Skip to content

Test PR only#122

Open
renzjephte wants to merge 22 commits intomainfrom
tasks/base-mvp-3.0-fix
Open

Test PR only#122
renzjephte wants to merge 22 commits intomainfrom
tasks/base-mvp-3.0-fix

Conversation

@renzjephte
Copy link
Copy Markdown
Contributor

@renzjephte renzjephte commented Mar 19, 2026

No description provided.

Ashish and others added 9 commits March 2, 2026 19:18
@jdclomera
feat: Add Lambda Test cloud execution support
9e89f9d 
- Integrate Lambda Test CDP (Chromium DevTools Protocol) support for cloud-based browser execution
- Add LambdaTestCaps configuration class for managing Lambda test capabilities
- Update PlaywrightDriverFactory to support grid execution via Lambda Test
- Add Lambda test status reporting in Task execution
- Update Control class to track execution start time for build identification
- Add UI settings panel for Lambda Test capabilities configuration
- Update default remote grid URL to wss://cdp.lambdatest.com
- Enable HTTP redirect handling in web service requests
- Add CODE_CHANGES_SUMMARY.md with detailed documentation of all changes
@jdclomera
unit tests added
d68ff3f
@jdclomera
Java Swing to Java FX
a748eba
@jdclomera
report improvement
aa14c7d
@jdclomera
base dark mode activated
f570a3e
@renzjephte
Merge main into tasks/base-mvp-3.0 - resolved all conflicts
d64a143
@renzjephte
Fix post-merge compilation errors and test failures
b38e277 
- Add APIOR support to ObjectRepository (getAPIOR, saveAPIOR, initialization)
- Add YAML-related stub methods to ObjectRepository for backward compatibility
- Fix StoryWriter Utility.java AM/PM formatting (convert to uppercase)
- Fix ObjectRenderer missing java.util.Objects import
- Fix DriverPropertiesTest property name (setSSLCertVerification -> sslCertificateVerification)
- Fix StringOperationsActionTest.testSubstringTwoArgs expectation (ello not ell)

All modules compile successfully and all tests pass.
@renzjephte
Integrate YAML Object Repository support
d6c5299 
- Add YamlORReader and YamlORWriter with full YAML file I/O
- Add YAML page definition classes for Web, Mobile, and API ORs
- Replace stub methods in ObjectRepository with actual YAML functionality
- Add useYamlFormat flag and setUseYamlFormat() to toggle between XML/YAML
- Add getAPIORRepLocation() for API OR directory
- Implement saveWebPageNow(), saveMobilePageNow(), saveAPIPageNow()
- Implement renameWebPageYaml(), renameMobilePageYaml(), renameAPIPageYaml()
- Add YamlORTest with comprehensive test coverage

YAML support enables:
- 75% smaller file size (only non-empty properties)
- Page-per-file organization for better Git merges
- Human-readable YAML format
- Backward compatible with XML (default format)

Both XML and YAML formats now fully supported.
@renzjephte
fix yaml use
0fd548b
github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 19, 2026
View reviewed changes
github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 19, 2026
View reviewed changes
github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 19, 2026
View reviewed changes
IDE/src/main/java/com/ing/ide/main/mainui/components/apitester/util/APIHttpClient.java
}
};
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, trustAllCerts, new SecureRandom());

Check failure

Code scanning / CodeQL

`TrustManager` that accepts all certificates High

This uses
TrustManager
Loading
, which is defined in
APIHttpClient$
Loading
and trusts any certificate.

Copilot Autofix

AI 25 days ago

In general, the fix is to stop using a custom X509TrustManager that unconditionally trusts all certificates. Instead, either (a) rely on the default system trust store (what createSecureClient() already does), or (b) if self‑signed or private CA certificates must be supported, load those specific certificates into a KeyStore and initialize a TrustManagerFactory from it, as in the “good” example in your background section.

The minimal, non‑breaking change here is to remove the insecure TrustManager and make createInsecureClient() return a properly verifying client. Since createSecureClient() already creates a standard secure HttpClient, the safest change is to have createInsecureClient() delegate to createSecureClient() instead of building a custom SSLContext with trustAllCerts. This preserves the API (there is still an insecureHttpClient field), avoids guessing about how it is used elsewhere, and completely eliminates the “trust all certificates” behavior.

