From 836983c00542f240751f853a9b7dc6b51a037df9 Mon Sep 17 00:00:00 2001
From: Navaneeth Mysore Govindarajan <nmysore@sonatype.com>
Date: Fri, 9 Feb 2024 08:27:52 -0500
Subject: [PATCH 1/9] Get runtime-agent working with pet clinic tests

---
 pom.xml | 83 ++++++++++++++++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 76 insertions(+), 7 deletions(-)

diff --git a/pom.xml b/pom.xml
index 8a3d6f151..b9f861d0e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -4,17 +4,24 @@
   xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
   <modelVersion>4.0.0</modelVersion>
   <groupId>org.springframework.samples</groupId>
-  <artifactId>spring-petclinic</artifactId>
+  <artifactId>spring-petclinic-runtime-agent</artifactId>
   <version>3.2.0-SNAPSHOT</version>
 
   <parent>
     <groupId>org.springframework.boot</groupId>
     <artifactId>spring-boot-starter-parent</artifactId>
-    <version>3.2.1</version>
+    <version>3.2.0</version>
   </parent>
-  <name>petclinic</name>
+  <name>petclinic-runtime-agent</name>
 
   <properties>
+    <!-- Demo: Custom properties -->
+    <runtime-agent.version>1.0.8-SNAPSHOT</runtime-agent.version>
+    <clm.maven.plugin.version>2.45.0-01</clm.maven.plugin.version>
+    <clm.serverUrl>http://ec2-107-23-150-171.compute-1.amazonaws.com:8070/</clm.serverUrl>
+    <clm.serverId>ec2-107-23-150-171.compute-1.amazonaws.com</clm.serverId>
+    <clm.stage>stage-release</clm.stage>
+    <clm.skip>false</clm.skip>
 
     <!-- Generic properties -->
     <java.version>17</java.version>
@@ -38,6 +45,14 @@
   </properties>
 
   <dependencies>
+    <!-- Demo: Add dependency to runtime-agent -->
+    <dependency>
+      <groupId>com.sonatype.data</groupId>
+      <artifactId>runtime-agent</artifactId>
+      <version>${runtime-agent.version}</version>
+    </dependency>
+
+
     <!-- Spring and Spring Boot dependencies -->
     <dependency>
       <groupId>org.springframework.boot</groupId>
@@ -143,6 +158,59 @@
 
   <build>
     <plugins>
+      <!--
+      Demo: Copy dependencies so runtime-agent.jar location is know for -javaagent and also helps with iq-cli scans.
+      -->
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-dependency-plugin</artifactId>
+        <executions>
+          <execution>
+            <id>dependency-copy-dependencies</id>
+            <phase>generate-resources</phase>
+            <goals>
+              <goal>copy-dependencies</goal>
+            </goals>
+            <configuration>
+              <outputDirectory>${project.build.directory}/lib</outputDirectory>
+              <stripVersion>true</stripVersion>
+              <includeScope>compile</includeScope>
+            </configuration>
+          </execution>
+        </executions>
+      </plugin>
+
+      <!-- Demo: CLM plugin -->
+      <plugin>
+        <groupId>com.sonatype.clm</groupId>
+        <artifactId>clm-maven-plugin</artifactId>
+        <version>${clm.maven.plugin.version}</version>
+        <configuration>
+          <applicationId>${artifactId}</applicationId>
+          <stage>stage-release</stage>
+          <skip>${clm.skip}</skip>
+        </configuration>
+        <executions>
+          <execution>
+            <phase>package</phase>
+            <goals>
+              <goal>index</goal>
+              <goal>evaluate</goal>
+            </goals>
+          </execution>
+        </executions>
+      </plugin>
+
+      <!-- Demo: runtime-agent with tests -->
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-surefire-plugin</artifactId>
+        <configuration>
+          <argLine>-javaagent:${project.build.directory}/lib/runtime-agent.jar -Djdk.attach.allowAttachSelf=true -Dsonatype.runtime.agent.enabled=true -Dsonatype.runtime.agent.debugMode=false -Dsonatype.runtime.agent.iq.protocol=http -Dsonatype.runtime.agent.iq.host=ec2-107-23-150-171.compute-1.amazonaws.com -Dsonatype.runtime.agent.iq.port=8070 -Dsonatype.runtime.agent.iq.user=1hPhFMQ2 -Dsonatype.runtime.agent.iq.password=EBuCs4fMF3M81UNrJEZqKPK6wgn41JjC6AMvXBlzngZ5 -Dsonatype.runtime.agent.iq.applicationId=spring-petclinic-runtime-agent -Dsonatype.runtime.agent.isIqApplicationIdPublic=true -Dsonatype.runtime.agent.blockedRunOnStartup=true -Dsonatype.runtime.agent.scanClasspath=false -Dsonatype.runtime.agent.fetchVulnerableClassesFromIQ=true -Dsonatype.runtime.agent.vulnerableMethodDetectionEnabled=true</argLine>
+        </configuration>
+      </plugin>
+
+
       <plugin>
         <groupId>org.apache.maven.plugins</groupId>
         <artifactId>maven-enforcer-plugin</artifactId>
@@ -201,7 +269,8 @@
               <suppressionsLocation>src/checkstyle/nohttp-checkstyle-suppressions.xml</suppressionsLocation>
               <sourceDirectories>${basedir}</sourceDirectories>
               <includes>**/*</includes>
-              <excludes>**/.git/**/*,**/.idea/**/*,**/target/**/,**/.flattened-pom.xml,**/*.class</excludes>
+              <!-- Demo: The IQ server we use for the demo uses http, so ignore from pom.xml -->
+              <excludes>pom.xml,**/.git/**/*,**/.idea/**/*,**/target/**/,**/.flattened-pom.xml,**/*.class</excludes>
             </configuration>
             <goals>
               <goal>check</goal>
@@ -218,7 +287,7 @@
         <artifactId>spring-boot-maven-plugin</artifactId>
         <executions>
           <execution>
-            <!-- Spring Boot Actuator displays build-related information 
+            <!-- Spring Boot Actuator displays build-related information
               if a META-INF/build-info.properties file is present -->
             <goals>
               <goal>build-info</goal>
@@ -376,7 +445,7 @@
       <build>
         <pluginManagement>
           <plugins>
-            <!-- This plugin's configuration is used to store Eclipse m2e settings 
+            <!-- This plugin's configuration is used to store Eclipse m2e settings
               only. It has no influence on the Maven build itself. -->
             <plugin>
               <groupId>org.eclipse.m2e</groupId>
@@ -434,4 +503,4 @@
     </profile>
   </profiles>
 
