Merge branch 'master' into renovate/major-jetty-monorepo

Author: martin-strecker-sonarsource

.pre-commit-config.yaml

@@ -0,0 +1,7 @@
+default_install_hook_types: [pre-push]
+repos:
+-   repo: https://github.com/SonarSource/sonar-secrets-pre-commit
+    rev: v2.30.0.8284
+    hooks:
+    -   id: sonar-secrets
+        stages: [pre-push]

CONTRIBUTING.md

@@ -68,3 +68,8 @@ In our CI/CD pipeline, we use the following:
 - SONARCLOUD_PROJECT_TOKEN=[user-token]
 
 These can be set either on the operating system or your preferred IDE test run configuration.
+
+## `sonar-secrets-pre-commit` hook
+
+If you are Sonar internal use `sonar-secrets-pre-commit` to prevent pushing secrets to the repository. The hook is configured in [.pre-commit-hooks.yaml](.pre-commit-hooks.yaml). Follow the instructions in the [`sonar-secrets-pre-commit` README](https://github.com/SonarSource/sonar-secrets-pre-commit?tab=readme-ov-file) to activate it.
+Despite its name, the secrets check is configured as a pre-push hook.

Tests/SonarScanner.MSBuild.PreProcessor.Test/AnalysisConfigProcessing/AnalysisConfigGeneratorTests.cs

@@ -314,20 +314,24 @@ public void GenerateFile_WritesSonarQubeVersion()
     }
 
     [TestMethod]
-    [DataRow("java1.exe", "", "java1.exe")]
-    [DataRow("java1.exe", " ", "java1.exe")]
-    [DataRow("java1.exe", null, "java1.exe")]
-    [DataRow("", "java2.exe", "java2.exe")]
-    [DataRow("  ", "java2.exe", "java2.exe")]
-    [DataRow(null, "java2.exe", "java2.exe")]
-    [DataRow("java1.exe", "java2.exe", "java1.exe")]
+    [DataRow("java.exe", "", "/Absolute/Path/SetByUser/java.exe")]
+    [DataRow("java.exe", " ", "/Absolute/Path/SetByUser/java.exe")]
+    [DataRow("java.exe", null, "/Absolute/Path/SetByUser/java.exe")]
+    [DataRow("", "java.exe", "/Absolute/Path/Resolved/java.exe")]
+    [DataRow("  ", "java.exe", "/Absolute/Path/Resolved/java.exe")]
+    [DataRow(null, "java.exe", "/Absolute/Path/Resolved/java.exe")]
+    [DataRow("java.exe", "resolvedJava.exe", "/Absolute/Path/SetByUser/java.exe")]
     public void GenerateFile_JavaExePath_Cases(string setByUser, string resolved, string expected)
     {
         var analysisDir = TestUtils.CreateTestSpecificFolderWithSubPaths(TestContext);
         var settings = BuildSettings.CreateSettingsForTesting(analysisDir);
         Directory.CreateDirectory(settings.SonarConfigDirectory);
         var commandLineArguments = new ListPropertiesProvider([new Property(SonarProperties.JavaExePath, setByUser)]);
         var runtime = new TestRuntime();
+        runtime.Directory.GetFullPath(setByUser).Returns("/Absolute/Path/SetByUser/" + setByUser);
+        runtime.Directory.GetFullPath(resolved).Returns("/Absolute/Path/Resolved/" + resolved);
+        runtime.Directory.GetFullPath(null).Returns((string)null);
+
         var args = CreateProcessedArgs(commandLineArguments, EmptyPropertyProvider.Instance, runtime);
 
         var config = AnalysisConfigGenerator.GenerateFile(args, settings, [], EmptyProperties, [], "1.2.3.4", resolved, null, null, runtime);
@@ -336,18 +340,21 @@ public void GenerateFile_JavaExePath_Cases(string setByUser, string resolved, st
     }
 
