From 034c95ec55ea4770b02a02466c5c8dacf3329066 Mon Sep 17 00:00:00 2001 From: Dominik Stadler Date: Sun, 7 Nov 2021 14:59:40 +0000 Subject: Add some more forbidden-apis to prefer core JDK classes over Guava and commons-codec Also prevent java logging from being used inadvertently git-svn-id: https://svn.apache.org/repos/asf/poi/trunk@1894810 13f79535-47bb-0310-9956-ffa450edef68 --- .../org/apache/poi/ooxml/TestTriggerCoverage.java | 2 +- .../poi/poifs/crypt/tests/TestDecryptor.java | 4 +-- .../ss/tests/usermodel/TestEmbedOLEPackage.java | 4 +-- .../poi/xssf/eventusermodel/TestXSSFReader.java | 4 +-- .../apache/poi/hslf/extractor/TestExtractor.java | 5 ++-- .../poi/hslf/record/TestDocumentEncryption.java | 4 +-- .../poi/poifs/crypt/agile/EncryptionDocument.java | 6 ++-- .../java/org/apache/poi/ss/format/CellFormat.java | 9 +++--- .../org/apache/poi/ss/format/CellFormatPart.java | 25 ++++++++-------- src/resources/devtools/forbidden-signatures.txt | 33 ++++++++++++++++++++-- 10 files changed, 63 insertions(+), 33 deletions(-) diff --git a/poi-ooxml/src/test/java/org/apache/poi/ooxml/TestTriggerCoverage.java b/poi-ooxml/src/test/java/org/apache/poi/ooxml/TestTriggerCoverage.java index 8b894f358e..c2bf7aa2f0 100644 --- a/poi-ooxml/src/test/java/org/apache/poi/ooxml/TestTriggerCoverage.java +++ b/poi-ooxml/src/test/java/org/apache/poi/ooxml/TestTriggerCoverage.java @@ -56,7 +56,7 @@ import static org.junit.jupiter.api.Assertions.assertNotNull; /** * Test to trigger code-execution of various parts so - * that all required elements are inclueded in the ooxml-schema-lite package + * that all required elements are included in the ooxml-schema-lite package */ class TestTriggerCoverage { private static final Set FAILING = new HashSet<>(); diff --git a/poi-ooxml/src/test/java/org/apache/poi/poifs/crypt/tests/TestDecryptor.java b/poi-ooxml/src/test/java/org/apache/poi/poifs/crypt/tests/TestDecryptor.java index 4be8a9b674..94392f00c4 100644 --- a/poi-ooxml/src/test/java/org/apache/poi/poifs/crypt/tests/TestDecryptor.java +++ b/poi-ooxml/src/test/java/org/apache/poi/poifs/crypt/tests/TestDecryptor.java @@ -27,10 +27,10 @@ import java.io.IOException; import java.io.InputStream; import java.security.GeneralSecurityException; import java.security.MessageDigest; +import java.util.Base64; import javax.crypto.Cipher; -import org.apache.commons.codec.binary.Base64; import org.apache.commons.compress.archivers.zip.ZipArchiveEntry; import org.apache.commons.compress.archivers.zip.ZipArchiveInputStream; import org.apache.commons.io.output.UnsynchronizedByteArrayOutputStream; @@ -166,7 +166,7 @@ class TestDecryptor { try (InputStream is2 = dec.getDataStream(pfs)) { md.update(IOUtils.toByteArray(is2)); } - assertEquals("L1vDQq2EuMSfU/FBfVQfM2zfOY5Jx9ZyVgIQhXPPVgs=", Base64.encodeBase64String(md.digest())); + assertEquals("L1vDQq2EuMSfU/FBfVQfM2zfOY5Jx9ZyVgIQhXPPVgs=", Base64.getEncoder().encodeToString(md.digest())); } } diff --git a/poi-ooxml/src/test/java/org/apache/poi/ss/tests/usermodel/TestEmbedOLEPackage.java b/poi-ooxml/src/test/java/org/apache/poi/ss/tests/usermodel/TestEmbedOLEPackage.java index 183bab321f..ca83289151 100644 --- a/poi-ooxml/src/test/java/org/apache/poi/ss/tests/usermodel/TestEmbedOLEPackage.java +++ b/poi-ooxml/src/test/java/org/apache/poi/ss/tests/usermodel/TestEmbedOLEPackage.java @@ -29,11 +29,11 @@ import java.io.InputStream; import java.security.MessageDigest; import java.util.ArrayList; import java.util.Arrays; +import java.util.Base64; import java.util.Iterator; import java.util.List; import java.util.Locale; -import org.apache.commons.codec.binary.Base64; import org.apache.commons.io.output.UnsynchronizedByteArrayOutputStream; import org.apache.poi.POIDataSamples; import org.apache.poi.hpsf.ClassIDPredefined; @@ -144,7 +144,7 @@ class TestEmbedOLEPackage { private static String digest(Ole10Native ole10) { MessageDigest sha = CryptoFunctions.getMessageDigest(HashAlgorithm.sha256); byte[] digest = sha.digest(ole10.getDataBuffer()); - return Base64.encodeBase64String(digest); + return Base64.getEncoder().encodeToString(digest); } @Test diff --git a/poi-ooxml/src/test/java/org/apache/poi/xssf/eventusermodel/TestXSSFReader.java b/poi-ooxml/src/test/java/org/apache/poi/xssf/eventusermodel/TestXSSFReader.java index 463656d4db..3b45b7c60c 100644 --- a/poi-ooxml/src/test/java/org/apache/poi/xssf/eventusermodel/TestXSSFReader.java +++ b/poi-ooxml/src/test/java/org/apache/poi/xssf/eventusermodel/TestXSSFReader.java @@ -29,12 +29,12 @@ import static org.junit.jupiter.api.Assertions.assertTrue; import java.io.IOException; import java.io.InputStream; import java.security.MessageDigest; +import java.util.Base64; import java.util.HashSet; import java.util.Iterator; import java.util.List; import java.util.Set; -import org.apache.commons.codec.binary.Base64; import org.apache.poi.POIDataSamples; import org.apache.poi.ooxml.POIXMLException; import org.apache.poi.openxml4j.exceptions.InvalidFormatException; @@ -370,6 +370,6 @@ public final class TestXSSFReader { md.update(IOUtils.toByteArray(is)); } - return Base64.encodeBase64String(md.digest()); + return Base64.getEncoder().encodeToString(md.digest()); } } diff --git a/poi-scratchpad/src/test/java/org/apache/poi/hslf/extractor/TestExtractor.java b/poi-scratchpad/src/test/java/org/apache/poi/hslf/extractor/TestExtractor.java index f13991370c..303ca4293f 100644 --- a/poi-scratchpad/src/test/java/org/apache/poi/hslf/extractor/TestExtractor.java +++ b/poi-scratchpad/src/test/java/org/apache/poi/hslf/extractor/TestExtractor.java @@ -29,11 +29,12 @@ import java.io.File; import java.io.IOException; import java.io.InputStream; import java.security.MessageDigest; +import java.util.Base64; import java.util.BitSet; import java.util.List; import com.zaxxer.sparsebits.SparseBitSet; -import org.apache.commons.codec.binary.Base64; + import org.apache.poi.POIDataSamples; import org.apache.poi.hslf.usermodel.HSLFObjectShape; import org.apache.poi.hslf.usermodel.HSLFSlideShow; @@ -241,7 +242,7 @@ public final class TestExtractor { sha2.update(IOUtils.toByteArray(is)); } String exp = "lIRRfGMin6B4++WR4XvA82usdQ3ijeHBHU85j523sKY="; - String act = Base64.encodeBase64String(sha2.digest()); + String act = Base64.getEncoder().encodeToString(sha2.digest()); assertEquals(exp, act); } } diff --git a/poi-scratchpad/src/test/java/org/apache/poi/hslf/record/TestDocumentEncryption.java b/poi-scratchpad/src/test/java/org/apache/poi/hslf/record/TestDocumentEncryption.java index 34945764f2..26c00b64a1 100644 --- a/poi-scratchpad/src/test/java/org/apache/poi/hslf/record/TestDocumentEncryption.java +++ b/poi-scratchpad/src/test/java/org/apache/poi/hslf/record/TestDocumentEncryption.java @@ -25,9 +25,9 @@ import static org.junit.jupiter.api.Assertions.assertTrue; import java.io.InputStream; import java.security.MessageDigest; +import java.util.Base64; import java.util.List; -import org.apache.commons.codec.binary.Base64; import org.apache.commons.io.output.UnsynchronizedByteArrayOutputStream; import org.apache.poi.POIDataSamples; import org.apache.poi.hpsf.DocumentSummaryInformation; @@ -167,7 +167,7 @@ public class TestDocumentEncryption { for (HSLFPictureData p : pd) { byte[] hash = md.digest(p.getData()); assertEquals(Integer.parseInt(picCmp[i][0]), p.getOffset()); - assertEquals(picCmp[i][1], Base64.encodeBase64String(hash)); + assertEquals(picCmp[i][1], Base64.getEncoder().encodeToString(hash)); i++; } diff --git a/poi/src/main/java/org/apache/poi/poifs/crypt/agile/EncryptionDocument.java b/poi/src/main/java/org/apache/poi/poifs/crypt/agile/EncryptionDocument.java index 07004d05a5..fd5e53a2b9 100644 --- a/poi/src/main/java/org/apache/poi/poifs/crypt/agile/EncryptionDocument.java +++ b/poi/src/main/java/org/apache/poi/poifs/crypt/agile/EncryptionDocument.java @@ -18,11 +18,11 @@ package org.apache.poi.poifs.crypt.agile; import java.util.ArrayList; +import java.util.Base64; import java.util.List; import javax.xml.XMLConstants; -import org.apache.commons.codec.binary.Base64; import org.apache.poi.EncryptedDocumentException; import org.w3c.dom.Document; import org.w3c.dom.Element; @@ -129,7 +129,7 @@ public class EncryptionDocument { static byte[] getBinAttr(Element el, String name) { String at = el.getAttribute(name); - return (at.isEmpty()) ? null : Base64.decodeBase64(at); + return (at.isEmpty()) ? null : Base64.getDecoder().decode(at); } static void setIntAttr(Element el, String name, Integer val) { @@ -144,7 +144,7 @@ public class EncryptionDocument { static void setBinAttr(Element el, String name, byte[] val) { if (val != null) { - setAttr(el, name, Base64.encodeBase64String(val)); + setAttr(el, name, Base64.getEncoder().encodeToString(val)); } } } diff --git a/poi/src/main/java/org/apache/poi/ss/format/CellFormat.java b/poi/src/main/java/org/apache/poi/ss/format/CellFormat.java index 66a8ea5c49..174ccf67b7 100644 --- a/poi/src/main/java/org/apache/poi/ss/format/CellFormat.java +++ b/poi/src/main/java/org/apache/poi/ss/format/CellFormat.java @@ -23,13 +23,14 @@ import java.util.List; import java.util.Locale; import java.util.Map; import java.util.WeakHashMap; -import java.util.logging.Level; -import java.util.logging.Logger; import java.util.regex.Matcher; import java.util.regex.Pattern; import javax.swing.JLabel; +import org.apache.logging.log4j.Level; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; import org.apache.poi.ss.usermodel.Cell; import org.apache.poi.ss.usermodel.CellType; import org.apache.poi.ss.usermodel.ConditionalFormatting; @@ -93,7 +94,7 @@ import org.apache.poi.util.LocaleUtil; */ public class CellFormat { /** The logger to use in the formatting code. */ - private static final Logger LOG = Logger.getLogger(CellFormat.class.getName()); + private static final Logger LOG = LogManager.getLogger(CellFormat.class); private static final Pattern ONE_PART = Pattern.compile( CellFormatPart.FORMAT_PAT.pattern() + "(;|$)", @@ -191,7 +192,7 @@ public class CellFormat { parts.add(new CellFormatPart(locale, valueDesc)); } catch (RuntimeException e) { - LOG.log(Level.WARNING, "Invalid format: " + CellFormatter.quote(m.group()), e); + LOG.log(Level.WARN, "Invalid format: " + CellFormatter.quote(m.group()), e); parts.add(null); } } diff --git a/poi/src/main/java/org/apache/poi/ss/format/CellFormatPart.java b/poi/src/main/java/org/apache/poi/ss/format/CellFormatPart.java index 141c98e735..7cfe6cc17c 100644 --- a/poi/src/main/java/org/apache/poi/ss/format/CellFormatPart.java +++ b/poi/src/main/java/org/apache/poi/ss/format/CellFormatPart.java @@ -50,9 +50,8 @@ public class CellFormatPart { static final Map NAMED_COLORS; - private final Color color; - private CellFormatCondition condition; + private final CellFormatCondition condition; private final CellFormatter format; private final CellFormatType type; @@ -410,17 +409,17 @@ public class CellFormatPart { while (codePoints.hasNext()) { String ch = codePoints.next(); if ("\'".equals(ch) && type.isSpecial('\'')) { - sb.append('\u0000'); - continue; - } - - boolean special = type.isSpecial(ch.charAt(0)); - if (special) - sb.append("\'"); - sb.append(ch); - if (special) - sb.append("\'"); - } + sb.append('\u0000'); + continue; + } + + boolean special = type.isSpecial(ch.charAt(0)); + if (special) + sb.append("'"); + sb.append(ch); + if (special) + sb.append("'"); + } return sb.toString(); } diff --git a/src/resources/devtools/forbidden-signatures.txt b/src/resources/devtools/forbidden-signatures.txt index 0ed4e2521b..ce9c56749f 100644 --- a/src/resources/devtools/forbidden-signatures.txt +++ b/src/resources/devtools/forbidden-signatures.txt @@ -141,5 +141,34 @@ javax.xml.bind.DatatypeConverter @defaultMessage don't rely on the threads ContextClassLoader - provide the classloader via load(Class, Classloader) java.util.ServiceLoader#load(java.lang.Class) -@defaultMessage use java.nio.charset.StandardCharsets instead -org.apache.commons.codec.Charsets \ No newline at end of file +@defaultMessage Use Log4J classes instead +java.util.logging.** + +# taken from https://github.com/apache/solr/blob/main/gradle/validation/forbidden-apis/com.google.guava.guava.all.txt +@defaultMessage Use corresponding Java 8 functional/streaming interfaces +com.google.common.base.Function +com.google.common.base.Joiner +com.google.common.base.Predicate +com.google.common.base.Supplier + +@defaultMessage Use java.nio.charset.StandardCharsets instead +com.google.common.base.Charsets + +@defaultMessage Use methods in java.util.Objects instead +com.google.common.base.Objects#equal(java.lang.Object,java.lang.Object) +com.google.common.base.Objects#hashCode(java.lang.Object[]) +com.google.common.base.Preconditions#checkNotNull(java.lang.Object) +com.google.common.base.Preconditions#checkNotNull(java.lang.Object,java.lang.Object) + +@defaultMessage Use methods in java.util.Comparator instead +com.google.common.collect.Ordering + + +# taken from https://github.com/apache/solr/blob/main/gradle/validation/forbidden-apis/commons-codec.commons-codec.all.txt +@defaultMessage Use java.nio.charset.StandardCharsets instead +org.apache.commons.codec.Charsets + +@defaultMessage Use java.util.Base64 instead +org.apache.commons.codec.binary.Base64 + + -- cgit v1.2.3