Cs-43015 Fix for download issue, Status Code, x-user-agent and early-access

.github/workflows/codeql-analysis.yml

@@ -33,36 +33,36 @@ jobs:
         # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
 
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v3
+      - name: Checkout repository
+        uses: actions/checkout@v3
 
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
-      with:
-        languages: ${{ matrix.language }}
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-
-        # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
-        # queries: security-extended,security-and-quality
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+          # If you wish to specify custom queries, you can do so here or in a config file.
+          # By default, queries listed here will override any specified in a config file.
+          # Prefix the list here with "+" to use these queries and those in the config file.
 
-
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-#    - name: Autobuild
-#      uses: github/codeql-action/autobuild@v2
+          # Details on CodeQL's query packs refer to : https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+          # queries: security-extended,security-and-quality
 
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
 
-    #   If the Autobuild fails above, remove it and uncomment the following three lines. 
-    #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
+      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+      # If this step fails, then you should remove it and run the build manually (see below)
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v2
 
-    # - run: |
-    #   echo "Run, Build Application using script"
-    #   ./location_of_script_within_repo/buildscript.sh
+      # ℹ️ Command-line programs to run using the OS shell.
+      # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
 
-#    - name: Perform CodeQL Analysis
-#      uses: github/codeql-action/analyze@v2
+      #   If the Autobuild fails above, remove it and uncomment the following three lines.
+      #   modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance.
+
+      # - run: |
+      #   echo "Run, Build Application using script"
+      #   ./location_of_script_within_repo/buildscript.sh
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2

.github/workflows/sca-scan.yml

@@ -7,9 +7,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@master
-      - name: Run Snyk to check for vulnerabilities
-        uses: snyk/actions/gradle@master
+      - uses: snyk/actions/setup@master
+      - run: snyk test
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-        with:
-          args: --fail-on=all

LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2012 - 2023 Contentstack
+Copyright (c) 2012 - 2024 Contentstack
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

README.md

@@ -261,7 +261,7 @@ You can use advanced sync queries to fetch custom results while performing initi
 
 ### The MIT License (MIT)
 
-Copyright © 2012-2023 [Contentstack](https://www.contentstack.com/). All Rights Reserved
+Copyright © 2012-2024 [Contentstack](https://www.contentstack.com/). All Rights Reserved
 
 Permission is hereby granted, free of charge, to any person obtaining a copy of this software
 and associated documentation files (the "Software"), to deal in the Software without restriction,

SECURITY.md

@@ -1,4 +1,4 @@
-## Security
+# Security
 
 Contentstack takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations.
 
@@ -14,14 +14,14 @@ You should receive a response within 24 hours. If for some reason you do not, pl
 
 Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
 
-* Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
-* Full paths of source file(s) related to the manifestation of the issue
-* The location of the affected source code (tag/branch/commit or direct URL)
-* Any special configuration required to reproduce the issue
-* Step-by-step instructions to reproduce the issue
-* Proof-of-concept or exploit code (if possible)
-* Impact of the issue, including how an attacker might exploit the issue
+- Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
+- Full paths of source file(s) related to the manifestation of the issue
+- The location of the affected source code (tag/branch/commit or direct URL)
+- Any special configuration required to reproduce the issue
+- Step-by-step instructions to reproduce the issue
+- Proof-of-concept or exploit code (if possible)
+- Impact of the issue, including how an attacker might exploit the issue
 
 This information will help us triage your report more quickly.
 
-[https://www.contentstack.com/trust/](https://www.contentstack.com/trust/)
+[https://www.contentstack.com/trust/](https://www.contentstack.com/trust/)

build.gradle

@@ -1,21 +1,24 @@
 buildscript {
-    ext.jacoco_version = '0.8.8'
+    ext {
+        jacoco_version = '0.8.8'
+        agp_version = '8.2.1'
+    }
     repositories {
-        maven { url "https://plugins.gradle.org/m2/" }
         google()
+        maven {
+            url "https://plugins.gradle.org/m2/"
+        }
         mavenCentral()
     }
 
     dependencies {
-        classpath "com.android.tools.build:gradle:7.2.2" //7.0.4
-        classpath 'io.github.gradle-nexus:publish-plugin:1.1.0'
+        //classpath "com.android.tools.build:gradle:8.2.1" //8.2.1
+        classpath 'com.android.tools.build:gradle:7.4.2'
+        classpath 'io.github.gradle-nexus:publish-plugin:2.0.0-rc-1'
         classpath "org.jacoco:org.jacoco.core:$jacoco_version"
     }
 }
 
