From 22775502e43b37081f67dc4b2287565245cd46ca Mon Sep 17 00:00:00 2001
From: aws-sdk-dotnet-automation <github-aws-sdk-dotnet-automation@amazon.com>
Date: Thu, 15 Dec 2022 17:49:22 +0000
Subject: [PATCH 1/2] build: version bump to 1.9

---
 version.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/version.json b/version.json
index b8e389cc8..d8b1ee321 100644
--- a/version.json
+++ b/version.json
@@ -1,6 +1,6 @@
 {
   "$schema": "https://raw.githubusercontent.com/dotnet/Nerdbank.GitVersioning/master/src/NerdBank.GitVersioning/version.schema.json",
-  "version": "1.8",
+  "version": "1.9",
   "publicReleaseRefSpec": [
     ".*"
   ],

From 2205b980817143f7f57e1b11306853f82abc2ae1 Mon Sep 17 00:00:00 2001
From: Alex Shovlin <shovlia@amazon.com>
Date: Tue, 20 Dec 2022 11:33:52 -0500
Subject: [PATCH 2/2] Address semgrep issues around Path.Combine and build
 warnings

---
 .semgrepignore                                                | 3 ++-
 src/AWS.Deploy.DockerEngine/DockerFile.cs                     | 3 +++
 src/AWS.Deploy.Orchestration/Data/AWSResourceQueryer.cs       | 2 ++
 .../AWS.Deploy.CLI.Common.UnitTests.csproj                    | 4 +---
 .../Utilities/MockPaginatedEnumerable.cs                      | 4 ++--
 5 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/.semgrepignore b/.semgrepignore
index ac7191dd2..0290a76ab 100644
--- a/.semgrepignore
+++ b/.semgrepignore
@@ -1 +1,2 @@
-testapps/
\ No newline at end of file
+testapps/
+test/
\ No newline at end of file
diff --git a/src/AWS.Deploy.DockerEngine/DockerFile.cs b/src/AWS.Deploy.DockerEngine/DockerFile.cs
index c595bc868..bd2737f42 100644
--- a/src/AWS.Deploy.DockerEngine/DockerFile.cs
+++ b/src/AWS.Deploy.DockerEngine/DockerFile.cs
@@ -79,6 +79,9 @@ public void WriteDockerFile(string projectDirectory, List<string>? projectList)
                 .Replace("{project-name}", _projectName)
                 .Replace("{assembly-name}", _assemblyName);
 
+            // ProjectDefinitionParser will have transformed projectDirectory to an absolute path, 
+            // and DockerFileName is static so traversal should not be possible here.
+            // nosemgrep: csharp.lang.security.filesystem.unsafe-path-combine.unsafe-path-combine
             File.WriteAllText(Path.Combine(projectDirectory, DockerFileName), dockerFile);
         }
     }
diff --git a/src/AWS.Deploy.Orchestration/Data/AWSResourceQueryer.cs b/src/AWS.Deploy.Orchestration/Data/AWSResourceQueryer.cs
index e9c3b8f2f..2c6b7bbf4 100644
--- a/src/AWS.Deploy.Orchestration/Data/AWSResourceQueryer.cs
+++ b/src/AWS.Deploy.Orchestration/Data/AWSResourceQueryer.cs
@@ -449,6 +449,8 @@ public async Task<string> CreateEC2KeyPair(string keyName, string saveLocation)
             var response = await HandleException(async () => await ec2Client.CreateKeyPairAsync(request),
             "Error attempting to create EC2 key pair");
 
+            // We're creating the key pair at a user-defined location, and want to support relative paths
+            // nosemgrep: csharp.lang.security.filesystem.unsafe-path-combine.unsafe-path-combine
             await File.WriteAllTextAsync(Path.Combine(saveLocation, $"{keyName}.pem"), response.KeyPair.KeyMaterial);
 
             return response.KeyPair.KeyName;
diff --git a/test/AWS.Deploy.CLI.Common.UnitTests/AWS.Deploy.CLI.Common.UnitTests.csproj b/test/AWS.Deploy.CLI.Common.UnitTests/AWS.Deploy.CLI.Common.UnitTests.csproj
index 6359e7d9a..04556a69d 100644
--- a/test/AWS.Deploy.CLI.Common.UnitTests/AWS.Deploy.CLI.Common.UnitTests.csproj
+++ b/test/AWS.Deploy.CLI.Common.UnitTests/AWS.Deploy.CLI.Common.UnitTests.csproj
@@ -1,4 +1,4 @@
-<Project Sdk="Microsoft.NET.Sdk">
+<Project Sdk="Microsoft.NET.Sdk">
 
   <PropertyGroup>
     <TargetFramework>net6.0</TargetFramework>
@@ -33,8 +33,6 @@
   <ItemGroup>
     <PackageReference Include="Microsoft.NET.Test.Sdk" Version="16.5.0" />
     <PackageReference Include="Should-DotNetStandard" Version="1.0.0" />
-    <PackageReference Include="xunit" Version="2.4.0" />
-    <PackageReference Include="xunit.runner.visualstudio" Version="2.4.0" />
     <PackageReference Include="Moq" Version="4.16.1" />
   </ItemGroup>
 
diff --git a/test/AWS.Deploy.CLI.UnitTests/Utilities/MockPaginatedEnumerable.cs b/test/AWS.Deploy.CLI.UnitTests/Utilities/MockPaginatedEnumerable.cs
index ce7d1b48e..4865a6688 100644
--- a/test/AWS.Deploy.CLI.UnitTests/Utilities/MockPaginatedEnumerable.cs
+++ b/test/AWS.Deploy.CLI.UnitTests/Utilities/MockPaginatedEnumerable.cs
@@ -20,10 +20,10 @@ public MockPaginatedEnumerable(T[] data)
 
         public IAsyncEnumerator<T> GetAsyncEnumerator(CancellationToken cancellationToken = default)
         {
-            return new MockAsyncEnumerator<T>(_data);
+            return new MockAsyncEnumerator(_data);
         }
 
-        class MockAsyncEnumerator<T> : IAsyncEnumerator<T>
+        class MockAsyncEnumerator : IAsyncEnumerator<T>
         {
             readonly T[] _data;
             int _position;