From 217dd9fb9d7029dc7137672aeabf418286a164e9 Mon Sep 17 00:00:00 2001
From: Christoph Pirkl <4711730+kaklakariada@users.noreply.github.com>
Date: Thu, 21 Nov 2024 08:16:56 +0100
Subject: [PATCH] Fix release build (#336)
---
.github/workflows/ci-build.yml | 8 +-
.github/workflows/release.yml | 10 ++-
.project-keeper.yml | 30 ++++++--
dependencies.md | 131 ++++++++++++++++-----------------
doc/changes/changes_2.8.4.md | 3 +-
pom.xml | 18 -----
6 files changed, 101 insertions(+), 99 deletions(-)
diff --git a/.github/workflows/ci-build.yml b/.github/workflows/ci-build.yml
index 9b043b20..728af92a 100644
--- a/.github/workflows/ci-build.yml
+++ b/.github/workflows/ci-build.yml
@@ -76,6 +76,7 @@ jobs:
- name: Build extension
id: build-extension
run: |
+ # Packaged JAR is required for building the extension
mvn --batch-mode package -DskipTests
cd extension
npm ci
@@ -84,12 +85,7 @@ jobs:
npm run lint
- name: Run tests and build with Maven
id: build-pk-verify
- run: |
- # Omit clean to speedup build
- mvn --batch-mode verify \
- -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
- -DtrimStackTrace=false \
- -Dcom.exasol.dockerdb.image=${{ matrix.exasol_db_version }}
+ run: mvn --batch-mode verify -Dcom.exasol.dockerdb.image=${{ matrix.exasol_db_version }}
env: {
EXASOL_DB_VERSION: '${{ matrix.exasol_db_version }}'
}
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 750fe459..89e95c32 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -104,10 +104,18 @@ jobs:
env: {
GITHUB_TOKEN: '${{ github.token }}'
}
+ - name: Build extension
+ id: build-extension
+ run: |
+ # Packaged JAR is required for building the extension
+ mvn --batch-mode package -DskipTests
+ cd extension
+ npm ci
+ npm run build
- {
name: Build project,
id: build,
- run: mvn --batch-mode -DskipTests clean verify
+ run: mvn --batch-mode -DskipTests verify
}
- {
name: List secret GPG keys,
diff --git a/.project-keeper.yml b/.project-keeper.yml
index ef14a7cd..9fdf0186 100644
--- a/.project-keeper.yml
+++ b/.project-keeper.yml
@@ -36,6 +36,7 @@ build:
name: Build extension
id: build-extension
run: |
+ # Packaged JAR is required for building the extension
mvn --batch-mode package -DskipTests
cd extension
npm ci
@@ -47,13 +48,30 @@ build:
content:
name: Run tests and build with Maven
id: build-pk-verify
- run: |
- # Omit clean to speedup build
- mvn --batch-mode verify \
- -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
- -DtrimStackTrace=false \
- -Dcom.exasol.dockerdb.image=${{ matrix.exasol_db_version }}
+ # Omit clean to speedup build
+ run: mvn --batch-mode verify -Dcom.exasol.dockerdb.image=${{ matrix.exasol_db_version }}
env:
# Set additional environment variable as in scala projects the scalatest plugin does not forward
# the system property -Dcom.exasol.dockerdb.image to the test's implementation.
EXASOL_DB_VERSION: ${{ matrix.exasol_db_version }}
+
+ - name: release.yml
+ stepCustomizations:
+ - action: INSERT_AFTER
+ stepId: verify-release
+ content:
+ name: Build extension
+ id: build-extension
+ run: |
+ # Packaged JAR is required for building the extension
+ mvn --batch-mode package -DskipTests
+ cd extension
+ npm ci
+ npm run build
+ - action: REPLACE
+ stepId: build
+ content:
+ name: Build project
+ id: build
+ # Omit clean to speedup build. Tests already ran durning CI build.
