Merge pull request #2 from SURFnet/fix-build

Update dependencies and add weekly NVD check
SURFnet · Jan 29, 2024 · da4c989 · da4c989
2 parents 245c538 + 172643f
commit da4c989
Show file tree

Hide file tree

Showing 7 changed files with 48 additions and 15 deletions.
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
@@ -8,9 +8,9 @@ jobs:
 
     steps:
     - uses: actions/checkout@v4
-    - uses: actions/cache@v3
+    - uses: actions/cache@v4
       with: { path: "~/.m2", key: "${{ runner.os }}-${{ hashFiles('deps.edn') }}-m2" }
-    - uses: actions/cache@v3
+    - uses: actions/cache@v4
       with:
         key: "clojure-${{ runner.os }}-${{ hashFiles('.github/workflows/install-binaries.sh') }}"
         path: |
@@ -32,12 +32,6 @@ jobs:
     - name: Run linters
       run: bin/clojure -M:clj-kondo --lint src test
 
-    - name: Install NVD clojure
-      run: bin/clojure -Ttools install nvd-clojure/nvd-clojure '{:mvn/version "RELEASE"}' :as nvd;
-
-    - name: Check NVD
-      run: bin/clojure -J-Dclojure.main.report=stderr -Tnvd nvd.task/check :classpath \""$(bin/clojure -Spath)\""
-
   create_release:
     if: startsWith(github.ref, 'refs/tags/v0') || startsWith(github.ref, 'refs/tags/v1')
     runs-on: ubuntu-latest
@@ -83,9 +77,9 @@ jobs:
 
     steps:
     - uses: actions/checkout@v4
-    - uses: actions/cache@v3
+    - uses: actions/cache@v4
       with: { path: "~/.m2", key: "${{ runner.os }}-${{ hashFiles('deps.edn') }}-m2" }
-    - uses: actions/cache@v3
+    - uses: actions/cache@v4
       with:
         key: "clojure-${{ runner.os }}-${{ hashFiles('.github/workflows/install-binaries.sh') }}"
         path: |

diff --git a/.github/workflows/deps.yml b/.github/workflows/deps.yml
@@ -0,0 +1,35 @@
+name: Run dependency checks
+
+on:
+  push:
+  schedule:
+    - cron: '0 1 * * 1'
+
+jobs:
+  checks:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v4
+    - uses: actions/cache@v4
+      with: { path: "~/.m2", key: "${{ runner.os }}-${{ hashFiles('deps.edn') }}-m2" }
+    - uses: actions/cache@v4
+      with:
+        key: "clojure-${{ runner.os }}-${{ hashFiles('.github/workflows/install-binaries.sh') }}"
+        path: |
+          ./bin
+          ./lib
+
+    - name: Install NVD clojure
+      run: bin/clojure -Ttools install nvd-clojure/nvd-clojure '{:mvn/version "RELEASE"}' :as nvd;
+
+    - name: Check NVD Secret is configured
+      env:
+        NVD_API_TOKEN: ${{ secrets.NVD_API_TOKEN }}
+      if: ${{ env.NVD_API_TOKEN == '' }}
+      run: echo "NVD_API_TOKEN secret is empty"; exit 1
+
+    - name: Check NVD
+      env:
+        NVD_API_TOKEN: ${{ secrets.NVD_API_TOKEN }}
+      run: bin/clojure -J-Dclojure.main.report=stderr -Tnvd nvd.task/check :config-filename '".nvd-config.json"' :classpath "\"$(bin/clojure -Spath)\""
diff --git a/.nvd-config.json b/.nvd-config.json
@@ -0,0 +1 @@
+{"nvd": {"suppression-file": ".nvd-suppressions.xml"}}
diff --git a/.nvd-suppressions.xml b/.nvd-suppressions.xml
@@ -0,0 +1,3 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
+</suppressions>
diff --git a/deps.edn b/deps.edn
@@ -2,7 +2,7 @@
  :deps    {org.clojure/tools.cli          {:mvn/version "1.0.219"}
            ring/ring-codec                {:mvn/version "1.2.0"}
            org.babashka/http-client       {:mvn/version "0.4.15"}
-           org.clojure/data.json          {:mvn/version "2.4.0"}
+           org.babashka/json              {:mvn/version "0.1.1"}
            hiccup/hiccup                  {:mvn/version "2.0.0-RC2"}
            nl.jomco/clj-http-status-codes {:mvn/version "0.1"}
            nl.jomco/openapi-v3-validator  {:mvn/version "0.2.1"}

diff --git a/src/nl/jomco/apie/main.clj b/src/nl/jomco/apie/main.clj
@@ -1,5 +1,5 @@
 (ns nl.jomco.apie.main
-  (:require [clojure.data.json :as data.json]
+  (:require [babashka.json :as json]
             [clojure.edn :as edn]
             [clojure.java.io :as io]
             [clojure.pprint :as pprint]
@@ -88,7 +88,7 @@
 
 (defn- read-json
   [f]
-  (data.json/read-json (io/reader f :encoding "UTF-8") false))
+  (json/read (io/reader f :encoding "UTF-8") false))
 
 (defn print-interaction
   [{{:keys [uri query-params method]} :request

diff --git a/src/nl/jomco/apie/report/json.clj b/src/nl/jomco/apie/report/json.clj
@@ -1,5 +1,5 @@
 (ns nl.jomco.apie.report.json
-  (:require [clojure.data.json :as json]
+  (:require [babashka.json :as json]
             [clojure.string :as string]))
 
 (defn to-s
@@ -46,7 +46,7 @@
 
          ;; for anything else fall back to clojure.data.json
          :else
-         (let [v (json/write-str val :escape-slash false, :escape-unicode false)]
+         (let [v (json/write-str val)]
            (if (and max-length (> (count v) max-length))
              (str (subs v 0 max-length) ellipsis)
              v)))))))
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		{"nvd": {"suppression-file": ".nvd-suppressions.xml"}}