-</project>
\ No newline at end of file
+</project>

From 7957a4eaf5c307aa2e24b2edefd799dd34e633f3 Mon Sep 17 00:00:00 2001
From: Navaneeth Mysore Govindarajan <nmysore@sonatype.com>
Date: Fri, 9 Feb 2024 08:50:49 -0500
Subject: [PATCH 2/9] Use 1.0.7

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index b9f861d0e..7b65a5f7d 100644
--- a/pom.xml
+++ b/pom.xml
@@ -16,7 +16,7 @@
 
   <properties>
     <!-- Demo: Custom properties -->
-    <runtime-agent.version>1.0.8-SNAPSHOT</runtime-agent.version>
+    <runtime-agent.version>1.0.7</runtime-agent.version>
     <clm.maven.plugin.version>2.45.0-01</clm.maven.plugin.version>
     <clm.serverUrl>http://ec2-107-23-150-171.compute-1.amazonaws.com:8070/</clm.serverUrl>
     <clm.serverId>ec2-107-23-150-171.compute-1.amazonaws.com</clm.serverId>

From 946c6616e82336f341976ba05960220f41953cb0 Mon Sep 17 00:00:00 2001
From: Navaneeth Mysore Govindarajan <nmysore@sonatype.com>
Date: Fri, 9 Feb 2024 14:18:48 -0500
Subject: [PATCH 3/9] Simulate vulnerable method loaded

---
 .java-version                                 |  1 +
 pom.xml                                       | 38 +++++++++++++------
 .../petclinic/PostgresIntegrationTests.java   | 12 ++++++
 3 files changed, 39 insertions(+), 12 deletions(-)
 create mode 100644 .java-version

diff --git a/.java-version b/.java-version
new file mode 100644
index 000000000..b4de39476
--- /dev/null
+++ b/.java-version
@@ -0,0 +1 @@
+11
diff --git a/pom.xml b/pom.xml
index 7b65a5f7d..5b139b5ed 100644
--- a/pom.xml
+++ b/pom.xml
@@ -16,7 +16,6 @@
 
   <properties>
     <!-- Demo: Custom properties -->
-    <runtime-agent.version>1.0.7</runtime-agent.version>
     <clm.maven.plugin.version>2.45.0-01</clm.maven.plugin.version>
     <clm.serverUrl>http://ec2-107-23-150-171.compute-1.amazonaws.com:8070/</clm.serverUrl>
     <clm.serverId>ec2-107-23-150-171.compute-1.amazonaws.com</clm.serverId>
@@ -45,14 +44,6 @@
   </properties>
 
   <dependencies>
-    <!-- Demo: Add dependency to runtime-agent -->
-    <dependency>
-      <groupId>com.sonatype.data</groupId>
-      <artifactId>runtime-agent</artifactId>
-      <version>${runtime-agent.version}</version>
-    </dependency>
-
-
     <!-- Spring and Spring Boot dependencies -->
     <dependency>
       <groupId>org.springframework.boot</groupId>
@@ -173,7 +164,7 @@
             </goals>
             <configuration>
               <outputDirectory>${project.build.directory}/lib</outputDirectory>
-              <stripVersion>true</stripVersion>
+              <stripVersion>false</stripVersion>
               <includeScope>compile</includeScope>
             </configuration>
           </execution>
@@ -188,7 +179,7 @@
         <configuration>
           <applicationId>${artifactId}</applicationId>
           <stage>stage-release</stage>
-          <skip>${clm.skip}</skip>
+          <skip>true</skip>
         </configuration>
         <executions>
           <execution>
@@ -205,8 +196,31 @@
       <plugin>
         <groupId>org.apache.maven.plugins</groupId>
         <artifactId>maven-surefire-plugin</artifactId>
+        <executions>
+          <execution>
+            <goals>
+              <goal>test</goal>
+            </goals>
+          </execution>
+        </executions>
         <configuration>
-          <argLine>-javaagent:${project.build.directory}/lib/runtime-agent.jar -Djdk.attach.allowAttachSelf=true -Dsonatype.runtime.agent.enabled=true -Dsonatype.runtime.agent.debugMode=false -Dsonatype.runtime.agent.iq.protocol=http -Dsonatype.runtime.agent.iq.host=ec2-107-23-150-171.compute-1.amazonaws.com -Dsonatype.runtime.agent.iq.port=8070 -Dsonatype.runtime.agent.iq.user=1hPhFMQ2 -Dsonatype.runtime.agent.iq.password=EBuCs4fMF3M81UNrJEZqKPK6wgn41JjC6AMvXBlzngZ5 -Dsonatype.runtime.agent.iq.applicationId=spring-petclinic-runtime-agent -Dsonatype.runtime.agent.isIqApplicationIdPublic=true -Dsonatype.runtime.agent.blockedRunOnStartup=true -Dsonatype.runtime.agent.scanClasspath=false -Dsonatype.runtime.agent.fetchVulnerableClassesFromIQ=true -Dsonatype.runtime.agent.vulnerableMethodDetectionEnabled=true</argLine>
+          <argLine>
+            -javaagent:../runtime-agent-1.0.7.jar
+            -Djdk.attach.allowAttachSelf=true
+            -Dsonatype.runtime.agent.enabled=true
+            -Dsonatype.runtime.agent.debugMode=false
+            -Dsonatype.runtime.agent.iq.protocol=http
+            -Dsonatype.runtime.agent.iq.host=ec2-107-23-150-171.compute-1.amazonaws.com
+            -Dsonatype.runtime.agent.iq.port=8070
+            -Dsonatype.runtime.agent.iq.user=1hPhFMQ2
+            -Dsonatype.runtime.agent.iq.password=EBuCs4fMF3M81UNrJEZqKPK6wgn41JjC6AMvXBlzngZ5
+            -Dsonatype.runtime.agent.iq.applicationId=spring-petclinic-runtime-agent
+            -Dsonatype.runtime.agent.isIqApplicationIdPublic=true
+            -Dsonatype.runtime.agent.blockedRunOnStartup=true
+            -Dsonatype.runtime.agent.scanClasspath=false
+            -Dsonatype.runtime.agent.fetchVulnerableClassesFromIQ=true
+            -Dsonatype.runtime.agent.vulnerableMethodDetectionEnabled=true
+          </argLine>
         </configuration>
       </plugin>
 
