Skip to content

🧹 Update go-atlassian to v2.11.0 and add nil safety guards #6404

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
tas50 wants to merge 1 commit into
base: main
Choose a base branch
from
Open

🧹 Update go-atlassian to v2.11.0 and add nil safety guards #6404

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion providers/atlassian/connection/admin/connection.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ import (
"errors"
"os"

"github.com/ctreminiom/go-atlassian/admin"
"github.com/ctreminiom/go-atlassian/v2/admin"
"go.mondoo.com/mql/v13/providers-sdk/v1/inventory"
"go.mondoo.com/mql/v13/providers-sdk/v1/plugin"
"go.mondoo.com/mql/v13/providers/atlassian/connection/shared"
Expand Down
2 changes: 1 addition & 1 deletion providers/atlassian/connection/confluence/connection.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ import (
"errors"
"os"

"github.com/ctreminiom/go-atlassian/confluence"
"github.com/ctreminiom/go-atlassian/v2/confluence"
"go.mondoo.com/mql/v13/providers-sdk/v1/inventory"
"go.mondoo.com/mql/v13/providers-sdk/v1/plugin"
"go.mondoo.com/mql/v13/providers/atlassian/connection/shared"
Expand Down
2 changes: 1 addition & 1 deletion providers/atlassian/connection/jira/connection.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ import (
"os"
"strings"

v2 "github.com/ctreminiom/go-atlassian/jira/v2"
v2 "github.com/ctreminiom/go-atlassian/v2/jira/v2"
"go.mondoo.com/mql/v13/providers-sdk/v1/inventory"
"go.mondoo.com/mql/v13/providers-sdk/v1/plugin"
"go.mondoo.com/mql/v13/providers/atlassian/connection/shared"
Expand Down
2 changes: 1 addition & 1 deletion providers/atlassian/connection/scim/connection.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ import (
"fmt"
"os"

"github.com/ctreminiom/go-atlassian/admin"
"github.com/ctreminiom/go-atlassian/v2/admin"
"go.mondoo.com/mql/v13/providers-sdk/v1/inventory"
"go.mondoo.com/mql/v13/providers-sdk/v1/plugin"
"go.mondoo.com/mql/v13/providers/atlassian/connection/shared"
Expand Down
5 changes: 3 additions & 2 deletions providers/atlassian/go.mod
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ replace go.mondoo.com/mql/v13 => ../..
go 1.25.6

