timtebeek commented 6 months ago

Problem

Describe the issue you are experiencing.

Expected behavior

Describe what you expected to see.

Example diff

From: spring-beans/src/test/java/org/springframework/beans/factory/aot/BeanDefinitionMethodGeneratorTests.java

                Collections.emptyList());
MethodReference method = generator.generateBeanDefinitionMethod(
this.generationContext, this.beanRegistrationsCode);
-       compile(method, (actual, compiled) -> {
+       compile(method, (actual, {{80000000-0000-03c6-0000-000000000000}}compiled{{80000000-0000-03c6-0000-000000000000}}) -> {
SourceFile sourceFile = compiled.getSourceFile(".*BeanDefinitions");
assertThat(sourceFile).contains("Get the bean definition for 'testBean'");
assertThat(sourceFile).contains("new RootBeanDefinition(TestBean.class)");

Recipes in example diff:

org.openrewrite.java.security.XmlParserXXEVulnerability

Error messages:

org.openrewrite.analysis.trait.util.TraitErrorsException: TraitErrors: 
- Method must be created from class org.openrewrite.java.tree.J$MethodDeclaration but was class org.openrewrite.java.tree.J$Lambda
- No parent Method found
- Field must be declared in a class, interface, or anonymous class
org.openrewrite.analysis.trait.util.TraitErrors.doThrow(TraitErrors.java:43)
fj.data.Either$RightProjection.on(Either.java:531)
fj.data.Validation.on(Validation.java:146)
org.openrewrite.analysis.trait.expr.VarAccessBase$1.visitVariable(VarAccess.java:187)
org.openrewrite.analysis.trait.expr.VarAccessBase$1.visitVariable(VarAccess.java:175)
org.openrewrite.java.tree.J$VariableDeclarations$NamedVariable.acceptJava(J.java:5938)
org.openrewrite.java.tree.J.accept(J.java:59)
org.openrewrite.TreeVisitor.visit(TreeVisitor.java:283)
org.openrewrite.TreeVisitor.visitAndCast(TreeVisitor.java:366)
org.openrewrite.java.JavaVisitor.visitRightPadded(JavaVisitor.java:1375)
org.openrewrite.java.JavaVisitor.lambda$visitVariableDeclarations$29(JavaVisitor.java:963)
org.openrewrite.internal.ListUtils.map(ListUtils.java:176)
org.openrewrite.java.JavaVisitor.visitVariableDeclarations(JavaVisitor.java:963)
org.openrewrite.java.tree.J$VariableDeclarations.acceptJava(J.java:5824)
org.openrewrite.java.tree.J.accept(J.java:59)
org.openrewrite.TreeVisitor.visit(TreeVisitor.java:283)
...

References:

View original result
Recipe ID: org.openrewrite.java.security.XmlParserXXEVulnerability
Recipe Name: XML parser XXE vulnerability
Repository: spring-projects/spring-framework/main
Created at Tue Feb 27 2024 19:57:08 GMT+0100 (Central European Standard Time)

timtebeek commented 6 months ago

@JLLeitschuh do you see any reason why we're seeing these issues over the past two days that weren't there before? This is from our daily flagship recipe runs.

JLLeitschuh commented 6 months ago

Likely caused by: https://github.com/openrewrite/rewrite-analysis/issues/38

JLLeitschuh commented 6 months ago

do you see any reason why we're seeing these issues over the past two days that weren't there before?

Likely something about the underlying code changed, causing this to occur. This needs to be resolved in rewrite-analysis so we stop having these errors spuriously.

timtebeek commented 2 months ago

Saw this again today on compiled on this particular line: https://github.com/spring-projects/spring-framework/blob/ae9153e644b0e4ccc414e1e4749ac082ca242739/spring-beans/src/test/java/org/springframework/beans/factory/aot/BeanDefinitionMethodGeneratorTests.java#L111

TraitErrors: 
- Method must be created from class org.openrewrite.java.tree.J$MethodDeclaration but was class org.openrewrite.java.tree.J$Lambda
- No parent Method found
- Field must be declared in a class, interface, or anonymous class

Detail:

org.openrewrite.analysis.trait.util.TraitErrorsException: TraitErrors: 
- Method must be created from class org.openrewrite.java.tree.J$MethodDeclaration but was class org.openrewrite.java.tree.J$Lambda
- No parent Method found
- Field must be declared in a class, interface, or anonymous class
 org.openrewrite.analysis.trait.util.TraitErrors.doThrow(TraitErrors.java:43)
 fj.data.Either$RightProjection.on(Either.java:531)
 fj.data.Validation.on(Validation.java:146)
 org.openrewrite.analysis.trait.expr.VarAccessBase$1.visitVariable(VarAccess.java:188)
 org.openrewrite.analysis.trait.expr.VarAccessBase$1.visitVariable(VarAccess.java:176)
 org.openrewrite.java.tree.J$VariableDeclarations$NamedVariable.acceptJava(J.java:5955)
 org.openrewrite.java.tree.J.accept(J.java:59)
 org.openrewrite.TreeVisitor.visit(TreeVisitor.java:250)
 org.openrewrite.TreeVisitor.visitAndCast(TreeVisitor.java:324)
 org.openrewrite.java.JavaVisitor.visitRightPadded(JavaVisitor.java:1369)
 org.openrewrite.java.JavaVisitor.lambda$visitVariableDeclarations$29(JavaVisitor.java:963)
 org.openrewrite.internal.ListUtils.map(ListUtils.java:176)
 org.openrewrite.java.JavaVisitor.visitVariableDeclarations(JavaVisitor.java:963)
 org.openrewrite.java.tree.J$VariableDeclarations.acceptJava(J.java:5840)
 org.openrewrite.java.tree.J.accept(J.java:59)
 org.openrewrite.TreeVisitor.visit(TreeVisitor.java:250)
 ...

timtebeek commented 1 month ago

Also seen on FINOS: https://app.moderne.io/results/nhAg9TUiZ

openrewrite / rewrite-java-security

`TraitErrors` on ` BeanDefinitionMethodGeneratorTests` with `XML parser XXE vulnerability` #125