From a06f87ea14787b956ba2cb79490972853f08af3c Mon Sep 17 00:00:00 2001 From: Christoph Pirkl Date: Mon, 25 Sep 2023 10:53:16 +0200 Subject: [PATCH 1/3] #476: Fixed vulnerability CVE-2023-4759 --- dependencies.md | 14 +++--- doc/changes/changelog.md | 1 + doc/changes/changes_2.9.12.md | 81 +++++++++++++++++++++++++++++++++++ parent-pom/pom.xml | 8 ++-- shared-model-classes/pom.xml | 2 +- 5 files changed, 94 insertions(+), 12 deletions(-) create mode 100644 doc/changes/changes_2.9.12.md diff --git a/dependencies.md b/dependencies.md index 9323297b..1572b882 100644 --- a/dependencies.md +++ b/dependencies.md @@ -23,7 +23,7 @@ | [JUnit5 System Extensions][14] | [Eclipse Public License v2.0][5] | | [EqualsVerifier \| release normal jar][15] | [Apache License, Version 2.0][16] | | [mockito-core][17] | [The MIT License][18] | -| [SLF4J JDK14 Binding][19] | [MIT License][20] | +| [SLF4J JDK14 Provider][19] | [MIT License][20] | ### Plugin Dependencies @@ -78,7 +78,7 @@ | [mockito-junit-jupiter][17] | [The MIT License][18] | | [Maven Plugin Integration Testing][57] | [MIT License][58] | | [EqualsVerifier \| release normal jar][15] | [Apache License, Version 2.0][16] | -| [SLF4J JDK14 Binding][19] | [MIT License][20] | +| [SLF4J JDK14 Provider][19] | [MIT License][20] | ### Runtime Dependencies @@ -135,9 +135,9 @@ ### Runtime Dependencies -| Dependency | License | -| ------------------------- | ----------------- | -| [SLF4J JDK14 Binding][19] | [MIT License][20] | +| Dependency | License | +| -------------------------- | ----------------- | +| [SLF4J JDK14 Provider][19] | [MIT License][20] | ### Plugin Dependencies @@ -191,7 +191,7 @@ | [org.xmlunit:xmlunit-matchers][50] | [The Apache Software License, Version 2.0][27] | | [mockito-core][17] | [The MIT License][18] | | [Maven Plugin Integration Testing][57] | [MIT License][58] | -| [SLF4J JDK14 Binding][19] | [MIT License][20] | +| [SLF4J JDK14 Provider][19] | [MIT License][20] | | [JaCoCo :: Agent][67] | [Eclipse Public License 2.0][39] | ### Plugin Dependencies @@ -246,7 +246,7 @@ | [JUnit Jupiter Params][10] | [Eclipse Public License v2.0][11] | | [Hamcrest][12] | [BSD License 3][13] | | [org.xmlunit:xmlunit-matchers][50] | [The Apache Software License, Version 2.0][27] | -| [SLF4J JDK14 Binding][19] | [MIT License][20] | +| [SLF4J JDK14 Provider][19] | [MIT License][20] | | [mockito-core][17] | [The MIT License][18] | | [Maven Plugin Integration Testing][57] | [MIT License][58] | | [JaCoCo :: Agent][67] | [Eclipse Public License 2.0][39] | diff --git a/doc/changes/changelog.md b/doc/changes/changelog.md index 578245cf..82f44f22 100644 --- a/doc/changes/changelog.md +++ b/doc/changes/changelog.md @@ -1,5 +1,6 @@ # Changes +* [2.9.12](changes_2.9.12.md) * [2.9.11](changes_2.9.11.md) * [2.9.10](changes_2.9.10.md) * [2.9.9](changes_2.9.9.md) diff --git a/doc/changes/changes_2.9.12.md b/doc/changes/changes_2.9.12.md new file mode 100644 index 00000000..69d9aa88 --- /dev/null +++ b/doc/changes/changes_2.9.12.md @@ -0,0 +1,81 @@ +# Project Keeper 2.9.12, released 2023-09-25 + +Code name: Fix vulnerability CVE-2023-4759 + +## Summary + +This release fixes vulnerability CVE-2023-4759 in dependency `org.eclipse.jgit:org.eclipse.jgit`. + +## Security + +* #476: Fixed vulnerability CVE-2023-4759 in dependency `org.eclipse.jgit:org.eclipse.jgit` + +## Dependency Updates + +### Project-Keeper Shared Model Classes + +#### Compile Dependency Updates + +* Updated `org.eclipse.jgit:org.eclipse.jgit:6.6.0.202305301015-r` to `6.7.0.202309050840-r` + +#### Test Dependency Updates + +* Updated `nl.jqno.equalsverifier:equalsverifier:3.15.1` to `3.15.2` +* Updated `org.slf4j:slf4j-jdk14:1.7.36` to `2.0.9` + +### Project Keeper Core + +#### Compile