package com.meterian.cli.autofix;

import com.google.common.io.Files;
import com.google.gson.JsonArray;
import com.google.gson.JsonElement;
import com.google.gson.JsonObject;
import com.meterian.cli.Configuration;
import com.meterian.cli.autofix.versions.VersionsFixer;
import com.meterian.cli.autofix.versions.bundler.BundlerVersionFixer;
import com.meterian.cli.autofix.versions.cargo.CargoVersionFixer;
import com.meterian.cli.autofix.versions.composer.ComposerVersionFixer;
import com.meterian.cli.autofix.versions.dotnet.MsprojVersionsFixer;
import com.meterian.cli.autofix.versions.maven.MavenVersionsFixer;
import com.meterian.cli.autofix.versions.npm.NpmVersionFixer;
import com.meterian.cli.autofix.versions.pipenv.PipenvVersionFixer;
import com.meterian.cli.autofix.versions.yarn.YarnVersionsFixer;
import com.meterian.cli.builds.LocalBuild;
import com.meterian.common.concepts.bare.BareAdvice;
import com.meterian.common.concepts.bare.reports.BareSecurityAdvice;
import com.meterian.common.concepts.bare.reports.BareSecuritySingleReportV2;
import com.meterian.common.concepts.bare.reports.BareStabilityAdvice;
import com.meterian.common.concepts.bare.reports.BareStabilityReport;
import com.meterian.common.concepts.bare.reports.BareStabilitySingleReport;
import com.meterian.common.functions.CollectionFunctions;
import com.meterian.servers.dependency.dotnet.DotnetRunner;
import com.meterian.servers.dependency.java.maven.MavenRunner;
import com.meterian.servers.dependency.javascript.npm.NpmRunner;
import com.meterian.servers.dependency.javascript.yarn.YarnRunner;
import com.meterian.servers.dependency.php.composer.ComposerRunner;
import com.meterian.servers.dependency.python.pipenv.PipenvRunner;
import com.meterian.servers.dependency.ruby.BundlerRunner;
import com.meterian.servers.dependency.rust.CargoRunner;
import java.io.File;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.StringTokenizer;
import java.util.stream.Collectors;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.PropertyAccessor;
import org.springframework.util.StringUtils;

/* loaded from: input_file:com/meterian/cli/autofix/Autofixer.class */
public class Autofixer {
    private static final String DEFAULT_MODESTRING = "safe+vulns,safe+dated+no-overrides";
    private static final String DEFAULT_MODESTRING_FIXES = "conservative+vuln+fixes,safe+all+fixes";
    private static final String DEFAULT_MODESTRING_READONLY = "conservative+vuln+readonly,safe+all+readonly";
    private static final Logger log = LoggerFactory.getLogger((Class<?>) Autofixer.class);
    private final LocalBuild build;
    private final List<Program> programs;
    private final Configuration config;
    private final String modestring;
    private final Map<String, VersionsFixer> fixers = new HashMap();

    /* loaded from: input_file:com/meterian/cli/autofix/Autofixer$AutofixResult.class */
    public static class AutofixResult {
        public final List<VersionsFixer.Change> allChanges;
        public final List<VersionsFixer.Change> liveChanges;
        public final List<VersionsFixer.Change> possibleChanges;
        public final String modestring;
        private final Map<File, Set<VersionsFixer.Change>> allChangesByLocation;

        public AutofixResult(String str, List<VersionsFixer.Change> list) {
            this.modestring = str;
            this.allChanges = Collections.unmodifiableList(new ArrayList(list));
            this.liveChanges = (List) list.stream().filter(change -> {
                return change.isLive();
            }).collect(Collectors.toList());
            this.possibleChanges = (List) list.stream().filter(change2 -> {
                return !change2.isLive();
            }).collect(Collectors.toList());
            this.allChangesByLocation = computeChangesByLocation(this.allChanges);
        }

        private Map<File, Set<VersionsFixer.Change>> computeChangesByLocation(List<VersionsFixer.Change> list) {
            HashMap hashMap = new HashMap();
            for (VersionsFixer.Change change : list) {
                Iterator<File> it = change.locations().iterator();
                while (it.hasNext()) {
                    File parentFile = it.next().getParentFile();
                    Set set = (Set) hashMap.getOrDefault(parentFile, new HashSet());
                    set.add(change);
                    hashMap.put(parentFile, set);
                }
            }
            return hashMap;
        }

        public JsonElement jsonReport(boolean z) {
            JsonObject createJsonReport = Autofixer.createJsonReport(z ? this.liveChanges : this.allChanges, !this.liveChanges.isEmpty(), this.modestring);
            Autofixer.log.debug("Provisioned report for changes - live={}\n{}", Boolean.valueOf(z), createJsonReport);
            return createJsonReport;
        }

        public Set<File> locations() {
            return this.allChangesByLocation.keySet();
        }

        public boolean hasLiveChanges() {
            return this.liveChanges.size() > 0;
        }
    }