diff --git a/src/test/java/org/springframework/samples/petclinic/PostgresIntegrationTests.java b/src/test/java/org/springframework/samples/petclinic/PostgresIntegrationTests.java
index 18945a570..86cafdf94 100644
--- a/src/test/java/org/springframework/samples/petclinic/PostgresIntegrationTests.java
+++ b/src/test/java/org/springframework/samples/petclinic/PostgresIntegrationTests.java
@@ -23,6 +23,7 @@ import java.util.Arrays;
 import java.util.LinkedList;
 import java.util.List;
 
+import ch.qos.logback.core.net.HardenedObjectInputStream;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.junit.jupiter.api.BeforeAll;
@@ -79,6 +80,17 @@ public class PostgresIntegrationTests {
 
 	@Test
 	void testFindAll() throws Exception {
+		// Demo: Inject dependency intentionally
+		/*
+		Sonatype Runtime Agent - [TIME]: *** Vulnerable CLASS LOADED [className=ch/qos/logback/core/net/HardenedObjectInputStream] by the JVM
+		Sonatype Runtime Agent - [TIME]: Assigning label 'Runtime-Class-Loaded' to component 2f9f280219a9922a7420 in application: a50576c3cd894d20b24dc0d98eea084b
+		Sonatype Runtime Agent - [TIME]: Component evaluation for [ComponentEvaluation{hash='2f9f280219a9922a7420'}] in application a50576c3cd894d20b24dc0d98eea084b successful. Result URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/74387681c75446a5924812d032c77cad
+		Sonatype Runtime Agent - [TIME]: *** Class with vulnerable METHOD LOADED [className=ch/qos/logback/core/net/HardenedObjectInputStream, methodName=<init>, methodDescriptor=(Ljava/io/InputStream;[Ljava/lang/String;)V] by the JVM
+		Sonatype Runtime Agent - [TIME]: Assigning label 'Runtime-Method-Loaded' to component 2f9f280219a9922a7420 in application: a50576c3cd894d20b24dc0d98eea084b
+		Sonatype Runtime Agent - [TIME]: Component evaluation for [ComponentEvaluation{hash='2f9f280219a9922a7420'}] in application a50576c3cd894d20b24dc0d98eea084b successful. Result URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/488f999c6730499a8cd454b37d3201b2
+		>> org.springframework.samples.petclinic.PostgresIntegrationTests loaded ch.qos.logback.core.net.HardenedObjectInputStream
+		 */
+		System.out.println(">> " + getClass().getName() + " loaded " + HardenedObjectInputStream.class.getName());
 		vets.findAll();
 		vets.findAll(); // served from cache
 	}

From 711a8f962c2c5079c8f314f4be34d936e6d0bde4 Mon Sep 17 00:00:00 2001
From: Navaneeth Mysore Govindarajan <nmysore@sonatype.com>
Date: Fri, 9 Feb 2024 14:59:54 -0500
Subject: [PATCH 4/9] Simulate vuln method call

---
 .../petclinic/MySqlIntegrationTests.java      | 26 +++++++++++-
 .../petclinic/PostgresIntegrationTests.java   | 40 ++++++++++++++-----
 2 files changed, 54 insertions(+), 12 deletions(-)

diff --git a/src/test/java/org/springframework/samples/petclinic/MySqlIntegrationTests.java b/src/test/java/org/springframework/samples/petclinic/MySqlIntegrationTests.java
index 867ef905b..f4aa85917 100644
--- a/src/test/java/org/springframework/samples/petclinic/MySqlIntegrationTests.java
+++ b/src/test/java/org/springframework/samples/petclinic/MySqlIntegrationTests.java
@@ -16,8 +16,6 @@
 
 package org.springframework.samples.petclinic;
 
-import static org.assertj.core.api.Assertions.assertThat;
-
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.condition.DisabledInNativeImage;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -26,6 +24,8 @@ import org.springframework.boot.test.context.SpringBootTest.WebEnvironment;
 import org.springframework.boot.test.web.server.LocalServerPort;
 import org.springframework.boot.testcontainers.service.connection.ServiceConnection;
 import org.springframework.boot.web.client.RestTemplateBuilder;
+import org.springframework.core.io.buffer.DefaultDataBuffer;
+import org.springframework.core.io.buffer.DefaultDataBufferFactory;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.RequestEntity;
 import org.springframework.http.ResponseEntity;
@@ -37,6 +37,8 @@ import org.testcontainers.containers.MySQLContainer;
 import org.testcontainers.junit.jupiter.Container;
 import org.testcontainers.junit.jupiter.Testcontainers;
 
+import static org.assertj.core.api.Assertions.assertThat;
+
 @SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT)
 @ActiveProfiles("mysql")
 @Testcontainers(disabledWithoutDocker = true)
@@ -57,8 +59,28 @@ class MySqlIntegrationTests {
 	@Autowired
 	private RestTemplateBuilder builder;
 
