Patch 2

.codenvy/project.json

@@ -0,0 +1 @@
+{"builders":{"configs":{},"default":"maven"},"mixinTypes":["contribution"],"runners":{"configs":{"system:/java/codenvy-cli":{"ram":1000,"variables":{},"options":{}}},"default":"system:/java/codenvy-cli"},"type":"maven","attributes":{"languageVersion":["1.6"],"language":["java"],"contribute_branch":["master"],"contribute_mode":["contribute"]}}

.gitattributes

@@ -0,0 +1,77 @@
+# Autodetect text files
+#
+# In addition:
+#   Windows developers should set:
+#       git config --global core.autocrlf true
+#   UNIX / MacOS develoers should set:
+#       git config --global core.autocrlf input
+* text=auto
+
+#
+# And configure default EOL terminators for various text types
+#
+
+# Explicitly declare text files you want to always be normalized and converted
+# to native line endings on checkout.
+*.java text
+*.properties text
+*.xml text
+*.xsd text
+*.dtd text
+*.MF text
+*.md text
+*.html text
+*.tld text
+*.json text
+
+# Declare files that will always have CRLF line endings on checkout.
+*.cmd text eol=crlf
+*.bat text eol=crlf
+# Because *nix editors / paginators can handle either way, but braindead
+# Windoze notepad which is used by default to handle text files in Windows,
+# not so much, we also make the concession here to use CRLF for EOL.
+*.txt text eol=crlf
+# Ditto for Eclipse related preferences
+*.prefs text eol=crlf
+
+# Declare files that will always have LF line endings on checkout
+*.sh text eol=lf
+*.bsh text eol=lf
+*.ksh text eol=lf
+
+# Eclipse stuff
+.settings/* text eol=crlf
+.classpath text eol=crlf
+.project text eol=crlf
+
+# Miscellaneous text
+.gitattributes text eol=lf
+.gitignore text eol=lf
+*.MF text eol=crlf
+LICENSE text eol=crlf
+LICENSE-CONTENT text eol=crlf
+LICENSE-README text eol=crlf
+
+
+# Denote all files that are truly binary and should not be modified,
+# or simply replaced in whole if committed.
+*.jpg binary
+*.JPG binary
+*.png binary
+*.jks binary
+*.ser binary
+*.doc binary
+*.docx binary
+*.xls binary
+*.xlsx binary
+*.pptx binary
+*.odt binary
+*.pdf binary
+*.zip binary
+*.jar binary
+*.war binary
+*.ear binary
+*.7z binary
+*.rar binary
+*.tgz binary
+*.tar binary

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,40 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: ''
+labels: bug
+assignees: ''
+---
+
+[**NOTE:** Please do NOT just ask general questions here as they will _not_ be answered. Instead, please use the GitHub Discussions and create a new topic under 'Questions and Answers". Also, please delete the instructions and replace them with actual text and delete the sections that are not relevant.]
+
+#### Describe the bug
+A clear and concise description of what the bug is.
+
+#### Specify what ESAPI version(s) you are experiencing this bug in
+This is especially important if it is not the latest version of ESAPI. Also, if you are using the Jakarta version (e.g., '<classifier>jakarta</classier>'), then please note that as well.
+
+#### To Reproduce
+List the steps to reproduce the behavior or (ideally) attach a small JUnit test to reproduce the problem. Please _be specific_.
+1. Go to '...'
+2. Click on '....'
+3. Scroll down to '....'
+4. See error
+Note also any specific configuration changes that are needed to replicate the problem. That is especially important if you are not using the default configuration files (ESAPI.properties, validation.properties, antisamy-esapi.xml, etc.)
+
+#### Expected behavior
+A clear and concise description of what you expected to happen.
+
+#### Screenshots
+If applicable, add screenshots to help explain your problem.
+[**NOTE:** Please do NOT just ask general questions here as they will _not_ be answered. Instead, please use the GitHub Discussions and create a new topic under 'Questions and Answers".
+Please delete any irrelevant portion of this template before submitting your GitHub issue. Thanks.]
+
+#### Platform environment (please complete the following information)
+ - OS: [e.g. iOS]
+ - Browser [e.g. chrome, safari]
+ - JDK version used with ESAPI
+
+#### Additional context
+Add any other context about the problem here.
+If known, please select the label corresponding to the affected ESAPI component.

