diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 351f6b0..65b8579 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -19,7 +19,7 @@ jobs: steps: - uses: actions/checkout@v2 - name: Set up JDK 8 - uses: actions/setup-java@v1 + uses: actions/setup-java@v2.3.1 with: java-version: 8 - name: Grant execute permission for gradlew @@ -29,7 +29,7 @@ jobs: - name: Test with Gradle run: ./gradlew check - name: Upload coverage report to CodeCov - uses: codecov/codecov-action@v1 + uses: codecov/codecov-action@v2.1.0 with: token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos file: ./build/reports/cobertura/coverage.xml # optional @@ -37,7 +37,7 @@ jobs: verbose: true - name: Slack notification when master build fails if: ${{ failure() && github.ref == 'refs/heads/master'}} - uses: rtCamp/action-slack-notify@v2.1.0 + uses: rtCamp/action-slack-notify@v2.2.0 env: SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }} SLACK_CHANNEL: cerberus-alerts diff --git a/dependency-check-supressions.xml b/dependency-check-supressions.xml new file mode 100644 index 0000000..cbc052c --- /dev/null +++ b/dependency-check-supressions.xml @@ -0,0 +1,3 @@ + + + \ No newline at end of file diff --git a/gradle.properties b/gradle.properties index 994c83e..84861a8 100644 --- a/gradle.properties +++ b/gradle.properties @@ -13,6 +13,6 @@ # See the License for the specific language governing permissions and # limitations under the License. # -version=3.2.4 +version=3.2.5 groupId=com.nike artifactId=cerberus-spring-boot-client diff --git a/gradle/buildscript.gradle b/gradle/buildscript.gradle index 6f6be21..45eddd6 100644 --- a/gradle/buildscript.gradle +++ b/gradle/buildscript.gradle @@ -16,11 +16,12 @@ repositories { jcenter() + mavenCentral() } dependencies { - classpath "org.owasp:dependency-check-gradle:5.3.2" - classpath "net.saliman:gradle-cobertura-plugin:2.6.1" - classpath 'org.kt3k.gradle.plugin:coveralls-gradle-plugin:2.6.3' - classpath "com.diffplug.spotless:spotless-plugin-gradle:3.30.0" + classpath "org.owasp:dependency-check-gradle:6.3.2" + classpath "net.saliman:gradle-cobertura-plugin:3.0.0" + classpath "org.kt3k.gradle.plugin:coveralls-gradle-plugin:2.8.3" + classpath "com.diffplug.spotless:spotless-plugin-gradle:4.5.1" } diff --git a/gradle/dependencies.gradle b/gradle/dependencies.gradle index 0151b33..5f44f32 100644 --- a/gradle/dependencies.gradle +++ b/gradle/dependencies.gradle @@ -20,16 +20,16 @@ repositories { configurations.all { resolutionStrategy { - force "ch.qos.logback:logback-core:1.2.3" - force "ch.qos.logback:logback-classic:1.2.3" - force "net.sourceforge.pmd:pmd-core:6.21.0" - force "net.sourceforge.pmd:pmd-java:6.21.0" + force "ch.qos.logback:logback-core:1.2.6" + force "ch.qos.logback:logback-classic:1.2.6" + force "net.sourceforge.pmd:pmd-core:6.39.0" + force "net.sourceforge.pmd:pmd-java:6.39.0" force "com.fasterxml.jackson.core:jackson-databind:2.12.1" dependencySubstitution { - substitute module("org.mortbay.jetty:jetty") with module("org.eclipse.jetty:jetty-server:9.4.33.v20201020") - substitute module("org.mortbay.jetty:jetty-util") with module("org.eclipse.jetty:jetty-util:9.4.33.v20201020") - substitute module("org.mortbay.jetty:jetty-http") with module("org.eclipse.jetty:jetty-http:9.4.33.v20201020") + substitute module("org.mortbay.jetty:jetty") with module("org.eclipse.jetty:jetty-server:11.0.6") + substitute module("org.mortbay.jetty:jetty-util") with module("org.eclipse.jetty:jetty-util:11.0.6") + substitute module("org.mortbay.jetty:jetty-http") with module("org.eclipse.jetty:jetty-http:11.0.6") substitute