combinators · JanBessai · Feb 8, 2021 · Feb 8, 2021 · Feb 8, 2021 · Feb 8, 2021
diff --git a/.github/workflows/generate-repository.yml b/.github/workflows/generate-repository.yml
@@ -4,7 +4,6 @@ on:
   push:
     branches: [ master ]
   pull_request:
-    branches: [ master ]
 
 jobs:
   build:
@@ -14,16 +13,13 @@ jobs:
     steps:
     - name: checkout
       uses: actions/checkout@v2
-    - name: Set up JDK 12
-      uses: actions/setup-java@v1.3.0
+    - name: Set up JDK, Scala, and SBT
+      uses: olafurpg/setup-scala@v10
       with:
-        java-version: 12
+        java-version: adopt@1.15
     - name: compile, run, and test
       run: |
-        sbt run && sleep 4m &
-        sleep 130s
-        cd /tmp
-        git clone http://127.0.0.1:9000/benchmark42 benchmark42
-        cd /tmp/benchmark42
+        sbt run
+        cd target/benchmarks
         sbt compile
 
diff --git a/.gitignore b/.gitignore
@@ -213,3 +213,5 @@ tags
 
 .idea/
 project/metals.sbt
+
+.bsp/sbt.json
diff --git a/.scalafmt.conf b/.scalafmt.conf
@@ -0,0 +1,2 @@
+version = 2.4.2
+rewrite.rules = [ AvoidInfix, SortImports ]
diff --git a/build.sbt b/build.sbt
@@ -2,7 +2,7 @@ lazy val commonSettings = Seq(
   version := "1.0.0-SNAPSHOT",
   organization := "org.combinators",
 
-  scalaVersion := "2.12.10",
+  scalaVersion := "2.12.13",
 
   resolvers ++= Seq(
     Resolver.sonatypeRepo("releases"),
@@ -13,18 +13,19 @@ lazy val commonSettings = Seq(
     "-unchecked",
     "-deprecation",
     "-feature",
-    "-language:implicitConversions"
+    "-language:implicitConversions",
+    "-Ypartial-unification"
   ),
 
   libraryDependencies ++= Seq(
     "org.combinators" %% "templating" % "1.1.0",
-    "org.scalactic" %% "scalactic" % "3.0.1" % "test",
-    "org.scalatest" %% "scalatest" % "3.0.1" % "test"
+    "org.scalactic" %% "scalactic" % "3.2.2" % "test",
+    "org.scalatest" %% "scalatest" % "3.2.2" % "test"
   ),
 
   headerLicense := Some(HeaderLicense.Custom(
     """|Websecbench is a suite of web security benchmarks generated by (CL)S.
-       |Copyright (C) 2020  Jan Bessai and Malte Mues
+       |Copyright (C) 2021  Jan Bessai and Malte Mues
        |
        |This program is free software; you can redistribute it and/or
        |modify it under the terms of the GNU General Public License
@@ -40,19 +41,25 @@ lazy val commonSettings = Seq(
        |along with this program; if not, write to the Free Software
        |Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
        |""".stripMargin
-	))
-
+	)),
+  scapegoatVersion in ThisBuild := "1.4.7",
+  scapegoatDisabledInspections := Seq(
+    "EmptyInterpolatedString",
+    "UnsafeTraversableMethods"
+  )
 )
 
 lazy val root = (Project(id = "websecbench", base = file(".")))
   .settings(commonSettings: _*)
   .settings(
     moduleName := "websecbench",
     libraryDependencies ++= Seq(
-      "org.combinators" %% "cls-scala" % "2.0.0+12-8d994c6b",
+      "org.combinators" %% "cls-scala" % "3.0.0",
       "org.scalameta" %% "scalameta" % "3.4.0",
       "org.scalameta" %% "contrib" % "3.4.0",
-      "org.combinators" %% "jgitserv" % "0.0.1"
+      "org.combinators" %% "jgitserv" % "0.0.1",
+      "org.typelevel" %% "cats-core" % "2.3.1",
+      "org.typelevel" %% "cats-effect" % "2.3.1"
     )
 
   )

diff --git a/project/build.properties b/project/build.properties
@@ -1 +1 @@
-sbt.version = 1.0.4
+sbt.version = 1.4.7
diff --git a/project/plugins.sbt b/project/plugins.sbt
@@ -1 +1,3 @@
-addSbtPlugin("de.heikoseeberger" % "sbt-header" % "5.4.0")
+addSbtPlugin("de.heikoseeberger" % "sbt-header" % "5.6.0")
+addSbtPlugin("com.sksamuel.scapegoat" %% "sbt-scapegoat" % "1.1.0")
+addSbtPlugin("org.scalameta" % "sbt-scalafmt" % "2.4.2")
diff --git a/src/main/resources/org/owasp/benchmark/helpers/Utils.java b/src/main/resources/org/owasp/benchmark/helpers/Utils.java
@@ -1,6 +1,6 @@
 /*
  * Websecbench is a suite of web security benchmarks generated by (CL)S.
- * Copyright (C) 2020  Jan Bessai and Malte Mues
+ * Copyright (C) 2021  Jan Bessai and Malte Mues
  *
  * This program is free software; you can redistribute it and/or
  * modify it under the terms of the GNU General Public License

