From 97a5c76676766bf949b32600248001b96ccc0de7 Mon Sep 17 00:00:00 2001 From: Anne Ferger Date: Tue, 2 Apr 2024 09:07:08 +0200 Subject: [PATCH 01/16] Create dependabot.yml --- .github/dependabot.yml | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..273fff0 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,11 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file + +version: 2 +updates: + - package-ecosystem: "maven" # See documentation for possible values + directory: "/" # Location of package manifests + schedule: + interval: "weekly" From 3739a935079cf5a1ab552990a8263e159952203f Mon Sep 17 00:00:00 2001 From: Anne Ferger Date: Tue, 2 Apr 2024 09:18:18 +0200 Subject: [PATCH 02/16] updated dependencies --- pom.xml | 30 ++++++++++++++++++++++++++---- 1 file changed, 26 insertions(+), 4 deletions(-) diff --git a/pom.xml b/pom.xml index 71940c3..9173b09 100644 --- a/pom.xml +++ b/pom.xml @@ -142,7 +142,7 @@ org.apache.maven.plugins maven-compiler-plugin - 3.10.1 + 3.13.0 11 11 @@ -159,6 +159,28 @@ ${project.artifactId}-${project.version} --> + + org.apache.maven.plugins + maven-pmd-plugin + 3.21.2 + + false + true + false + + + + org.owasp + dependency-check-maven + 9.1.0 + + + + check + + + + @@ -172,17 +194,17 @@ io.swagger.core.v3 swagger-jaxrs2 - 2.2.0 + 2.2.21 io.swagger.core.v3 swagger-jaxrs2-servlet-initializer-v2 - 2.2.0 + 2.2.21 javax.ws.rs javax.ws.rs-api - 2.1 + 2.1.1 pl.psnc.dl.ege From 2599bab13cacd28c915d68c484eb994efc1d368c Mon Sep 17 00:00:00 2001 From: Anne Ferger Date: Wed, 10 Apr 2024 14:00:34 +0200 Subject: [PATCH 03/16] Update maven_docker.yml --- .github/workflows/maven_docker.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/maven_docker.yml b/.github/workflows/maven_docker.yml index 2c7bae8..1545bff 100644 --- a/.github/workflows/maven_docker.yml +++ b/.github/workflows/maven_docker.yml @@ -14,14 +14,14 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set up JDK 11 - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: java-version: '11' distribution: 'adopt' - name: maven-settings - uses: s4u/maven-settings-action@v2.7.0 + uses: s4u/maven-settings-action@v3.0.0 with: servers: '[{"id": "edirom", "username": "${github.actor}", "password": "${GITHUB_TOKEN}"},{"id": "teic", "username": "${github.actor}", "password": "${GITHUB_TOKEN}"}]' - name: Build with Maven @@ -29,7 +29,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: mvn clean package --file pom.xml - name: Upload Maven build artifact - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: artifact path: /home/runner/work/MEIGarage/MEIGarage/target/meigarage.war @@ -41,7 +41,7 @@ jobs: if: ${{ github.event_name != 'pull_request' }} steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Download artifact uses: actions/download-artifact@v3 From 0b1a86b4975880826627abdaf5a3faa825f55398 Mon Sep 17 00:00:00 2001 From: Anne Ferger Date: Wed, 10 Apr 2024 14:06:09 +0200 Subject: [PATCH 04/16] Update maven_docker.yml --- .github/workflows/maven_docker.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/maven_docker.yml b/.github/workflows/maven_docker.yml index 1545bff..906f91d 100644 --- a/.github/workflows/maven_docker.yml +++ b/.github/workflows/maven_docker.yml @@ -44,7 +44,7 @@ jobs: uses: actions/checkout@v4 - name: Download artifact - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v4 with: name: artifact path: artifact/ @@ -52,7 +52,7 @@ jobs: # use the current user to log into the # GitHub container registry - name: Log in to GitHub Container registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} @@ -60,7 +60,7 @@ jobs: # Login against DockerHub registry - name: Log in to DockerHub - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: username: vifebot password: ${{ secrets.VIFEBOT_DOCKERHUB_TOKEN }} @@ -69,7 +69,7 @@ jobs: # https://github.com/docker/metadata-action - name: Extract Docker metadata id: meta - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 with: images: | ghcr.io/edirom/meigarage @@ -80,7 +80,7 @@ jobs: # Build and push Docker