.github/ISSUE_TEMPLATE/enhancement-request.md

@@ -0,0 +1,21 @@
+---
+name: Enhancement request
+about: Suggest an enhancment for this project
+title: ''
+labels: enhancement
+assignees: ''
+---
+
+[**NOTE:** Please do NOT just ask general questions here as they will _not_ be answered. Instead, please use the GitHub Discussions and create a new topic under 'Questions and Answers". Please delete any irrelevant portion of this template before submitting your GitHub issue. Thanks.]
+
+#### Is your feature request related to a problem? Please describe.
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+#### Describe the solution you'd like
+A clear and concise description of what you want to happen. Note that this may include some appropriate type of documentation that is lacking or unclear.
+
+#### Describe alternatives you've considered including other security libraries
+A clear and concise description of any alternative solutions or features you've considered.
+
+#### Additional context
+Add any other context or screenshots about the feature request here.

.github/workflows/maven.yml

@@ -0,0 +1,24 @@
+# This workflow will build a Java project with Maven
+# For more information see: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
+
+name: Java CI with Maven
+
+on:
+  push:
+    branches: [ develop ]
+  pull_request:
+    branches: [ develop ]
+
+jobs:
+  build:
+
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up JDK 1.8
+      uses: actions/setup-java@v1
+      with:
+        java-version: 1.8
+    - name: Build with Maven
+      run: mvn -B package --file pom.xml

.github/workflows/superlinter.yml

@@ -0,0 +1,26 @@
+name: Super-Linter
+
+# Run this workflow every time a new commit pushed to your repository
+on: push
+
+jobs:
+  # Set the job key. The key is displayed as the job name
+  # when a job name is not provided
+  super-lint:
+    # Name the Job
+    name: Lint code base
+    # Set the type of machine to run on
+    runs-on: ubuntu-latest
+
+    steps:
+      # Checks out a copy of your repository on the ubuntu-latest machine
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      # Runs the Super-Linter action and ignore errors
+      - name: Run Super-Linter
+        uses: github/super-linter@v4
+        env:
+          DEFAULT_BRANCH: develop
+          DISABLE_ERRORS: true
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.gitignore

@@ -0,0 +1,20 @@
+# Eclipse / IntelliJ / Maven / backup editor files
+/target
+/.settings/**
+.classpath
+.java-version
+.project
+*.swp
+*~
+*.iml
+.idea/
+*.iws
+*.eml
+out/
+bin/
+
+# Leftover test files
+ciphertext-portable.ser
+ReferenceEncryptedProperties.test.txt
+test.out
+.DS_Store

.snyk

@@ -0,0 +1,2 @@
+# Snyk (https://snyk.io) policy file, patches or ignores known vulnerabilities.
+version: v1.14.0

.travis.yml

@@ -0,0 +1,17 @@
+language: java
+jdk:
+- oraclejdk7
+env:
+  global:
+    - secure: "aDhH/FBa9CSX3P3UucVJGghHkzHwmw8DhEdklUnb5HI44CpQs5rVNBQLG6ClqrJGl5BEghaHG9mQ0alVrZoqGCR4UA0qhGCmeRyo+SL7z44tHFq/VdWbZJcnSXeq+CzGc4rgkIg2XBrgGKKq5EfUxXjsYQUA/mIslWhnmQtfn0gjiobJkOdGAOJ4RY6cAyTtgNbv8AZg71hnPDusz+F/Somy1GPp2oFW0gAJyOUbDqol6bx8ajTl/+NJkQL9uSlUEGqyeMwXGW0Z901Vbn+Btwl7QtnrSFxOOOlQSUIAFGKTqAt/DzOeKi0Guv5uE4nqR50veOge5StbpgDqTq6a101DYNTyMFeE4plTNKHawnnyMe7v0yTDsnk+PeeSe8hkkdqiRLiBufriVnlzlfQt9TbWfE7aRhy6U0wqvlMvMgOOmXl5+eyLf1CtdRCbWeh2eZFISbD35y8EZbGY/bP33sC8jHlWROtykdMkVzcZ6N+mP+pB+SSqy+5hUMFUCDKyzRoIjHioVJS0S+Ul7CpEeLNKTy23IzO5VSh9dysH+hf+dbdAhgEe/XBEpUxZnV400fww5LW+vAlDpY+QwqdzwpabofTYaRfyRT7nQC3qAgMrQZopqwehdKyOTgpGIKM4lqqsSLz0F/LZ57fUh8DD2sZl2M4VKL6SQ3KPEM+DC/w="
+after_success:
+  - mvn clean cobertura:cobertura coveralls:report
+addons:
+  coverity_scan:
+    project:
+      name: "bkimminich/esapi-java-legacy"
+      description: "OWASP ESAPI 2.x (Legacy) build submitted via Travis CI"
+    notification_email: bjoern.kimminich@owasp.org
+    build_command_prepend: "mvn clean"
+    build_command: "mvn -DskipTests=true compile"
+    branch_pattern: coverity_scan