    /* loaded from: input_file:com/meterian/cli/autofix/Autofixer$Program.class */
    public static class Program {
        public final Strategy strategy;
        public final Reach reach;
        public final boolean overridePackages;
        public final boolean updateVariables;
        public final Fixing fixingMode;

        /* loaded from: input_file:com/meterian/cli/autofix/Autofixer$Program$Fixing.class */
        public enum Fixing {
            simulate,
            fixfiles,
            pullreqs,
            livefiles
        }

        public Program(Strategy strategy, Reach reach, boolean z, boolean z2, Fixing fixing) {
            this.strategy = strategy;
            this.reach = reach;
            this.overridePackages = z;
            this.updateVariables = z2;
            this.fixingMode = fixing;
        }

        public Program withOverride(boolean z) {
            return new Program(this.strategy, this.reach, z, this.updateVariables, this.fixingMode);
        }

        public boolean isPullRequest() {
            return this.fixingMode == Fixing.pullreqs;
        }

        public String toString() {
            return "[strategy=" + this.strategy + ", reach=" + this.reach + ", overridePackages=" + this.overridePackages + ", updateVariables=" + this.updateVariables + ", fixingMode=" + this.fixingMode + PropertyAccessor.PROPERTY_KEY_SUFFIX;
        }

        public Program withReach(Reach reach) {
            return new Program(this.strategy, reach, this.overridePackages, this.updateVariables, this.fixingMode);
        }

        public Program withFixing(Fixing fixing) {
            return new Program(this.strategy, this.reach, this.overridePackages, this.updateVariables, fixing);
        }
    }

    /* loaded from: input_file:com/meterian/cli/autofix/Autofixer$Reach.class */
    public enum Reach {
        ALL("will update all versions"),
        VULNS("will update vulnerable libraries only"),
        DATED("will update out-of-date libraries only"),
        PARENT("will update parent packages only");

        public final String helptext;

        Reach(String str) {
            this.helptext = str;
        }

        static Reach fromString(String str, Reach reach) {
            try {
                return valueOf(str.toUpperCase());
            } catch (Exception e) {
                return reach;
            }
        }
    }

    /* loaded from: input_file:com/meterian/cli/autofix/Autofixer$Strategy.class */
    public enum Strategy {
        SAFE("will update with patch releases"),
        CONSERVATIVE("will update with minor or patch releases"),
        AGGRESSIVE("will update with major, minor or patch releases");

        public final String helptext;

        Strategy(String str) {
            this.helptext = str;
        }

        static Strategy fromString(String str, Strategy strategy) {
            try {
                return valueOf(str.toUpperCase());
            } catch (Exception e) {
                return strategy;
            }
        }
    }

    public Autofixer(Configuration configuration, LocalBuild localBuild, List<Program> list, String str) {
        this.build = localBuild;
        this.programs = Collections.unmodifiableList(list);
        this.config = configuration;
        this.modestring = str;
        this.fixers.put(MavenRunner.NAME, new MavenVersionsFixer());
        this.fixers.put(ComposerRunner.NAME, new ComposerVersionFixer());
        this.fixers.put(BundlerRunner.NAME, new BundlerVersionFixer());
        this.fixers.put(PipenvRunner.NAME, new PipenvVersionFixer(configuration));
        this.fixers.put(NpmRunner.NAME, new NpmVersionFixer());
        this.fixers.put(DotnetRunner.NAME, new MsprojVersionsFixer());
        this.fixers.put(YarnRunner.NAME, new YarnVersionsFixer());
        this.fixers.put(CargoRunner.NAME, new CargoVersionFixer(configuration));
    }

    public List<Program> programs() {
        return this.programs;
    }

    public AutofixResult process() throws IOException {
        ArrayList arrayList = new ArrayList();
        this.build.recordChanges(arrayList);
        Iterator<Program> it = this.programs.iterator();
        while (it.hasNext()) {
            process(arrayList, it.next());
        }
        return new AutofixResult(this.modestring, arrayList);
    }

    private void process(List<VersionsFixer.Change> list, Program program) throws IOException {
        log.info("Running program {}", program);
        switch (program.reach) {
            case VULNS:
            case DATED:
            case PARENT:
                processNow(list, program);
                return;
            case ALL:
                VersionsFixer.Change.addWithDedup(list, processNow(new ArrayList(), program.withReach(Reach.VULNS)));
                VersionsFixer.Change.addWithDedup(list, processNow(new ArrayList(), program.withReach(Reach.DATED)));
                return;
            default:
                return;
        }
    }