+ run: mvn --batch-mode -DskipTests verify
diff --git a/dependencies.md b/dependencies.md
index bd92ece5..07f04514 100644
--- a/dependencies.md
+++ b/dependencies.md
@@ -84,35 +84,34 @@
| Dependency | License |
| -------------------------------------------------------- | --------------------------------------------- |
| [Project Keeper Maven plugin][91] | [The MIT License][92] |
-| [OpenFastTrace Maven Plugin][93] | [GNU General Public License v3.0][94] |
-| [Scalastyle Maven Plugin][95] | [Apache 2.0][39] |
-| [spotless-maven-plugin][96] | [The Apache Software License, Version 2.0][3] |
-| [scalafix-maven-plugin][97] | [BSD-3-Clause][18] |
-| [Exec Maven Plugin][98] | [Apache License 2][3] |
-| [Apache Maven Clean Plugin][99] | [Apache-2.0][3] |
-| [Apache Maven Install Plugin][100] | [Apache-2.0][3] |
-| [Apache Maven Resources Plugin][101] | [Apache-2.0][3] |
-| [Apache Maven Site Plugin][102] | [Apache License, Version 2.0][3] |
-| [SonarQube Scanner for Maven][103] | [GNU LGPL 3][104] |
-| [Apache Maven Toolchains Plugin][105] | [Apache-2.0][3] |
-| [Apache Maven Compiler Plugin][106] | [Apache-2.0][3] |
-| [Apache Maven Enforcer Plugin][107] | [Apache-2.0][3] |
-| [Maven Flatten Plugin][108] | [Apache Software Licenese][3] |
-| [org.sonatype.ossindex.maven:ossindex-maven-plugin][109] | [ASL2][6] |
-| [scala-maven-plugin][110] | [Public domain (Unlicense)][111] |
-| [ScalaTest Maven Plugin][112] | [the Apache License, ASL Version 2.0][37] |
-| [Apache Maven Javadoc Plugin][113] | [Apache-2.0][3] |
-| [Maven Surefire Plugin][114] | [Apache-2.0][3] |
-| [Versions Maven Plugin][115] | [Apache License, Version 2.0][3] |
-| [duplicate-finder-maven-plugin Maven Mojo][116] | [Apache License 2.0][39] |
-| [Apache Maven Assembly Plugin][117] | [Apache-2.0][3] |
-| [Apache Maven JAR Plugin][118] | [Apache-2.0][3] |
-| [Artifact reference checker and unifier][119] | [MIT License][120] |
-| [Maven Failsafe Plugin][121] | [Apache-2.0][3] |
-| [JaCoCo :: Maven Plugin][122] | [EPL-2.0][123] |
-| [Quality Summarizer Maven Plugin][124] | [MIT License][125] |
-| [error-code-crawler-maven-plugin][126] | [MIT License][127] |
-| [Reproducible Build Maven Plugin][128] | [Apache 2.0][6] |
+| [Scalastyle Maven Plugin][93] | [Apache 2.0][39] |
+| [spotless-maven-plugin][94] | [The Apache Software License, Version 2.0][3] |
+| [scalafix-maven-plugin][95] | [BSD-3-Clause][18] |
+| [Exec Maven Plugin][96] | [Apache License 2][3] |
+| [Apache Maven Clean Plugin][97] | [Apache-2.0][3] |
+| [Apache Maven Install Plugin][98] | [Apache-2.0][3] |
+| [Apache Maven Resources Plugin][99] | [Apache-2.0][3] |
+| [Apache Maven Site Plugin][100] | [Apache License, Version 2.0][3] |
+| [SonarQube Scanner for Maven][101] | [GNU LGPL 3][102] |
+| [Apache Maven Toolchains Plugin][103] | [Apache-2.0][3] |
+| [Apache Maven Compiler Plugin][104] | [Apache-2.0][3] |
+| [Apache Maven Enforcer Plugin][105] | [Apache-2.0][3] |
+| [Maven Flatten Plugin][106] | [Apache Software Licenese][3] |
+| [org.sonatype.ossindex.maven:ossindex-maven-plugin][107] | [ASL2][6] |
+| [scala-maven-plugin][108] | [Public domain (Unlicense)][109] |
+| [ScalaTest Maven Plugin][110] | [the Apache License, ASL Version 2.0][37] |
+| [Apache Maven Javadoc Plugin][111] | [Apache-2.0][3] |
+| [Maven Surefire Plugin][112] | [Apache-2.0][3] |