Dependency Updates + +* Updated `com.exasol:project-keeper-shared-model-classes:2.9.11` to `2.9.12` + +#### Runtime Dependency Updates + +* Updated `com.exasol:project-keeper-java-project-crawler:2.9.11` to `2.9.12` + +#### Test Dependency Updates + +* Updated `com.exasol:project-keeper-shared-test-setup:2.9.11` to `2.9.12` +* Updated `nl.jqno.equalsverifier:equalsverifier:3.15.1` to `3.15.2` +* Updated `org.slf4j:slf4j-jdk14:1.7.36` to `2.0.9` + +### Project Keeper Command Line Interface + +#### Compile Dependency Updates + +* Updated `com.exasol:project-keeper-core:2.9.11` to `2.9.12` + +#### Runtime Dependency Updates + +* Updated `org.slf4j:slf4j-jdk14:1.7.36` to `2.0.9` + +#### Test Dependency Updates + +* Updated `com.exasol:project-keeper-shared-test-setup:2.9.11` to `2.9.12` + +### Project Keeper Maven Plugin + +#### Compile Dependency Updates + +* Updated `com.exasol:project-keeper-core:2.9.11` to `2.9.12` + +#### Test Dependency Updates + +* Updated `org.slf4j:slf4j-jdk14:1.7.36` to `2.0.9` + +### Project Keeper Java Project Crawler + +#### Compile Dependency Updates + +* Updated `com.exasol:project-keeper-shared-model-classes:2.9.11` to `2.9.12` +* Updated `org.eclipse.jgit:org.eclipse.jgit:6.6.0.202305301015-r` to `6.7.0.202309050840-r` + +#### Test Dependency Updates + +* Updated `org.slf4j:slf4j-jdk14:1.7.36` to `2.0.9` + +### Project Keeper Shared Test Setup + +#### Compile Dependency Updates + +* Updated `com.exasol:project-keeper-shared-model-classes:2.9.11` to `2.9.12` diff --git a/parent-pom/pom.xml b/parent-pom/pom.xml index 04939b7c..70c5cc92 100644 --- a/parent-pom/pom.xml +++ b/parent-pom/pom.xml @@ -28,7 +28,7 @@ - 2.9.11 + 2.9.12 3.9.4 5.10.0 2.9.1 @@ -104,7 +104,7 @@ org.eclipse.jgit org.eclipse.jgit - 6.6.0.202305301015-r + 6.7.0.202309050840-r net.steppschuh.markdowngenerator @@ -161,7 +161,7 @@ org.slf4j slf4j-jdk14 - 1.7.36 + 2.0.9 test @@ -197,7 +197,7 @@ nl.jqno.equalsverifier equalsverifier - 3.15.1 + 3.15.2 test diff --git a/shared-model-classes/pom.xml b/shared-model-classes/pom.xml index b3bf1bfb..4e743434 100644 --- a/shared-model-classes/pom.xml +++ b/shared-model-classes/pom.xml @@ -10,6 +10,7 @@ 4.0.0 project-keeper-shared-model-classes Project-Keeper shared model classes + https://github.com/exasol/project-keeper/ jakarta.json @@ -69,5 +70,4 @@ test - https://github.com/exasol/project-keeper/ From 059c3436e3bac0d792a85974bcac06337bb1fa78 Mon Sep 17 00:00:00 2001 From: Christoph Pirkl Date: Mon, 25 Sep 2023 10:58:55 +0200 Subject: [PATCH 2/3] Downgrade slf4j-jdk14 --- dependencies.md | 14 +++++++------- doc/changes/changes_2.9.12.md | 14 -------------- parent-pom/pom.xml | 2 +- 3 files changed, 8 insertions(+), 22 deletions(-) diff --git a/dependencies.md b/dependencies.md index 1572b882..9323297b 100644 --- a/dependencies.md +++ b/dependencies.md @@ -23,7 +23,7 @@ | [JUnit5 System Extensions][14] | [Eclipse Public License v2.0][5] | | [EqualsVerifier \| release normal jar][15] | [Apache License, Version 2.0][16] | | [mockito-core][17] | [The MIT License][18] | -| [SLF4J JDK14 Provider][19] | [MIT License][20] | +| [SLF4J JDK14 Binding][19] | [MIT License][20] | ### Plugin Dependencies @@ -78,7 +78,7 @@ | [mockito-junit-jupiter][17] | [The MIT License][18] | | [Maven Plugin Integration Testing][57] | [MIT License][58] | | [EqualsVerifier \| release normal jar][15] | [Apache License, Version 2.0][16] | -| [SLF4J JDK14 Provider][19] | [MIT License][20] | +| [SLF4J JDK14 Binding][19] | [MIT License][20] | ### Runtime Dependencies @@ -135,9 +135,9 @@ ### Runtime Dependencies -| Dependency | License | -| -------------------------- | ----------------- | -| [SLF4J JDK14 Provider][19] | [MIT License][20] | +| Dependency | License | +| ------------------------- | ----------------- | +| [SLF4J JDK14 Binding][19] | [MIT License][20] | ### Plugin Dependencies @@ -191,7 +191,7 @@ | [org.xmlunit:xmlunit-matchers][50] | [The Apache Software License, Version 2.0][27] | | [mockito-core][17] | [The MIT License][18] | | [Maven Plugin Integration Testing][57] | [MIT License][58] | -| [SLF4J JDK14 Provider][19] | [MIT License][20] | +| [SLF4J JDK14 Binding][19] | [MIT License][20] | | [JaCoCo :: Agent][67] | [Eclipse Public License 2.0][39] | ### Plugin Dependencies @@ -246,7 +246,7 @@ | [JUnit Jupiter Params][10] | [Eclipse Public License v2.0][11] | | [Hamcrest][12] | [BSD License 3][13] | | [org.xmlunit:xmlunit-matchers][50] | [The Apache Software License, Version 2.0][27] | -| [SLF4J JDK14 Provider][19] | [MIT License][20] | +| [SLF4J JDK14 Binding][19] | [MIT License][20] | | [mockito-core][17] | [The MIT License][18] | | [Maven Plugin Integration Testing][57] | [MIT License][58] | | [JaCoCo :: Agent][67] | [Eclipse Public License 2.0][39] | diff --git a/doc/changes/changes_2.9.12.md b/doc/changes/changes_2.9.12.md index 69d9aa88..8a056304 100644 --- a/doc/changes/changes_2.9.12.md +++ b/doc/changes/changes_2.9.12.md @@ -21,7 +21,6 @@ This release fixes vulnerability CVE-2023-4759 in dependency `org.eclipse.jgit:o #### Test Dependency Updates * Updated `nl.jqno.equalsverifier:equalsverifier:3.15.1` to `3.15.2` -* Updated `org.slf4j:slf4j-jdk14:1.7.36` to `2.0.9` ### Project Keeper Core @@ -37,7 +36,6 @@ This release fixes vulnerability CVE-2023-4759 in dependency `org.eclipse.jgit:o * Updated `com.exasol:project-keeper-shared-test-setup:2.9.11` to `2.9.12` * Updated `nl.jqno.equalsverifier:equalsverifier:3.15.1` to `3.15.2` -* Updated `org.slf4j:slf4j-jdk14:1.7.36` to `2.0.9` ### Project Keeper Command Line Interface @@ -45,10 +43,6 @@ This release fixes vulnerability CVE-2023-4759 in dependency `org.eclipse.jgit:o * Updated `com.exasol:project-keeper-core:2.9.11` to `2.9.12` -#### Runtime Dependency Updates - -* Updated `org.slf4j:slf4j-jdk14:1.7.36` to `2.0.9` - #### Test Dependency Updates * Updated `com.exasol:project-keeper-shared-test-setup:2.9.11` to `2.9.12` @@ -59,10 +53,6 @@ This release fixes vulnerability CVE-2023-4759 in dependency `org.eclipse.jgit:o * Updated `com.exasol:project-keeper-core:2.9.11` to `2.9.12` -#### Test Dependency Updates - -* Updated `org.slf4j:slf4j-jdk14:1.7.36` to `2.0.9` - ### Project Keeper Java Project Crawler #### Compile Dependency Updates @@ -70,10 +60,6 @@ This release fixes vulnerability CVE-2023-4759 in dependency `org.eclipse.jgit:o * Updated `com.exasol:project-keeper-shared-model-classes:2.9.11` to `2.9.12` * Updated `org.eclipse.jgit:org.eclipse.jgit:6.6.0.202305301015-r` to `6.7.0.202309050840-r` -#### Test Dependency Updates - -* Updated `org.slf4j:slf4j-jdk14:1.7.36` to `2.0.9` - ### Project Keeper Shared Test Setup #### Compile Dependency Updates diff --git a/parent-pom/pom.xml b/parent-pom/pom.xml index 70c5cc92..62616cc3 100644 --- a/parent-pom/pom.xml +++ b/parent-pom/pom.xml @@ -161,7 +161,7 @@ org.slf4j slf4j-jdk14 - 2.0.9 + 1.7.36 test From 5d954fc5d0f2d761722a4edfaad1b38b61b597f1 Mon Sep 17 00:00:00 2001 From: Christoph Pirkl Date: Mon, 25 Sep 2023 11:45:44 +0200 Subject: [PATCH 3/3] Update checkout action --- .github/workflows/broken_links_checker.yml | 6 +++--- .github/workflows/ci-build-next-java.yml | 6 +++--- .github/workflows/ci-build.yml | 2 +- .github/workflows/dependencies_check.yml | 8 ++++---- .../workflows/release_droid_prepare_original_checksum.yml | 2 +- .github/workflows/release_droid_print_quick_checksum.yml | 7 +++---- .../workflows/release_droid_release_on_maven_central.yml | 6 +++--- .../release_droid_upload_github_release_assets.yml | 8 ++++---- .github/workflows/test_linux_build_on_windows.yml | 4 ++-- .github/workflows/test_on_windows.yml | 2 +- README.md | 2 +- .../.github/workflows/project-keeper-verify.yml | 2 +- .../templates/.github/workflows/broken_links_checker.yml | 6 +++--- .../templates/.github/workflows/ci-build-native-build.yml | 2 +- .../templates/.github/workflows/ci-build-next-java.yml | 6 +++--- .../resources/templates/.github/workflows/ci-build.yml | 2 +- .../templates/.github/workflows/dependencies_check.yml | 8 ++++---- .../workflows/release_droid_prepare_original_checksum.yml | 2 +- .../workflows/release_droid_print_quick_checksum.yml | 7 +++---- .../workflows/release_droid_release_on_maven_central.yml | 8 ++++---- .../release_droid_upload_github_release_assets.yml | 8 ++++---- 21 files changed, 51 insertions(+), 53 deletions(-) diff --git a/.github/workflows/broken_links_checker.yml b/.github/workflows/broken_links_checker.yml index f2079ec3..82ec1cd5 100644 --- a/.github/workflows/broken_links_checker.yml +++ b/.github/workflows/broken_links_checker.yml @@ -15,7 +15,7 @@ jobs: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Configure broken links checker run: | mkdir -p ./target @@ -27,6 +27,6 @@ jobs: ']}' > ./target/broken_links_checker.json - uses: gaurav-nelson/github-action-markdown-link-check@v1 with: - use-quiet-mode: 'yes' - use-verbose-mode: 'yes' + use-quiet-mode: "yes" + use-verbose-mode: "yes" config-file: ./target/broken_links_checker.json diff --git a/.github/workflows/ci-build-next-java.yml b/.github/workflows/ci-build-next-java.yml index 6a1006c1..a17864e6 100644 --- a/.github/workflows/ci-build-next-java.yml +++ b/.github/workflows/ci-build-next-java.yml @@ -14,15 +14,15 @@ jobs: cancel-in-progress: true steps: - name: Checkout the repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up JDK 17 uses: actions/setup-java@v3 with: - distribution: 'temurin' + distribution: "temurin" java-version: 17 - cache: 'maven' + cache: "maven" - name: Run tests and build with Maven run: | mvn --batch-mode --update-snapshots clean package -DtrimStackTrace=false \ diff --git a/.github/workflows/ci-build.yml b/.github/workflows/ci-build.yml index b32c837f..e90f12fe 100644 --- a/.github/workflows/ci-build.yml +++ b/.github/workflows/ci-build.yml @@ -14,7 +14,7 @@ jobs: cancel-in-progress: true steps: - name: Checkout the repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up JDK 11 & 17 diff --git a/.github/workflows/dependencies_check.yml b/.github/workflows/dependencies_check.yml index 3eff2528..a210627f 100644 --- a/.github/workflows/dependencies_check.yml +++ b/.github/workflows/dependencies_check.yml @@ -9,14 +9,14 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set up JDK 11 uses: actions/setup-java@v3 with: - distribution: 'temurin' + distribution: "temurin" java-version: 11 - cache: 'maven' + cache: "maven" - name: Install Projects run: mvn --batch-mode install -DskipTests # This fixes https://github.com/exasol/project-keeper/issues/330 - name: Checking dependencies for vulnerabilities - run: mvn --batch-mode org.sonatype.ossindex.maven:ossindex-maven-plugin:audit -f pom.xml \ No newline at end of file + run: mvn --batch-mode org.sonatype.ossindex.maven:ossindex-maven-plugin:audit -f pom.xml diff --git a/.github/workflows/release_droid_prepare_original_checksum.yml b/.github/workflows/release_droid_prepare_original_checksum.yml index ebd3f770..21bd5133 100644 --- a/.github/workflows/release_droid_prepare_original_checksum.yml +++ b/.github/workflows/release_droid_prepare_original_checksum.yml @@ -8,7 +8,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up JDK 11 diff --git a/.github/workflows/release_droid_print_quick_checksum.yml