    private List<VersionsFixer.Change> processNow(List<VersionsFixer.Change> list, Program program) throws IOException {
        BareStabilityReport stabilityReportForStability;
        if (program.reach == Reach.VULNS) {
            log.info("Reaching for security issues...");
            stabilityReportForStability = getStabilityReportForSecurity(this.build);
        } else {
            log.info("Reaching for stability issues...");
            stabilityReportForStability = getStabilityReportForStability(this.build);
        }
        Iterator<BareStabilitySingleReport> it = stabilityReportForStability.reports.iterator();
        while (it.hasNext()) {
            BareStabilitySingleReport convertToAutofixAdvisories = convertToAutofixAdvisories(it.next());
            Iterator<String> it2 = getAutofixToolNames().iterator();
            while (it2.hasNext()) {
                VersionsFixer versionsFixer = this.fixers.get(it2.next());
                if (versionsFixer != null) {
                    List<VersionsFixer.Change> process = versionsFixer.process(this.config, this.build, convertToAutofixAdvisories, program);
                    log.info("Changes applied by fixer {} in folder {}: {}", versionsFixer.getClass().getSimpleName(), this.build.getProjectFolder(), process);
                    VersionsFixer.Change.addWithDedup(list, process);
                }
            }
        }
        log.info("Applied {} change(s): {}", Integer.valueOf(list.size()), list);
        return list;
    }

    private Set<String> getAutofixToolNames() {
        Set<String> toolNames = this.build.getToolNames();
        if (toolNames.contains(NpmRunner.NAME)) {
            toolNames.add(YarnRunner.NAME);
        }
        log.info("Autofix tool names: {}", toolNames);
        return toolNames;
    }

    BareStabilityReport getStabilityReportForStability(LocalBuild localBuild) throws IOException {
        BareStabilityReport stabilityReport = localBuild.getStabilityReport();
        ArrayList arrayList = new ArrayList();
        try {
            for (BareStabilitySingleReport bareStabilitySingleReport : stabilityReport.reports) {
                HashSet hashSet = new HashSet();
                for (BareStabilityAdvice bareStabilityAdvice : bareStabilitySingleReport.versions) {
                    if (needsAutofix(bareStabilityAdvice)) {
                        hashSet.add(new BareStabilityAdvice(bareStabilityAdvice, localBuild.getSafeVersions(bareStabilitySingleReport.language, bareStabilityAdvice.name, bareStabilityAdvice.version)));
                    } else {
                        log.debug("Advices skipped: {}", bareStabilityAdvice);
                    }
                }
                arrayList.add(new BareStabilitySingleReport(bareStabilitySingleReport.language, hashSet));
            }
        } catch (Exception e) {
            log.warn("Unexpected", (Throwable) e);
        }
        return new BareStabilityReport(stabilityReport.score, arrayList);
    }

    private boolean needsAutofix(BareStabilityAdvice bareStabilityAdvice) {
        return CollectionFunctions.isEmpty(bareStabilityAdvice.exclusions);
    }

    BareStabilityReport getStabilityReportForSecurity(LocalBuild localBuild) throws IOException {
        ArrayList arrayList = new ArrayList();
        try {
            for (BareSecuritySingleReportV2 bareSecuritySingleReportV2 : localBuild.getSecurityReport().reports) {
                HashSet hashSet = new HashSet();
                for (BareSecurityAdvice bareSecurityAdvice : bareSecuritySingleReportV2.reports) {
                    if (!needsAutofix(bareSecurityAdvice)) {
                        log.debug("Advices skipped: {}", bareSecurityAdvice);
                    } else if (bareSecurityAdvice.safeVersions.hasSafeVersion()) {
                        BareStabilityAdviceForAutofix bareStabilityAdviceForAutofix = new BareStabilityAdviceForAutofix(bareSecurityAdvice);
                        hashSet.add(bareStabilityAdviceForAutofix);
                        log.debug("Added new stability advice based on vulnerability: {}", bareStabilityAdviceForAutofix);
                    } else {
                        log.debug("Autofix for {} skipped as there are no safe versions", bareSecurityAdvice.dependency);
                    }
                }
                arrayList.add(new BareStabilitySingleReport(bareSecuritySingleReportV2.language, hashSet));
            }
        } catch (Exception e) {
            log.warn("Unexpected", (Throwable) e);
        }
        return new BareStabilityReport(0, arrayList);
    }