+| [Versions Maven Plugin][113] | [Apache License, Version 2.0][3] |
+| [duplicate-finder-maven-plugin Maven Mojo][114] | [Apache License 2.0][39] |
+| [Apache Maven Assembly Plugin][115] | [Apache-2.0][3] |
+| [Apache Maven JAR Plugin][116] | [Apache-2.0][3] |
+| [Artifact reference checker and unifier][117] | [MIT License][118] |
+| [Maven Failsafe Plugin][119] | [Apache-2.0][3] |
+| [JaCoCo :: Maven Plugin][120] | [EPL-2.0][121] |
+| [Quality Summarizer Maven Plugin][122] | [MIT License][123] |
+| [error-code-crawler-maven-plugin][124] | [MIT License][125] |
+| [Reproducible Build Maven Plugin][126] | [Apache 2.0][6] |
## Extension
@@ -120,7 +119,7 @@
| Dependency | License |
| ------------------------------------------ | ------- |
-| [@exasol/extension-manager-interface][129] | MIT |
+| [@exasol/extension-manager-interface][127] | MIT |
[0]: https://www.scala-lang.org/
[1]: https://www.apache.org/licenses/LICENSE-2.0
@@ -215,40 +214,38 @@
[90]: http://logback.qos.ch/logback-core
[91]: https://github.com/exasol/project-keeper/
[92]: https://github.com/exasol/project-keeper/blob/main/LICENSE
-[93]: https://github.com/itsallcode/openfasttrace-maven-plugin
-[94]: https://www.gnu.org/licenses/gpl-3.0.html
-[95]: http://www.scalastyle.org
-[96]: https://github.com/diffplug/spotless
-[97]: https://github.com/evis/scalafix-maven-plugin
-[98]: https://www.mojohaus.org/exec-maven-plugin
-[99]: https://maven.apache.org/plugins/maven-clean-plugin/
-[100]: https://maven.apache.org/plugins/maven-install-plugin/
-[101]: https://maven.apache.org/plugins/maven-resources-plugin/
-[102]: https://maven.apache.org/plugins/maven-site-plugin/
-[103]: http://sonarsource.github.io/sonar-scanner-maven/
-[104]: http://www.gnu.org/licenses/lgpl.txt
-[105]: https://maven.apache.org/plugins/maven-toolchains-plugin/
-[106]: https://maven.apache.org/plugins/maven-compiler-plugin/
-[107]: https://maven.apache.org/enforcer/maven-enforcer-plugin/
-[108]: https://www.mojohaus.org/flatten-maven-plugin/
-[109]: https://sonatype.github.io/ossindex-maven/maven-plugin/
-[110]: http://github.com/davidB/scala-maven-plugin
-[111]: http://unlicense.org/
-[112]: https://www.scalatest.org/user_guide/using_the_scalatest_maven_plugin
-[113]: https://maven.apache.org/plugins/maven-javadoc-plugin/
-[114]: https://maven.apache.org/surefire/maven-surefire-plugin/
-[115]: https://www.mojohaus.org/versions/versions-maven-plugin/
-[116]: https://basepom.github.io/duplicate-finder-maven-plugin
-[117]: https://maven.apache.org/plugins/maven-assembly-plugin/
-[118]: https://maven.apache.org/plugins/maven-jar-plugin/
-[119]: https://github.com/exasol/artifact-reference-checker-maven-plugin/
-[120]: https://github.com/exasol/artifact-reference-checker-maven-plugin/blob/main/LICENSE
-[121]: https://maven.apache.org/surefire/maven-failsafe-plugin/
-[122]: https://www.jacoco.org/jacoco/trunk/doc/maven.html
-[123]: https://www.eclipse.org/legal/epl-2.0/
-[124]: https://github.com/exasol/quality-summarizer-maven-plugin/
-[125]: https://github.com/exasol/quality-summarizer-maven-plugin/blob/main/LICENSE
-[126]: https://github.com/exasol/error-code-crawler-maven-plugin/
-[127]: https://github.com/exasol/error-code-crawler-maven-plugin/blob/main/LICENSE
-[128]: http://zlika.github.io/reproducible-build-maven-plugin