b/.github/workflows/release_droid_print_quick_checksum.yml index 8add957f..aed44449 100644 --- a/.github/workflows/release_droid_print_quick_checksum.yml +++ b/.github/workflows/release_droid_print_quick_checksum.yml @@ -8,17 +8,16 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up JDK 11 uses: actions/setup-java@v3 with: - distribution: 'temurin' + distribution: "temurin" java-version: 11 - cache: 'maven' + cache: "maven" - name: Build with Maven skipping tests run: mvn --batch-mode clean verify -DskipTests - name: Print checksum run: echo 'checksum_start==';find target -maxdepth 1 -name *.jar -exec sha256sum "{}" + | xargs;echo '==checksum_end' - diff --git a/.github/workflows/release_droid_release_on_maven_central.yml b/.github/workflows/release_droid_release_on_maven_central.yml index 381848ef..84615a67 100644 --- a/.github/workflows/release_droid_release_on_maven_central.yml +++ b/.github/workflows/release_droid_release_on_maven_central.yml @@ -8,15 +8,15 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up Maven Central Repository uses: actions/setup-java@v3 with: - distribution: 'temurin' + distribution: "temurin" java-version: 11 - cache: 'maven' + cache: "maven" server-id: ossrh server-username: MAVEN_USERNAME server-password: MAVEN_PASSWORD diff --git a/.github/workflows/release_droid_upload_github_release_assets.yml b/.github/workflows/release_droid_upload_github_release_assets.yml index ba1f8f11..76f3c39f 100644 --- a/.github/workflows/release_droid_upload_github_release_assets.yml +++ b/.github/workflows/release_droid_upload_github_release_assets.yml @@ -4,7 +4,7 @@ on: workflow_dispatch: inputs: upload_url: - description: 'Assets upload URL' + description: "Assets upload URL" required: true jobs: @@ -12,15 +12,15 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up JDK 11 uses: actions/setup-java@v3 with: - distribution: 'temurin' + distribution: "temurin" java-version: 11 - cache: 'maven' + cache: "maven" - name: Build with Maven skipping tests run: mvn --batch-mode clean verify -DskipTests - name: Generate sha256sum files diff --git a/.github/workflows/test_linux_build_on_windows.yml b/.github/workflows/test_linux_build_on_windows.yml index d44510db..04656a7a 100644 --- a/.github/workflows/test_linux_build_on_windows.yml +++ b/.github/workflows/test_linux_build_on_windows.yml @@ -14,7 +14,7 @@ jobs: cancel-in-progress: true steps: - name: Checkout the repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up JDK 11 @@ -65,7 +65,7 @@ jobs: needs: build-on-linux steps: - name: Checkout the repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up JDK 11 diff --git a/.github/workflows/test_on_windows.yml b/.github/workflows/test_on_windows.yml index cfc14ce5..c81d4008 100644 --- a/.github/workflows/test_on_windows.yml +++ b/.github/workflows/test_on_windows.yml @@ -14,7 +14,7 @@ jobs: cancel-in-progress: true steps: - name: Checkout the repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up JDK 11 diff --git a/README.md b/README.md index 546dca4b..746e1e4a 100644 --- a/README.md +++ b/README.md @@ -234,7 +234,7 @@ For GitHub Actions you can solve this by adding `fetch-depth: 0` to the checkout ```yaml - name: Checkout the repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 ``` diff --git a/project-keeper/src/main/resources/non_maven_templates/.github/workflows/project-keeper-verify.yml b/project-keeper/src/main/resources/non_maven_templates/.github/workflows/project-keeper-verify.yml index 7b6fc025..64ecbda4 100644 --- a/project-keeper/src/main/resources/non_maven_templates/.github/workflows/project-keeper-verify.yml +++ b/project-keeper/src/main/resources/non_maven_templates/.github/workflows/project-keeper-verify.yml @@ -14,7 +14,7 @@ jobs: cancel-in-progress: true steps: - name: Checkout the repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 diff --git a/project-keeper/src/main/resources/templates/.github/workflows/broken_links_checker.yml b/project-keeper/src/main/resources/templates/.github/workflows/broken_links_checker.yml index f2079ec3..82ec1cd5 100644 --- a/project-keeper/src/main/resources/templates/.github/workflows/broken_links_checker.yml +++ b/project-keeper/src/main/resources/templates/.github/workflows/broken_links_checker.yml @@ -15,7 +15,7 @@ jobs: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Configure broken links checker run: | mkdir -p ./target @@ -27,6 +27,6 @@ jobs: ']}' > ./target/broken_links_checker.json - uses: gaurav-nelson/github-action-markdown-link-check@v1 with: - use-quiet-mode: 'yes' - use-verbose-mode: 'yes' + use-quiet-mode: "yes" + use-verbose-mode: "yes" config-file: ./target/broken_links_checker.json diff --git a/project-keeper/src/main/resources/templates/.github/workflows/ci-build-native-build.yml b/project-keeper/src/main/resources/templates/.github/workflows/ci-build-native-build.yml index 782deee7..26c4c106 100644 --- a/project-keeper/src/main/resources/templates/.github/workflows/ci-build-native-build.yml +++ b/project-keeper/src/main/resources/templates/.github/workflows/ci-build-native-build.yml @@ -21,7 +21,7 @@ jobs: sudo rm -rf /usr/local/lib/android sudo rm -rf /usr/share/dotnet - name: Checkout the repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - uses: graalvm/setup-graalvm@v1 diff --git a/project-keeper/src/main/resources/templates/.github/workflows/ci-build-next-java.yml b/project-keeper/src/main/resources/templates/.github/workflows/ci-build-next-java.yml index f336642c..b4c4b659 100644 --- a/project-keeper/src/main/resources/templates/.github/workflows/ci-build-next-java.yml +++ b/project-keeper/src/main/resources/templates/.github/workflows/ci-build-next-java.yml @@ -14,15 +14,15 @@ jobs: cancel-in-progress: true steps: - name: Checkout the repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up JDK 17 uses: actions/setup-java@v3 with: - distribution: 'temurin' + distribution: "temurin" java-version: 17 - cache: 'maven' + cache: "maven" - name: Run tests and build with Maven run: | mvn --batch-mode --update-snapshots clean package -DtrimStackTrace=false $skipNativeImage \ diff --git a/project-keeper/src/main/resources/templates/.github/workflows/ci-build.yml b/project-keeper/src/main/resources/templates/.github/workflows/ci-build.yml index 506e9d00..7c42d6dc 100644 --- a/project-keeper/src/main/resources/templates/.github/workflows/ci-build.yml +++ b/project-keeper/src/main/resources/templates/.github/workflows/ci-build.yml @@ -18,7 +18,7 @@ jobs: sudo rm -rf /usr/local/lib/android sudo rm -rf /usr/share/dotnet - name: Checkout the repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up JDK 11 & 17 diff --git a/project-keeper/src/main/resources/templates/.github/workflows/dependencies_check.yml b/project-keeper/src/main/resources/templates/.github/workflows/dependencies_check.yml index b2ab2316..3059964b 100644 --- a/project-keeper/src/main/resources/templates/.github/workflows/dependencies_check.yml +++ b/project-keeper/src/main/resources/templates/.github/workflows/dependencies_check.yml @@ -9,12 +9,12 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set up JDK 11 uses: actions/setup-java@v3 with: - distribution: 'temurin' + distribution: "temurin" java-version: 11 - cache: 'maven' + cache: "maven" - name: Checking dependencies for vulnerabilities - run: mvn --batch-mode org.sonatype.ossindex.maven:ossindex-maven-plugin:audit -f pom.xml \ No newline at end of file + run: mvn --batch-mode