Concretely, in IDE/src/main/java/com/ing/ide/main/mainui/components/apitester/util/APIHttpClient.java:

  • Replace the body of createInsecureClient() (lines 62–84) with a simple call to createSecureClient().
  • This removes the insecure X509TrustManager and the custom SSLContext. No new imports or helper methods are required.
Suggested changeset 1
IDE/src/main/java/com/ing/ide/main/mainui/components/apitester/util/APIHttpClient.java

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/IDE/src/main/java/com/ing/ide/main/mainui/components/apitester/util/APIHttpClient.java b/IDE/src/main/java/com/ing/ide/main/mainui/components/apitester/util/APIHttpClient.java
--- a/IDE/src/main/java/com/ing/ide/main/mainui/components/apitester/util/APIHttpClient.java
+++ b/IDE/src/main/java/com/ing/ide/main/mainui/components/apitester/util/APIHttpClient.java
@@ -60,27 +60,10 @@
     }
 
     private HttpClient createInsecureClient() {
-        try {
-            TrustManager[] trustAllCerts = new TrustManager[]{
-                new X509TrustManager() {
-                    public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; }
-                    public void checkClientTrusted(X509Certificate[] certs, String authType) {}
-                    public void checkServerTrusted(X509Certificate[] certs, String authType) {}
-                }
-            };
-            SSLContext sslContext = SSLContext.getInstance("TLS");
-            sslContext.init(null, trustAllCerts, new SecureRandom());
-            
-            return HttpClient.newBuilder()
-                    .version(HttpClient.Version.HTTP_1_1)
-                    .connectTimeout(Duration.ofMillis(defaultTimeout))
-                    .followRedirects(HttpClient.Redirect.NORMAL)
-                    .sslContext(sslContext)
-                    .build();
-        } catch (NoSuchAlgorithmException | KeyManagementException e) {
-            LOG.log(Level.WARNING, "Failed to create insecure client, falling back to secure", e);
-            return createSecureClient();
-        }
+        // Previously this method created an HttpClient that trusted all certificates
+        // via a custom X509TrustManager, which is insecure. We now reuse the standard
+        // secure client configuration instead.
+        return createSecureClient();
     }
 
     /**
EOF
@@ -60,27 +60,10 @@
}

private HttpClient createInsecureClient() {
try {
TrustManager[] trustAllCerts = new TrustManager[]{
new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; }
public void checkClientTrusted(X509Certificate[] certs, String authType) {}
public void checkServerTrusted(X509Certificate[] certs, String authType) {}
}
};
SSLContext sslContext = SSLContext.getInstance("TLS");
sslContext.init(null, trustAllCerts, new SecureRandom());

return HttpClient.newBuilder()
.version(HttpClient.Version.HTTP_1_1)
.connectTimeout(Duration.ofMillis(defaultTimeout))
.followRedirects(HttpClient.Redirect.NORMAL)
.sslContext(sslContext)
.build();
} catch (NoSuchAlgorithmException | KeyManagementException e) {
LOG.log(Level.WARNING, "Failed to create insecure client, falling back to secure", e);
return createSecureClient();
}
// Previously this method created an HttpClient that trusted all certificates
// via a custom X509TrustManager, which is insecure. We now reuse the standard
// secure client configuration instead.
return createSecureClient();
}

/**
Copilot is powered by AI and may make mistakes. Always verify output.
IDE/src/main/java/com/ing/ide/main/mainui/components/apitester/util/APIHttpClient.java
trustManagers = createTrustManagers(certConfig);
}

sslContext.init(keyManagers, trustManagers, new SecureRandom());

Check failure

Code scanning / CodeQL

`TrustManager` that accepts all certificates High

This uses
TrustManager
Loading
, which is defined in
APIHttpClient$
Loading
and trusts any certificate.

Copilot Autofix

AI 25 days ago

In general, the fix is to remove the custom TrustManager that unconditionally trusts all certificates, and instead always use a proper trust manager derived from a key store (either the default system trust store or a custom CA/certificate store). If you need to support self-signed or custom certificates, you should add those certificates to a KeyStore and initialize a TrustManagerFactory from that keystore, instead of bypassing validation.

For this file, the best minimally invasive fix is:

  • Stop creating an insecure anonymous X509TrustManager when trustAll is true.
  • Reuse the existing createTrustManagers(certConfig) method to obtain the trust managers even when the caller disables “SSL verification”. That keeps certificate validation intact while still honoring any custom CA configuration in CertificateConfig.
  • Optionally, if you must allow disabling hostname verification but not certificate validation, you would adjust elsewhere (e.g. via a HostnameVerifier) rather than via a trust-all trust manager. However, no such code is visible here, so the safe change is simply to ignore the trustAll flag for trust manager selection.