-apply plugin: 'io.github.gradle-nexus.publish-plugin'
-apply from: "${rootDir}/scripts/publish-root.gradle"
-
 tasks.register('clean', Delete) {
     delete rootProject.buildDir
 }

contentstack/build.gradle

@@ -1,27 +1,72 @@
-apply plugin: 'com.android.library'
-apply plugin: 'jacoco'
+plugins {
+    id "com.vanniktech.maven.publish" version "0.27.0"
+    id "com.android.library"
+}
 
-apply from: "${rootProject.projectDir}/scripts/publish-module.gradle"
+import com.vanniktech.maven.publish.SonatypeHost
 
-android {
-    compileSdk 33
-    defaultConfig {
-        minSdk 19
-        targetSdk 33
-        versionCode 1
-        versionName "1.0"
-        multiDexEnabled true
-        vectorDrawables.useSupportLibrary = true
-        testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
-        signingConfig signingConfigs.debug
+android.buildFeatures.buildConfig true
+
+mavenPublishing {
+    publishToMavenCentral(SonatypeHost.DEFAULT)
+    signAllPublications()
+    coordinates("com.contentstack.sdk", "android", "3.13.0")
+
+    pom {
+        name = "contentstack-android"
+        description = "The Content Delivery SDK facilitates the retrieval of content from your Contentstack account, enabling seamless delivery to your web or mobile properties.."
+        inceptionYear = "2018"
+        packaging 'aar'
+        url = "https://github.com/contentstack/contentstack-android"
+        licenses {
+            license {
+                name = "The MIT License"
+                url = "https://github.com/contentstack/contentstack-android/blob/master/LICENSE"
+                distribution = "https://github.com/contentstack/contentstack-android/blob/master/LICENSE"
+            }
+        }
+        developers {
+            developer {
+                id = "ishaileshmishra"
+                name = "contentstack"
+                url = "https://github.com/contentstack/contentstack-android"
+            }
+        }
+        scm {
+            url = "scm:[email protected]:contentstack/contentstack-android"
+            connection = "scm:git:git://github.com/contentstack/contentstack-android.git"
+            developerConnection = "scm:[email protected]:contentstack/contentstack-android.git"
+        }
     }
-    buildTypes {
-        def localProperties = new Properties()
-        localProperties.load(new FileInputStream(rootProject.file("local.properties")))
+}
+
+
+tasks.register('jacocoTestReport', JacocoReport) {
+    dependsOn['testDebugUnitTest', 'createDebugCoverageReport']
+    reports {
+        html.enabled = true
     }
-    compileOptions {
-        sourceCompatibility JavaVersion.VERSION_1_8
-        targetCompatibility JavaVersion.VERSION_1_8
+    afterEvaluate {
+        classDirectories.setFrom(files(classDirectories.files.collect {
+            fileTree(dir: it, exclude: '**com/contentstack/okhttp**')
+            fileTree(dir: it, exclude: '**com/contentstack/okio**')
+            fileTree(dir: it, exclude: '**com/contentstack/txtmark**')
+        }))
+    }
+}
+
+android {
+    //namespace "com.contentstack.sdk"
+    packagingOptions {
+        exclude("META-INF/DEPENDENCIES")
+        exclude("META-INF/LICENSE")
+        exclude("META-INF/LICENSE.txt")
+        exclude("META-INF/license.txt")
+        exclude("META-INF/NOTICE")
+        exclude("META-INF/NOTICE.txt")
+        exclude("META-INF/notice.txt")
+        exclude("META-INF/ASL2.0")
+        exclude("META-INF/*.kotlin_module")
     }
 
     testOptions {
@@ -30,20 +75,89 @@ android {
                 includeNoLocationClasses = true
             }
         }
-        unitTests.returnDefaultValues = true
     }
-}
+    signingConfigs {
+        debug {
+            storeFile file("/Users/shaileshmishra/keystore/key.keystore")
+            storePassword 'android'
+            keyAlias 'key0'
+            keyPassword 'android'
+        }
+        release {
+            storeFile file("/Users/shaileshmishra/keystore/key.keystore")
+            storePassword 'android'
+            keyAlias 'key0'
+            keyPassword 'android'
+        }
+    }
+    compileSdk 30
+    defaultConfig {
+        // Required when setting minSdkVersion to 20 or lower
+        multiDexEnabled true
+        minSdkVersion 23
+        versionCode 1
+        versionName "1.0"
+        useLibrary 'org.apache.http.legacy'
+        testInstrumentationRunner "android.support.test.runner.AndroidJUnitRunner"
+        signingConfig signingConfigs.release
+    }
+
+
+    def localProperties = new Properties()
+    localProperties.load(new FileInputStream(rootProject.file("local.properties")))
+    buildTypes {
+        debug {
+            debuggable true
+            testCoverageEnabled true
+            proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
 