     [TestMethod]
-    [DataRow("userEngine.jar", "", "userEngine.jar")]
-    [DataRow("userEngine.jar", " ", "userEngine.jar")]
-    [DataRow("userEngine.jar", null, "userEngine.jar")]
-    [DataRow("", "resolvedEngine.jar", "resolvedEngine.jar")]
-    [DataRow("  ", "resolvedEngine.jar", "resolvedEngine.jar")]
-    [DataRow(null, "resolvedEngine.jar", "resolvedEngine.jar")]
-    [DataRow("userEngine.jar", "resolvedEngine.jar", "userEngine.jar")]
+    [DataRow("userEngine.jar", "", "/Absolute/Path/SetByUser/userEngine.jar")]
+    [DataRow("userEngine.jar", " ", "/Absolute/Path/SetByUser/userEngine.jar")]
+    [DataRow("userEngine.jar", null, "/Absolute/Path/SetByUser/userEngine.jar")]
+    [DataRow("", "resolvedEngine.jar", "/Absolute/Path/Resolved/resolvedEngine.jar")]
+    [DataRow("  ", "resolvedEngine.jar", "/Absolute/Path/Resolved/resolvedEngine.jar")]
+    [DataRow(null, "resolvedEngine.jar", "/Absolute/Path/Resolved/resolvedEngine.jar")]
+    [DataRow("userEngine.jar", "resolvedEngine.jar", "/Absolute/Path/SetByUser/userEngine.jar")]
     public void GenerateFile_ScannerEngine(string setByUser, string resolved, string expected)
     {
         var settings = BuildSettings.CreateSettingsForTesting(TestUtils.CreateTestSpecificFolderWithSubPaths(TestContext));
         Directory.CreateDirectory(settings.SonarConfigDirectory);
         var runtime = new TestRuntime();
+        runtime.Directory.GetFullPath(setByUser).Returns("/Absolute/Path/SetByUser/" + setByUser);
+        runtime.Directory.GetFullPath(resolved).Returns("/Absolute/Path/Resolved/" + resolved);
+        runtime.Directory.GetFullPath(null).Returns((string)null);
         var args = CreateProcessedArgs(new ListPropertiesProvider([new Property(SonarProperties.EngineJarPath, setByUser)]), EmptyPropertyProvider.Instance, runtime);
 
         var config = AnalysisConfigGenerator.GenerateFile(args, settings, [], EmptyProperties, [], "1.2.3.4", null, resolved, null, runtime);
@@ -359,10 +366,11 @@ public void GenerateFile_ScannerEngine(string setByUser, string resolved, string
     public void GenerateFile_ScannerCliPath()
     {
         var settings = BuildSettings.CreateSettingsForTesting(TestUtils.CreateTestSpecificFolderWithSubPaths(TestContext));
-
-        AnalysisConfigGenerator.GenerateFile(CreateProcessedArgs(), settings, [], EmptyProperties, [], "1.2.3.4", null, null, "sonar-scanner", new TestRuntime())
+        var runtime = new TestRuntime();
+        runtime.Directory.GetFullPath("sonar-scanner").Returns(Path.Combine(TestUtils.DriveRoot(), "sonar-scanner"));
+        AnalysisConfigGenerator.GenerateFile(CreateProcessedArgs(), settings, [], EmptyProperties, [], "1.2.3.4", null, null, "sonar-scanner", runtime)
             .SonarScannerCliPath
-            .Should().Be("sonar-scanner");
+            .Should().Be(Path.Combine(TestUtils.DriveRoot(), "sonar-scanner"));
     }
 
     [TestMethod]

Tests/SonarScanner.MSBuild.PreProcessor.Test/AnalysisConfigProcessing/Processors/TruststorePropertiesProcessorTests.cs

@@ -165,7 +165,8 @@ public void Update_DefaultPropertyValues()
         cmdLineArgs.AddProperty(SonarProperties.HostUrl, "https://localhost:9000");
         var fileWrapper = Substitute.For<IFileWrapper>();
         fileWrapper.Exists(defaultTruststorePath).Returns(true);
-        var processor = CreateProcessor(CreateProcessedArgs(cmdLineArgs, fileWrapper));
+        var runtime = new TestRuntime();
+        var processor = CreateProcessor(CreateProcessedArgs(cmdLineArgs, fileWrapper), runtime);
         var config = new AnalysisConfig { LocalSettings = [new Property(SonarProperties.UserHome, sonarUserHome)] };
 
         processor.Update(config);
@@ -174,6 +175,7 @@ public void Update_DefaultPropertyValues()
         config.ScannerOptsSettings.Should().ContainSingle()
             .Which.Should().Match<Property>(x => x.Id == "javax.net.ssl.trustStore" && x.Value == $"\"{defaultTruststorePath.Replace(Path.DirectorySeparatorChar, Path.AltDirectorySeparatorChar)}\"");
         config.HasBeginStepCommandLineTruststorePassword.Should().BeFalse();
+        runtime.Directory.Received(1).GetFullPath(defaultTruststorePath);
     }
 
