From 5a3feb630aa3ad8bb80fed350e44be4914aa0b39 Mon Sep 17 00:00:00 2001 From: filip Date: Wed, 15 Jan 2025 13:51:42 +0100 Subject: [PATCH 1/3] Update dependencies to support java 21 --- java/common/pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/java/common/pom.xml b/java/common/pom.xml index 39cfc2d..81ef4ca 100644 --- a/java/common/pom.xml +++ b/java/common/pom.xml @@ -23,7 +23,7 @@ org.soot-oss soot - 4.4.1 + 4.6.0 info.picocli @@ -33,7 +33,7 @@ org.json json - 20211205 + 20220320 From 4c75816e352f18fc38f7f4c74d1f003a842e8ea2 Mon Sep 17 00:00:00 2001 From: Oscar Reimer Date: Wed, 15 Jan 2025 14:29:20 +0100 Subject: [PATCH 2/3] Update all workflows with latest actions and build using Java 21 --- .github/workflows/docker.yml | 30 +++++++++++++------------- .github/workflows/java.yml | 2 +- .github/workflows/vulnfunc_generic.yml | 9 ++++---- .github/workflows/vulnfunc_maven.yml | 4 ++-- 4 files changed, 23 insertions(+), 22 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index e40e635..e40aa72 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -8,29 +8,29 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Get identifier run: echo "IDENTIFIER=${GITHUB_REF##*/}" >> $GITHUB_ENV - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 + uses: docker/setup-buildx-action@v3 - name: Login to DockerHub - uses: docker/login-action@v1 + uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Login to GitHub Container Registry - uses: docker/login-action@v1 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push - uses: docker/build-push-action@v2 + uses: docker/build-push-action@v6 with: context: . file: java/maven/Dockerfile @@ -45,29 +45,29 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Get identifier run: echo "IDENTIFIER=${GITHUB_REF##*/}" >> $GITHUB_ENV - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 + uses: docker/setup-buildx-action@v3 - name: Login to DockerHub - uses: docker/login-action@v1 + uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Login to GitHub Container Registry - uses: docker/login-action@v1 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push - uses: docker/build-push-action@v2 + uses: docker/build-push-action@v6 with: context: . file: java/gradle/Dockerfile @@ -82,29 +82,29 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Get identifier run: echo "IDENTIFIER=${GITHUB_REF##*/}" >> $GITHUB_ENV - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 + uses: docker/setup-buildx-action@v3 - name: Login to DockerHub - uses: docker/login-action@v1 + uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Login to GitHub Container Registry - uses: docker/login-action@v1 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push - uses: docker/build-push-action@v2 + uses: docker/build-push-action@v6 with: context: . file: java/Dockerfile diff --git a/.github/workflows/java.yml b/.github/workflows/java.yml index f3b1823..b6781e8 100644 --- a/.github/workflows/java.yml +++ b/.github/workflows/java.yml @@ -11,7 +11,7 @@ jobs: working-directory: java steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Set up JDK 11 uses: actions/setup-java@v2 with: diff --git a/.github/workflows/vulnfunc_generic.yml b/.github/workflows/vulnfunc_generic.yml index 7b74102..df5d30d 100644 --- a/.github/workflows/vulnfunc_generic.yml +++ b/.github/workflows/vulnfunc_generic.yml @@ -7,12 +7,13 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: actions/setup-java@v1 + - uses: actions/checkout@v4 + - uses: actions/setup-java@v4 with: - java-version: '11' + java-version: '21' + distribution: 'temurin' - run: mvn -B -f java/common package dependency:copy-dependencies -DoutputDirectory=dependencies -DskipTests - - uses: debricked/vulnerable-functionality/java@master + - uses: ./java with: path-to-compiled-files: 'java/common/target/classes/' path-to-library-files: 'java/common/dependencies' diff --git a/.github/workflows/vulnfunc_maven.yml b/.github/workflows/vulnfunc_maven.yml index 7d24b2d..60f68cd 100644 --- a/.github/workflows/vulnfunc_maven.yml +++ b/.github/workflows/vulnfunc_maven.yml @@ -7,7 +7,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: debricked/vulnerable-functionality/java/maven@master + - uses: actions/checkout@v4 + - uses: ./java/maven with: root-pom-directory: 'java/common' From c507f41a78e9b175f814df9bb9e72a66a7042297 Mon Sep 17 00:00:00 2001 From: Oscar Reimer Date: Wed, 15 Jan 2025 14:32:13 +0100 Subject: [PATCH 3/3] Update references to old repo to current one --- .github/workflows/docker.yml | 12 ++++++------ java/action.yml | 2 +- java/gradle/action.yml | 2 +- java/maven/action.yml | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index e40aa72..61657ef 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -37,8 +37,8 @@ jobs: platforms: linux/amd64 push: true tags: | - ghcr.io/debricked/vulnerable-functionality-maven:${{ env.IDENTIFIER }} - debricked/vulnerable-functionality-maven:${{ env.IDENTIFIER }} + ghcr.io/debricked/soot-wrapper-maven:${{ env.IDENTIFIER }} + debricked/soot-wrapper-maven:${{ env.IDENTIFIER }} docker-gradle: runs-on: ubuntu-latest @@ -74,8 +74,8 @@ jobs: platforms: linux/amd64 push: true tags: | - ghcr.io/debricked/vulnerable-functionality-gradle:${{ env.IDENTIFIER }} - debricked/vulnerable-functionality-gradle:${{ env.IDENTIFIER }} + ghcr.io/debricked/soot-wrapper-gradle:${{ env.IDENTIFIER }} + debricked/soot-wrapper-gradle:${{ env.IDENTIFIER }} docker-java: runs-on: ubuntu-latest @@ -111,5 +111,5 @@ jobs: platforms: linux/amd64 push: true tags: | - ghcr.io/debricked/vulnerable-functionality-java:${{ env.IDENTIFIER }} - debricked/vulnerable-functionality-java:${{ env.IDENTIFIER }} + ghcr.io/debricked/soot-wrapper-java:${{ env.IDENTIFIER }} + debricked/soot-wrapper-java:${{ env.IDENTIFIER }} diff --git a/java/action.yml b/java/action.yml index 8e17466..0b73ef1 100644 --- a/java/action.yml +++ b/java/action.yml @@ -10,7 +10,7 @@ inputs: required: true runs: using: docker - image: docker://debricked/vulnerable-functionality-java:master + image: docker://debricked/soot-wrapper-java:master entrypoint: /vulnfunc/java/github-action.sh args: - ${{ inputs.path-to-compiled-files }} diff --git a/java/gradle/action.yml b/java/gradle/action.yml index 1409b1c..82db726 100644 --- a/java/gradle/action.yml +++ b/java/gradle/action.yml @@ -8,7 +8,7 @@ inputs: default: '.' runs: using: docker - image: docker://debricked/vulnerable-functionality-gradle:master + image: docker://debricked/soot-wrapper-gradle:master entrypoint: /vulnfunc/java/gradle/github-action.sh args: - ${{ inputs.root-build-gradle-directory }} diff --git a/java/maven/action.yml b/java/maven/action.yml index 1947a2f..4bba95b 100644 --- a/java/maven/action.yml +++ b/java/maven/action.yml @@ -12,7 +12,7 @@ inputs: default: 'target/classes' runs: using: docker - image: docker://debricked/vulnerable-functionality-maven:master + image: docker://debricked/soot-wrapper-maven:master entrypoint: /vulnfunc/java/maven/github-action.sh args: - ${{ inputs.root-pom-directory }}