Show security warnings by default (#258)

README.md

@@ -50,7 +50,7 @@ jenkins-plugin-cli --plugin-file /your/path/to/plugins.txt --plugins delivery-pi
 * `--war` or `-w`: (optional) Path to Jenkins war file. If no war file is entered, will default to /usr/share/jenkins/jenkins.war or C:\ProgramData\Jenkins\jenkins.war, depending on the user's OS. Plugins that are already included in the Jenkins war will only be downloaded if their required version is newer than the one included.
 * `--list` or `-l`: (optional) Lists plugin names and versions of: installed plugins (plugins that already exist in the plugin directory), bundled plugins (non-detached plugins that exist in the war file), plugins that will be downloaded (highest required versions of the requested plugins and dependencies that are not already installed), and the effective plugin set (the highest versions of all plugins that are already installed or will be installed)
 * `--verbose`: (optional) Show additional information about plugin dependencies and the download process
-* `--view-security-warnings`: (optional) Show if any of the user specified plugins have security warnings
+* `--hide-security-warnings`: (optional) Hide if any of the user specified plugins have security warnings
 * `--view-all-security-warnings`: (optional) Show all plugins that have security warnings.
 * `--available-updates`: (optional) Show if any requested plugins have newer versions available. If a Jenkins version-specific update center is available, the latest plugin version will be determined based on that update center's data.
 * `--output {stdout,yaml,txt}`: (optional) Format to output plugin updates file in, stdout is the default.

plugin-management-cli/src/main/java/io/jenkins/tools/pluginmanager/cli/CliOptions.java

@@ -76,11 +76,20 @@ class CliOptions {
     @Option(name = "--output", usage = "Output format for available updates",   aliases = "-o")
     private OutputFormat outputFormat = OutputFormat.STDOUT;
 
+    /**
+     * Deprecated, see: https://github.com/jenkinsci/plugin-installation-manager-tool/issues/258
+     */
     @Option(name = "--view-security-warnings",
             usage = "Show if any security warnings exist for the requested plugins",
             handler = BooleanOptionHandler.class)
+    @Deprecated
     private boolean showWarnings;
 
+    @Option(name = "--hide-security-warnings",
+            usage = "Hide if any security warnings exist for the requested plugins",
+            handler = BooleanOptionHandler.class)
+    private boolean hideWarnings;
+
     @Option(name = "--view-all-security-warnings",
             usage = "Set to true to show all plugins that have security warnings",
             handler = BooleanOptionHandler.class)
@@ -163,6 +172,7 @@ Config setup() {
                 .withJenkinsVersion(getJenkinsVersion())
                 .withJenkinsWar(getJenkinsWar())
                 .withShowWarnings(isShowWarnings())
+                .withHideWarnings(isHideWarnings())
                 .withShowAllWarnings(isShowAllWarnings())
                 .withShowPluginsToBeDownloaded(isShowPluginsToBeDownloaded())
                 .withShowAvailableUpdates(isShowAvailableUpdates())
@@ -303,6 +313,15 @@ private boolean isShowWarnings() {
         return showWarnings;
     }
 
+    /**
+     * Gets the value corresponding to if user selected to hide warnings for specified plugins
+     *
+     * @return true if user selected CLI Option to hide warnings for specified plugins
+     */
+    private boolean isHideWarnings() {
+        return hideWarnings;
+    }
+
     /**
      * Gets the value corresponding to if the user selected to show security warnings for all plugins
      *

plugin-management-cli/src/test/java/io/jenkins/tools/pluginmanager/cli/CliOptionsTest.java