diff --git a/src/main/scala/org/combinators/websecbench/CodeGenerator.scala b/src/main/scala/org/combinators/websecbench/CodeGenerator.scala
@@ -1,6 +1,6 @@
 /*
  * Websecbench is a suite of web security benchmarks generated by (CL)S.
- * Copyright (C) 2020  Jan Bessai and Malte Mues
+ * Copyright (C) 2021  Jan Bessai and Malte Mues
  *
  * This program is free software; you can redistribute it and/or
  * modify it under the terms of the GNU General Public License
@@ -28,17 +28,16 @@ import com.github.javaparser.ast.stmt.Statement
 import org.combinators.templating.persistable.{JavaPersistable, Persistable}
 import org.combinators.templating.twirl.Java
 
-case class CodeGenerator[NodeType](
-  methods: List[MethodDeclaration],
-  currentNode: NodeType,
-  toMethodBody: NodeType => Seq[Statement],
-  unitTests : Seq[CompilationUnit],
-  metaData: Seq[MetaData],
-  sourceData: Seq[TaintSource]
+final case class CodeGenerator[NodeType](
+    methods: List[MethodDeclaration],
+    currentNode: NodeType,
+    toMethodBody: NodeType => Seq[Statement],
+    unitTests: Seq[CompilationUnit],
+    metaData: Seq[MetaData],
+    sourceData: Seq[TaintSource]
 ) {
   def toCode(benchmarkName: String): CompilationUnit = {
-    Java(
-      s"""
+    Java(s"""
          |import javax.servlet.http.HttpServlet;
          |import javax.servlet.http.HttpServletRequest;
          |import javax.servlet.http.HttpServletResponse;
@@ -58,26 +57,27 @@ case class CodeGenerator[NodeType](
   }
 
   def vulnerabilityReport(benchmarkName: String): String = {
-    metaData.map(n =>{
-      n.getTaintSources.intersect(sourceData).isEmpty match {
-        case true => n.makeSafe.toReportElement(benchmarkName)
-        case false => n.toReportElement(benchmarkName)
-      }
-    }).mkString("\n")
+    metaData
+      .map(n => {
+        n.getTaintSources.intersect(sourceData).isEmpty match {
+          case true  => n.makeSafe.toReportElement(benchmarkName)
+          case false => n.toReportElement(benchmarkName)
+        }
+      })
+      .mkString("\n")
   }
 }
 
-
 object CodeGenerator {
   def requestExpr: Expression =
     Java(s"request").expression()
 
   def responseExpr: Expression =
     Java(s"response").expression()
 
-
-
-  def compilationUnitPersistable[A](benchmarkName: String)(implicit javaPersistable: Persistable.Aux[CompilationUnit]): Persistable.Aux[CodeGenerator[A]] =
+  def compilationUnitPersistable[A](benchmarkName: String)(
+      implicit javaPersistable: Persistable.Aux[CompilationUnit]
+  ): Persistable.Aux[CodeGenerator[A]] =
     new Persistable {
       type T = CodeGenerator[A]
       def rawText(elem: CodeGenerator[A]) =
@@ -87,13 +87,15 @@ object CodeGenerator {
         javaPersistable.path(elem.toCode(benchmarkName))
     }
 
-  def vulnerabilityReportPersistable[A](benchmarkName: String): Persistable.Aux[CodeGenerator[A]] =
+  def vulnerabilityReportPersistable[A](
+      benchmarkName: String
+  ): Persistable.Aux[CodeGenerator[A]] =
     new Persistable {
       type T = CodeGenerator[A]
       def rawText(elem: CodeGenerator[A]): Array[Byte] =
         elem.vulnerabilityReport(benchmarkName).getBytes(StandardCharsets.UTF_8)
 
-      def path(elem: CodeGenerator[A]): Path = 
+      def path(elem: CodeGenerator[A]): Path =
         Paths.get(".", "src", "main", "reports", s"$benchmarkName.xml")
     }
 }
diff --git a/src/main/scala/org/combinators/websecbench/ComponentTag.scala b/src/main/scala/org/combinators/websecbench/ComponentTag.scala
@@ -1,6 +1,6 @@
 /*
  * Websecbench is a suite of web security benchmarks generated by (CL)S.
- * Copyright (C) 2020  Jan Bessai and Malte Mues
+ * Copyright (C) 2021  Jan Bessai and Malte Mues
  *
  * This program is free software; you can redistribute it and/or
  * modify it under the terms of the GNU General Public License
Original file line number	Diff line number	Diff line change
Expand Up		@@ -213,3 +213,5 @@ tags

		.idea/
		project/metals.sbt

		.bsp/sbt.json
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		version = 2.4.2
		rewrite.rules = [ AvoidInfix, SortImports ]