+	void simulateVulnerableMethodCall() throws Exception {
+		/*
+		Sonatype Runtime Agent - [TIME]: *** Vulnerable CLASS LOADED [className=org/springframework/core/io/buffer/DefaultDataBuffer] by the JVM
+		Sonatype Runtime Agent - [TIME]: Assigning label 'Runtime-Class-Loaded' to component 22d73bef97aff8a74a99 in application: a50576c3cd894d20b24dc0d98eea084b
+		Sonatype Runtime Agent - [TIME]: Component evaluation for [ComponentEvaluation{hash='22d73bef97aff8a74a99'}] in application a50576c3cd894d20b24dc0d98eea084b successful. Result URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/3d62858ec88e49e0afd552066cb160ad
+		Sonatype Runtime Agent - [TIME]: *** Class with vulnerable METHOD LOADED [className=org/springframework/core/io/buffer/DefaultDataBuffer, methodName=split, methodDescriptor=(I)Lorg/springframework/core/io/buffer/DataBuffer;] by the JVM
+		Sonatype Runtime Agent - [TIME]: Assigning label 'Runtime-Method-Loaded' to component 22d73bef97aff8a74a99 in application: a50576c3cd894d20b24dc0d98eea084b
+		Sonatype Runtime Agent - [TIME]: Component evaluation for [ComponentEvaluation{hash='22d73bef97aff8a74a99'}] in application a50576c3cd894d20b24dc0d98eea084b successful. Result URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/47fa37da85d8447f8c101d4db35ec797
+		Sonatype Runtime Agent - [TIME]: *** Vulnerable METHOD CALLED [className=org/springframework/core/io/buffer/DefaultDataBuffer, methodName=split, methodDescriptor=(I)Lorg/springframework/core/io/buffer/DataBuffer;]
+		Sonatype Runtime Agent - [TIME]: Assigning label 'Runtime-Method-Called' to component 22d73bef97aff8a74a99 in application: a50576c3cd894d20b24dc0d98eea084b
+		Sonatype Runtime Agent - [TIME]: Component evaluation for [ComponentEvaluation{hash='22d73bef97aff8a74a99'}] in application a50576c3cd894d20b24dc0d98eea084b successful. Result URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/6a969f11748f45abba95870fcd7747bb
+		 */
+		DefaultDataBufferFactory defaultDataBufferFactory = new DefaultDataBufferFactory();
+		DefaultDataBuffer defaultDataBuffer = defaultDataBufferFactory.allocateBuffer(1024);
+		defaultDataBuffer.split(0);
+	}
+
 	@Test
 	void testFindAll() throws Exception {
+		// Demo: Simulate Runtime-Method-Called
+		simulateVulnerableMethodCall();
+
 		vets.findAll();
 		vets.findAll(); // served from cache
 	}
diff --git a/src/test/java/org/springframework/samples/petclinic/PostgresIntegrationTests.java b/src/test/java/org/springframework/samples/petclinic/PostgresIntegrationTests.java
index 86cafdf94..4cdad9a2c 100644
--- a/src/test/java/org/springframework/samples/petclinic/PostgresIntegrationTests.java
+++ b/src/test/java/org/springframework/samples/petclinic/PostgresIntegrationTests.java
@@ -78,19 +78,39 @@ public class PostgresIntegrationTests {
 			.run(args);
 	}
 
-	@Test
-	void testFindAll() throws Exception {
-		// Demo: Inject dependency intentionally
+	void simulateVulnerableClassWithMethodLoaded() {
 		/*
-		Sonatype Runtime Agent - [TIME]: *** Vulnerable CLASS LOADED [className=ch/qos/logback/core/net/HardenedObjectInputStream] by the JVM
-		Sonatype Runtime Agent - [TIME]: Assigning label 'Runtime-Class-Loaded' to component 2f9f280219a9922a7420 in application: a50576c3cd894d20b24dc0d98eea084b
-		Sonatype Runtime Agent - [TIME]: Component evaluation for [ComponentEvaluation{hash='2f9f280219a9922a7420'}] in application a50576c3cd894d20b24dc0d98eea084b successful. Result URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/74387681c75446a5924812d032c77cad
-		Sonatype Runtime Agent - [TIME]: *** Class with vulnerable METHOD LOADED [className=ch/qos/logback/core/net/HardenedObjectInputStream, methodName=<init>, methodDescriptor=(Ljava/io/InputStream;[Ljava/lang/String;)V] by the JVM
-		Sonatype Runtime Agent - [TIME]: Assigning label 'Runtime-Method-Loaded' to component 2f9f280219a9922a7420 in application: a50576c3cd894d20b24dc0d98eea084b
-		Sonatype Runtime Agent - [TIME]: Component evaluation for [ComponentEvaluation{hash='2f9f280219a9922a7420'}] in application a50576c3cd894d20b24dc0d98eea084b successful. Result URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/488f999c6730499a8cd454b37d3201b2
-		>> org.springframework.samples.petclinic.PostgresIntegrationTests loaded ch.qos.logback.core.net.HardenedObjectInputStream
+		 * Sonatype Runtime Agent - [TIME]: *** Vulnerable CLASS LOADED
+		 * [className=ch/qos/logback/core/net/HardenedObjectInputStream] by the JVM
+		 * Sonatype Runtime Agent - [TIME]: Assigning label 'Runtime-Class-Loaded' to
+		 * component 2f9f280219a9922a7420 in application: a50576c3cd894d20b24dc0d98eea084b
+		 * Sonatype Runtime Agent - [TIME]: Component evaluation for
+		 * [ComponentEvaluation{hash='2f9f280219a9922a7420'}] in application
+		 * a50576c3cd894d20b24dc0d98eea084b successful. Result
+		 * URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/
+		 * 74387681c75446a5924812d032c77cad Sonatype Runtime Agent - [TIME]: *** Class
+		 * with vulnerable METHOD LOADED
+		 * [className=ch/qos/logback/core/net/HardenedObjectInputStream,
+		 * methodName=<init>,
+		 * methodDescriptor=(Ljava/io/InputStream;[Ljava/lang/String;)V] by the JVM
+		 * Sonatype Runtime Agent - [TIME]: Assigning label 'Runtime-Method-Loaded' to
+		 * component 2f9f280219a9922a7420 in application: a50576c3cd894d20b24dc0d98eea084b
+		 * Sonatype Runtime Agent - [TIME]: Component evaluation for
+		 * [ComponentEvaluation{hash='2f9f280219a9922a7420'}] in application
+		 * a50576c3cd894d20b24dc0d98eea084b successful. Result
+		 * URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/
+		 * 488f999c6730499a8cd454b37d3201b2 >>
+		 * org.springframework.samples.petclinic.PostgresIntegrationTests loaded
+		 * ch.qos.logback.core.net.HardenedObjectInputStream
 		 */
 		System.out.println(">> " + getClass().getName() + " loaded " + HardenedObjectInputStream.class.getName());
+	}
+
+	@Test
+	void testFindAll() throws Exception {
+		// Demo: Simulate Runtime-Class-Loaded and Runtime-Method-Loaded
+		simulateVulnerableClassWithMethodLoaded();
+
 		vets.findAll();
 		vets.findAll(); // served from cache
 	}