@@ -82,6 +82,7 @@ public void setupDefaultsTest() throws Exception {
         assertThat(cfg.getJenkinsWar()).isEqualTo(Settings.DEFAULT_WAR);
         assertThat(cfg.isShowAllWarnings()).isFalse();
         assertThat(cfg.isShowWarnings()).isFalse();
+        assertThat(cfg.isHideWarnings()).isFalse();
         assertThat(cfg.getJenkinsUc()).hasToString(Settings.DEFAULT_UPDATE_CENTER_LOCATION);
         assertThat(cfg.getJenkinsUcExperimental()).hasToString(Settings.DEFAULT_EXPERIMENTAL_UPDATE_CENTER_LOCATION);
         assertThat(cfg.getJenkinsIncrementalsRepoMirror()).hasToString(Settings.DEFAULT_INCREMENTALS_REPO_MIRROR_LOCATION);
@@ -254,6 +255,13 @@ public void setupSecurityWarningsTest() throws CmdLineException {
         assertThat(cfg.isShowWarnings()).isTrue();
     }
 
+    @Test
+    public void setupHideSecurityWarningsTest() throws CmdLineException {
+        parser.parseArgument("--hide-security-warnings");
+        Config cfg = options.setup();
+        assertThat(cfg.isHideWarnings()).isTrue();
+    }
+
     @Test
     public void showVersionTest() throws Exception {
         CliOptions optionsWithVersion = new CliOptions() {

plugin-management-library/src/main/java/io/jenkins/tools/pluginmanager/config/Config.java

@@ -25,6 +25,7 @@ public class Config {
     private final File pluginDir;
     private final boolean cleanPluginDir;
     private final boolean showWarnings;
+    private final boolean hideWarnings;
     private final boolean showAllWarnings;
     private final boolean showAvailableUpdates;
     private final boolean showPluginsToBeDownloaded;
@@ -78,7 +79,8 @@ private Config(
             OutputFormat outputFormat,
             HashFunction hashFunction,
             List<Credentials> credentials,
-            Path cachePath) {
+            Path cachePath,
+            boolean hideWarnings) {
         this.pluginDir = pluginDir;
         this.cleanPluginDir = cleanPluginDir;
         this.showWarnings = showWarnings;
@@ -102,6 +104,7 @@ private Config(
         this.hashFunction = hashFunction;
         this.cachePath = cachePath;
         this.logOutput = new LogOutput(verbose);
+        this.hideWarnings = hideWarnings;
     }
 
     public File getPluginDir() {
@@ -116,6 +119,10 @@ public boolean isShowWarnings() {
         return showWarnings;
     }
 
+    public boolean isHideWarnings() {
+        return hideWarnings;
+    }
+
     public boolean isShowAllWarnings() {
         return showAllWarnings;
     }
@@ -210,6 +217,7 @@ public static class Builder {
         private File pluginDir;
         private boolean cleanPluginDir;
         private boolean showWarnings;
+        private boolean hideWarnings;
         private boolean showAllWarnings;
         private boolean showAvailableUpdates;
         private boolean showPluginsToBeDownloaded;
@@ -248,6 +256,11 @@ public Builder withShowWarnings(boolean showWarnings) {
             return this;
         }
 
+        public Builder withHideWarnings(boolean hideWarnings) {
+            this.hideWarnings = hideWarnings;
+            return this;
+        }
+
         public Builder withShowAllWarnings(boolean showAllWarnings) {
             this.showAllWarnings = showAllWarnings;
             return this;
@@ -378,7 +391,8 @@ public Config build() {
                     outputFormat,
                     hashFunction,
                     credentials,
-                    cachePath
+                    cachePath,
+                    hideWarnings
             );
         }
 

plugin-management-library/src/main/java/io/jenkins/tools/pluginmanager/impl/PluginManager.java

@@ -456,7 +456,9 @@ public void showAllSecurityWarnings() {
      */
 
     public void showSpecificSecurityWarnings(List<Plugin> plugins) {
-        if (cfg.isShowWarnings()) {
+        // NOTE: By default, the plugin installation manager tool will show security warnings.
+        // see: https://github.com/jenkinsci/plugin-installation-manager-tool/issues/258
+        if (!cfg.isHideWarnings()) {
             logMessage("\nSecurity warnings:");
             for (Plugin plugin : plugins) {
                 if (warningExists(plugin)) {