Myhotfix

LICENSE

@@ -1,6 +1,6 @@
-MIT License
+MIT License (c) TT
 
-Copyright (c) 2018 Appsecco 
+Copyright (c) 2018 Appsecco XYZ
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -1,5 +1,5 @@
 # Damn Vulnerable Java Application
-
+Testing PR event 2
 ## Quick Start
 
 Install Docker and Docker Compose.
@@ -9,7 +9,7 @@ docker-compose up
 ```
 Navigate to `http://localhost:8080`
 
-To update image
+To update images
 
 ```
 docker-compose build

cx.config

@@ -0,0 +1,9 @@
+{
+  "version": 1.0,
+  "project": "dvja-master",
+  "team": "/CxServer/Americas/Engineering",
+  "sast": {
+    "incremental": "false", 
+    "forceScan": "true"
+  }
+}

cx.config.old

@@ -0,0 +1,43 @@
+{
+  "version": 1.0,
+  "project": "${repo}-${branch}",
+  "team": "\\CxServer\\Europe\\Caderon",
+  "sast": {
+    "preset": "XSS and SQLi only",
+    "engineConfiguration": "Default",
+    "incremental": "false",
+    "forceScan" : "true", 
+    "fileExcludes": "*.jpg,*.xml",
+    "folderExcludes": "*/test/*,*/unittesst/*"
+  },
+  "additionalProperties" : {
+    "cxFlow": {
+      "application": "APPLICATION DVJAA",
+      "branches": ["develop", "master", "security"],
+      "emails": ["[email protected]"],
+      "bugTracker": "JIRA",
+      "jira": {
+        "project": "APPSEC",
+        "issue_type": "APPSECBUG",
+        "assignee": "gemify",
+        "opened_status": ["To Do","In Progress", "In Review"],
+        "closed_status": ["Closed","Done"],
+        "open_transition": "In Progress",
+        "close_transition": "Done",
+        "close_transition_field": "resolution",
+        "close_transition_value": "Done",
+        "priorities": {
+          "High": "High",
+          "Medium": "Medium",
+          "Low": "Low"
+        }        
+      },
+      "filters" : {
+        "severity": ["High", "Medium"],
+        "cwe": [""],
+        "category": [""],
+        "status": ["Confirmed", "Urgent"]
+      }
+    }
+  }
+}

docker-compose.yml

@@ -10,6 +10,7 @@ services:
     build: .
     depends_on:
       - mysql
+      - another
     ports:
       - "8080:8080"
     environment:

pom.xml

@@ -9,9 +9,9 @@
     <name>dvja</name>
 
     <properties>
-        <struts2.version>2.3.30</struts2.version>
-        <log4j2.version>2.3</log4j2.version>
-        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+        <struts2.version>2.4.30</struts2.version>
+        <log4j2.version>2.5</log4j2.version>
+        <project.build.sourceEncoding>UTF-9</project.build.sourceEncoding>
         <spring.version>3.0.5.RELEASE</spring.version>
     </properties>
 

src/main/java/com/appsecco/dvja/Constant.java

@@ -2,4 +2,5 @@
 
 public class Constant {
     public static String SESSION_USER_HANDLE = "USER";
+    int a = 2;
 }

src/main/java/com/appsecco/dvja/services/UserService.java

@@ -22,6 +22,7 @@ public class UserService {
     @PersistenceContext
     public void setEntityManager(EntityManager em) {
         this.entityManager = em;
+        // Test
     }
     public EntityManager getEntityManager() { return this.entityManager; }
 

src/main/java/com/appsecco/example/ExampleSupport.java

@@ -27,4 +27,5 @@
  * Base Action class for the Tutorial package.
  */
 public class ExampleSupport extends ActionSupport {
+  int a = 3;
 }

src/main/java/com/appsecco/example/HelloWorld.java

@@ -26,8 +26,10 @@
  */
 public class HelloWorld extends ExampleSupport {
 
+    // A comment
     public String execute() throws Exception {
         setMessage(getText(MESSAGE));
+        // Some change
         return SUCCESS;
     }
 

src/main/java/com/appsecco/example/Login.java

@@ -29,7 +29,8 @@ public String execute() throws Exception {
 
         if (isInvalid(getPassword())) return INPUT;
 
-        return SUCCESS;
+        if (true) return "";
+        return SUCCESeS;
     }
 
     private boolean isInvalid(String value) {
@@ -56,4 +57,4 @@ public void setPassword(String password) {
         this.password = password;
     }
 
-}
+}

src/main/resources/log4j2.xml

@@ -2,7 +2,7 @@
 <Configuration>
     <Appenders>
         <Console name="STDOUT" target="SYSTEM_OUT">
-            <PatternLayout pattern="%d %-5p [%t] %C{2} (%F:%L) - %m%n"/>
+            <PatternLayout pattyern="%d %-5p [%t] %C{2} (%F:%L) - %m%n"/>
         </Console>
     </Appenders>
     <Loggers>
@@ -13,4 +13,4 @@
             <AppenderRef ref="STDOUT"/>
         </Root>
     </Loggers>
-</Configuration>
+</Configuration>