Concretely:

  • In createCertificateSSLContext in APIHttpClient.java, replace the if (trustAll) { ... } else { ... } block that creates the anonymous X509TrustManager with a simple call to createTrustManagers(certConfig) regardless of the value of trustAll.
  • No new imports or additional helper methods are required; we just remove the insecure branch and always rely on createTrustManagers.
Suggested changeset 1
IDE/src/main/java/com/ing/ide/main/mainui/components/apitester/util/APIHttpClient.java

Autofix patch

Autofix patch
Run the following command in your local git repository to apply this patch
cat << 'EOF' | git apply
diff --git a/IDE/src/main/java/com/ing/ide/main/mainui/components/apitester/util/APIHttpClient.java b/IDE/src/main/java/com/ing/ide/main/mainui/components/apitester/util/APIHttpClient.java
--- a/IDE/src/main/java/com/ing/ide/main/mainui/components/apitester/util/APIHttpClient.java
+++ b/IDE/src/main/java/com/ing/ide/main/mainui/components/apitester/util/APIHttpClient.java
@@ -474,20 +474,8 @@
         }
         
         // Setup TrustManager
-        TrustManager[] trustManagers;
-        if (trustAll) {
-            // Trust all certificates
-            trustManagers = new TrustManager[]{
-                new X509TrustManager() {
-                    public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; }
-                    public void checkClientTrusted(X509Certificate[] certs, String authType) {}
-                    public void checkServerTrusted(X509Certificate[] certs, String authType) {}
-                }
-            };
-        } else {
-            // Use custom CA if provided, otherwise use default
-            trustManagers = createTrustManagers(certConfig);
-        }
+        // Always use a proper TrustManager derived from a KeyStore; do not trust all certificates.
+        TrustManager[] trustManagers = createTrustManagers(certConfig);
         
         sslContext.init(keyManagers, trustManagers, new SecureRandom());
         return sslContext;
EOF
@@ -474,20 +474,8 @@
}

// Setup TrustManager
TrustManager[] trustManagers;
if (trustAll) {
// Trust all certificates
trustManagers = new TrustManager[]{
new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; }
public void checkClientTrusted(X509Certificate[] certs, String authType) {}
public void checkServerTrusted(X509Certificate[] certs, String authType) {}
}
};
} else {
// Use custom CA if provided, otherwise use default
trustManagers = createTrustManagers(certConfig);
}
// Always use a proper TrustManager derived from a KeyStore; do not trust all certificates.
TrustManager[] trustManagers = createTrustManagers(certConfig);

sslContext.init(keyManagers, trustManagers, new SecureRandom());
return sslContext;
Copilot is powered by AI and may make mistakes. Always verify output.
juliusborja and others added 13 commits March 24, 2026 17:53
@juliusborja
Push fix for Java heap error for loadStep
92d31fe
fixed mockito, assertj and .toList
c77091e
fixed mockito, assertj and .toList
92ee6c0
@ayapjulie001
Base mvp 3.0 bdd api editor fix (#123)
9a52e97 
* fix close window BDD editor

* fix API tester
@renzjephte
Load api tester collections
8abdb4b
@mjcnavarro
Merge pull request #124 from ing-bank/tasks/base-mvp-3.0-DependencyFIX
1320bb4 
fixed mockito, assertj and .toList
@renzjephte
Merge pull request #126 from ing-bank/tasks/8950260-api-tester-load-fix
896ed25 
Load api tester collections
@juliusborja
Remove duplicate dependency entry io.appium in Engine pom.xml
d1f6b32
@juliusborja
Merge pull request #125 from ing-bank/remove/duplicate-pom-entry
84dcb23 
Remove duplicate dependency entry io.appium in Engine pom.xml
@juliusborja
Revert deleted icons
23d6992
@juliusborja
Merge pull request #127 from ing-bank/task/8996139-missing-test-step-…
9ece3e6 
…icons

Fix Missing Test Step Icons
@juliusborja
Revert "Fix Missing Test Step Icons"
4ff856a
@juliusborja
Merge pull request #128 from ing-bank/revert-127-task/8996139-missing…
ed37a1f 
…-test-step-icons

Revert "Fix Missing Test Step Icons"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@renzjephte @github-advanced-security @juliusborja @ayapjulie001 @mjcnavarro