src/LCT.Common/TelemetryHelper.cs index 66b87c59..9c59b568 100644 --- a/src/LCT.Common/TelemetryHelper.cs +++ b/src/LCT.Common/TelemetryHelper.cs @@ -31,7 +31,7 @@ public TelemetryHelper(CommonAppSettings appSettings) telemetry_ = new LCT.Telemetry.Telemetry(TelemetryConstant.Type, new Dictionary { - { "InstrumentationKey", appSettings.Telemetry.ApplicationInsightInstrumentKey } + { "InstrumentationKey", appSettings?.Telemetry?.ApplicationInsightInstrumentKey ?? string.Empty } }); } diff --git a/src/LCT.PackageIdentifier/ConanProcessor.cs b/src/LCT.PackageIdentifier/ConanProcessor.cs index bbfb9883..303a9682 100644 --- a/src/LCT.PackageIdentifier/ConanProcessor.cs +++ b/src/LCT.PackageIdentifier/ConanProcessor.cs @@ -392,8 +392,18 @@ private static void GetPackagesForBom(ref List lstComponentForBOM, re ConanPackage package = nodePackages.Where(x => x.Id == "0").FirstOrDefault(); List directDependencies = new List(); - if (package.Dependencies != null) { directDependencies.AddRange(package.Dependencies); } - if (package.DevDependencies != null) { directDependencies.AddRange(package.DevDependencies); } + if (package != null) + { + if (package.Dependencies != null) + { + directDependencies.AddRange(package.Dependencies); + } + + if (package.DevDependencies != null) + { + directDependencies.AddRange(package.DevDependencies); + } + } // Ignoring the root node as it is the package information node and we are anyways considering all // nodes in the lock file. diff --git a/src/LCT.PackageIdentifier/MavenProcessor.cs b/src/LCT.PackageIdentifier/MavenProcessor.cs index 1ae36d85..07e5cbb2 100644 --- a/src/LCT.PackageIdentifier/MavenProcessor.cs +++ b/src/LCT.PackageIdentifier/MavenProcessor.cs @@ -383,7 +383,10 @@ private static AqlResult GetJfrogArtifactoryRepoDetials(List aqlResul aqlResult = aqlResults.FirstOrDefault(x => x.Repo.Equals(repoName)); jfrogRepoPath = GetJfrogRepoPath(aqlResult); } - aqlResult.Repo ??= repoName; + if (aqlResult != null) + { + aqlResult.Repo ??= repoName; + } return aqlResult; } From d8f4aefc0d5277abc8077a2f8210c3bcb6dbbc53 Mon Sep 17 00:00:00 2001 From: Malavika Date: Mon, 24 Feb 2025 18:58:58 +0530 Subject: [PATCH 3/3] added sonar fixes --- src/LCT.PackageIdentifier/MavenProcessor.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/LCT.PackageIdentifier/MavenProcessor.cs b/src/LCT.PackageIdentifier/MavenProcessor.cs index 07e5cbb2..2c7212a5 100644 --- a/src/LCT.PackageIdentifier/MavenProcessor.cs +++ b/src/LCT.PackageIdentifier/MavenProcessor.cs @@ -222,7 +222,7 @@ public async Task> GetJfrogRepoDetailsOfAComponent(List