devonfw#103: fixed bugs

- fixed pom bug
- fixed bug in BuildSecurityJsonFiles due to moved method that was introduced in the merge of main into this branch

Author: MattesMrzik

cli/src/test/java/com/devonfw/tools/ide/tool/ToolCommandletTest.java

@@ -42,7 +42,11 @@ public void testSecurityRiskInteractionAllVersionAffectedBySingleWarning() {
     // then save this also to stay
     // extract method that calcs next safe, latest save
     // and introduce var named latest and make it to *
-    assertThat(tool.securityRiskInteraction(VersionIdentifier.of("1"))).isEqualTo(VersionIdentifier.of("1"));
+
+    // the current version is safe, so no interaction needed and no answer is consumed
+    VersionIdentifier currentVersion = VersionIdentifier.of("1");
+    assertThat(tool.securityRiskInteraction(currentVersion)).isEqualTo(currentVersion);
+
     // answer to the interaction is 1
     assertThat(tool.securityRiskInteraction(VersionIdentifier.of("2"))).isEqualTo(VersionIdentifier.of("2"));
     // answer to the interaction is 2

security/pom.xml

@@ -25,7 +25,7 @@
         <dependency>
             <groupId>com.devonfw.tools.IDEasy</groupId>
             <artifactId>ide-cli</artifactId>
-            <version>2024.01.001-SNAPSHOT</version>
+            <version>2024.02.001-alpha-SNAPSHOT</version>
             <scope>compile</scope>
         </dependency>
     </dependencies>

security/src/main/java/com/devonfw/tools/security/BuildSecurityJsonFiles.java

@@ -13,6 +13,7 @@
 import java.util.Set;
 import java.util.stream.Collectors;
 
+import com.devonfw.tools.ide.version.BoundaryType;
 import org.owasp.dependencycheck.Engine;
 import org.owasp.dependencycheck.analyzer.AbstractAnalyzer;
 import org.owasp.dependencycheck.analyzer.AnalysisPhase;
@@ -295,16 +296,28 @@ public static VersionRange getVersionRangeFromInterval(String si, String se, Str
         throw new IllegalStateException(
             "Vulnerability has no interval of affected versions or single affected version.");
       }
-      return VersionRange.of(s + VersionRange.getVersionSeparator() + s);
+      VersionIdentifier singleAffectedVersion = VersionIdentifier.of(s);
+      return new VersionRange(singleAffectedVersion, singleAffectedVersion, BoundaryType.OPEN);
     }
 
-    String leftBoundary = se == null ? VersionRange.getStartIncludingPrefix() + Objects.toString(si, "")
-        : VersionRange.getStartExcludingPrefix() + se;
+    boolean leftExclusive = si == null;
+    boolean rightExclusive = ei == null;
 
-    String rightBoundary = ee == null ? Objects.toString(ei, "") + VersionRange.getEndIncludingSuffix()
-        : ee + VersionRange.getEndExcludingSuffix();
+    VersionIdentifier min = null;
+    if (si != null) {
+      min = VersionIdentifier.of(si);
+    } else if (se != null) {
+      min = VersionIdentifier.of(se);
+    }
+
+    VersionIdentifier max = null;
+    if (ei != null) {
+      max = VersionIdentifier.of(ei);
+    } else if (ee != null) {
+      max = VersionIdentifier.of(ee);
+    }
 
-    return VersionRange.of(leftBoundary + VersionRange.getVersionSeparator() + rightBoundary);
+    return new VersionRange(min, max, BoundaryType.of(leftExclusive, rightExclusive));
   }
 
   private static void printAffectedVersions(IdeContext context) {
@@ -333,14 +346,14 @@ private static void printAffectedVersions(IdeContext context) {
           } else {
             if (min != null) {
               System.out.println("Tool " + tool.getName() + " with edition " + edition.getName() + " and versions "
-                  + new VersionRange(min, version, false, true) + " are affected by vulnerabilities.");
+                  + new VersionRange(min, version, BoundaryType.of(false, true)) + " are affected by vulnerabilities.");
               min = null;
             }
           }
         }
         if (min != null) {
           System.out.println("Tool " + tool.getName() + " with edition " + edition.getName() + " and versions "
-              + new VersionRange(min, null, false, true) + " are affected by vulnerabilities.");
+              + new VersionRange(min, null, BoundaryType.of(false, true)) + " are affected by vulnerabilities.");
         }
       }
     }