module("dom4j:dom4j:1.6.1") with module("org.dom4j:dom4j:2.1.3") } } @@ -40,19 +40,14 @@ configurations.all { dependencies { // Spring dependencies - compile "org.springframework.boot:spring-boot-autoconfigure:2.3.4.RELEASE" + compile "org.springframework.boot:spring-boot-autoconfigure:2.5.5" // Cerberus dependencies - implementation('com.nike:cerberus-client'){ - version { - branch = 'master' - } - } + compile 'com.nike:cerberus-client:v7.4.6' // Test dependencies - testRuntime 'org.slf4j:slf4j-simple:1.7.25' - testCompile "org.junit.jupiter:junit-jupiter:5.7.0" - testCompile ("org.mockito:mockito-core:1.10.19") { + testCompile "org.junit.jupiter:junit-jupiter:5.8.1" + testCompile ("org.mockito:mockito-core:3.12.4") { exclude group: 'org.hamcrest' } } diff --git a/gradle/integration.gradle b/gradle/integration.gradle index 49f4ce8..c672cdf 100644 --- a/gradle/integration.gradle +++ b/gradle/integration.gradle @@ -24,6 +24,7 @@ sourceSets { task integration(type: Test, description: 'Runs integration tests') { testClassesDirs = sourceSets.integration.output.classesDirs classpath = sourceSets.integration.runtimeClasspath + outputs.upToDateWhen { false } } dependencies { @@ -31,11 +32,14 @@ dependencies { integrationCompile configurations.testCompile integrationCompile sourceSets.test.output integrationCompile 'com.fieldju:commons:1.1.0' - integrationCompile group: 'org.projectlombok', name: 'lombok', version: '1.18.8' + integrationCompile group: 'org.projectlombok', name: 'lombok', version: '1.18.20' integrationRuntime configurations.testRuntime + + integrationAnnotationProcessor "org.projectlombok:lombok:1.18.20" } integration { + useJUnitPlatform() testLogging { showStandardStreams = true } diff --git a/gradle/owasp-dependency-check.gradle b/gradle/owasp-dependency-check.gradle index 753fc4c..f0602cf 100644 --- a/gradle/owasp-dependency-check.gradle +++ b/gradle/owasp-dependency-check.gradle @@ -21,6 +21,7 @@ allprojects { failOnError = false format = 'ALL' failBuildOnCVSS = 7 + suppressionFile = "${rootProject.projectDir}/dependency-check-supressions.xml" } } diff --git a/src/integration/java/com/nike/cerberus/springboot/CerberusSpringBootClientIntegrationTests.java b/src/integration/java/com/nike/cerberus/springboot/CerberusSpringBootClientIntegrationTests.java index 5854d0d..a0126de 100644 --- a/src/integration/java/com/nike/cerberus/springboot/CerberusSpringBootClientIntegrationTests.java +++ b/src/integration/java/com/nike/cerberus/springboot/CerberusSpringBootClientIntegrationTests.java @@ -31,7 +31,6 @@ import java.util.concurrent.ExecutorService; import java.util.concurrent.Executors; import org.apache.commons.lang3.RandomStringUtils; -import org.junit.*; import org.junit.jupiter.api.AfterEach; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; diff --git a/src/integration/java/com/nike/cerberus/springboot/testapp/IntegrationTestSpringApp.java b/src/integration/java/com/nike/cerberus/springboot/testapp/IntegrationTestSpringApp.java index 3307c72..0bc4ed0 100644 --- a/src/integration/java/com/nike/cerberus/springboot/testapp/IntegrationTestSpringApp.java +++ b/src/integration/java/com/nike/cerberus/springboot/testapp/IntegrationTestSpringApp.java @@ -16,11 +16,9 @@ package com.nike.cerberus.springboot.testapp; -import lombok.extern.slf4j.Slf4j; import org.springframework.context.ApplicationContext; import org.springframework.context.annotation.AnnotationConfigApplicationContext; -@Slf4j public class IntegrationTestSpringApp { private final ApplicationContext applicationContext;