Compare commits

...

10 commits

Author SHA1 Message Date
c7ded6a2ba Put graphviz build plugin behind a profile
Allows normal builds to run without needing to have the GraphViz package installed.
2022-12-04 08:22:01 +00:00
0fa0ed9658 Switch to sr.ht build 2022-12-03 12:17:53 +00:00
dependabot[bot]
8c5c84c1d8 Bump mockito-junit-jupiter from 3.7.7 to 4.9.0
Bumps [mockito-junit-jupiter](https://github.com/mockito/mockito) from 3.7.7 to 4.9.0.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v3.7.7...v4.9.0)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-junit-jupiter
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

commit-id:f51414f2
2022-12-03 12:08:17 +00:00
dependabot[bot]
c28b07f33d Bump junit-jupiter from 5.7.0 to 5.9.1
Bumps [junit-jupiter](https://github.com/junit-team/junit5) from 5.7.0 to 5.9.1.
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](https://github.com/junit-team/junit5/compare/r5.7.0...r5.9.1)

---
updated-dependencies:
- dependency-name: org.junit.jupiter:junit-jupiter
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

commit-id:99dd0686
2022-12-03 12:03:13 +00:00
dependabot[bot]
e2b15abff0 Bump lombok from 1.18.16 to 1.18.24
Bumps [lombok](https://github.com/projectlombok/lombok) from 1.18.16 to 1.18.24.
- [Release notes](https://github.com/projectlombok/lombok/releases)
- [Changelog](https://github.com/projectlombok/lombok/blob/master/doc/changelog.markdown)
- [Commits](https://github.com/projectlombok/lombok/compare/v1.18.16...v1.18.24)

---
updated-dependencies:
- dependency-name: org.projectlombok:lombok
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

commit-id:82821765
2022-12-03 12:00:45 +00:00
dependabot[bot]
2b73ba25da Bump picocli from 4.5.2 to 4.7.0
Bumps [picocli](https://github.com/remkop/picocli) from 4.5.2 to 4.7.0.
- [Release notes](https://github.com/remkop/picocli/releases)
- [Changelog](https://github.com/remkop/picocli/blob/main/RELEASE-NOTES.md)
- [Commits](https://github.com/remkop/picocli/compare/v4.5.2...v4.7.0)

---
updated-dependencies:
- dependency-name: info.picocli:picocli
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

commit-id:fcc25a5d
2022-12-03 11:48:22 +00:00
dependabot[bot]
9e9844d35b Bump maven-assembly-plugin from 3.3.0 to 3.4.2
Bumps [maven-assembly-plugin](https://github.com/apache/maven-assembly-plugin) from 3.3.0 to 3.4.2.
- [Release notes](https://github.com/apache/maven-assembly-plugin/releases)
- [Commits](https://github.com/apache/maven-assembly-plugin/compare/maven-assembly-plugin-3.3.0...maven-assembly-plugin-3.4.2)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-assembly-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

commit-id:39648907
2022-12-03 11:48:22 +00:00
dependabot[bot]
7a498a6cb0 Bump assertj-core from 3.19.0 to 3.23.1
Bumps [assertj-core](https://github.com/assertj/assertj-core) from 3.19.0 to 3.23.1.
- [Release notes](https://github.com/assertj/assertj-core/releases)
- [Commits](https://github.com/assertj/assertj-core/compare/assertj-core-3.19.0...assertj-core-3.23.1)

---
updated-dependencies:
- dependency-name: org.assertj:assertj-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

commit-id:65198f91
2022-12-03 11:45:48 +00:00
Snyk bot
82faee5761
fix: storage-aws/pom.xml to reduce vulnerabilities (#626)
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-2326698
2021-12-29 11:38:52 +00:00
dependabot[bot]
c08ab5964c
Bump kemitix-aws-java-sdk-s3-wrapper from 1.11.938 to 1.11.947 (#562)
Bumps kemitix-aws-java-sdk-s3-wrapper from 1.11.938 to 1.11.947.