image with Buildx (don't push on PR) # https://github.com/docker/build-push-action - name: Build and push Docker image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v5 with: context: . push: ${{ github.event_name != 'pull_request' }} @@ -90,7 +90,7 @@ jobs: BUILDTYPE=github # Use current README for DockerHub description - name: Update repo description - uses: peter-evans/dockerhub-description@v3 + uses: peter-evans/dockerhub-description@v4 with: username: vifebot password: ${{ secrets.VIFEBOT_DOCKERHUB_TOKEN }} From 027ce669f4d6a83eb25ce79d181d98d8a2772a8a Mon Sep 17 00:00:00 2001 From: Anne Ferger Date: Wed, 10 Apr 2024 15:36:06 +0200 Subject: [PATCH 05/16] Update Dockerfile --- Dockerfile | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/Dockerfile b/Dockerfile index f407dbd..95c5eaf 100644 --- a/Dockerfile +++ b/Dockerfile @@ -54,14 +54,10 @@ ADD https://github.com/Edirom/lilypond-converter/raw/main/required.sh /tmp/requ RUN chmod a+x /tmp/required-lilypond-converter.sh \ && /tmp/required-lilypond-converter.sh --batch -# clone and run -RUN git clone --depth 1 -b master https://github.com/rism-digital/verovio /tmp/verovio \ - && cd /tmp/verovio/tools \ - && cmake ../cmake \ - && make -j 8 \ - && make install \ - && cp /tmp/verovio/fonts/Leipzig/Leipzig.ttf /usr/local/share/fonts/ \ - && fc-cache +# install verovio-converter dependencies +ADD https://github.com/Edirom/verovio-converter/raw/main/required.sh /tmp/required-verovio-converter.sh +RUN chmod a+x /tmp/required-verovio-converter.sh \ + && /tmp/verovio-converter.sh --batch # entrypoint script COPY docker-entrypoint.sh /my-docker-entrypoint.sh From 61eac23a91bca53496b0127f9d31b9b5b388949c Mon Sep 17 00:00:00 2001 From: Anne Ferger Date: Wed, 10 Apr 2024 15:49:33 +0200 Subject: [PATCH 06/16] Update Dockerfile (fixed typo) --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 95c5eaf..59e2dff 100644 --- a/Dockerfile +++ b/Dockerfile @@ -57,7 +57,7 @@ RUN chmod a+x /tmp/required-lilypond-converter.sh \ # install verovio-converter dependencies ADD https://github.com/Edirom/verovio-converter/raw/main/required.sh /tmp/required-verovio-converter.sh RUN chmod a+x /tmp/required-verovio-converter.sh \ - && /tmp/verovio-converter.sh --batch + && /tmp/required-verovio-converter.sh --batch # entrypoint script COPY docker-entrypoint.sh /my-docker-entrypoint.sh From 6666775c586cc64f536d5ae27e36bea77ef46f03 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Apr 2024 07:37:58 +0000 Subject: [PATCH 07/16] Bump org.apache.maven.plugins:maven-pmd-plugin from 3.21.2 to 3.22.0 Bumps [org.apache.maven.plugins:maven-pmd-plugin](https://github.com/apache/maven-pmd-plugin) from 3.21.2 to 3.22.0. - [Release notes](https://github.com/apache/maven-pmd-plugin/releases) - [Commits](https://github.com/apache/maven-pmd-plugin/compare/maven-pmd-plugin-3.21.2...maven-pmd-plugin-3.22.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-pmd-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 9173b09..dc92201 100644 --- a/pom.xml +++ b/pom.xml @@ -162,7 +162,7 @@ org.apache.maven.plugins maven-pmd-plugin - 3.21.2 + 3.22.0 false true From b9daf4f858eb8640138032512b6084c45be056d7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 May 2024 07:43:16 +0000 Subject: [PATCH 08/16] Bump io.swagger.core.v3:swagger-jaxrs2-servlet-initializer-v2 Bumps io.swagger.core.v3:swagger-jaxrs2-servlet-initializer-v2 from 2.2.21 to 2.2.22. --- updated-dependencies: - dependency-name: io.swagger.core.v3:swagger-jaxrs2-servlet-initializer-v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index dc92201..06f5173 100644 --- a/pom.xml +++ b/pom.xml @@ -199,7 +199,7 @@ io.swagger.core.v3 swagger-jaxrs2-servlet-initializer-v2 - 2.2.21 + 2.2.22 javax.ws.rs From d6e7493d51176e4244ae58108fa57c5722f3f05b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 May 2024 07:43:17 +0000 Subject: [PATCH 09/16] Bump io.swagger.core.v3:swagger-jaxrs2 from 2.2.21 to 2.2.22 Bumps io.swagger.core.v3:swagger-jaxrs2 from 2.2.21 to 2.2.22. --- updated-dependencies: - dependency-name: io.swagger.core.v3:swagger-jaxrs2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index dc92201..3b6aa1f 100644 --- a/pom.xml +++ b/pom.xml @@ -194,7 +194,7 @@ io.swagger.core.v3 swagger-jaxrs2 - 2.2.21 + 2.2.22 io.swagger.core.v3 From 3dfcb05eb42b561f6f751d06eb371ab700d1131a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 May 2024 07:43:21 +0000 Subject: [PATCH 10/16] Bump org.owasp:dependency-check-maven from 9.1.0 to 9.2.0 Bumps [org.owasp:dependency-check-maven](https://github.com/jeremylong/DependencyCheck) from 9.1.0 to 9.2.0. - [Release notes](https://github.com/jeremylong/DependencyCheck/releases) - [Changelog](https://github.com/jeremylong/DependencyCheck/blob/main/CHANGELOG.md) - [Commits](https://github.com/jeremylong/DependencyCheck/compare/v9.1.0...v9.2.0) --- updated-dependencies: - dependency-name: org.owasp:dependency-check-maven dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index dc92201..8832753 100644 --- a/pom.xml +++ b/pom.xml @@ -172,7 +172,7 @@ org.owasp dependency-check-maven - 9.1.0 + 9.2.0 From f94a24c93ed5b3b05d5ba82c2fa40921cd7ba348 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Jun 2024 07:50:39 +0000 Subject: [PATCH 11/16] Bump org.apache.maven.plugins:maven-pmd-plugin from 3.22.0 to 3.23.0 Bumps [org.apache.maven.plugins:maven-pmd-plugin](https://github.com/apache/maven-pmd-plugin) from 3.22.0 to 3.23.0. - [Release notes](https://github.com/apache/maven-pmd-plugin/releases) - [Commits](https://github.com/apache/maven-pmd-plugin/compare/maven-pmd-plugin-3.22.0...maven-pmd-plugin-3.23.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-pmd-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index dc92201..f9b18da 100644 --- a/pom.xml +++ b/pom.xml @@ -162,7 +162,7 @@ org.apache.maven.plugins maven-pmd-plugin - 3.22.0 + 3.23.0 false true From 6a76f40c175e6e3ece9acabb7977f947dd72f28d Mon Sep 17 00:00:00 2001 From: Anne Ferger Date: Wed, 19 Jun 2024 10:54:50 +0200 Subject: [PATCH 12/16] updates ege-framework --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 9173b09..a87303b 100644 --- a/pom.xml +++ b/pom.xml @@ -209,7 +209,7 @@ pl.psnc.dl.ege ege-framework - 0.5.3 + 0.5.5 compile From 3316c39be38feda465e7dd27d0561adf580d52ca Mon Sep 17 00:00:00 2001 From: Anne Ferger Date: Wed, 19 Jun 2024 13:19:54 +0200 Subject: [PATCH 13/16] updated Dockerfile and debug logging --- Dockerfile | 4 +++- src/main/java/pl/psnc/dl/ege/webapp/servlet/InfoServlet.java | 4 ++++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 59e2dff..a8454b0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -131,6 +131,8 @@ RUN if [ "$VERSION_ODD" = "latest" ] ; then \ # && rm -r /tmp/encoding #clone the latest version of https://github.com/music-encoding/encoding-tools/ RUN git clone --depth 1 -b main https://github.com/music-encoding/encoding-tools /tmp/encoding \ + && cd /tmp/encoding + && git rev-parse HEAD > /tmp/encoding/GITHASH \ && mkdir -p ${MEI_SOURCES_HOME}/music-stylesheets/encoding-tools \ && cp -r /tmp/encoding/* ${MEI_SOURCES_HOME}/music-stylesheets/encoding-tools \ && rm -r /tmp/encoding @@ -203,7 +205,7 @@ RUN curl -s -L -o /tmp/mei200.zip https://github.com/music-encoding/music-encodi && git rev-parse HEAD > /tmp/meidev/GITHASH \ && mkdir -p ${MEI_SOURCES_HOME}/music-encoding/meidev \ && cp -r /tmp/meidev/* ${MEI_SOURCES_HOME}/music-encoding/meidev \ - && curl -s -L -o ${MEI_SOURCES_HOME}/music-encoding/meidev/source/mei-source_canonicalized.xml https://raw.githubusercontent.com/music-encoding/schema/main/dev/mei-source_canonicalized.xml \ + && curl -s -L -o ${MEI_SOURCES_HOME}/music-encoding/meidev/source/mei-source_canonicalized.xml https://raw.githubusercontent.com/music-encoding/schema/main/dev/mei-source_canonicalized_v5.1-dev.xml \ && rm -r /tmp/meidev #https://github.com/Edirom/data-configuration - no releases, clone most recent version in dev branch and move to correct folder diff --git a/src/main/java/pl/psnc/dl/ege/webapp/servlet/InfoServlet.java b/src/main/java/pl/psnc/dl/ege/webapp/servlet/InfoServlet.java