[Snyk] Security upgrade org.springframework.boot:spring-boot-starter-tomcat from 2.7.18 to 3.2.7

.github/workflows/build_and_test.yml

@@ -42,7 +42,6 @@ jobs:
 
     - name: Set environment variables
       run: |
-        echo _JAVA_OPTIONS= '-Djdk.util.zip.disableZip64ExtraFieldValidation=true' >> $GITHUB_ENV
         cat .versions >> $GITHUB_ENV
 
     - name: Setup CouchDB
@@ -62,10 +61,10 @@ jobs:
         sudo DEBIAN_FRONTEND=noninteractive apt-get install -yq python3-pip build-essential libboost-dev libboost-test-dev libboost-program-options-dev libevent-dev automake libtool flex bison pkg-config libssl-dev git cmake
         pip install mkdocs mkdocs-material
 
-    - name: Set up JDK 11
+    - name: Set up JDK 17
       uses: actions/setup-java@v4
       with:
-        java-version: '11'
+        java-version: '17'
         distribution: 'temurin'
         check-latest: true
         cache: 'maven'
@@ -75,11 +74,9 @@ jobs:
       uses: actions/cache@v4
       with:
         path: |
-          /usr/local/bin/thrift
+          /usr/local/bin
           /usr/share/thrift/${{ env.THRIFT_VERSION }}
         key: ${{ runner.os }}-thrift-${{ env.THRIFT_VERSION }}
-        restore-keys: |
-          ${{ runner.os }}-thrift-${{ env.THRIFT_VERSION }}
 
     - name: Install Thrift
       if: steps.cache-thrift.outputs.cache-hit != 'true'
@@ -88,33 +85,41 @@ jobs:
         bash scripts/install-thrift.sh
 
     - name: Build SW360
+      id: build
       run: |
-        mvn clean install --no-transfer-progress -P deploy -Dhelp-docs=true -Dbase.deploy.dir=. -Dliferay.deploy.dir=${PWD}/deploy -Dbackend.deploy.dir=${PWD}/deploy/webapps -Drest.deploy.dir=${PWD}/deploy/webapps -DRunComponentVisibilityRestrictionTest=false -DRunPrivateProjectAccessTest=false -DRunRestForceUpdateTest=false
+        mvn clean install --no-transfer-progress -P deploy -Dhelp-docs=true -Dbase.deploy.dir=${{ github.workspace }} -Dbackend.deploy.dir=${PWD}/deploy/webapps -Drest.deploy.dir=${PWD}/deploy/webapps -DRunComponentVisibilityRestrictionTest=false -DRunPrivateProjectAccessTest=false -DRunRestForceUpdateTest=false -Dmaven.plugin.validation=VERBOSE
 
     - name: Run PrivateProjectAccessTest
       run: |
-        cd build-configuration
-        mvn install
-        cd ..
-        cd libraries/datahandler
-        mvn test -Dtest=ProjectPermissionsVisibilityTest -DRunPrivateProjectAccessTest=true -DRunRestForceUpdateTest=true
-        cd ../..
+        cd ${{ github.workspace }}/libraries/datahandler
+        mvn test -Dbase.deploy.dir=${{ github.workspace }} -Dtest=ProjectPermissionsVisibilityTest -DRunPrivateProjectAccessTest=true -DRunRestForceUpdateTest=true
 