     [TestMethod]
@@ -216,6 +218,33 @@ public void Update_MapsTruststorePathToScannerOpts_Windows(string input, string
         Property.TryGetProperty(SonarProperties.TruststorePassword, config.LocalSettings, out _).Should().BeFalse();
     }
 
+    [TestMethod]
+    [DataRow("../relative/path/to/truststore.pfx")]
+    [DataRow("../path/to/My trustore.pfx")]
+    [DataRow("\"../path/to/My trustore.pfx\"")]
+    [DataRow("'../path/to/My trustore.pfx'")]
+    public void Update_MapsTruststorePathToScannerOpts_RelativePathSavedAsAbsolute(string input)
+    {
+        var cmdLineArgs = new ListPropertiesProvider();
+        var trimmedInput = input.Trim('\"', '\'');
+        var absolutePath = Path.Combine(TestUtils.DriveRoot(), trimmedInput);
+        cmdLineArgs.AddProperty(SonarProperties.HostUrl, "https://localhost:9000");
+        cmdLineArgs.AddProperty(SonarProperties.TruststorePath, input);
+        var runtime = new TestRuntime();
+        runtime.Directory.GetFullPath(trimmedInput).Returns(absolutePath);
+        var processor = CreateProcessor(CreateProcessedArgs(cmdLineArgs), runtime);
+        var config = new AnalysisConfig { LocalSettings = [new Property(SonarProperties.TruststorePath, input)] };
+
+        processor.Update(config);
+
+        config.LocalSettings.Should().BeEmpty();
+        config.ScannerOptsSettings.Should().ContainSingle();
+        config.HasBeginStepCommandLineTruststorePassword.Should().BeFalse();
+        AssertExpectedScannerOptsSettings("javax.net.ssl.trustStore", "\"" + absolutePath.Replace(Path.DirectorySeparatorChar, Path.AltDirectorySeparatorChar) + "\"", config);
+        Property.TryGetProperty(SonarProperties.TruststorePath, config.LocalSettings, out _).Should().BeFalse();
+        Property.TryGetProperty(SonarProperties.TruststorePassword, config.LocalSettings, out _).Should().BeFalse();
+    }
+
     [TestCategory(TestCategories.NoLinux)]
     [TestCategory(TestCategories.NoMacOS)]
     [TestMethod]

Tests/SonarScanner.MSBuild.PreProcessor.Test/packages.lock.json

@@ -136,8 +136,8 @@
       },
       "Google.Protobuf": {
         "type": "Transitive",
-        "resolved": "3.32.1",
-        "contentHash": "HbFFRNU46e1E+qhGvwCDAO2EZ80WADqlkNqlOBYvGi7SNxwMPkTrReZgCg9/TrXwLO/n0za+AIiT2IplzqrjZw==",
+        "resolved": "3.33.0",
+        "contentHash": "+kIa03YipuiSDeRuZwcDcXS1xBQAFeGLIjuLbgJr2i+TlwBPYAqdnQZJ2SDVzIgDyy+q+n/400WyWyrJ5ZqCgQ==",
         "dependencies": {
           "System.Memory": "4.5.3"
         }
@@ -1752,7 +1752,7 @@
       "sonarscanner.msbuild.preprocessor": {
         "type": "Project",
         "dependencies": {
-          "Google.Protobuf": "[3.32.1, )",
+          "Google.Protobuf": "[3.33.0, )",
           "Newtonsoft.Json": "[13.0.4, )",
           "SharpZipLib": "[1.4.2, )",
           "SonarScanner.MSBuild.Common": "[1.0.0, )",
@@ -1927,8 +1927,8 @@
       },
       "Google.Protobuf": {
         "type": "Transitive",
-        "resolved": "3.32.1",
-        "contentHash": "HbFFRNU46e1E+qhGvwCDAO2EZ80WADqlkNqlOBYvGi7SNxwMPkTrReZgCg9/TrXwLO/n0za+AIiT2IplzqrjZw=="
+        "resolved": "3.33.0",
+        "contentHash": "+kIa03YipuiSDeRuZwcDcXS1xBQAFeGLIjuLbgJr2i+TlwBPYAqdnQZJ2SDVzIgDyy+q+n/400WyWyrJ5ZqCgQ=="
       },
       "GraphQL": {
         "type": "Transitive",
@@ -3942,7 +3942,7 @@
       "sonarscanner.msbuild.preprocessor": {
         "type": "Project",
         "dependencies": {
-          "Google.Protobuf": "[3.32.1, )",
+          "Google.Protobuf": "[3.33.0, )",
           "Newtonsoft.Json": "[13.0.4, )",
           "SharpZipLib": "[1.4.2, )",
           "SonarScanner.MSBuild.Common": "[1.0.0, )",