index afa8816..a4b3a1f 100644 --- a/src/main/java/pl/psnc/dl/ege/webapp/servlet/InfoServlet.java +++ b/src/main/java/pl/psnc/dl/ege/webapp/servlet/InfoServlet.java @@ -6,6 +6,8 @@ import io.swagger.v3.oas.annotations.media.Content; import io.swagger.v3.oas.annotations.responses.ApiResponse; import io.swagger.v3.oas.annotations.tags.Tag; +import org.apache.logging.log4j.LogManager; +import org.apache.logging.log4j.Logger; import pl.psnc.dl.ege.webapp.servlethelpers.Info; import javax.servlet.ServletException; @@ -24,6 +26,7 @@ @Tag(name = "ege-webservice", description = "Conversion, Validation and Customization") }) public class InfoServlet extends HttpServlet { + private static final Logger LOGGER = LogManager.getLogger(InfoServlet.class); Info info = new Info(); @Override @GET @@ -39,6 +42,7 @@ public class InfoServlet extends HttpServlet { }) public void doGet(@Parameter(hidden = true) HttpServletRequest request, @Parameter(hidden = true) HttpServletResponse response) throws IOException, ServletException { + LOGGER.debug("REQUEST: " + request.getRequestURL() + " " + request.getContextPath() + " " + request.toString()); info.doGetHelper(request, response, this); } From d7b091f12fc1628561c1c152ea86d85733cf73c0 Mon Sep 17 00:00:00 2001 From: Anne Ferger Date: Wed, 19 Jun 2024 13:40:01 +0200 Subject: [PATCH 14/16] fixed typo in Dockerfile --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index a8454b0..6cdf49d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -131,7 +131,7 @@ RUN if [ "$VERSION_ODD" = "latest" ] ; then \ # && rm -r /tmp/encoding #clone the latest version of https://github.com/music-encoding/encoding-tools/ RUN git clone --depth 1 -b main https://github.com/music-encoding/encoding-tools /tmp/encoding \ - && cd /tmp/encoding + && cd /tmp/encoding \ && git rev-parse HEAD > /tmp/encoding/GITHASH \ && mkdir -p ${MEI_SOURCES_HOME}/music-stylesheets/encoding-tools \ && cp -r /tmp/encoding/* ${MEI_SOURCES_HOME}/music-stylesheets/encoding-tools \ From 67680786f6fe95a86d6567d6b8aa2dc3d33ccfb9 Mon Sep 17 00:00:00 2001 From: Anne Ferger Date: Mon, 24 Jun 2024 14:39:15 +0200 Subject: [PATCH 15/16] update logging config --- log4j.xml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/log4j.xml b/log4j.xml index a4fb7cc..144e7ad 100644 --- a/log4j.xml +++ b/log4j.xml @@ -24,6 +24,9 @@ + + + From e330d1faaabed74b83d832700df52b46622629e4 Mon Sep 17 00:00:00 2001 From: Anne Ferger Date: Mon, 24 Jun 2024 15:33:40 +0200 Subject: [PATCH 16/16] logging updates --- log4j.xml | 6 ++---- pom.xml | 2 +- .../java/pl/psnc/dl/ege/webapp/servlet/InfoServlet.java | 4 +--- 3 files changed, 4 insertions(+), 8 deletions(-) diff --git a/log4j.xml b/log4j.xml index 144e7ad..76e9205 100644 --- a/log4j.xml +++ b/log4j.xml @@ -6,12 +6,10 @@ + pattern="%%d{yyyy-MM-dd HH:mm:ss,SSS} %-5p - %m%n" /> - - %m%n - + diff --git a/pom.xml b/pom.xml index f6ae554..3aa2b13 100644 --- a/pom.xml +++ b/pom.xml @@ -209,7 +209,7 @@ pl.psnc.dl.ege ege-framework - 0.5.5 + 0.5.6 compile diff --git a/src/main/java/pl/psnc/dl/ege/webapp/servlet/InfoServlet.java b/src/main/java/pl/psnc/dl/ege/webapp/servlet/InfoServlet.java index a4b3a1f..4dd01af 100644 --- a/src/main/java/pl/psnc/dl/ege/webapp/servlet/InfoServlet.java +++ b/src/main/java/pl/psnc/dl/ege/webapp/servlet/InfoServlet.java @@ -26,7 +26,6 @@ @Tag(name = "ege-webservice", description = "Conversion, Validation and Customization") }) public class InfoServlet extends HttpServlet { - private static final Logger LOGGER = LogManager.getLogger(InfoServlet.class); Info info = new Info(); @Override @GET @@ -42,8 +41,7 @@ public class InfoServlet extends HttpServlet { }) public void doGet(@Parameter(hidden = true) HttpServletRequest request, @Parameter(hidden = true) HttpServletResponse response) throws IOException, ServletException { - LOGGER.debug("REQUEST: " + request.getRequestURL() + " " + request.getContextPath() + " " + request.toString()); - info.doGetHelper(request, response, this); + info.doGetHelper(request, response, this); } }