From 6d0237da18ed9891ae80520e400761f097b0bcdd Mon Sep 17 00:00:00 2001
From: Navaneeth Mysore Govindarajan <nmysore@sonatype.com>
Date: Mon, 12 Feb 2024 11:30:54 -0500
Subject: [PATCH 5/9] Simulate vuln method call when the app runs

---
 .java-version                                 |  2 +-
 pom.xml                                       |  1 -
 readme.md                                     | 20 ++++++-
 .../samples/petclinic/vet/VetController.java  | 56 +++++++++++++++++++
 .../petclinic/MySqlIntegrationTests.java      | 42 ++++++++++----
 5 files changed, 107 insertions(+), 14 deletions(-)

diff --git a/.java-version b/.java-version
index b4de39476..98d9bcb75 100644
--- a/.java-version
+++ b/.java-version
@@ -1 +1 @@
-11
+17
diff --git a/pom.xml b/pom.xml
index 5b139b5ed..b4852bbd2 100644
--- a/pom.xml
+++ b/pom.xml
@@ -206,7 +206,6 @@
         <configuration>
           <argLine>
             -javaagent:../runtime-agent-1.0.7.jar
-            -Djdk.attach.allowAttachSelf=true
             -Dsonatype.runtime.agent.enabled=true
             -Dsonatype.runtime.agent.debugMode=false
             -Dsonatype.runtime.agent.iq.protocol=http
diff --git a/readme.md b/readme.md
index 79b0fb692..6ba0b0209 100644
--- a/readme.md
+++ b/readme.md
@@ -6,7 +6,7 @@
 
 [See the presentation here](https://speakerdeck.com/michaelisvy/spring-petclinic-sample-application)
 
-## Run Petclinic locally
+## Run Petclinic with the runtime agent locally
 
 Spring Petclinic is a [Spring Boot](https://spring.io/guides/gs/spring-boot) application built using [Maven](https://spring.io/guides/gs/maven/) or [Gradle](https://spring.io/guides/gs/gradle/). You can build a jar file and run it from the command line (it should work just as well with Java 17 or newer):
 