     - name: Run BulkReleaseDeletingTest
       run: |
-        cd backend/src/src-components
-        mvn test -Dtest=BulkDeleteUtilTest -DRunPrivateProjectAccessTest=true -DRunBulkReleaseDeletingTest=true
-
-    - name: Deploy Backend and Rest Server
-      run: |
-        sudo docker build -t sw360backendrest -f sw360BackendRest.Dockerfile .
-        sudo docker run -dt --network=host sw360backendrest
-        bash scripts/sw360BackendRestDockerConfig/scripts/checkDeploymentIsSuccess.sh
-
-    - name: Create users and oauth client
-      run: bash scripts/sw360BackendRestDockerConfig/scripts/createUserAndOauthClient.sh
-
-    - name: Run Client Integration Test for Rest Api
-      run: |
-        cd clients
-        mvn clean install --no-transfer-progress -DRunRestIntegrationTest=true
+        cd ${{ github.workspace }}/backend/src/src-components
+        mvn test -Dbase.deploy.dir=${{ github.workspace }} -Dtest=BulkDeleteUtilTest -DRunPrivateProjectAccessTest=true -DRunBulkReleaseDeletingTest=true
+
+    # - name: Deploy Backend and Rest Server
+    #   shell: bash
+    #   run: |
+    #     cd ${{ github.workspace }}
+    #     sudo docker build -t sw360backendrest -f scripts/sw360BackendRest.Dockerfile .
+    #     sudo docker run -dt --network=host sw360backendrest
+    #     scripts/sw360BackendRestDockerConfig/scripts/checkDeploymentIsSuccess.sh
+
+    # - name: Create users and oauth client
+    #   shell: bash
+    #   run: |
+    #     scripts/sw360BackendRestDockerConfig/scripts/createUserAndOauthClient.sh
+
+    # - name: Run Client Integration Test for Rest Api
+    #   run: |
+    #     cd ${{ github.workspace }}/clients
+    #     mvn clean install -Dbase.deploy.dir=${{ github.workspace }} --no-transfer-progress -DRunRestIntegrationTest=true
+
+    # - name: Upload test reports
+    #   if: failure()
+    #   uses: actions/upload-artifact@v4
+    #   with:
+    #     name: test-reports
+    #     path: ${{ github.workspace }}/libraries/importers/target/surefire-reports

.github/workflows/docker_deploy.yml

@@ -45,43 +45,17 @@ jobs:
       - name: Checkout main repository
         uses: actions/checkout@v4
 
-      - name: Set up JDK 11
+      - name: Set up JDK 17
         uses: actions/setup-java@v4
         with:
-          java-version: '11'
+          java-version: '17'
           cache: 'maven'
           distribution: 'temurin'
 
       - name: Get revision from pom.xml
         id: pom_version
         run: |
           echo "SW360_VERSION=$(mvn help:evaluate -Dexpression=revision -q -DforceStdout)" >> "$GITHUB_OUTPUT"
-  base_image:
-    name: SW360 Base image
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      packages: write
-
-    steps:
-      - name: Checkout default branch
-        uses: actions/checkout@v4
-      - name: Set environment variables
-        run: |
-          cat .versions >> $GITHUB_ENV
-      - name: Build base image
-        uses: heliocastro/docker-build-control@v1
-        with:
-          name: base
-          token: ${{ secrets.GITHUB_TOKEN }}
-          version: ${{ env.JAVA_VERSION }}-jdk-${{ env.UBUNTU_VERSION }}
-          invalidate-cache: ${{ inputs.invalidate-cache }}
-          debug: ${{ inputs.debug }}
-          build-args: |
-            LIFERAY_VERSION=${{ env.LIFERAY_VERSION }}
-            LIFERAY_SOURCE=${{ env.LIFERAY_SOURCE }}
-            JAVA_VERSION=${{ env.JAVA_VERSION }}
-            UBUNTU_VERSION=${{ env.UBUNTU_VERSION }}
 
   thrift_image:
     name: Build SW360 Thrift image
@@ -110,7 +84,7 @@ jobs:
 
   binary_image:
     name: SW360 Binary
-    needs: [sw360_version, base_image, thrift_image]
+    needs: [sw360_version, thrift_image]
     runs-on: ubuntu-latest
     permissions:
       contents: read
@@ -142,7 +116,7 @@ jobs:
 
   runtime_image:
     name: SW360 Runtime image
-    needs: [sw360_version, base_image, binary_image]
+    needs: [sw360_version, binary_image]
     runs-on: ubuntu-latest
     permissions:
       contents: read

