diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..273fff0 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,11 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file + +version: 2 +updates: + - package-ecosystem: "maven" # See documentation for possible values + directory: "/" # Location of package manifests + schedule: + interval: "weekly" diff --git a/.github/workflows/maven_docker.yml b/.github/workflows/maven_docker.yml index 2c7bae8..906f91d 100644 --- a/.github/workflows/maven_docker.yml +++ b/.github/workflows/maven_docker.yml @@ -14,14 +14,14 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set up JDK 11 - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: java-version: '11' distribution: 'adopt' - name: maven-settings - uses: s4u/maven-settings-action@v2.7.0 + uses: s4u/maven-settings-action@v3.0.0 with: servers: '[{"id": "edirom", "username": "${github.actor}", "password": "${GITHUB_TOKEN}"},{"id": "teic", "username": "${github.actor}", "password": "${GITHUB_TOKEN}"}]' - name: Build with Maven @@ -29,7 +29,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: mvn clean package --file pom.xml - name: Upload Maven build artifact - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: artifact path: /home/runner/work/MEIGarage/MEIGarage/target/meigarage.war @@ -41,10 +41,10 @@ jobs: if: ${{ github.event_name != 'pull_request' }} steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Download artifact - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 with: name: artifact path: artifact/ @@ -52,7 +52,7 @@ jobs: # use the current user to log into the # GitHub container registry - name: Log in to GitHub Container registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} @@ -60,7 +60,7 @@ jobs: # Login against DockerHub registry - name: Log in to DockerHub - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: username: vifebot password: ${{ secrets.VIFEBOT_DOCKERHUB_TOKEN }} @@ -69,7 +69,7 @@ jobs: # https://github.com/docker/metadata-action - name: Extract Docker metadata id: meta - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 with: images: | ghcr.io/edirom/meigarage @@ -80,7 +80,7 @@ jobs: # Build and push Docker image with Buildx (don't push on PR) # https://github.com/docker/build-push-action - name: Build and push Docker image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v5 with: context: . push: ${{ github.event_name != 'pull_request' }} @@ -90,7 +90,7 @@ jobs: BUILDTYPE=github # Use current README for DockerHub description - name: Update repo description - uses: peter-evans/dockerhub-description@v3 + uses: peter-evans/dockerhub-description@v4 with: username: vifebot password: ${{ secrets.VIFEBOT_DOCKERHUB_TOKEN }} diff --git a/Dockerfile b/Dockerfile index f407dbd..6cdf49d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -54,14 +54,10 @@ ADD https://github.com/Edirom/lilypond-converter/raw/main/required.sh /tmp/requ RUN chmod a+x /tmp/required-lilypond-converter.sh \ && /tmp/required-lilypond-converter.sh --batch -# clone and run -RUN git clone --depth 1 -b master https://github.com/rism-digital/verovio /tmp/verovio \ - && cd /tmp/verovio/tools \ - && cmake ../cmake \ - && make -j 8 \ - && make install \ - && cp /tmp/verovio/fonts/Leipzig/Leipzig.ttf /usr/local/share/fonts/ \ - && fc-cache +# install verovio-converter dependencies +ADD https://github.com/Edirom/verovio-converter/raw/main/required.sh /tmp/required-verovio-converter.sh +RUN chmod a+x /tmp/required-verovio-converter.sh \ + && /tmp/required-verovio-converter.sh --batch # entrypoint script COPY docker-entrypoint.sh /my-docker-entrypoint.sh @@ -135,6 +131,8 @@ RUN if [ "$VERSION_ODD" = "latest" ] ; then \ # && rm -r /tmp/encoding #clone the latest version of https://github.com/music-encoding/encoding-tools/ RUN git clone --depth 1 -b main https://github.com/music-encoding/encoding-tools /tmp/encoding \ + && cd /tmp/encoding \ + && git rev-parse HEAD > /tmp/encoding/GITHASH \ && mkdir -p ${MEI_SOURCES_HOME}/music-stylesheets/encoding-tools \ && cp -r /tmp/encoding/* ${MEI_SOURCES_HOME}/music-stylesheets/encoding-tools \ && rm -r /tmp/encoding @@ -207,7 +205,7 @@ RUN curl -s -L -o /tmp/mei200.zip https://github.com/music-encoding/music-encodi && git rev-parse HEAD > /tmp/meidev/GITHASH \ && mkdir -p ${MEI_SOURCES_HOME}/music-encoding/meidev \ && cp -r /tmp/meidev/* ${MEI_SOURCES_HOME}/music-encoding/meidev \ - && curl -s -L -o ${MEI_SOURCES_HOME}/music-encoding/meidev/source/mei-source_canonicalized.xml https://raw.githubusercontent.com/music-encoding/schema/main/dev/mei-source_canonicalized.xml \ + && curl -s -L -o ${MEI_SOURCES_HOME}/music-encoding/meidev/source/mei-source_canonicalized.xml https://raw.githubusercontent.com/music-encoding/schema/main/dev/mei-source_canonicalized_v5.1-dev.xml \ && rm -r /tmp/meidev #https://github.com/Edirom/data-configuration - no releases, clone most recent version in dev branch and move to correct folder diff --git a/log4j.xml b/log4j.xml index a4fb7cc..76e9205 100644 --- a/log4j.xml +++ b/log4j.xml @@ -6,12 +6,10 @@ + pattern="%%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p - %m%n" /> - - %m%n - + @@ -24,6 +22,9 @@ + + + diff --git a/pom.xml b/pom.xml index 71940c3..3aa2b13 100644 --- a/pom.xml +++ b/pom.xml @@ -142,7 +142,7 @@ org.apache.maven.plugins maven-compiler-plugin - 3.10.1 + 3.13.0 11 11 @@ -159,6 +159,28 @@ ${project.artifactId}-${project.version} --> + + org.apache.maven.plugins + maven-pmd-plugin + 3.23.0 + + false + true + false + + + + org.owasp + dependency-check-maven + 9.2.0 + + + + check + + + + @@ -172,22 +194,22 @@ io.swagger.core.v3 swagger-jaxrs2 - 2.2.0 + 2.2.22 io.swagger.core.v3 swagger-jaxrs2-servlet-initializer-v2 - 2.2.0 + 2.2.22 javax.ws.rs javax.ws.rs-api - 2.1 + 2.1.1 pl.psnc.dl.ege ege-framework - 0.5.3 + 0.5.6 compile diff --git a/src/main/java/pl/psnc/dl/ege/webapp/servlet/InfoServlet.java b/src/main/java/pl/psnc/dl/ege/webapp/servlet/InfoServlet.java index afa8816..4dd01af 100644 --- a/src/main/java/pl/psnc/dl/ege/webapp/servlet/InfoServlet.java +++ b/src/main/java/pl/psnc/dl/ege/webapp/servlet/InfoServlet.java @@ -6,6 +6,8 @@ import io.swagger.v3.oas.annotations.media.Content; import io.swagger.v3.oas.annotations.responses.ApiResponse; import io.swagger.v3.oas.annotations.tags.Tag; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; import pl.psnc.dl.ege.webapp.servlethelpers.Info; import javax.servlet.ServletException; @@ -39,7 +41,7 @@ public class InfoServlet extends HttpServlet { }) public void doGet(@Parameter(hidden = true) HttpServletRequest request, @Parameter(hidden = true) HttpServletResponse response) throws IOException, ServletException { - info.doGetHelper(request, response, this); + info.doGetHelper(request, response, this); } }