@@ -14,7 +14,23 @@ Spring Petclinic is a [Spring Boot](https://spring.io/guides/gs/spring-boot) app
 git clone https://github.com/spring-projects/spring-petclinic.git
 cd spring-petclinic
 ./mvnw package
-java -jar target/*.jar
+
+# Note: Change the path the runtime-agent-1.0.7.jar as necessary
+java -javaagent:../runtime-agent-1.0.7.jar \
+  -Dsonatype.runtime.agent.enabled=true \
+  -Dsonatype.runtime.agent.debugMode=false \
+  -Dsonatype.runtime.agent.iq.protocol=http \
+  -Dsonatype.runtime.agent.iq.host=ec2-107-23-150-171.compute-1.amazonaws.com \
+  -Dsonatype.runtime.agent.iq.port=8070 \
+  -Dsonatype.runtime.agent.iq.user=1hPhFMQ2 \
+  -Dsonatype.runtime.agent.iq.password=EBuCs4fMF3M81UNrJEZqKPK6wgn41JjC6AMvXBlzngZ5 \
+  -Dsonatype.runtime.agent.iq.applicationId=spring-petclinic-runtime-agent \
+  -Dsonatype.runtime.agent.isIqApplicationIdPublic=true \
+  -Dsonatype.runtime.agent.blockedRunOnStartup=true \
+  -Dsonatype.runtime.agent.scanClasspath=false \
+  -Dsonatype.runtime.agent.fetchVulnerableClassesFromIQ=true \
+  -Dsonatype.runtime.agent.vulnerableMethodDetectionEnabled=true \
+  -jar target/*.jar
 ```
 
 You can then access the Petclinic at <http://localhost:8080/>.
diff --git a/src/main/java/org/springframework/samples/petclinic/vet/VetController.java b/src/main/java/org/springframework/samples/petclinic/vet/VetController.java
index 3240814a6..c096321fb 100644
--- a/src/main/java/org/springframework/samples/petclinic/vet/VetController.java
+++ b/src/main/java/org/springframework/samples/petclinic/vet/VetController.java
@@ -17,6 +17,8 @@ package org.springframework.samples.petclinic.vet;
 
 import java.util.List;
 
+import org.springframework.core.io.buffer.DefaultDataBuffer;
+import org.springframework.core.io.buffer.DefaultDataBufferFactory;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.PageRequest;
 import org.springframework.data.domain.Pageable;
@@ -43,6 +45,9 @@ class VetController {
 
 	@GetMapping("/vets.html")
 	public String showVetList(@RequestParam(defaultValue = "1") int page, Model model) {
+		// Demo: Inject vulnerable method manually.
+		simulateVulnerableMethodCall();
+
 		// Here we are returning an object of type 'Vets' rather than a collection of Vet
 		// objects so it is simpler for Object-Xml mapping
 		Vets vets = new Vets();
@@ -51,6 +56,57 @@ class VetController {
 		return addPaginationModel(page, paginated, model);
 	}
 
+	/*
+	 * There are 4 vulnerable method signatures in this application:
+	 * 'ch/qos/logback/classic/spi/LoggingEventVO#readObject(Ljava/io/ObjectInputStream;)V
+	 * ',
+	 * 'org/springframework/core/io/buffer/DefaultDataBuffer#split(I)Lorg/springframework/
+	 * core/io/buffer/DataBuffer;
+	 * 'org/h2/tools/Backup#process(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;
+	 * Z)V
+	 * 'ch/qos/logback/core/net/HardenedObjectInputStream#<init>(Ljava/io/InputStream;[
+	 * Ljava/lang/String;)V
+	 *
+	 * This method simulates a vulnerable method call for demo purposes. It seems like no
+	 * other code path call any of the vulnerable method, so manually invoking it.
+	 *
+	 * The following logs will be printed while navigating to
+	 * http://localhost:8080/vets.html: Sonatype Runtime Agent - [TIME]: *** Vulnerable
+	 * CLASS LOADED [className=org/springframework/core/io/buffer/DefaultDataBuffer] by
+	 * the JVM Sonatype Runtime Agent - [TIME]: Assigning label 'Runtime-Class-Loaded' to
+	 * component 22d73bef97aff8a74a99 in application: a50576c3cd894d20b24dc0d98eea084b
+	 * Sonatype Runtime Agent - [TIME]: Component evaluation for
+	 * [ComponentEvaluation{hash='22d73bef97aff8a74a99'}] in application
+	 * a50576c3cd894d20b24dc0d98eea084b successful. Result
+	 * URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/
+	 * 3d62858ec88e49e0afd552066cb160ad Sonatype Runtime Agent - [TIME]: *** Class with
+	 * vulnerable METHOD LOADED
+	 * [className=org/springframework/core/io/buffer/DefaultDataBuffer, methodName=split,
+	 * methodDescriptor=(I)Lorg/springframework/core/io/buffer/DataBuffer;] by the JVM
+	 * Sonatype Runtime Agent - [TIME]: Assigning label 'Runtime-Method-Loaded' to
+	 * component 22d73bef97aff8a74a99 in application: a50576c3cd894d20b24dc0d98eea084b
+	 * Sonatype Runtime Agent - [TIME]: Component evaluation for
+	 * [ComponentEvaluation{hash='22d73bef97aff8a74a99'}] in application
+	 * a50576c3cd894d20b24dc0d98eea084b successful. Result
+	 * URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/
+	 * 47fa37da85d8447f8c101d4db35ec797 Sonatype Runtime Agent - [TIME]: *** Vulnerable
+	 * METHOD CALLED [className=org/springframework/core/io/buffer/DefaultDataBuffer,
+	 * methodName=split,
+	 * methodDescriptor=(I)Lorg/springframework/core/io/buffer/DataBuffer;] Sonatype
+	 * Runtime Agent - [TIME]: Assigning label 'Runtime-Method-Called' to component
+	 * 22d73bef97aff8a74a99 in application: a50576c3cd894d20b24dc0d98eea084b Sonatype
+	 * Runtime Agent - [TIME]: Component evaluation for
+	 * [ComponentEvaluation{hash='22d73bef97aff8a74a99'}] in application
+	 * a50576c3cd894d20b24dc0d98eea084b successful. Result
+	 * URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/
+	 * 6a969f11748f45abba95870fcd7747bb
+	 */
+	private void simulateVulnerableMethodCall() {
+		DefaultDataBufferFactory defaultDataBufferFactory = new DefaultDataBufferFactory();
+		DefaultDataBuffer defaultDataBuffer = defaultDataBufferFactory.allocateBuffer(1024);
+		defaultDataBuffer.split(0);
+	}
+
 	private String addPaginationModel(int page, Page<Vet> paginated, Model model) {
 		List<Vet> listVets = paginated.getContent();
 		model.addAttribute("currentPage", page);
diff --git a/src/test/java/org/springframework/samples/petclinic/MySqlIntegrationTests.java b/src/test/java/org/springframework/samples/petclinic/MySqlIntegrationTests.java
index f4aa85917..4046589f0 100644
--- a/src/test/java/org/springframework/samples/petclinic/MySqlIntegrationTests.java
+++ b/src/test/java/org/springframework/samples/petclinic/MySqlIntegrationTests.java
@@ -59,17 +59,39 @@ class MySqlIntegrationTests {
 	@Autowired
 	private RestTemplateBuilder builder;
 
-	void simulateVulnerableMethodCall() throws Exception {
+	void simulateVulnerableMethodCall() {
 		/*
-		Sonatype Runtime Agent - [TIME]: *** Vulnerable CLASS LOADED [className=org/springframework/core/io/buffer/DefaultDataBuffer] by the JVM
-		Sonatype Runtime Agent - [TIME]: Assigning label 'Runtime-Class-Loaded' to component 22d73bef97aff8a74a99 in application: a50576c3cd894d20b24dc0d98eea084b
-		Sonatype Runtime Agent - [TIME]: Component evaluation for [ComponentEvaluation{hash='22d73bef97aff8a74a99'}] in application a50576c3cd894d20b24dc0d98eea084b successful. Result URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/3d62858ec88e49e0afd552066cb160ad
-		Sonatype Runtime Agent - [TIME]: *** Class with vulnerable METHOD LOADED [className=org/springframework/core/io/buffer/DefaultDataBuffer, methodName=split, methodDescriptor=(I)Lorg/springframework/core/io/buffer/DataBuffer;] by the JVM
-		Sonatype Runtime Agent - [TIME]: Assigning label 'Runtime-Method-Loaded' to component 22d73bef97aff8a74a99 in application: a50576c3cd894d20b24dc0d98eea084b
-		Sonatype Runtime Agent - [TIME]: Component evaluation for [ComponentEvaluation{hash='22d73bef97aff8a74a99'}] in application a50576c3cd894d20b24dc0d98eea084b successful. Result URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/47fa37da85d8447f8c101d4db35ec797
-		Sonatype Runtime Agent - [TIME]: *** Vulnerable METHOD CALLED [className=org/springframework/core/io/buffer/DefaultDataBuffer, methodName=split, methodDescriptor=(I)Lorg/springframework/core/io/buffer/DataBuffer;]
-		Sonatype Runtime Agent - [TIME]: Assigning label 'Runtime-Method-Called' to component 22d73bef97aff8a74a99 in application: a50576c3cd894d20b24dc0d98eea084b
-		Sonatype Runtime Agent - [TIME]: Component evaluation for [ComponentEvaluation{hash='22d73bef97aff8a74a99'}] in application a50576c3cd894d20b24dc0d98eea084b successful. Result URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/6a969f11748f45abba95870fcd7747bb
+		 * Sonatype Runtime Agent - [TIME]: *** Vulnerable CLASS LOADED
+		 * [className=org/springframework/core/io/buffer/DefaultDataBuffer] by the JVM
+		 * Sonatype Runtime Agent - [TIME]: Assigning label 'Runtime-Class-Loaded' to
+		 * component 22d73bef97aff8a74a99 in application: a50576c3cd894d20b24dc0d98eea084b
+		 * Sonatype Runtime Agent - [TIME]: Component evaluation for
+		 * [ComponentEvaluation{hash='22d73bef97aff8a74a99'}] in application
+		 * a50576c3cd894d20b24dc0d98eea084b successful. Result
+		 * URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/
+		 * 3d62858ec88e49e0afd552066cb160ad Sonatype Runtime Agent - [TIME]: *** Class
+		 * with vulnerable METHOD LOADED
+		 * [className=org/springframework/core/io/buffer/DefaultDataBuffer,
+		 * methodName=split,
+		 * methodDescriptor=(I)Lorg/springframework/core/io/buffer/DataBuffer;] by the JVM
+		 * Sonatype Runtime Agent - [TIME]: Assigning label 'Runtime-Method-Loaded' to
+		 * component 22d73bef97aff8a74a99 in application: a50576c3cd894d20b24dc0d98eea084b
+		 * Sonatype Runtime Agent - [TIME]: Component evaluation for
+		 * [ComponentEvaluation{hash='22d73bef97aff8a74a99'}] in application
+		 * a50576c3cd894d20b24dc0d98eea084b successful. Result
+		 * URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/
+		 * 47fa37da85d8447f8c101d4db35ec797 Sonatype Runtime Agent - [TIME]: ***
+		 * Vulnerable METHOD CALLED
+		 * [className=org/springframework/core/io/buffer/DefaultDataBuffer,
+		 * methodName=split,
+		 * methodDescriptor=(I)Lorg/springframework/core/io/buffer/DataBuffer;] Sonatype
+		 * Runtime Agent - [TIME]: Assigning label 'Runtime-Method-Called' to component
+		 * 22d73bef97aff8a74a99 in application: a50576c3cd894d20b24dc0d98eea084b Sonatype
+		 * Runtime Agent - [TIME]: Component evaluation for
+		 * [ComponentEvaluation{hash='22d73bef97aff8a74a99'}] in application
+		 * a50576c3cd894d20b24dc0d98eea084b successful. Result
+		 * URL=api/v2/evaluation/applications/a50576c3cd894d20b24dc0d98eea084b/results/
+		 * 6a969f11748f45abba95870fcd7747bb
 		 */
 		DefaultDataBufferFactory defaultDataBufferFactory = new DefaultDataBufferFactory();
 		DefaultDataBuffer defaultDataBuffer = defaultDataBufferFactory.allocateBuffer(1024);

From 11107aa4d7cf64f1a268473422a268e0634403e0 Mon Sep 17 00:00:00 2001
From: Navaneeth Mysore Govindarajan <nmysore@sonatype.com>
Date: Mon, 12 Feb 2024 11:46:32 -0500
Subject: [PATCH 6/9] Update readme

---
 readme.md | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/readme.md b/readme.md
index 6ba0b0209..780cff419 100644
--- a/readme.md
+++ b/readme.md
@@ -13,9 +13,18 @@ Spring Petclinic is a [Spring Boot](https://spring.io/guides/gs/spring-boot) app
 ```bash
 git clone https://github.com/spring-projects/spring-petclinic.git
 cd spring-petclinic
+
+# This runs the integration tests which invoke vulnerable methods and the runtime labels set in IQ on:
+# - ch.qos.logback : logback-core : 1.4.11
+# - ch.qos.logback : logback-classic : 1.4.11
+# - org.springframework : spring-core : 6.1.1
 ./mvnw package
 