require (
github.com/ctreminiom/go-atlassian v1.6.1
github.com/ctreminiom/go-atlassian/v2 v2.11.0
github.com/pkg/errors v0.9.1
github.com/rs/zerolog v1.34.0
github.com/stretchr/testify v1.11.1
Expand Down Expand Up @@ -82,6 +82,7 @@ require (
github.com/golang-jwt/jwt/v5 v5.3.1 // indirect
github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect
github.com/golang/protobuf v1.5.4 // indirect
github.com/google/go-querystring v1.2.0 // indirect
github.com/google/s2a-go v0.1.9 // indirect
github.com/google/uuid v1.6.0 // indirect
github.com/googleapis/enterprise-certificate-proxy v0.3.14 // indirect
Expand Down Expand Up @@ -130,7 +131,7 @@ require (
github.com/spf13/afero v1.15.0 // indirect
github.com/spf13/pflag v1.0.10 // indirect
github.com/spiffe/go-spiffe/v2 v2.6.0 // indirect
github.com/tidwall/gjson v1.17.1 // indirect
github.com/tidwall/gjson v1.18.0 // indirect
github.com/tidwall/match v1.1.1 // indirect
github.com/tidwall/pretty v1.2.1 // indirect
github.com/xanzy/ssh-agent v0.3.3 // indirect
Expand Down
18 changes: 7 additions & 11 deletions providers/atlassian/go.sum
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,6 @@ cloud.google.com/go/storage v1.56.1 h1:n6gy+yLnHn0hTwBFzNn8zJ1kqWfR91wzdM8hjRF4w
cloud.google.com/go/storage v1.56.1/go.mod h1:C9xuCZgFl3buo2HZU/1FncgvvOgTAs/rnh4gF4lMg0s=
cloud.google.com/go/trace v1.11.6 h1:2O2zjPzqPYAHrn3OKl029qlqG6W8ZdYaOWRyr8NgMT4=
cloud.google.com/go/trace v1.11.6/go.mod h1:GA855OeDEBiBMzcckLPE2kDunIpC72N+Pq8WFieFjnI=
dario.cat/mergo v1.0.0/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk=
dario.cat/mergo v1.0.2 h1:85+piFYR1tMbRrLcDwR18y4UKJ3aH1Tbzi24VRW1TK8=
dario.cat/mergo v1.0.2/go.mod h1:E/hbnu0NxMFBjpMIE34DRGLWqDy0g5FuKDhCb31ngxA=
github.com/99designs/go-keychain v0.0.0-20191008050251-8e49817e8af4 h1:/vQbFIOMbk2FiG/kXiLl8BRyzTWDw7gX/Hz7Dd5eDMs=
Expand Down Expand Up @@ -162,8 +161,8 @@ github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf h1:iW4rZ826su+pq
github.com/coreos/go-systemd v0.0.0-20191104093116-d3cd4ed1dbcf/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
github.com/ctreminiom/go-atlassian v1.6.1 h1:thH/oaWlvWLN5a4AcgQ30yPmnn0mQaTiqsq1M6bA9BY=
github.com/ctreminiom/go-atlassian v1.6.1/go.mod h1:dd5M0O8Co3bALyLQqWxPXoBfQNr6FFlpzUrA19IpLEo=
github.com/ctreminiom/go-atlassian/v2 v2.11.0 h1:FmlOkZ4DVnbfMfSJFScNtOMY2M+CGhDpK2r7/W4OA90=
github.com/ctreminiom/go-atlassian/v2 v2.11.0/go.mod h1:MlOO4xJqTQeYWQFrlME1EekqHbg3qMsehyrTYgumDz4=
github.com/cyphar/filepath-securejoin v0.6.1 h1:5CeZ1jPXEiYt3+Z6zqprSAgSWiggmpVyciv8syjIpVE=
github.com/cyphar/filepath-securejoin v0.6.1/go.mod h1:A8hd4EnAeyujCJRrICiOWqjS1AX0a9kM5XL+NwKoYSc=
github.com/danieljoos/wincred v1.2.3 h1:v7dZC2x32Ut3nEfRH+vhoZGvN72+dQ/snVXo/vMFLdQ=
Expand Down Expand Up @@ -264,10 +263,13 @@ github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8/go.mod h1:wcDNUv
github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek=
github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps=
github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
github.com/google/go-containerregistry v0.20.7 h1:24VGNpS0IwrOZ2ms2P1QE3Xa5X9p4phx0aUgzYzHW6I=
github.com/google/go-containerregistry v0.20.7/go.mod h1:Lx5LCZQjLH1QBaMPeGwsME9biPeo1lPx6lbGj/UmzgM=
github.com/google/go-querystring v1.2.0 h1:yhqkPbu2/OH+V9BfpCVPZkNmUXhb2gBxJArfhIxNtP0=
github.com/google/go-querystring v1.2.0/go.mod h1:8IFJqpSRITyJ8QhQ13bmbeMBDfmeEJZD5A0egEOmkqU=
github.com/google/martian/v3 v3.3.3 h1:DIhPTQrbPkgs2yJYdXU/eNACCG5DVQjySNRNlflZ9Fc=
github.com/google/martian/v3 v3.3.3/go.mod h1:iEPrYcgCF7jA9OtScMFQyAlZZ4YXTKEtJ1E6RWzmBA0=
github.com/google/s2a-go v0.1.9 h1:LGD7gtMgezd8a/Xak7mEWL0PjoTQFvpRudN895yqKW0=
Expand Down Expand Up @@ -514,24 +516,18 @@ github.com/spf13/viper v1.21.0/go.mod h1:P0lhsswPGWD/1lZJ9ny3fYnVqxiegrlNrEmgLjb
github.com/spiffe/go-spiffe/v2 v2.6.0 h1:l+DolpxNWYgruGQVV0xsfeya3CsC7m8iBzDnMpsbLuo=
github.com/spiffe/go-spiffe/v2 v2.6.0/go.mod h1:gm2SeUoMZEtpnzPNs2Csc0D/gX33k1xIx7lEzqblHEs=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY=
github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA=
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals=
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8=
github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU=
github.com/tidwall/gjson v1.17.1 h1:wlYEnwqAHgzmhNUFfw7Xalt2JzQvsMx2Se4PcoFCT/U=
github.com/tidwall/gjson v1.17.1/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
github.com/tidwall/gjson v1.18.0 h1:FIDeeyB800efLX89e5a8Y0BNH+LOngJyGrIWxG2FKQY=
github.com/tidwall/gjson v1.18.0/go.mod h1:/wbyibRr2FHMks5tjHJ5F8dMZh3AcwJEMf5vlfC0lxk=
github.com/tidwall/match v1.1.1 h1:+Ho715JplO36QYgwN9PGYNhgZvoUSc9X2c80KVTi+GA=
github.com/tidwall/match v1.1.1/go.mod h1:eRSPERbgtNPcGhD8UCthc6PmLEQXEWd3PRB5JTxsfmM=
github.com/tidwall/pretty v1.2.0/go.mod h1:ITEVvHYasfjBbM0u2Pg8T2nJnzm8xPwvNhhsoaGGjNU=
Expand Down
48 changes: 34 additions & 14 deletions providers/atlassian/resources/atlassian_jira.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,6 @@ import (
)

