From a055bf59bfbfb7bc8aa9228db13e8af37cb1aec8 Mon Sep 17 00:00:00 2001 From: AU_019 <64915515+Dargon789@users.noreply.github.com> Date: Thu, 30 Jan 2025 00:36:15 +0700 Subject: [PATCH 1/5] Add .circleci/config.yml --- .circleci/config.yml | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 .circleci/config.yml diff --git a/.circleci/config.yml b/.circleci/config.yml new file mode 100644 index 00000000..62291703 --- /dev/null +++ b/.circleci/config.yml @@ -0,0 +1,31 @@ +# Use the latest 2.1 version of CircleCI pipeline process engine. +# See: https://circleci.com/docs/configuration-reference +version: 2.1 + +# Define a job to be invoked later in a workflow. +# See: https://circleci.com/docs/jobs-steps/#jobs-overview & https://circleci.com/docs/configuration-reference/#jobs +jobs: + say-hello: + # Specify the execution environment. You can specify an image from Docker Hub or use one of our convenience images from CircleCI's Developer Hub. + # See: https://circleci.com/docs/executor-intro/ & https://circleci.com/docs/configuration-reference/#executor-job + docker: + # Specify the version you desire here + # See: https://circleci.com/developer/images/image/cimg/base + - image: cimg/base:current + + # Add steps to the job + # See: https://circleci.com/docs/jobs-steps/#steps-overview & https://circleci.com/docs/configuration-reference/#steps + steps: + # Checkout the code as the first step. + - checkout + - run: + name: "Say hello" + command: "echo Hello, World!" + +# Orchestrate jobs using workflows +# See: https://circleci.com/docs/workflows/ & https://circleci.com/docs/configuration-reference/#workflows +workflows: + say-hello-workflow: # This is the name of the workflow, feel free to change it to better match your workflow. + # Inside the workflow, you define the jobs you want to run. + jobs: + - say-hello \ No newline at end of file From ee32b8eb28c4c1035c46acc2762c7e76d80fe17d Mon Sep 17 00:00:00 2001 From: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Date: Thu, 4 Sep 2025 14:40:01 +0700 Subject: [PATCH 2/5] Potential fix for code scanning alert no. 1: `TrustManager` that accepts all certificates Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> --- .../connector/client/common/ApiClient.java | 53 ++++++++----------- 1 file changed, 23 insertions(+), 30 deletions(-) diff --git a/clients/common/src/main/java/com/binance/connector/client/common/ApiClient.java b/clients/common/src/main/java/com/binance/connector/client/common/ApiClient.java index d56da079..4c65ea36 100644 --- a/clients/common/src/main/java/com/binance/connector/client/common/ApiClient.java +++ b/clients/common/src/main/java/com/binance/connector/client/common/ApiClient.java @@ -1717,37 +1717,29 @@ private void applySslSettings() { try { TrustManager[] trustManagers; HostnameVerifier hostnameVerifier; + TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); if (!verifyingSsl) { - trustManagers = - new TrustManager[] { - new X509TrustManager() { - @Override - public void checkClientTrusted( - java.security.cert.X509Certificate[] chain, String authType) - throws CertificateException {} - - @Override - public void checkServerTrusted( - java.security.cert.X509Certificate[] chain, String authType) - throws CertificateException {} - - @Override - public java.security.cert.X509Certificate[] getAcceptedIssuers() { - return new java.security.cert.X509Certificate[] {}; - } - } - }; - hostnameVerifier = - new HostnameVerifier() { - @Override - public boolean verify(String hostname, SSLSession session) { - return true; - } - }; + if (sslCaCert == null) { + throw new IllegalStateException("SSL verification is disabled, but no trusted certificate provided in sslCaCert. Refusing to trust all certificates for security reasons."); + } else { + char[] password = null; // Any password will work. + CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509"); + Collection certificates = + certificateFactory.generateCertificates(sslCaCert); + if (certificates.isEmpty()) { + throw new IllegalArgumentException( + "expected non-empty set of trusted certificates"); + } + KeyStore caKeyStore = newEmptyKeyStore(password); + int index = 0; + for (Certificate certificate : certificates) { + String certificateAlias = "ca" + (index++); + caKeyStore.setCertificateEntry(certificateAlias, certificate); + } + trustManagerFactory.init(caKeyStore); + } + hostnameVerifier = OkHostnameVerifier.INSTANCE; } else { - TrustManagerFactory trustManagerFactory = - TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm()); - if (sslCaCert == null) { trustManagerFactory.init((KeyStore) null); } else { @@ -1767,8 +1759,9 @@ public boolean verify(String hostname, SSLSession session) { } trustManagerFactory.init(caKeyStore); } - trustManagers = trustManagerFactory.getTrustManagers(); hostnameVerifier = OkHostnameVerifier.INSTANCE; + trustManagers = trustManagerFactory.getTrustManagers(); + } SSLContext sslContext = SSLContext.getInstance("TLS"); From 95a89cb542836cb1b3e71dcd0dc7d8fcbe07199e Mon Sep 17 00:00:00 2001 From: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Date: Thu, 4 Sep 2025 14:41:12 +0700 Subject: [PATCH 3/5] Update MIGRATION.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> --- MIGRATION.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/MIGRATION.md b/MIGRATION.md index 3b26f8ea..cce49f8a 100644 --- a/MIGRATION.md +++ b/MIGRATION.md @@ -51,7 +51,7 @@ For Futures (COIN-M Futures package): ``` -### **Step 3: Update Imports** +### **Step 2: Update Imports** Update your import paths: From ae16bf0641ab6f40221e747b3997cebf62973a29 Mon Sep 17 00:00:00 2001 From: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Date: Thu, 4 Sep 2025 14:41:30 +0700 Subject: [PATCH 4/5] Update MIGRATION.md Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com> Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> --- MIGRATION.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/MIGRATION.md b/MIGRATION.md index cce49f8a..d42d3b2e 100644 --- a/MIGRATION.md +++ b/MIGRATION.md @@ -129,7 +129,7 @@ The new structure introduces a more modular approach to client initialization. DerivativesTradingCoinFuturesRestApi api = new DerivativesTradingCoinFuturesRestApi(clientConfiguration); Long recvWindow = 5000L; - ApiResponse response = getApi().accountInformation(recvWindow); + ApiResponse response = api.accountInformation(recvWindow); System.out.println(response.getData()); ``` From 12da1c4922da2f8901f2178cf1aa475d806354cd Mon Sep 17 00:00:00 2001 From: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> Date: Fri, 5 Sep 2025 01:10:34 +0700 Subject: [PATCH 5/5] Create gemini_ai.yml (#15) Signed-off-by: AU_gdev_19 <64915515+Dargon789@users.noreply.github.com> --- .circleci/gemini_ai.yml | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) create mode 100644 .circleci/gemini_ai.yml diff --git a/.circleci/gemini_ai.yml b/.circleci/gemini_ai.yml new file mode 100644 index 00000000..a8ee3f71 --- /dev/null +++ b/.circleci/gemini_ai.yml @@ -0,0 +1,23 @@ +version: 2.1 +executors: + my-custom-executor: + docker: + - image: cimg/base:stable + auth: + # ensure you have first added these secrets + # visit app.circleci.com/settings/project/github/Dargon789/binance/environment-variables + username: $DOCKER_HUB_USER + password: $DOCKER_HUB_PASSWORD +jobs: + my-job-name: + + executor: my-custom-executor + steps: + - checkout + - run: | + # echo Hello, World! + +workflows: + my-custom-workflow: + jobs: + - my-job-name