-[129]: https://registry.npmjs.org/@exasol/extension-manager-interface/-/extension-manager-interface-0.4.3.tgz
+[93]: http://www.scalastyle.org
+[94]: https://github.com/diffplug/spotless
+[95]: https://github.com/evis/scalafix-maven-plugin
+[96]: https://www.mojohaus.org/exec-maven-plugin
+[97]: https://maven.apache.org/plugins/maven-clean-plugin/
+[98]: https://maven.apache.org/plugins/maven-install-plugin/
+[99]: https://maven.apache.org/plugins/maven-resources-plugin/
+[100]: https://maven.apache.org/plugins/maven-site-plugin/
+[101]: http://sonarsource.github.io/sonar-scanner-maven/
+[102]: http://www.gnu.org/licenses/lgpl.txt
+[103]: https://maven.apache.org/plugins/maven-toolchains-plugin/
+[104]: https://maven.apache.org/plugins/maven-compiler-plugin/
+[105]: https://maven.apache.org/enforcer/maven-enforcer-plugin/
+[106]: https://www.mojohaus.org/flatten-maven-plugin/
+[107]: https://sonatype.github.io/ossindex-maven/maven-plugin/
+[108]: http://github.com/davidB/scala-maven-plugin
+[109]: http://unlicense.org/
+[110]: https://www.scalatest.org/user_guide/using_the_scalatest_maven_plugin
+[111]: https://maven.apache.org/plugins/maven-javadoc-plugin/
+[112]: https://maven.apache.org/surefire/maven-surefire-plugin/
+[113]: https://www.mojohaus.org/versions/versions-maven-plugin/
+[114]: https://basepom.github.io/duplicate-finder-maven-plugin
+[115]: https://maven.apache.org/plugins/maven-assembly-plugin/
+[116]: https://maven.apache.org/plugins/maven-jar-plugin/
+[117]: https://github.com/exasol/artifact-reference-checker-maven-plugin/
+[118]: https://github.com/exasol/artifact-reference-checker-maven-plugin/blob/main/LICENSE
+[119]: https://maven.apache.org/surefire/maven-failsafe-plugin/
+[120]: https://www.jacoco.org/jacoco/trunk/doc/maven.html
+[121]: https://www.eclipse.org/legal/epl-2.0/
+[122]: https://github.com/exasol/quality-summarizer-maven-plugin/
+[123]: https://github.com/exasol/quality-summarizer-maven-plugin/blob/main/LICENSE
+[124]: https://github.com/exasol/error-code-crawler-maven-plugin/
+[125]: https://github.com/exasol/error-code-crawler-maven-plugin/blob/main/LICENSE
+[126]: http://zlika.github.io/reproducible-build-maven-plugin
+[127]: https://registry.npmjs.org/@exasol/extension-manager-interface/-/extension-manager-interface-0.4.3.tgz
diff --git a/doc/changes/changes_2.8.4.md b/doc/changes/changes_2.8.4.md
index f455b667..965309eb 100644
--- a/doc/changes/changes_2.8.4.md
+++ b/doc/changes/changes_2.8.4.md
@@ -1,4 +1,4 @@
-# Cloud Storage Extension 2.8.4, released 2024-11-20
+# Cloud Storage Extension 2.8.4, released 2024-11-21
Code name: Fix vulnerabilities CVE-2024-23454 & CVE-2024-47561 & CVE-2024-47554 & CVE-2024-51504 & CVE-2024-47535
@@ -77,6 +77,7 @@ This release fixes the following vulnerabilities in dependencies:
* Updated `org.apache.maven.plugins:maven-site-plugin:3.3` to `3.9.1`
* Updated `org.apache.maven.plugins:maven-surefire-plugin:3.2.5` to `3.5.1`
* Updated `org.codehaus.mojo:versions-maven-plugin:2.16.2` to `2.17.1`
+* Removed `org.itsallcode:openfasttrace-maven-plugin:1.6.2`
### Extension
diff --git a/pom.xml b/pom.xml
index 77086d8c..7fce4251 100644
--- a/pom.xml
+++ b/pom.xml
@@ -908,24 +908,6 @@
-
- org.itsallcode
- openfasttrace-maven-plugin
- 1.6.2
-
-
- trace-requirements
-
- trace
-
-
-
-
- html
- ALL
- true
-
-
org.scalastyle
scalastyle-maven-plugin