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-14 22:27:35 +00:00
16 changed files with 46 additions and 289 deletions

8
.build.yml Normal file
View file

@ -0,0 +1,8 @@
image: ubuntu/lts
packages:
- openjdk-17-jdk-headless
- maven
tasks:
- build: |
cd thorp
mvn -B install

View file

@ -1,41 +0,0 @@
* Deploying using Github Actions
** Actions definition: workflow/sonatype-deploy.yml
When a GitHub Release is created, usually from a tag, this action will trigger.
Using JDK8 the software will be packaged, including running any tests.
Then the Deploy script will sign the created artifacts then deploy them according to the distributionManagement configuration in the `pom.xml`.
** Deploy Script
Uses a signing key provided from the GitHub Actions Secrets as an environment variable to sign the artifact(s) before they are then deployed.
*** Inputs
**** DEPLOY_PROJECTS (optional)
An optional list of modules in a multi-module project to be deployed. If this value is not specified, then all projects will be deployed.
** Maven Configuration
Picks up the credentials from Environment variables for authenticating both with GPG and with the target deployment server (e.g. sonatype-nexus).
*** Inputs
**** NEXUS_USERNAME
The username for your account on the deployment server.
**** NEXUS_PASSWORD
The password for your account on the deployement server.
**** GPG_KEYNAME
The key to use when signing.
**** GPG_PASSPHRASE
The passphrase to unlock the key to use when signing.

53
.github/NOTES vendored
View file

@ -1,53 +0,0 @@
Add subkeys:
????
Publish:
gpg --send-keys --keyserver keyserver.ubuntu.com $KEYID
gpg --send-keys --keyserver pgp.mit.edu $KEYID
gpg --send-keys --keyserver pool.sks-keyservers.net $KEYID
Backup:
gpg --export --armor pcampbell@kemitix.net > gpg-key-backup.asc
gpg --export-secret-keys --armor pcampbell@kemitix.net >> gpg-key-backup.asc
Export sub-keys:
gpg --export-secret-subkeys pcampbell@kemitix.net > subkeys
Remove master keys:
gpg --delete-secret-key pcampbell@kemitix.net
Import sub-keys and clean up:
gpg --import subkeys
shred --remove subkeys
Delete any encryption subkeys:
gpg --edit-key pcampbell@kemitix.net
2
delkey
save
Change passphrase:
gpg --edit-key pcampbell@kemitix.net
passwd
save
Export keys:
gpg --export --armor pcampbell@kemitix.net > codesigning.asc
gpg --export-secret-keys --armor pcampbell@kemitix.net >> codesigning.asc
Encrypt keys:
gpg --symmetric --cipher-algo AES256 codesigning.asc
shred codesigning.asc

Binary file not shown.

View file

@ -1,7 +0,0 @@
version: 2
updates:
- package-ecosystem: maven
directory: "/"
schedule:
interval: daily
open-pull-requests-limit: 10

View file

@ -1,34 +0,0 @@
name-template: 'v$RESOLVED_VERSION 🌈'
tag-template: 'v$RESOLVED_VERSION'
categories:
- title: '🚀 Features'
labels:
- 'feature'
- 'enhancement'
- title: '🐛 Bug Fixes'
labels:
- 'fix'
- 'bugfix'
- 'bug'
- title: '🧰 Maintenance'
labels:
- 'chore'
- 'dependencies'
change-template: '- $TITLE @$AUTHOR (#$NUMBER)'
version-resolver:
major:
labels:
- 'major'
minor:
labels:
- 'minor'
patch:
labels:
- 'patch'
default: patch
exclude-labels:
- 'skip-changelog'
template: |
## Changes
$CHANGES

28
.github/settings.xml vendored
View file

@ -1,28 +0,0 @@
<?xml version="1.0" encoding="UTF-8" ?>
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0">
<servers>
<server>
<id>sonatype-nexus-snapshots</id>
<username>${env.NEXUS_USERNAME}</username>
<password>${env.NEXUS_PASSWORD}</password>
</server>
<server>
<id>sonatype-nexus-staging</id>
<username>${env.NEXUS_USERNAME}</username>
<password>${env.NEXUS_PASSWORD}</password>
</server>
</servers>
<profiles>
<profile>
<id>gpg-sign</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<properties>
<gpg.executable>gpg</gpg.executable>
<gpg.keyname>${env.GPG_KEYNAME}</gpg.keyname>
<gpg.passphrase>${env.GPG_PASSPHRASE}</gpg.passphrase>
</properties>
</profile>
</profiles>
</settings>