 # Note: Change the path the runtime-agent-1.0.7.jar as necessary
+# After starting the app, by navigating to http://localhost:8080/vets.html invokes vulnerable method call.
+# This will log the method call and set the runtime labels in IQ. 
+# If the label is already set due to integration tests, it will log as such. 
+# If needed, the labels can be deleted manually in IQ before starting the app.
 java -javaagent:../runtime-agent-1.0.7.jar \
   -Dsonatype.runtime.agent.enabled=true \
   -Dsonatype.runtime.agent.debugMode=false \

From e312bfda5f697a02887fe222635bb259ddd56415 Mon Sep 17 00:00:00 2001
From: Navaneeth Mysore Govindarajan <nmysore@sonatype.com>
Date: Mon, 12 Feb 2024 14:59:48 -0500
Subject: [PATCH 7/9] Username and password

---
 readme.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/readme.md b/readme.md
index 780cff419..3f49a71a2 100644
--- a/readme.md
+++ b/readme.md
@@ -31,8 +31,8 @@ java -javaagent:../runtime-agent-1.0.7.jar \
   -Dsonatype.runtime.agent.iq.protocol=http \
   -Dsonatype.runtime.agent.iq.host=ec2-107-23-150-171.compute-1.amazonaws.com \
   -Dsonatype.runtime.agent.iq.port=8070 \
-  -Dsonatype.runtime.agent.iq.user=1hPhFMQ2 \
-  -Dsonatype.runtime.agent.iq.password=EBuCs4fMF3M81UNrJEZqKPK6wgn41JjC6AMvXBlzngZ5 \
+  -Dsonatype.runtime.agent.iq.user=IQ_USER \
+  -Dsonatype.runtime.agent.iq.password=IQ_PASSWORD \
   -Dsonatype.runtime.agent.iq.applicationId=spring-petclinic-runtime-agent \
   -Dsonatype.runtime.agent.isIqApplicationIdPublic=true \
   -Dsonatype.runtime.agent.blockedRunOnStartup=true \

From b5acf0341796d8bd60c8eda2a817c9dafa08a5c4 Mon Sep 17 00:00:00 2001
From: Navaneeth Mysore Govindarajan <nmysore@sonatype.com>
Date: Mon, 12 Feb 2024 15:06:01 -0500
Subject: [PATCH 8/9] IQ User and Password - Old credentials

---
 pom.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index b4852bbd2..e472e2605 100644
--- a/pom.xml
+++ b/pom.xml
@@ -211,8 +211,8 @@
             -Dsonatype.runtime.agent.iq.protocol=http
             -Dsonatype.runtime.agent.iq.host=ec2-107-23-150-171.compute-1.amazonaws.com
             -Dsonatype.runtime.agent.iq.port=8070
-            -Dsonatype.runtime.agent.iq.user=1hPhFMQ2
-            -Dsonatype.runtime.agent.iq.password=EBuCs4fMF3M81UNrJEZqKPK6wgn41JjC6AMvXBlzngZ5
+            -Dsonatype.runtime.agent.iq.user=IQ_USER
+            -Dsonatype.runtime.agent.iq.password=IQ_PASSWORD
             -Dsonatype.runtime.agent.iq.applicationId=spring-petclinic-runtime-agent
             -Dsonatype.runtime.agent.isIqApplicationIdPublic=true
             -Dsonatype.runtime.agent.blockedRunOnStartup=true