const (
JIRA_TIME_FORMAT = "2006-01-02T15:04:05.999-0700"
JIRA_SEARCH_MAX_RESULTS = 1000
)

Expand Down Expand Up @@ -47,7 +46,7 @@ func (a *mqlAtlassianJira) users() ([]any, error) {
"id": llx.StringData(user.AccountID),
"name": llx.StringData(user.DisplayName),
"type": llx.StringData(user.AccountType),
"picture": llx.StringData(user.AvatarUrls.One6X16),
"picture": llx.StringData(user.AvatarURLs.One6X16),
Copy link
Copy Markdown

@mondoo-code-review mondoo-code-review Bot Mar 11, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🔴 criticaluser.AvatarURLs is accessed without a nil check here, but the same struct's field is nil-checked in the issues path (line 234). If the v2 library made AvatarURLs a pointer (which the nil check in the issues code suggests), this will panic on users without an avatar.

var picture string
if user.AvatarURLs != nil {
    picture = user.AvatarURLs.One6X16
}

Then use llx.StringData(picture).

})
if err != nil {
return nil, err
Expand Down Expand Up @@ -221,33 +220,54 @@ func (a *mqlAtlassianJira) issues() ([]any, error) {
return nil, err
}
for _, issue := range issues.Issues {
created, err := time.Parse(JIRA_TIME_FORMAT, issue.Fields.Created)
Comment thread
tas50 marked this conversation as resolved.
if err != nil {
return nil, err
var created time.Time
if issue.Fields.Created != nil {
created = time.Time(*issue.Fields.Created)
Comment thread
tas50 marked this conversation as resolved.
Comment thread
mondoo-code-review[bot] marked this conversation as resolved.
}

var creatorID, creatorName, creatorType, creatorPicture string
if creator := issue.Fields.Creator; creator != nil {
creatorID = creator.AccountID
creatorName = creator.DisplayName
creatorType = creator.AccountType
if creator.AvatarURLs != nil {
creatorPicture = creator.AvatarURLs.One6X16
}
}

creator := issue.Fields.Creator
mqlAtlassianJiraUser, err := CreateResource(a.MqlRuntime, "atlassian.jira.user",
map[string]*llx.RawData{
"id": llx.StringData(creator.AccountID),
"name": llx.StringData(creator.DisplayName),
"type": llx.StringData(creator.AccountType),
"picture": llx.StringData(creator.AvatarUrls.One6X16),
"id": llx.StringData(creatorID),
"name": llx.StringData(creatorName),
"type": llx.StringData(creatorType),
"picture": llx.StringData(creatorPicture),
})
if err != nil {
return nil, err
}

var projectName, projectKey, statusName, issueTypeName string
if p := issue.Fields.Project; p != nil {
projectName = p.Name
projectKey = p.Key
}
if s := issue.Fields.Status; s != nil {
statusName = s.Name
}
if it := issue.Fields.IssueType; it != nil {
issueTypeName = it.Name
}

mqlAtlassianJiraIssue, err := CreateResource(a.MqlRuntime, "atlassian.jira.issue",
map[string]*llx.RawData{
"id": llx.StringData(issue.ID),
"project": llx.StringData(issue.Fields.Project.Name),
"projectKey": llx.StringData(issue.Fields.Project.Key),
"status": llx.StringData(issue.Fields.Status.Name),
"project": llx.StringData(projectName),
"projectKey": llx.StringData(projectKey),
"status": llx.StringData(statusName),
"description": llx.StringData(issue.Fields.Description),
"createdAt": llx.TimeData(created.UTC()),
"creator": llx.AnyData(mqlAtlassianJiraUser),
"typeName": llx.StringData(issue.Fields.IssueType.Name),
"typeName": llx.StringData(issueTypeName),
})
if err != nil {
return nil, err
Expand Down
Loading