From ee1f8dec89a8d2e308fcef6585320a5e6fbd1a14 Mon Sep 17 00:00:00 2001 From: Anne Ferger Date: Thu, 21 Dec 2023 10:37:32 +0100 Subject: [PATCH 01/15] Update README.md with Zenodo DOI --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 4d3630c..1c5020b 100644 --- a/README.md +++ b/README.md @@ -7,6 +7,7 @@ [![fair-software.eu](https://img.shields.io/badge/fair--software.eu-%E2%97%8F%20%20%E2%97%8F%20%20%E2%97%8F%20%20%E2%97%8F%20%20%E2%97%8F-green)](https://fair-software.eu) [![OpenSSF Best Practices](https://bestpractices.coreinfrastructure.org/projects/6925/badge)](https://bestpractices.coreinfrastructure.org/projects/6925) [![NFDI4C Registry](https://img.shields.io/badge/NFDI4Culture%20Registry-64BEA0)](https://nfdi4culture.de/id/E4102) +[![DOI](https://zenodo.org/badge/375025034.svg)](https://zenodo.org/doi/10.5281/zenodo.8036581) ## Table of Contents From 16476ed16de0f85f1922b3960be56695e04ebec7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 25 Dec 2023 10:18:06 +0000 Subject: [PATCH 02/15] Bump org.owasp:dependency-check-maven from 9.0.1 to 9.0.7 Bumps [org.owasp:dependency-check-maven](https://github.com/jeremylong/DependencyCheck) from 9.0.1 to 9.0.7. - [Release notes](https://github.com/jeremylong/DependencyCheck/releases) - [Changelog](https://github.com/jeremylong/DependencyCheck/blob/main/CHANGELOG.md) - [Commits](https://github.com/jeremylong/DependencyCheck/compare/v9.0.1...v9.0.7) --- updated-dependencies: - dependency-name: org.owasp:dependency-check-maven dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index b3fd3aa..b73021b 100644 --- a/pom.xml +++ b/pom.xml @@ -172,7 +172,7 @@ org.owasp dependency-check-maven - 9.0.1 + 9.0.7 From fa79fdaa83b26e1ef4e9d427bf74789f28319b57 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 25 Dec 2023 10:18:10 +0000 Subject: [PATCH 03/15] Bump org.apache.maven.plugins:maven-compiler-plugin Bumps [org.apache.maven.plugins:maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) from 3.11.0 to 3.12.1. - [Release notes](https://github.com/apache/maven-compiler-plugin/releases) - [Commits](https://github.com/apache/maven-compiler-plugin/compare/maven-compiler-plugin-3.11.0...maven-compiler-plugin-3.12.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-compiler-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index b3fd3aa..b27cafe 100644 --- a/pom.xml +++ b/pom.xml @@ -142,7 +142,7 @@ org.apache.maven.plugins maven-compiler-plugin - 3.11.0 + 3.12.1 11 11 From a97b8d3ea69aa5fe8c21a807caa6a5ffdee8451e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 25 Dec 2023 10:18:12 +0000 Subject: [PATCH 04/15] Bump io.swagger.core.v3:swagger-jaxrs2 from 2.2.19 to 2.2.20 Bumps io.swagger.core.v3:swagger-jaxrs2 from 2.2.19 to 2.2.20. --- updated-dependencies: - dependency-name: io.swagger.core.v3:swagger-jaxrs2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index b3fd3aa..212aede 100644 --- a/pom.xml +++ b/pom.xml @@ -194,7 +194,7 @@ io.swagger.core.v3 swagger-jaxrs2 - 2.2.19 + 2.2.20 io.swagger.core.v3 From 42579e8e6af993b2c82c3981eb930486f2c10749 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 25 Dec 2023 10:18:14 +0000 Subject: [PATCH 05/15] Bump io.swagger.core.v3:swagger-jaxrs2-servlet-initializer-v2 Bumps io.swagger.core.v3:swagger-jaxrs2-servlet-initializer-v2 from 2.2.19 to 2.2.20. --- updated-dependencies: - dependency-name: io.swagger.core.v3:swagger-jaxrs2-servlet-initializer-v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index b3fd3aa..2948336 100644 --- a/pom.xml +++ b/pom.xml @@ -199,7 +199,7 @@ io.swagger.core.v3 swagger-jaxrs2-servlet-initializer-v2 - 2.2.19 + 2.2.20 javax.ws.rs From 8f142b6185f4ec625f6e5518f1eb0fcc94394eb2 Mon Sep 17 00:00:00 2001 From: Anne Ferger Date: Thu, 4 Jan 2024 09:36:39 +0100 Subject: [PATCH 06/15] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 1c5020b..aa4ba9c 100644 --- a/README.md +++ b/README.md @@ -145,7 +145,7 @@ The TEIGarage Java project can be built with Maven using `mvn -B package --file pom.xml` Readymade .war files can be downloaded from the [GitHub Action using nightly.link](https://nightly.link/TEIC/TEIGarage/workflows/maven_docker/main/artifact.zip). For the required Java version see: -https://github.com/TEIC/TEIGarage/blob/48726dd73a49b1c284d174dc68c26e6fe9cdb03d/.github/workflows/maven_docker.yml#L21. +https://github.com/TEIC/TEIGarage/blob/48726dd73a49b1c284d174dc68c26e6fe9cdb03d/.github/workflows/maven_docker.yml#L21 ## dependencies From 25c566558f64d3f810bbe538f177417b1201692e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Jan 2024 10:27:31 +0000 Subject: [PATCH 07/15] Bump org.owasp:dependency-check-maven from 9.0.7 to 9.0.8 Bumps [org.owasp:dependency-check-maven](https://github.com/jeremylong/DependencyCheck) from 9.0.7 to 9.0.8. - [Release notes](https://github.com/jeremylong/DependencyCheck/releases) - [Changelog](https://github.com/jeremylong/DependencyCheck/blob/main/CHANGELOG.md) - [Commits](https://github.com/jeremylong/DependencyCheck/compare/v9.0.7...v9.0.8) --- updated-dependencies: - dependency-name: org.owasp:dependency-check-maven dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 50bac6e..32b0bc6 100644 --- a/pom.xml +++ b/pom.xml @@ -172,7 +172,7 @@ org.owasp dependency-check-maven - 9.0.7 + 9.0.8 From ede1418d7488ec76f3798291329df4a3300a9f64 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 22 Jan 2024 10:18:10 +0000 Subject: [PATCH 08/15] Bump org.owasp:dependency-check-maven from 9.0.8 to 9.0.9 Bumps [org.owasp:dependency-check-maven](https://github.com/jeremylong/DependencyCheck) from 9.0.8 to 9.0.9. - [Release notes](https://github.com/jeremylong/DependencyCheck/releases) - [Changelog](https://github.com/jeremylong/DependencyCheck/blob/main/CHANGELOG.md) - [Commits](https://github.com/jeremylong/DependencyCheck/compare/v9.0.8...v9.0.9) --- updated-dependencies: - dependency-name: org.owasp:dependency-check-maven dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 32b0bc6..e0de417 100644 --- a/pom.xml +++ b/pom.xml @@ -172,7 +172,7 @@ org.owasp dependency-check-maven - 9.0.8 + 9.0.9 From 2944ad7725d41121cff521a693198338e0486e81 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 Mar 2024 10:39:53 +0000 Subject: [PATCH 09/15] Bump org.owasp:dependency-check-maven from 9.0.9 to 9.0.10 Bumps [org.owasp:dependency-check-maven](https://github.com/jeremylong/DependencyCheck) from 9.0.9 to 9.0.10. - [Release notes](https://github.com/jeremylong/DependencyCheck/releases) - [Changelog](https://github.com/jeremylong/DependencyCheck/blob/main/CHANGELOG.md) - [Commits](https://github.com/jeremylong/DependencyCheck/compare/v9.0.9...v9.0.10) --- updated-dependencies: - dependency-name: org.owasp:dependency-check-maven dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index e0de417..4c075b3 100644 --- a/pom.xml +++ b/pom.xml @@ -172,7 +172,7 @@ org.owasp dependency-check-maven - 9.0.9 + 9.0.10 From 04a0691c8531fb10ca71449bcda2baf4f101531d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 25 Mar 2024 10:17:52 +0000 Subject: [PATCH 10/15] Bump org.apache.maven.plugins:maven-compiler-plugin Bumps [org.apache.maven.plugins:maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) from 3.12.1 to 3.13.0. - [Release notes](https://github.com/apache/maven-compiler-plugin/releases) - [Commits](https://github.com/apache/maven-compiler-plugin/compare/maven-compiler-plugin-3.12.1...maven-compiler-plugin-3.13.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-compiler-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 4c075b3..69e2e0a 100644 --- a/pom.xml +++ b/pom.xml @@ -142,7 +142,7 @@ org.apache.maven.plugins maven-compiler-plugin - 3.12.1 + 3.13.0 11 11 From c31513f7116814ec6e13f07863883e80ec3afeeb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 25 Mar 2024 10:17:54 +0000 Subject: [PATCH 11/15] Bump io.swagger.core.v3:swagger-jaxrs2 from 2.2.20 to 2.2.21 Bumps io.swagger.core.v3:swagger-jaxrs2 from 2.2.20 to 2.2.21. --- updated-dependencies: - dependency-name: io.swagger.core.v3:swagger-jaxrs2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 4c075b3..118d47c 100644 --- a/pom.xml +++ b/pom.xml @@ -194,7 +194,7 @@ io.swagger.core.v3 swagger-jaxrs2 - 2.2.20 + 2.2.21 io.swagger.core.v3 From 142ea248336ef9bb0e21299d54700c6b7accbec7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 25 Mar 2024 10:17:57 +0000 Subject: [PATCH 12/15] Bump io.swagger.core.v3:swagger-jaxrs2-servlet-initializer-v2 Bumps io.swagger.core.v3:swagger-jaxrs2-servlet-initializer-v2 from 2.2.20 to 2.2.21. --- updated-dependencies: - dependency-name: io.swagger.core.v3:swagger-jaxrs2-servlet-initializer-v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 4c075b3..49ed05a 100644 --- a/pom.xml +++ b/pom.xml @@ -199,7 +199,7 @@ io.swagger.core.v3 swagger-jaxrs2-servlet-initializer-v2 - 2.2.20 + 2.2.21 javax.ws.rs From ca8b1140c624a132876a40c17ad2d587475d1a4c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Apr 2024 10:56:28 +0000 Subject: [PATCH 13/15] Bump org.owasp:dependency-check-maven from 9.0.10 to 9.1.0 Bumps [org.owasp:dependency-check-maven](https://github.com/jeremylong/DependencyCheck) from 9.0.10 to 9.1.0. - [Release notes](https://github.com/jeremylong/DependencyCheck/releases) - [Changelog](https://github.com/jeremylong/DependencyCheck/blob/main/CHANGELOG.md) - [Commits](https://github.com/jeremylong/DependencyCheck/compare/v9.0.10...v9.1.0) --- updated-dependencies: - dependency-name: org.owasp:dependency-check-maven dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 4c075b3..d3e1ca6 100644 --- a/pom.xml +++ b/pom.xml @@ -172,7 +172,7 @@ org.owasp dependency-check-maven - 9.0.10 + 9.1.0 From d894cfd6a93fbbe9cf19789d79ddbacc090feae2 Mon Sep 17 00:00:00 2001 From: Anne Ferger Date: Wed, 10 Apr 2024 14:16:35 +0200 Subject: [PATCH 14/15] Update maven_docker.yml --- .github/workflows/maven_docker.yml | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/maven_docker.yml b/.github/workflows/maven_docker.yml index b26600d..71f7eae 100644 --- a/.github/workflows/maven_docker.yml +++ b/.github/workflows/maven_docker.yml @@ -14,14 +14,14 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set up JDK 11 - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: java-version: '11' distribution: 'adopt' - name: maven-settings - uses: s4u/maven-settings-action@v2.7.0 + uses: s4u/maven-settings-action@v3.0.0 with: servers: '[{"id": "edirom", "username": "${github.actor}", "password": "${GITHUB_TOKEN}"},{"id": "teic", "username": "${github.actor}", "password": "${GITHUB_TOKEN}"}]' - name: Build with Maven @@ -29,7 +29,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: mvn clean package --file pom.xml - name: Upload Maven build artifact - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: artifact path: /home/runner/work/TEIGarage/TEIGarage/target/teigarage.war @@ -41,10 +41,10 @@ jobs: if: ${{ github.event_name != 'pull_request' }} steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Download artifact - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 with: name: artifact path: artifact/ @@ -56,7 +56,7 @@ jobs: # use the current user to log into the # GitHub container registry - name: Log in to GitHub Container registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} @@ -64,7 +64,7 @@ jobs: # Login against DockerHub registry - name: Log in to DockerHub - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: username: ${{ secrets.PETERS_DOCKERHUB_USERNAME }} password: ${{ secrets.PETERS_DOCKERHUB_TOKEN }} @@ -73,7 +73,7 @@ jobs: # https://github.com/docker/metadata-action - name: Extract Docker metadata id: meta - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 with: images: | ghcr.io/teic/teigarage @@ -84,7 +84,7 @@ jobs: # Build and push Docker image with Buildx (don't push on PR) # https://github.com/docker/build-push-action - name: Build and push Docker image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v5 with: context: . push: ${{ github.event_name != 'pull_request' }} @@ -94,7 +94,7 @@ jobs: BUILDTYPE=github # Use current README for DockerHub description - name: Update repo description - uses: peter-evans/dockerhub-description@v3 + uses: peter-evans/dockerhub-description@v4 with: username: ${{ secrets.PETERS_DOCKERHUB_USERNAME }} password: ${{ secrets.PETERS_DOCKERHUB_TOKEN }} From d1bb047f3d57899f3e48aba68d7728f8da45d36a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Apr 2024 10:07:44 +0000 Subject: [PATCH 15/15] Bump org.apache.maven.plugins:maven-pmd-plugin from 3.21.2 to 3.22.0 Bumps [org.apache.maven.plugins:maven-pmd-plugin](https://github.com/apache/maven-pmd-plugin) from 3.21.2 to 3.22.0. - [Release notes](https://github.com/apache/maven-pmd-plugin/releases) - [Commits](https://github.com/apache/maven-pmd-plugin/compare/maven-pmd-plugin-3.21.2...maven-pmd-plugin-3.22.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-pmd-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 1b894ae..2a13d37 100644 --- a/pom.xml +++ b/pom.xml @@ -162,7 +162,7 @@ org.apache.maven.plugins maven-pmd-plugin - 3.21.2 + 3.22.0 false true