From b6c7eae7e755e14df1b3ef190a17f089350fc46b Mon Sep 17 00:00:00 2001 From: Jonathan Vila Date: Thu, 22 Jan 2026 14:21:40 +0100 Subject: [PATCH 01/12] New changes --- src/main/java/demo/security/util/DBUtils.java | 77 ------------------- src/main/java/demo/security/util/Utils.java | 1 + 2 files changed, 1 insertion(+), 77 deletions(-) diff --git a/src/main/java/demo/security/util/DBUtils.java b/src/main/java/demo/security/util/DBUtils.java index 2f1aca6..8b309ca 100644 --- a/src/main/java/demo/security/util/DBUtils.java +++ b/src/main/java/demo/security/util/DBUtils.java @@ -50,85 +50,8 @@ public void newConnect() throws SQLException { } } - public List findUsers(String user) throws Exception { - String query = "SELECT userid FROM users WHERE username = '" + user + "'"; - Statement statement = connection.createStatement(); - ResultSet resultSet = statement.executeQuery(query); - List users = new ArrayList(); - while (resultSet.next()) { - users.add(resultSet.getString(0)); - } - sumNumbers(100); - return users; - } - public List findItem(String itemId) throws Exception { - String query = "SELECT item_id FROM items WHERE item_id = '" + itemId + "'"; - Statement statement = connection.createStatement(); - ResultSet resultSet = statement.executeQuery(query); - List items = new ArrayList(); - while (resultSet.next()) { - items.add(resultSet.getString(0)); - } - return items; - } - public void sumNumbers(int max) { - int count, sum = 0; - for (int number = 1; number <= max; number++) { - count = 0; - for (int i = 2; i <= number / 2; i++) { - if (number % i == 0) { - for (int m = 2; i <= number / 2; i++) { - if (number % m == 0) { - count++; - break; - } - } - count++; - break; - } - } - if (count == 0 && number != 1) { - sum = sum + number; - } - } - System.out.println("The Sum of numbers is: " + sum); - } - /** - * Connects to the given external URL 1000 times using threads. - * Each thread performs a single connection and logs the response code. - * - * @param urlString the external URL to connect to - */ - public static void connectToExternalUrlConcurrently(String urlString) { - final int THREAD_COUNT = 1000; - Thread[] threads = new Thread[THREAD_COUNT]; - for (int i = 0; i < THREAD_COUNT; i++) { - threads[i] = Thread.ofVirtual().unstarted(() -> { - try { - URL url = new URL(urlString); - HttpURLConnection conn = (HttpURLConnection) url.openConnection(); - conn.setRequestMethod("GET"); - conn.setConnectTimeout(5000); - conn.setReadTimeout(5000); - int responseCode = conn.getResponseCode(); - conn.disconnect(); - } catch (Exception e) { - } - }); - } - for (Thread thread : threads) { - thread.start(); - } - for (Thread thread : threads) { - try { - thread.join(); - } catch (InterruptedException e) { - Thread.currentThread().interrupt(); - } - } - } } diff --git a/src/main/java/demo/security/util/Utils.java b/src/main/java/demo/security/util/Utils.java index 200026f..bda9fe7 100644 --- a/src/main/java/demo/security/util/Utils.java +++ b/src/main/java/demo/security/util/Utils.java @@ -47,6 +47,7 @@ public static void executeJs(String input) throws ScriptException { public void demo() { List mylist = List.of("a", "b", "c"); + List mylist2 = new ArrayList<>(); String element; try { element = mylist.get(4); From 8ec832fa94b91340c6619877d7e1289ad135fcca Mon Sep 17 00:00:00 2001 From: Jonathan Vila Date: Thu, 22 Jan 2026 14:27:20 +0100 Subject: [PATCH 02/12] New changes --- .github/workflows/build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 4bc8657..22bb047 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -14,10 +14,10 @@ jobs: - uses: actions/checkout@v3 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - - name: Set up JDK 17 + - name: Set up JDK 21 uses: actions/setup-java@v3 with: - java-version: 17 + java-version: 21 distribution: 'zulu' # Alternative distribution options are available. - name: Set up Maven uses: stCarolas/setup-maven@v4.5 From 1966cc66c469fa07b84bc6e8a0535862fbab1322 Mon Sep 17 00:00:00 2001 From: Jonathan Vila Date: Thu, 22 Jan 2026 14:40:09 +0100 Subject: [PATCH 03/12] New changes --- pom.xml | 1 - src/main/java/demo/security/util/DBUtils.java | 33 +++++++++++++++++++ 2 files changed, 33 insertions(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 5904828..8f63f96 100644 --- a/pom.xml +++ b/pom.xml @@ -78,7 +78,6 @@ 21 21 - --enable-preview diff --git a/src/main/java/demo/security/util/DBUtils.java b/src/main/java/demo/security/util/DBUtils.java index 8b309ca..d954634 100644 --- a/src/main/java/demo/security/util/DBUtils.java +++ b/src/main/java/demo/security/util/DBUtils.java @@ -50,8 +50,41 @@ public void newConnect() throws SQLException { } } + public List findUsers(String user) throws Exception { + String query = "SELECT userid FROM users WHERE username = '" + user + "'"; + Statement statement = connection.createStatement(); + ResultSet resultSet = statement.executeQuery(query); + List users = new ArrayList(); + while (resultSet.next()) { + users.add(resultSet.getString(0)); + } + sumNumbers(100); + return users; + } + public void sumNumbers(int max) { + int count, sum = 0; + for (int number = 1; number <= max; number++) { + count = 0; + for (int i = 2; i <= number / 2; i++) { + if (number % i == 0) { + for (int m = 2; i <= number / 2; i++) { + if (number % m == 0) { + count++; + break; + } + } + count++; + break; + } + } + if (count == 0 && number != 1) { + sum = sum + number; + } + } + System.out.println("The Sum of numbers is: " + sum); + } } From 6c924593ff306788caece890c94660bedfeed665 Mon Sep 17 00:00:00 2001 From: Jonathan Vila Date: Thu, 22 Jan 2026 14:56:19 +0100 Subject: [PATCH 04/12] New changes --- pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index 8f63f96..d0c5272 100644 --- a/pom.xml +++ b/pom.xml @@ -10,8 +10,8 @@ http://maven.apache.org UTF-8 - 21 - 21 + 17 + 17 jonathanvila https://sonarcloud.io one From 2e6dd6275ab93a98abb176117515fcb3d9751a2a Mon Sep 17 00:00:00 2001 From: Jonathan Vila Date: Thu, 22 Jan 2026 14:57:39 +0100 Subject: [PATCH 05/12] New changes --- .github/workflows/build.