org.sonatype.ossindex.maven:ossindex-maven-plugin:audit -f pom.xml diff --git a/project-keeper/src/main/resources/templates/.github/workflows/release_droid_prepare_original_checksum.yml b/project-keeper/src/main/resources/templates/.github/workflows/release_droid_prepare_original_checksum.yml index 0e2d3e72..aa0f78f6 100644 --- a/project-keeper/src/main/resources/templates/.github/workflows/release_droid_prepare_original_checksum.yml +++ b/project-keeper/src/main/resources/templates/.github/workflows/release_droid_prepare_original_checksum.yml @@ -12,7 +12,7 @@ jobs: sudo rm -rf /usr/local/lib/android sudo rm -rf /usr/share/dotnet - name: Checkout the repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up JDK 11 diff --git a/project-keeper/src/main/resources/templates/.github/workflows/release_droid_print_quick_checksum.yml b/project-keeper/src/main/resources/templates/.github/workflows/release_droid_print_quick_checksum.yml index 8add957f..aed44449 100644 --- a/project-keeper/src/main/resources/templates/.github/workflows/release_droid_print_quick_checksum.yml +++ b/project-keeper/src/main/resources/templates/.github/workflows/release_droid_print_quick_checksum.yml @@ -8,17 +8,16 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up JDK 11 uses: actions/setup-java@v3 with: - distribution: 'temurin' + distribution: "temurin" java-version: 11 - cache: 'maven' + cache: "maven" - name: Build with Maven skipping tests run: mvn --batch-mode clean verify -DskipTests - name: Print checksum run: echo 'checksum_start==';find target -maxdepth 1 -name *.jar -exec sha256sum "{}" + | xargs;echo '==checksum_end' - diff --git a/project-keeper/src/main/resources/templates/.github/workflows/release_droid_release_on_maven_central.yml b/project-keeper/src/main/resources/templates/.github/workflows/release_droid_release_on_maven_central.yml index b4676072..dfdbd6a8 100644 --- a/project-keeper/src/main/resources/templates/.github/workflows/release_droid_release_on_maven_central.yml +++ b/project-keeper/src/main/resources/templates/.github/workflows/release_droid_release_on_maven_central.yml @@ -8,15 +8,15 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up Maven Central Repository uses: actions/setup-java@v3 with: - distribution: 'temurin' + distribution: "temurin" java-version: 11 - cache: 'maven' + cache: "maven" server-id: ossrh server-username: MAVEN_USERNAME server-password: MAVEN_PASSWORD @@ -27,4 +27,4 @@ jobs: env: MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }} MAVEN_PASSWORD: ${{ secrets.OSSRH_PASSWORD }} - MAVEN_GPG_PASSPHRASE: ${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }} \ No newline at end of file + MAVEN_GPG_PASSPHRASE: ${{ secrets.OSSRH_GPG_SECRET_KEY_PASSWORD }} diff --git a/project-keeper/src/main/resources/templates/.github/workflows/release_droid_upload_github_release_assets.yml b/project-keeper/src/main/resources/templates/.github/workflows/release_droid_upload_github_release_assets.yml index 7350fafd..7ae8bbb7 100644 --- a/project-keeper/src/main/resources/templates/.github/workflows/release_droid_upload_github_release_assets.yml +++ b/project-keeper/src/main/resources/templates/.github/workflows/release_droid_upload_github_release_assets.yml @@ -4,7 +4,7 @@ on: workflow_dispatch: inputs: upload_url: - description: 'Assets upload URL' + description: "Assets upload URL" required: true jobs: @@ -12,15 +12,15 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 - name: Set up JDK 11 uses: actions/setup-java@v3 with: - distribution: 'temurin' + distribution: "temurin" java-version: 11 - cache: 'maven' + cache: "maven" - name: Build with Maven skipping tests run: mvn --batch-mode clean verify -DskipTests - name: Generate sha256sum files