+            buildConfigField "String", "host", localProperties['host']
+            buildConfigField "String", "APIKey", localProperties['APIKey']
+            buildConfigField "String", "deliveryToken", localProperties['deliveryToken']
+            buildConfigField "String", "environment", localProperties['environment']
+            buildConfigField "String", "contentTypeUID", localProperties['contentType']
+            buildConfigField "String", "assetUID", localProperties['assetUid']
+        }
+        release {
+            minifyEnabled false
+            proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
+        }
+    }
+
+    compileOptions {
+        coreLibraryDesugaringEnabled true
+        sourceCompatibility JavaVersion.VERSION_1_8
+        targetCompatibility JavaVersion.VERSION_1_8
+    }
+}
+configurations { archives }
 dependencies {
-    implementation fileTree(dir: 'libs', include: ['*.jar'])
-    implementation 'androidx.appcompat:appcompat:1.6.1'
-    implementation 'com.android.volley:volley:1.2.1'
-    implementation 'androidx.test:core:1.5.0'
+    def multidex = "2.0.1"
+    def volley = "1.2.1"
+    def junit = "4.13.2"
+    configurations.configureEach { resolutionStrategy.force 'com.android.support:support-annotations:23.1.0' }
+    implementation fileTree(include: ['*.jar'], dir: 'libs')
+    implementation "com.android.volley:volley:$volley"
+    implementation "junit:junit:$junit"
+    // For AGP 7.4+
+    coreLibraryDesugaring 'com.android.tools:desugar_jdk_libs:2.0.4'
     testImplementation 'junit:junit:4.13.2'
-    androidTestImplementation 'androidx.test.ext:junit:1.1.5'
-    androidTestImplementation 'androidx.test.espresso:espresso-core:3.5.1'
+    androidTestImplementation 'androidx.test:core:1.5.0'
+    androidTestImplementation('com.android.support.test.espresso:espresso-core:3.0.2', {
+        exclude group: 'com.android.support', module: 'support-annotations'
+    })
+}
+tasks.register('clearJar', Delete) { delete 'build/libs/contentstack.jar' }
+tasks.register('unzip', Copy) {
+    def zipFile = file('build/intermediates/intermediate-jars/release/classes.jar')
+    def outputDir = file("${buildDir}/contentstack-jar")
+    from zipTree(zipFile)
+    into outputDir
+}
+tasks.register('createJar', Jar) {
+    archivesBaseName = "contentstack.jar"
+    from('build/contentstack-jar/')
+    include 'com/contentstack/'
+    //include 'META-INF/'
 }
-java {
-    sourceCompatibility = JavaVersion.VERSION_1_8
-    targetCompatibility = JavaVersion.VERSION_1_8
-}
+createJar.dependsOn(clearJar, unzip, build)

contentstack/src/androidTest/java/com/contentstack/sdk/AssetTestCase.java

@@ -16,7 +16,6 @@
 import androidx.test.InstrumentationRegistry;
 import androidx.test.core.app.ApplicationProvider;
 
-
 @FixMethodOrder(MethodSorters.NAME_ASCENDING)
 public class AssetTestCase {
 

contentstack/src/androidTest/java/com/contentstack/sdk/QueryTestCase.java

@@ -1,6 +1,5 @@
 package com.contentstack.sdk;
 
-import android.content.Context;
 import android.util.Log;
 
 import org.json.JSONArray;
@@ -13,9 +12,6 @@
 
 import static junit.framework.TestCase.assertEquals;
 
-import androidx.test.InstrumentationRegistry;
-import androidx.test.core.app.ApplicationProvider;
-
 
 public class QueryTestCase {
 

contentstack/src/main/java/com/contentstack/sdk/AssetsModel.java

@@ -11,7 +11,7 @@
  */
 
 class AssetsModel {
-    List<Object> objects = new ArrayList<Object>();
+    List<Object> objects = new ArrayList<>();
 
     public AssetsModel(JSONObject jsonObject, boolean isFromCache) {
         jsonObject = !isFromCache && jsonObject.opt("response") == null ? jsonObject : jsonObject.optJSONObject("response");

contentstack/src/main/java/com/contentstack/sdk/CSConnectionRequest.java

@@ -166,6 +166,7 @@ public void onRequestFailed(JSONObject error, int statusCode, ResultCallBack cal
         errorObject.setErrorCode(errorCode);
         errorObject.setErrorMessage(errorMessage);
         errorObject.setErrors(resultHashMap);
+        errorObject.setStatusCode(statusCode);
 
         if (this.callBackObject != null) {
             this.callBackObject.onRequestFail(ResponseType.NETWORK, errorObject);