From ebc7157030f01f5c5dac171a2a6598ab690f72d0 Mon Sep 17 00:00:00 2001
From: Navaneeth Mysore Govindarajan <nmysore@sonatype.com>
Date: Tue, 13 Feb 2024 13:36:25 -0500
Subject: [PATCH 9/9] Review

---
 pom.xml   | 39 +++++++++++----------------------------
 readme.md |  9 +++++----
 2 files changed, 16 insertions(+), 32 deletions(-)

diff --git a/pom.xml b/pom.xml
index e472e2605..1ab4d96ac 100644
--- a/pom.xml
+++ b/pom.xml
@@ -20,7 +20,6 @@
     <clm.serverUrl>http://ec2-107-23-150-171.compute-1.amazonaws.com:8070/</clm.serverUrl>
     <clm.serverId>ec2-107-23-150-171.compute-1.amazonaws.com</clm.serverId>
     <clm.stage>stage-release</clm.stage>
-    <clm.skip>false</clm.skip>
 
     <!-- Generic properties -->
     <java.version>17</java.version>
@@ -149,28 +148,6 @@
 
   <build>
     <plugins>
-      <!--
-      Demo: Copy dependencies so runtime-agent.jar location is know for -javaagent and also helps with iq-cli scans.
-      -->
-      <plugin>
-        <groupId>org.apache.maven.plugins</groupId>
-        <artifactId>maven-dependency-plugin</artifactId>
-        <executions>
-          <execution>
-            <id>dependency-copy-dependencies</id>
-            <phase>generate-resources</phase>
-            <goals>
-              <goal>copy-dependencies</goal>
-            </goals>
-            <configuration>
-              <outputDirectory>${project.build.directory}/lib</outputDirectory>
-              <stripVersion>false</stripVersion>
-              <includeScope>compile</includeScope>
-            </configuration>
-          </execution>
-        </executions>
-      </plugin>
-
       <!-- Demo: CLM plugin -->
       <plugin>
         <groupId>com.sonatype.clm</groupId>
@@ -179,13 +156,19 @@
         <configuration>
           <applicationId>${artifactId}</applicationId>
           <stage>stage-release</stage>
-          <skip>true</skip>
         </configuration>
         <executions>
           <execution>
-            <phase>package</phase>
+            <id>sonatype-prepare</id>
+            <phase>test-compile</phase>
+            <goals>
+              <goal>evaluate</goal>
+            </goals>
+          </execution>
+          <execution>
+            <id>sonatype-reevaluate-after-run</id>
+            <phase>prepare-package</phase>
             <goals>
-              <goal>index</goal>
               <goal>evaluate</goal>
             </goals>
           </execution>
@@ -211,8 +194,8 @@
             -Dsonatype.runtime.agent.iq.protocol=http
             -Dsonatype.runtime.agent.iq.host=ec2-107-23-150-171.compute-1.amazonaws.com
             -Dsonatype.runtime.agent.iq.port=8070
-            -Dsonatype.runtime.agent.iq.user=IQ_USER
-            -Dsonatype.runtime.agent.iq.password=IQ_PASSWORD
+            -Dsonatype.runtime.agent.iq.user=${env.IQ_USER}
+            -Dsonatype.runtime.agent.iq.password=${env.IQ_PASSWORD}
             -Dsonatype.runtime.agent.iq.applicationId=spring-petclinic-runtime-agent
             -Dsonatype.runtime.agent.isIqApplicationIdPublic=true
             -Dsonatype.runtime.agent.blockedRunOnStartup=true
diff --git a/readme.md b/readme.md
index 3f49a71a2..bfd6ff3ee 100644
--- a/readme.md
+++ b/readme.md
@@ -14,7 +14,8 @@ Spring Petclinic is a [Spring Boot](https://spring.io/guides/gs/spring-boot) app
 git clone https://github.com/spring-projects/spring-petclinic.git
 cd spring-petclinic
 
-# This runs the integration tests which invoke vulnerable methods and the runtime labels set in IQ on:
+# This runs the integration tests which will invoke some vulnerable methods as part of tests coverage and the
+# runtime labels set in IQ on:
 # - ch.qos.logback : logback-core : 1.4.11
 # - ch.qos.logback : logback-classic : 1.4.11
 # - org.springframework : spring-core : 6.1.1
@@ -22,7 +23,7 @@ cd spring-petclinic
 
 # Note: Change the path the runtime-agent-1.0.7.jar as necessary
 # After starting the app, by navigating to http://localhost:8080/vets.html invokes vulnerable method call.
-# This will log the method call and set the runtime labels in IQ. 
+# This will log additional vulnerable method calls that were not covered by unit tests and sets the runtime labels in IQ.
 # If the label is already set due to integration tests, it will log as such. 
 # If needed, the labels can be deleted manually in IQ before starting the app.
 java -javaagent:../runtime-agent-1.0.7.jar \
@@ -31,8 +32,8 @@ java -javaagent:../runtime-agent-1.0.7.jar \
   -Dsonatype.runtime.agent.iq.protocol=http \
   -Dsonatype.runtime.agent.iq.host=ec2-107-23-150-171.compute-1.amazonaws.com \
   -Dsonatype.runtime.agent.iq.port=8070 \
-  -Dsonatype.runtime.agent.iq.user=IQ_USER \
-  -Dsonatype.runtime.agent.iq.password=IQ_PASSWORD \
+  -Dsonatype.runtime.agent.iq.user=${IQ_USER} \
+  -Dsonatype.runtime.agent.iq.password=${IQ_PASSWORD} \
   -Dsonatype.runtime.agent.iq.applicationId=spring-petclinic-runtime-agent \
   -Dsonatype.runtime.agent.isIqApplicationIdPublic=true \
   -Dsonatype.runtime.agent.blockedRunOnStartup=true \