From 171cef683e6049b76a3a0ea689577adee51dcfbe Mon Sep 17 00:00:00 2001 From: Roberto Moura Date: Sat, 5 Oct 2024 22:16:51 +0100 Subject: [PATCH] Fix 'Format string argument allowing user controlled parameters' error --- .../StashRepository.java | 46 +++++++++---------- 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/src/main/java/stashpullrequestbuilder/stashpullrequestbuilder/StashRepository.java b/src/main/java/stashpullrequestbuilder/stashpullrequestbuilder/StashRepository.java index a173baa4..14dbcf81 100644 --- a/src/main/java/stashpullrequestbuilder/stashpullrequestbuilder/StashRepository.java +++ b/src/main/java/stashpullrequestbuilder/stashpullrequestbuilder/StashRepository.java @@ -49,20 +49,17 @@ public class StashRepository { private static final Logger logger = Logger.getLogger(MethodHandles.lookup().lookupClass().getName()); - private static final String BUILD_START_MARKER = "[*BuildStarted* **%s**] %s into %s"; - private static final String BUILD_FINISH_MARKER = "[*BuildFinished* **%s**] %s into %s"; - private static final String BUILD_CANCEL_MARKER = "[*BuildCanceled* **%s**] %s into %s"; - - private static final String BUILD_START_REGEX = - "\\[\\*BuildStarted\\* \\*\\*%s\\*\\*\\] ([0-9a-fA-F]+) into ([0-9a-fA-F]+)"; - private static final String BUILD_FINISH_REGEX = - "\\[\\*BuildFinished\\* \\*\\*%s\\*\\*\\] ([0-9a-fA-F]+) into ([0-9a-fA-F]+)"; - private static final String BUILD_CANCEL_REGEX = - "\\[\\*BuildCanceled\\* \\*\\*%s\\*\\*\\] ([0-9a-fA-F]+) into ([0-9a-fA-F]+)"; - private static final String[] BUILD_REGEXES = {BUILD_START_REGEX, BUILD_FINISH_REGEX, BUILD_CANCEL_REGEX}; + private static final String BUILD_START_MESSAGE = "BuildStarted"; + private static final String BUILD_FINISH_MESSAGE = "BuildFinished"; + private static final String BUILD_CANCEL_MESSAGE = "BuildCanceled"; + private static final String[] BUILD_STATUSES = {BUILD_START_MESSAGE, BUILD_FINISH_MESSAGE, BUILD_CANCEL_MESSAGE}; + private static final String BUILD_MARKER = "[*%s* **%s**] %s into %s"; + + private static final String BUILD_STATUS_REGEX = + "\\[\\*%s\\* \\*\\*%s\\*\\*\\] ([0-9a-fA-F]+) into ([0-9a-fA-F]+)"; private static final String BUILD_FINISH_SENTENCE = - BUILD_FINISH_MARKER + " %n%n **[%s](%s)** - Build *#%d* which took *%s*"; + " %n%n **[%s](%s)** - Build *#%d* which took *%s*"; private static final String BUILD_SUCCESS_COMMENT = "✓ BUILD SUCCESS"; private static final String BUILD_FAILURE_COMMENT = "✕ BUILD FAILURE"; @@ -148,8 +145,8 @@ private boolean shouldSkip(StashPullRequestResponseValue pullRequest) { private boolean isStatusMessage(String content) { String escapedBuildName = Pattern.quote(job.getDisplayName()); - for (String pattern : BUILD_REGEXES) { - String buildStatusMessage = String.format(pattern, escapedBuildName); + for (String buildStatus : BUILD_STATUSES) { + String buildStatusMessage = String.format(BUILD_STATUS_REGEX, buildStatus, escapedBuildName); Matcher matcher = Pattern.compile(buildStatusMessage, Pattern.CASE_INSENSITIVE).matcher(content); if (matcher.find()) { @@ -262,8 +259,8 @@ private List getBuildTargetsWithoutOnlyBuildOnComme // These will match any start or finish message -- need to check commits String escapedBuildName = Pattern.quote(job.getDisplayName()); - String project_build_start = String.format(BUILD_START_REGEX, escapedBuildName); - String project_build_finished = String.format(BUILD_FINISH_REGEX, escapedBuildName); + String project_build_start = String.format(BUILD_STATUS_REGEX, BUILD_START_MESSAGE, escapedBuildName); + String project_build_finished = String.format(BUILD_STATUS_REGEX, BUILD_FINISH_MESSAGE, escapedBuildName); Matcher startMatcher = Pattern.compile(project_build_start, Pattern.CASE_INSENSITIVE).matcher(content); Matcher finishMatcher = @@ -313,7 +310,7 @@ private List getBuildTargetsWithoutOnlyBuildOnComme private String postBuildStartComment( StashPullRequestResponseValue pullRequest, Integer buildCommandCommentId) throws StashApiException { - return postBuildStatusComment(pullRequest, buildCommandCommentId, BUILD_START_MARKER); + return postBuildStatusComment(pullRequest, buildCommandCommentId, BUILD_START_MESSAGE); } /** @@ -326,15 +323,15 @@ private String postBuildStartComment( private String postBuildCancelComment( StashPullRequestResponseValue pullRequest, Integer buildCommandCommentId) throws StashApiException { - return postBuildStatusComment(pullRequest, buildCommandCommentId, BUILD_CANCEL_MARKER); + return postBuildStatusComment(pullRequest, buildCommandCommentId, BUILD_CANCEL_MESSAGE); } private String postBuildStatusComment( - StashPullRequestResponseValue pullRequest, Integer buildCommandCommentId, String marker) + StashPullRequestResponseValue pullRequest, Integer buildCommandCommentId, String buildMessage) throws StashApiException { String sourceCommit = pullRequest.getFromRef().getLatestCommit(); String destinationCommit = pullRequest.getToRef().getLatestCommit(); - String comment = format(marker, job.getDisplayName(), sourceCommit, destinationCommit); + String comment = format(BUILD_MARKER, buildMessage, job.getDisplayName(), sourceCommit, destinationCommit); StashPullRequestComment commentResponse; commentResponse = this.client.postPullRequestComment(pullRequest.getId(), comment, buildCommandCommentId); @@ -582,10 +579,13 @@ public void postFinishedComment( String message = getMessageForBuildResult(buildResult); String comment = format( - BUILD_FINISH_SENTENCE, + BUILD_MARKER, + BUILD_FINISH_MESSAGE, job.getDisplayName(), sourceCommit, - destinationCommit, + destinationCommit) + + format( + BUILD_FINISH_SENTENCE, message, buildUrl, buildNumber, @@ -684,7 +684,7 @@ private void deletePreviousBuildFinishedComments(StashPullRequestResponseValue p continue; } - String project_build_finished = format(BUILD_FINISH_REGEX, job.getDisplayName()); + String project_build_finished = format(BUILD_STATUS_REGEX, BUILD_FINISH_MESSAGE, job.getDisplayName()); Matcher finishMatcher = Pattern.compile(project_build_finished, Pattern.CASE_INSENSITIVE).matcher(content);