Tests/SonarScanner.MSBuild.Shim.Test/ScannerEngineInputGeneratorTest.GenerateResult.cs

@@ -22,8 +22,6 @@ namespace SonarScanner.MSBuild.Shim.Test;
 
 public partial class ScannerEngineInputGeneratorTest
 {
-    private static string EscapedDirectorySeparator => Path.DirectorySeparatorChar == '\\' ? @"\\" : Path.DirectorySeparatorChar.ToString();
-
     [TestMethod]
     public void GenerateResult_NoProjectInfoFiles()
     {
@@ -46,7 +44,6 @@ public void GenerateResult_ValidFiles()
     {
         // Only non-excluded projects with files to analyze should be marked as valid
         var testDir = TestUtils.CreateTestSpecificFolderWithSubPaths(TestContext);
-        var testDirEscaped = testDir.Replace(@"\", @"\\");
         var withoutFilesDir = Path.Combine(testDir, "withoutFiles");
         var withoutFilesGuid = Guid.NewGuid();
         var withFiles1Guid = Guid.NewGuid();
@@ -66,121 +63,14 @@ public void GenerateResult_ValidFiles()
 
         // One valid project info file -> file created
         AssertScannerInputCreated(result);
-        result.ScannerEngineInput.ToString().Should().BeIgnoringLineEndings(
-            $$"""
-            {
-              "scannerProperties": [
-                {
-                  "key": "sonar.scanner.app",
-                  "value": "ScannerMSBuild"
-                },
-                {
-                  "key": "sonar.scanner.appVersion",
-                  "value": "{{Utilities.ScannerVersion}}"
-                },
-                {
-                  "key": "sonar.scanner.bootstrapStartTime",
-                  "value": "1735689600000"
-                },
-                {
-                  "key": "sonar.projectKey",
-                  "value": "{{config.SonarProjectKey}}"
-                },
-                {
-                  "key": "sonar.projectName",
-                  "value": "{{config.SonarProjectName}}"
-                },
-                {
-                  "key": "sonar.projectVersion",
-                  "value": "1.0"
-                },
-                {
-                  "key": "sonar.working.directory",
-                  "value": "{{testDirEscaped}}{{EscapedDirectorySeparator}}.sonar"
-                },
-                {
-                  "key": "sonar.projectBaseDir",
-                  "value": "{{testDirEscaped}}{{EscapedDirectorySeparator}}projects"
-                },
-                {
-                  "key": "sonar.sources",
-                  "value": ""
-                },
-                {
-                  "key": "sonar.tests",
-                  "value": ""
-                },
-                {
-                  "key": "sonar.modules",
-                  "value": "{{withFiles1Guid.ToString().ToUpper()}},{{withFiles2Guid.ToString().ToUpper()}}"
-                },
-                {
-                  "key": "{{withFiles1Guid.ToString().ToUpper()}}.sonar.projectKey",
-                  "value": "{{config.SonarProjectKey}}:{{withFiles1Guid.ToString().ToUpper()}}"
-                },
-                {
-                  "key": "{{withFiles1Guid.ToString().ToUpper()}}.sonar.projectName",
-                  "value": "withFiles1"
-                },
-                {
-                  "key": "{{withFiles1Guid.ToString().ToUpper()}}.sonar.projectBaseDir",
-                  "value": "{{testDirEscaped}}{{EscapedDirectorySeparator}}projects{{EscapedDirectorySeparator}}withFiles1"
-                },
-                {
-                  "key": "{{withFiles1Guid.ToString().ToUpper()}}.sonar.working.directory",
-                  "value": "{{testDirEscaped}}{{EscapedDirectorySeparator}}.sonar{{EscapedDirectorySeparator}}mod0"
-                },
-                {
-                  "key": "{{withFiles1Guid.ToString().ToUpper()}}.sonar.sourceEncoding",
-                  "value": "utf-8"
-                },
-                {
-                  "key": "{{withFiles1Guid.ToString().ToUpper()}}.sonar.tests",