.gitignore

@@ -33,10 +33,6 @@ jgiven-reports/
 .settings
 .factorypath
 
-# Ignore VSCode files
-.vscode/
-#*.code-workspace
-
 # Ignore backup files
 *.bak
 *.orig
@@ -67,3 +63,9 @@ tmp/**/*
 
 # DS_Store
 .DS_Store
+
+# Git versioned
+.git-versioned-pom.xml
+
+# Python local pyenv
+.python-version

.mvn/extensions.xml

@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~ Copyright 2024. Helio Chissini de Castro.
+    ~
+  ~ This program and the accompanying materials are made
+  ~ available under the terms of the Eclipse Public License 2.0
+  ~ which is available at https://www.eclipse.org/legal/epl-2.0/
+  ~
+  ~ SPDX-License-Identifier: EPL-2.0
+  -->
+
+<extensions xmlns="http://maven.apache.org/EXTENSIONS/1.0.0"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://maven.apache.org/EXTENSIONS/1.0.0 http://maven.apache.org/xsd/core-extensions-1.0.0.xsd">
+
+    <extension>
+        <groupId>me.qoomon</groupId>
+        <artifactId>maven-git-versioning-extension</artifactId>
+        <version>9.6.6</version>
+    </extension>
+
+</extensions>

.mvn/maven-git-versioning-extension.xml

@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~ Copyright 2024. Helio Chissini de Castro.
+    ~
+  ~ This program and the accompanying materials are made
+  ~ available under the terms of the Eclipse Public License 2.0
+  ~ which is available at https://www.eclipse.org/legal/epl-2.0/
+  ~
+  ~ SPDX-License-Identifier: EPL-2.0
+  -->
+
+<configuration xmlns="https://github.com/qoomon/maven-git-versioning-extension"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="https://github.com/qoomon/maven-git-versioning-extension https://qoomon.github.io/maven-git-versioning-extension/configuration-9.4.0.xsd">
+
+    <refs>
+        <ref type="branch">
+            <pattern>.+</pattern>
+            <version>${version}-SNAPSHOT</version>
+        </ref>
+
+        <ref type="tag">
+            <pattern><![CDATA[v(?<version>.*)]]></pattern>
+            <version>${ref.version}</version>
+        </ref>
+    </refs>
+
+    <!-- optional fallback configuration in case of no matching ref configuration-->
+    <rev>
+        <version>${commit}</version>
+    </rev>
+
+</configuration>

.pre-commit-config.yaml

@@ -1,20 +1,12 @@
 repos:
 -   repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.0.1
+    rev: v4.6.0
     hooks:
     -   id: check-merge-conflict
-    # -   id: end-of-file-fixer
-    # -   id: trailing-whitespace
 
 -   repo: https://github.com/compilerla/conventional-pre-commit
-    rev: 'v2.1.1'
+    rev: 'v3.2.0'
     hooks:
     -   id: conventional-pre-commit
         stages: [commit-msg]
 
--   repo: https://github.com/ejba/pre-commit-maven
-    rev: v0.3.3
-    hooks:
-    -   id: maven-spotless-apply
-        stages: [manual]
-        always_run: false

.versions

@@ -1,5 +1,4 @@
-THRIFT_VERSION=0.18.1
-LIFERAY_VERSION=7.4.3.18-ga18
-LIFERAY_SOURCE=liferay-ce-portal-tomcat-7.4.3.18-ga18-20220329092001364.tar.gz
-UBUNTU_VERSION=jammy
-JAVA_VERSION=11
+THRIFT_VERSION=0.20.0
+TOMCAT_VERSION=10-jre17-temurin-jammy
+JAVA_VERSION=17
+SW360_VERSION=18.99.0

.vscode/settings.json

@@ -0,0 +1,5 @@
+{
+  "files.exclude": {
+    "**/.git-versioned-pom.xml": true
+  }
+}