Skip to content

UPDATE sedalib: Saphir team adaptations to Sedalib to address missing elements #95

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
G-NIDHAL wants to merge 1 commit into from
Closed

UPDATE sedalib: Saphir team adaptations to Sedalib to address missing elements #95

G-NIDHAL wants to merge 1 commit into from

Conversation

@G-NIDHAL
Copy link

@G-NIDHAL G-NIDHAL commented Oct 23, 2025

No description provided.

@vitam-prg
Copy link

vitam-prg commented Oct 23, 2025

Logo
Checkmarx One – Scan Summary & Details6a4187a5-40d6-4a40-813a-1fedf3e8f26b

New Issues (1)

Checkmarx found the following issues in this Pull Request

Severity Issue Source File / Package Checkmarx Insight
MEDIUM CVE-2025-11226 Maven-ch.qos.logback:logback-core-1.5.18
detailsRecommended version: 1.5.19
Description: Arbitrary Code Execution (ACE) vulnerability in conditional configuration file processing by QOS.CH logback-core versions through 1.5.18 in Java ap...
Attack Vector: LOCAL
Attack Complexity: LOW

ID: Ws2oJdkVxzLV5%2BbHLXADEnFu%2FUtXsJkrhg9Bx%2BCS%2B0U%3D
Vulnerable Package

Use @Checkmarx to reach out to us for assistance.

Just send a PR comment with @Checkmarx followed by a natural language request.

Examples: @Checkmarx how are you able to help me? @Checkmarx rescan this PR

@GiooDev GiooDev changed the title UPDATE sedalib: Saphir team adaptations to Sedalib to address missing… UPDATE sedalib: Saphir team adaptations to Sedalib to address missing elements Oct 27, 2025
@GiooDev GiooDev requested a review from Regzox October 27, 2025 11:00
@GiooDev GiooDev requested a review from marob October 28, 2025 10:37
marob
marob reviewed Oct 28, 2025
View reviewed changes
Copy link
Contributor

@marob marob left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pourquoi contribuer des classes Saphir qui ne sont a priori pas utilisées par sedatools ? Si ces classes sont utilisées dans un projet utilisant sedatools, il serait préférables qu'elles soient créées dans ce projet et non dans sedatools.

sedalib/src/main/java/fr/gouv/vitam/tools/sedalib/core/DataObjectPackage.java
*/
public Integer getTouchedInDataObjectPackageId(String inDataObjectPackageId) {
return touchedInDataObjectPackageIdMap.get(inDataObjectPackageId);
return touchedInDataObjectPackageIdMap.getOrDefault(inDataObjectPackageId,0);
Copy link
Contributor

@marob marob Oct 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Formatage inconsistant (manque un espace après la virgule)

sedalib/src/main/java/fr/gouv/vitam/tools/sedalib/inout/SIPBuilder.java
Copy link
Contributor

@marob marob Oct 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Revert les changements de formatage

sedalib/src/main/java/fr/gouv/vitam/tools/sedalib/inout/SIPBuilder.java
Comment on lines +226 to +228
* Creates a root archive unit in the SIP.
* Nouvelle signature de la méthode pour descriptionLevel et title uniquement
* et éviter la géneration de la balise <Description></Description> vide.
Copy link
Contributor

@marob marob Oct 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Écrire le tout en anglais

sedalib/src/main/java/fr/gouv/vitam/tools/sedalib/inout/SIPBuilder.java
Comment on lines 210 to 220
ArchiveUnit au = createRootArchiveUnit(archiveUnitID);

Content c = new Content();
try {
c.addNewMetadata("DescriptionLevel", descriptionLevel);
c.addNewMetadata("Title", title);
c.addNewMetadata("Description", description);
} catch (SEDALibException ignored) {
// ignored
}
au.setContent(c);
Copy link
Contributor

@marob marob Oct 28, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pour éviter la duplication de code :

Suggested change
ArchiveUnit au = createRootArchiveUnit(archiveUnitID, descriptionLevel, title);
try {
au.getContent().addNewMetadata("Description", description);
} catch (SEDALibException ignored) {
// ignored
}

@Regzox
Copy link
Contributor

Regzox commented Dec 9, 2025

fix with #96

@Regzox Regzox closed this Dec 9, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@marob marob marob left review comments

@Regzox Regzox Regzox approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@G-NIDHAL @vitam-prg @Regzox @marob