    private boolean needsAutofix(BareSecurityAdvice bareSecurityAdvice) {
        for (BareAdvice bareAdvice : bareSecurityAdvice.advices) {
            if (CollectionFunctions.isEmpty(bareAdvice.exclusions) && bareAdvice.severity != BareAdvice.Severity.NA && bareAdvice.severity != BareAdvice.Severity.NONE && bareAdvice.severity != BareAdvice.Severity.SUGGEST) {
                return true;
            }
        }
        return false;
    }

    private BareStabilitySingleReport convertToAutofixAdvisories(BareStabilitySingleReport bareStabilitySingleReport) {
        HashSet hashSet = new HashSet();
        for (BareStabilityAdvice bareStabilityAdvice : bareStabilitySingleReport.versions) {
            hashSet.add(!(bareStabilityAdvice instanceof BareStabilityAdviceForAutofix) ? new BareStabilityAdviceForAutofix(bareStabilityAdvice) : (BareStabilityAdviceForAutofix) bareStabilityAdvice);
        }
        return new BareStabilitySingleReport(bareStabilitySingleReport.language, hashSet);
    }

    public static Autofixer create(Configuration configuration, LocalBuild localBuild, String str, boolean z) {
        ArrayList arrayList = new ArrayList();
        if ("readonly".equals(str)) {
            str = DEFAULT_MODESTRING_READONLY;
        } else if ("fixes".equals(str)) {
            str = DEFAULT_MODESTRING_FIXES;
        } else if (StringUtils.isEmpty(str)) {
            str = DEFAULT_MODESTRING;
        }
        log.debug("Using mode: \"{}\"", str);
        for (String str2 : str.split(",")) {
            Program parseProgram = parseProgram(str2);
            if (z) {
                parseProgram = parseProgram.withFixing(Program.Fixing.pullreqs);
            }
            arrayList.add(parseProgram);
        }
        return new Autofixer(configuration, localBuild, arrayList, str);
    }

    private static Program parseProgram(String str) {
        boolean z = false;
        boolean z2 = true;
        Program.Fixing fixing = Program.Fixing.livefiles;
        Reach reach = Reach.ALL;
        Strategy strategy = Strategy.SAFE;
        StringTokenizer stringTokenizer = new StringTokenizer(str, "+ \t");
        while (stringTokenizer.hasMoreTokens()) {
            String nextToken = stringTokenizer.nextToken();
            reach = Reach.fromString(nextToken, reach);
            strategy = Strategy.fromString(nextToken, strategy);
            if ("variables".equalsIgnoreCase(nextToken)) {
                z = true;
            } else if ("no-overrides".equalsIgnoreCase(nextToken)) {
                z2 = false;
            } else if ("readonly".equalsIgnoreCase(nextToken)) {
                fixing = Program.Fixing.simulate;
            } else if ("fixes".equalsIgnoreCase(nextToken)) {
                fixing = Program.Fixing.fixfiles;
            }
        }
        return new Program(strategy, reach, z2, z, fixing);
    }

    public boolean supports(LocalBuild localBuild) {
        return !supportedFixersNames(localBuild.getProjectFolder()).isEmpty();
    }

    public Set<String> supportedFixersNames(File file) {
        HashSet hashSet = new HashSet();
        try {
            for (String str : this.fixers.keySet()) {
                if (this.fixers.get(str).supports(file)) {
                    hashSet.add(str);
                }
            }
        } catch (Exception e) {
            log.warn("Unexpected", (Throwable) e);
        }
        return hashSet;
    }

    public static File asFixfile(File file) {
        return asFileWithExtension(file, ".fix");
    }

    public static File asFileWithExtension(File file, String str) {
        return new File(file.getParentFile(), file.getName() + str);
    }

    public static void moveFile(File file, File file2) throws IOException {
        file2.delete();
        Files.move(file, file2);
    }

    public static File createBackup(File file) throws IOException {
        File createTempFile = File.createTempFile("meterian-", ".manifest");
        Files.copy(file, createTempFile);
        return createTempFile;
    }

    public static void restoreBackup(File file, File file2) throws IOException {
        moveFile(file2, file);
    }

    public static JsonObject createJsonReport(List<VersionsFixer.Change> list, boolean z, String str) {
        JsonArray jsonArray = new JsonArray(list.size());
        Iterator<VersionsFixer.Change> it = list.iterator();
        while (it.hasNext()) {
            jsonArray.add(it.next().jsonReport());
        }
        JsonObject jsonObject = new JsonObject();
        jsonObject.addProperty("applied", Boolean.valueOf(z));
        jsonObject.addProperty("modestring", str);
        jsonObject.add("changes", jsonArray);
        return jsonObject;
    }
}
