Issue templates: Add question about AI tooling

Turn var into val
Add overridden @Deprecated annotations
2025-09-09 18:29:39 +02:00 · 2025-07-27 19:44:20 +02:00 · 2025-07-24 11:49:47 +02:00 · 2025-07-24 11:49:38 +02:00 · 2025-07-01 23:29:45 +02:00 · 2025-06-18 12:16:48 +02:00
8 changed files with 17 additions and 37 deletions
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@ -36,7 +36,7 @@ jobs:
    strategy:
      fail-fast: false
      matrix:
-        language: [ 'java-kotlin' ]
+        language: [ 'java' ]
        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
        # Learn more about CodeQL language support at https://git.io/codeql-language-support

@ -46,7 +46,7 @@ jobs:

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@v2
      with:
        languages: ${{ matrix.language }}
        # If you wish to specify custom queries, you can do so here or in a config file.
@ -57,7 +57,7 @@ jobs:
    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
    # If this step fails, then you should remove it and run the build manually (see below)
    - name: Autobuild
-      uses: github/codeql-action/autobuild@v3
+      uses: github/codeql-action/autobuild@v2

    # ℹ️ Command-line programs to run using the OS shell.
    # 📚 https://git.io/JvXDl
@ -71,4 +71,4 @@ jobs:
    #   make release

    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@v2
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/exception/KeyException.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/exception/KeyException.kt
@ -38,11 +38,6 @@ abstract class KeyException : RuntimeException {
        ) {

        constructor(cert: OpenPGPCertificate, expirationDate: Date) : this(of(cert), expirationDate)
-
-        constructor(
-            componentKey: OpenPGPComponentKey,
-            expirationDate: Date
-        ) : this(of(componentKey), expirationDate)
    }

    class RevokedKeyException : KeyException {
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/key/generation/KeyRingBuilder.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/key/generation/KeyRingBuilder.kt
@ -52,7 +52,7 @@ class KeyRingBuilder(private val version: OpenPGPKeyVersion, private val api: PG
    }

    override fun addUserId(userId: CharSequence): KeyRingBuilder = apply {
-        userIds[userId.toString()] = null
+        userIds[userId.toString().trim()] = null
    }

    override fun addUserId(userId: ByteArray): KeyRingBuilder =
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/key/info/KeyRingInfo.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/key/info/KeyRingInfo.kt
@ -35,8 +35,7 @@ class KeyRingInfo(
        api: PGPainless = PGPainless.getInstance(),
        referenceDate: Date = Date()
    ) : this(
-        if (keys is PGPSecretKeyRing) OpenPGPKey(keys, api.implementation)
-        else OpenPGPCertificate(keys, api.implementation),
+        if (keys is PGPSecretKeyRing) OpenPGPKey(keys) else OpenPGPCertificate(keys),
        api,
        referenceDate)

--- a/pgpainless-core/src/main/kotlin/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/key/modification/secretkeyring/SecretKeyRingEditor.kt
@ -532,7 +532,7 @@ class SecretKeyRingEditor(
        val prevBinding =
            api.inspect(key).getCurrentSubkeyBindingSignature(keyId)
                ?: throw NoSuchElementException(
-                    "Previous subkey binding signature for $keyId MUST NOT be null.")
+                    "Previous subkey binding signaure for $keyId MUST NOT be null.")
        val bindingSig = reissueSubkeyBindingSignature(subkey, expiration, protector, prevBinding)
        secretKeyRing =
            injectCertification(secretKeyRing, subkey.pgpPublicKey, bindingSig.signature)
@ -624,10 +624,9 @@ class SecretKeyRingEditor(
    }

    private fun sanitizeUserId(userId: CharSequence): CharSequence =
-        // I'm not sure, what kind of sanitization is needed.
-        // Newlines are allowed, they just need to be escaped when emitted in an ASCII armor header
-        // Trailing/Leading whitespace is also fine.
-        userId.toString()
+        // TODO: Further research how to sanitize user IDs.
+        //  e.g. what about newlines?
+        userId.toString().trim()

    private fun callbackFromRevocationAttributes(attributes: RevocationAttributes?) =
        object : RevocationSignatureSubpackets.Callback {
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/util/ArmorUtils.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/util/ArmorUtils.kt
@ -247,8 +247,7 @@ class ArmorUtils {
                .add(OpenPgpFingerprint.of(publicKey).prettyPrint())
            // Primary / First User ID
            (primary ?: first)?.let {
-                headerMap.getOrPut(HEADER_COMMENT) { mutableSetOf() }
-                    .add(it.replace("\n", "\\n").replace("\r", "\\r"))
+                headerMap.getOrPut(HEADER_COMMENT) { mutableSetOf() }.add(it)
            }
            // X-1 further identities
            when (userIds.size) {
--- a/pgpainless-core/src/main/kotlin/org/pgpainless/util/Passphrase.kt
+++ b/pgpainless-core/src/main/kotlin/org/pgpainless/util/Passphrase.kt
@ -11,9 +11,14 @@ import org.bouncycastle.util.Arrays
 *
 * @param chars may be null for empty passwords.
 */
-class Passphrase(private val chars: CharArray?) {
+class Passphrase(chars: CharArray?) {
    private val lock = Any()
    private var valid = true
+    private val chars: CharArray?
+
+    init {
+        this.chars = trimWhitespace(chars)
+    }

    /**
     * Return a copy of the underlying char array. A return value of null represents an empty
@ -62,13 +67,6 @@ class Passphrase(private val chars: CharArray?) {

    override fun hashCode(): Int = getChars()?.let { String(it) }.hashCode()

-    /**
-     * Return a copy of this [Passphrase], but with whitespace characters trimmed off.
-     *
-     * @return copy with trimmed whitespace
-     */
-    fun withTrimmedWhitespace(): Passphrase = Passphrase(trimWhitespace(chars))
-
    companion object {

        /**
--- a/pgpainless-sop/src/test/java/org/pgpainless/sop/GenerateKeyTest.java
+++ b/pgpainless-sop/src/test/java/org/pgpainless/sop/GenerateKeyTest.java
@ -100,14 +100,4 @@ public class GenerateKeyTest {
        assertThrows(SOPGPException.UnsupportedProfile.class, () ->
                sop.generateKey().profile("invalid"));
    }
-
-    @Test
-    public void generateKeyWithNewlinesInUserId() throws IOException {
-        byte[] keyBytes = sop.generateKey()
-                .userId("Foo\n\nBar")
-                .generate()
-                .getBytes();
-
-        assertTrue(new String(keyBytes).contains("Foo\\n\\nBar"));
-    }
 }