Skip to content

apache/ofbiz-framework

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

29,583 Commits
.devcontainer
.devcontainer
 
 
.github
.github
 
 
applications
applications
 
 
buildSrc
buildSrc
 
 
config
config
 
 
docker
docker
 
 
docs/asciidoc
docs/asciidoc
 
 
framework
framework
 
 
gradle
gradle
 
 
lib
lib
 
 
runtime
runtime
 
 
spotbugs
spotbugs
 
 
themes
themes
 
 
.asf.yaml
.asf.yaml
 
 
.dockerignore
.dockerignore
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
.hgignore
.hgignore
 
 
.pre-commit-config.yaml
.pre-commit-config.yaml
 
 
.xmlcatalog.xml
.xmlcatalog.xml
 
 
APACHE2_HEADER
APACHE2_HEADER
 
 
CONTRIBUTING.adoc
CONTRIBUTING.adoc
 
 
DOCKER.adoc
DOCKER.adoc
 
 
Dockerfile
Dockerfile
 
 
INSTALL
INSTALL
 
 
LICENSE
LICENSE
 
 
NOTICE
NOTICE
 
 
OFBiz-Online-Documentation.adoc
OFBiz-Online-Documentation.adoc
 
 
OPTIONAL_LIBRARIES
OPTIONAL_LIBRARIES
 
 
README.adoc
README.adoc
 
 
SECURITY.md
SECURITY.md
 
 
VERSION
VERSION
 
 
build.gradle
build.gradle
 
 
common.gradle
common.gradle
 
 
dependencies.gradle
dependencies.gradle
 
 
gradle.properties
gradle.properties
 
 
gradlew
gradlew
 
 
gradlew.bat
gradlew.bat
 
 
init-gradle-wrapper.bat
init-gradle-wrapper.bat
 
 
pullAllPluginsSource.bat
pullAllPluginsSource.bat
 
 
pullAllPluginsSource.sh
pullAllPluginsSource.sh
 
 
pullPluginSource.bat
pullPluginSource.bat
 
 
pullPluginSource.sh
pullPluginSource.sh
 
 
settings.gradle
settings.gradle
 
 

Repository files navigation

GitHub CI/CD Configuration

Workflows

  • gradle.yaml
    Build and checks (style, Javadoc)
    → Trigger: push / PR on trunk and release*

  • codeql-analysis.yml
    Security analysis (Java + JavaScript)
    → Trigger: push / PR + weekly on trunk and release*

  • docker-image.yaml
    Build and push images to ghcr.io/apache/ofbiz
    → Trigger: push on trunk / release* + tags

  • dependency-review.yml
    Vulnerability scanning for dependencies in PRs
    → Trigger: all PRs

  • scorecard.yml
    OpenSSF security scorecard
    → Trigger: trunk + weekly

Workflow behavior

  • push → uses the workflow from the target branch
  • pull_request → uses the workflow from the source branch
  • schedule → always uses trunk

Workflows are maintained on all branches (trunk and release*) using the same triggers.

New branches inherit workflow files from trunk at creation time.

scorecard.yml runs only on trunk (default branch).

Dependabot

Read only from trunk.

Updates:

  • GitHub Actions
  • Docker base images
  • NPM (themes/common-theme/.../js)

Each ecosystem includes:

  • one configuration for trunk
  • one configuration for each release* branch

New release branch checklist

Before creating a new release branch from trunk, update dependabot.yml (on trunk) by adding a target-branch entry for:

  • npm
  • github-actions
  • docker

Then create the release branch.

Dependabot will automatically keep the new branch up to date.

About

Apache OFBiz is an open source product for the automation of enterprise processes. It includes framework components and business applications for ERP, CRM, E-Business/E-Commerce, Supply Chain Management and Manufacturing Resource Planning. OFBiz provides a foundation and starting point for reliable, secure and scalable enterprise solutions.

ofbiz.apache.org/

Topics

javascript java content groovy database xml https geospatial plugins web-framework network-server hacktoberfest ofbiz

Resources

Readme

License

Apache-2.0 license

Code of conduct

Code of conduct

Contributing

Contributing

Security policy

Security policy
Activity
Custom properties

Stars

1k stars

Watchers

85 watching

Forks

649 forks
Report repository

Releases

24 tags

Packages

 
 
 

Contributors

Languages