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 22bb047..4bc8657 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -14,10 +14,10 @@ jobs: - uses: actions/checkout@v3 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - - name: Set up JDK 21 + - name: Set up JDK 17 uses: actions/setup-java@v3 with: - java-version: 21 + java-version: 17 distribution: 'zulu' # Alternative distribution options are available. - name: Set up Maven uses: stCarolas/setup-maven@v4.5 From c331952d246194d21a640555f85ee8eaf5484102 Mon Sep 17 00:00:00 2001 From: Jonathan Vila Date: Thu, 22 Jan 2026 14:58:53 +0100 Subject: [PATCH 06/12] New changes --- pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index d0c5272..e6319fa 100644 --- a/pom.xml +++ b/pom.xml @@ -76,8 +76,8 @@ org.apache.maven.plugins maven-compiler-plugin - 21 - 21 + 17 + 17 From b7d457ee45cc118cdefb7aea2cadf3e867d11887 Mon Sep 17 00:00:00 2001 From: Jonathan Vila Date: Thu, 22 Jan 2026 15:10:45 +0100 Subject: [PATCH 07/12] New changes --- .github/workflows/build.yml | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 4bc8657..0664571 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -35,8 +35,21 @@ jobs: path: ~/.m2 key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }} restore-keys: ${{ runner.os }}-m2 - - name: Build and analyze + - name: Build #and analyze env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=jonathanvila_java-security-demo + run: mvn -B #verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=jonathanvila_java-security-demo + sonarqube: + name: SonarQube + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + - name: SonarQube Scan + uses: SonarSource/sonarqube-scan-action@v6 + env: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_PROJECTKEY: jonathanvila_java-security-demo \ No newline at end of file From 74a7201b7287d9607544252f1aa099ed1711d6ae Mon Sep 17 00:00:00 2001 From: Jonathan Vila Date: Thu, 22 Jan 2026 15:56:31 +0100 Subject: [PATCH 08/12] New changes --- .github/workflows/build.yml | 15 +-------------- 1 file changed, 1 insertion(+), 14 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 0664571..3049910 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -39,17 +39,4 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: mvn -B #verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=jonathanvila_java-security-demo - sonarqube: - name: SonarQube - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - - name: SonarQube Scan - uses: SonarSource/sonarqube-scan-action@v6 - env: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - SONAR_PROJECTKEY: jonathanvila_java-security-demo \ No newline at end of file + run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=jonathanvila_java-security-demo From c64d08767916c62b755808ba3570304da5a3608d Mon Sep 17 00:00:00 2001 From: Jonathan Vila Date: Thu, 22 Jan 2026 16:53:30 +0100 Subject: [PATCH 09/12] New changes --- src/main/java/demo/security/util/DBUtils.java | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/main/java/demo/security/util/DBUtils.java b/src/main/java/demo/security/util/DBUtils.java index d954634..079e2d7 100644 --- a/src/main/java/demo/security/util/DBUtils.java +++ b/src/main/java/demo/security/util/DBUtils.java @@ -39,8 +39,9 @@ public DBUtils() throws SQLException { } public void newConnect() throws SQLException { + String myJDBCPasswd = "myJDBCPasswd"; connection = DriverManager.getConnection( - "mYJDBCUrl", "myJDBCUser", "myJDBCPasswd"); + "mYJDBCUrl", "myJDBCUser", myJDBCPasswd); ArrayList list = new ArrayList<>(); list.add("hola"); From 9580fd1b2c036e43232171fad97ce5bd5655d735 Mon Sep 17 00:00:00 2001 From: Jonathan Vila Date: Thu, 22 Jan 2026 18:05:36 +0100 Subject: [PATCH 10/12] New changes --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 3049910..4556074 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -39,4 +39,4 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=jonathanvila_java-security-demo + run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=autocoderoversg_java-security-demo From 5f83412cdf9897c94a8684c3d37cdf126f3c6d3b Mon Sep 17 00:00:00 2001 From: Jonathan Vila Date: Thu, 22 Jan 2026 18:13:59 +0100 Subject: [PATCH 11/12] New changes --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index e6319fa..cdbc727 100644 --- a/pom.xml +++ b/pom.xml @@ -12,7 +12,7 @@ UTF-8 17 17 - jonathanvila + autocoderoversg https://sonarcloud.io one From 2ff7f901dbf7d58ffd22a85af19ebd2a14a7706e Mon Sep 17 00:00:00 2001 From: Jonathan Vila Date: Thu, 22 Jan 2026 18:18:53 +0100 Subject: [PATCH 12/12] New changes --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index cdbc727..e976ffa 100644 --- a/pom.xml +++ b/pom.xml @@ -86,7 +86,7 @@ org.sonarsource.scanner.maven sonar-maven-plugin - 3.9.1.2184 + 4.0.0.4121