17
.github/stale.yaml vendored
View file

@ -1,17 +0,0 @@
# Number of days of inactivity before an issue becomes stale
daysUntilStale: 60
# Number of days of inactivity before a stale issue is closed
daysUntilClose: 7
# Issues with these labels will never be considered stale
exemptLabels:
- pinned
- security
# Label to use when marking an issue as stale
staleLabel: wontfix
# Comment to post when marking an issue as stale. Set to `false` to disable
markComment: >
This issue has been automatically marked as stale because it has not had
recent activity. It will be closed if no further activity occurs. Thank you
for your contributions.
# Comment to post when closing a stale issue. Set to `false` to disable
closeComment: false

View file

@ -1,23 +0,0 @@
name: maven-build
on:
push:
branches: '*'
pull_request:
branches: '*'
jobs:
build:
runs-on: ubuntu-latest
strategy:
matrix:
java: [ 8, 11, 14 ]
steps:
- uses: kamiazya/setup-graphviz@v1
- uses: actions/checkout@v2
- name: setup-jdk-${{ matrix.java }}
uses: actions/setup-java@v1
with:
java-version: ${{ matrix.java }}
- name: build-jar
run: mvn -B install

View file

@ -1,40 +0,0 @@
name: sonatype-deploy
on:
push:
tags:
- "v*"
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: kamiazya/setup-graphviz@v1
- uses: actions/checkout@v2
- name: Set up JDK
uses: actions/setup-java@v1
with:
java-version: 8
- name: Build with Maven
run: mvn -B install
- name: Nexus Repo Publish
run: |
gpg --quiet \
--batch \
--yes \
--decrypt \
--passphrase="${{ secrets.GPG_PASSPHRASE }}" \
--output codesigning.asc \
.github/codesigning.asc.gpg
gpg --batch \
--fast-import codesigning.asc
mvn --settings .github/settings.xml \
-Dskip-Tests=true \
-P release \
-B \
deploy
env:
NEXUS_USERNAME: ${{ secrets.NEXUS_USERNAME }}
NEXUS_PASSWORD: ${{ secrets.NEXUS_PASSWORD }}
GPG_KEYNAME: ${{ secrets.GPG_KEYNAME }}
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}

View file

@ -1,14 +0,0 @@
name: draft-release
on:
push:
branches:
- master
jobs:
update_draft_release:
runs-on: ubuntu-latest
steps:
- uses: release-drafter/release-drafter@v5.11.0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

View file

@ -52,7 +52,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-assembly-plugin</artifactId>
<version>3.3.0</version>
<version>3.4.2</version>
<configuration>
<descriptorRefs>
<descriptorRef>jar-with-dependencies</descriptorRef>

View file

@ -16,7 +16,7 @@
<dependency>
<groupId>info.picocli</groupId>
<artifactId>picocli</artifactId>
<version>4.5.2</version>
<version>4.7.0</version>
</dependency>
<!-- lombok -->

View file

@ -18,11 +18,11 @@
<properties>
<tiles-maven-plugin.version>2.18</tiles-maven-plugin.version>
<kemitix-maven-tiles.version>2.7.0</kemitix-maven-tiles.version>
<lombok.version>1.18.16</lombok.version>
<lombok.version>1.18.24</lombok.version>
<mon.version>2.2.0</mon.version>
<junit.version>5.7.0</junit.version>
<assertj.version>3.19.0</assertj.version>
<mockito.version>3.7.7</mockito.version>
<junit.version>5.9.1</junit.version>
<assertj.version>3.23.1</assertj.version>
<mockito.version>4.9.0</mockito.version>
</properties>
<dependencyManagement>

View file

@ -24,6 +24,10 @@
<maven-graph-plugin.version>1.45</maven-graph-plugin.version>
</properties>
<profiles>
<profile>
<id>graphviz</id>
<!-- mvn -B -P graphviz validate -->
<build>
<plugins>
<plugin>
@ -49,5 +53,7 @@
</plugin>
</plugins>
</build>
</profile>
</profiles>
</project>

View file

@ -58,7 +58,7 @@
<dependency>
<groupId>net.kemitix.aws</groupId>
<artifactId>kemitix-aws-java-sdk-s3-wrapper</artifactId>
<version>1.11.938</version>
<version>1.12.131</version>
</dependency>
<dependency>
<groupId>javax.xml.bind</groupId>