-                  "value": ""
-                },
-                {
-                  "key": "{{withFiles1Guid.ToString().ToUpper()}}.sonar.sources",
-                  "value": "{{testDirEscaped}}{{EscapedDirectorySeparator}}projects{{EscapedDirectorySeparator}}withFiles1{{EscapedDirectorySeparator}}contentFile1.txt"
-                },
-                {
-                  "key": "{{withFiles2Guid.ToString().ToUpper()}}.sonar.projectKey",
-                  "value": "{{config.SonarProjectKey}}:{{withFiles2Guid.ToString().ToUpper()}}"
-                },
-                {
-                  "key": "{{withFiles2Guid.ToString().ToUpper()}}.sonar.projectName",
-                  "value": "withFiles2"
-                },
-                {
-                  "key": "{{withFiles2Guid.ToString().ToUpper()}}.sonar.projectBaseDir",
-                  "value": "{{testDirEscaped}}{{EscapedDirectorySeparator}}projects{{EscapedDirectorySeparator}}withFiles2"
-                },
-                {
-                  "key": "{{withFiles2Guid.ToString().ToUpper()}}.sonar.working.directory",
-                  "value": "{{testDirEscaped}}{{EscapedDirectorySeparator}}.sonar{{EscapedDirectorySeparator}}mod1"
-                },
-                {
-                  "key": "{{withFiles2Guid.ToString().ToUpper()}}.sonar.sourceEncoding",
-                  "value": "utf-8"
-                },
-                {
-                  "key": "{{withFiles2Guid.ToString().ToUpper()}}.sonar.tests",
-                  "value": ""
-                },
-                {
-                  "key": "{{withFiles2Guid.ToString().ToUpper()}}.sonar.sources",
-                  "value": "{{testDirEscaped}}{{EscapedDirectorySeparator}}projects{{EscapedDirectorySeparator}}withFiles2{{EscapedDirectorySeparator}}contentFile1.txt"
-                },
-                {
-                  "key": "sonar.visualstudio.enable",
-                  "value": "false"
-                },
-                {
-                  "key": "sonar.host.url",
-                  "value": "http://sonarqube.com"
-                }
-              ]
-            }
-            """);
+
+        var reader = new ScannerEngineInputReader(result.ScannerEngineInput.ToString());
+        reader.AssertProperty($"{withFiles1Guid.ToString().ToUpper()}.sonar.projectBaseDir", $"{testDir}{Path.DirectorySeparatorChar}projects{Path.DirectorySeparatorChar}withFiles1");
+        reader.AssertProperty($"{withFiles1Guid.ToString().ToUpper()}.sonar.tests", string.Empty);
+        reader.AssertProperty($"{withFiles1Guid.ToString().ToUpper()}.sonar.sources", $"{testDir}{Path.DirectorySeparatorChar}projects{Path.DirectorySeparatorChar}withFiles1{Path.DirectorySeparatorChar}contentFile1.txt");
+        reader.AssertProperty($"{withFiles2Guid.ToString().ToUpper()}.sonar.projectBaseDir", $"{testDir}{Path.DirectorySeparatorChar}projects{Path.DirectorySeparatorChar}withFiles2");
+        reader.AssertProperty($"{withFiles2Guid.ToString().ToUpper()}.sonar.tests", string.Empty);
+        reader.AssertProperty($"{withFiles2Guid.ToString().ToUpper()}.sonar.sources", $"{testDir}{Path.DirectorySeparatorChar}projects{Path.DirectorySeparatorChar}withFiles2{Path.DirectorySeparatorChar}contentFile1.txt");
     }
 
     [TestMethod]

Tests/SonarScanner.MSBuild.Tasks.IntegrationTest/SonarScanner.MSBuild.Tasks.IntegrationTest.csproj

@@ -6,7 +6,7 @@
     <PackageReference Include="Microsoft.Build.Framework" Version="17.11.4" />
     <PackageReference Include="Microsoft.VisualStudio.Setup.Configuration.Interop" Version="3.14.2075" />
     <PackageReference Include="MSBuild.StructuredLogger" Version="2.3.71" />
-    <PackageReference Include="System.Text.Json" Version="9.0.9" />
+    <PackageReference Include="System.Text.Json" Version="9.0.10" />
   </ItemGroup>
   <ItemGroup>
     <ProjectReference Include="..\..\src\SonarScanner.MSBuild.Shim\SonarScanner.MSBuild.Shim.csproj" />