Compare commits
23 Commits
e0f3ab1889
...
133b04c725
Author | SHA1 | Date | |
---|---|---|---|
133b04c725 | |||
|
e1d6b88d4a | ||
|
8ccbbfa41d | ||
|
49faa30bbf | ||
|
40e69d19a8 | ||
|
d6cc1eb36b | ||
|
c5c6eb3213 | ||
|
cd9381bd0e | ||
|
0b429d2ea9 | ||
|
7417be8c6f | ||
|
60e58eb499 | ||
|
c0d9273e9a | ||
|
09d47af97a | ||
|
22790afd5f | ||
|
fa5711fe48 | ||
|
d725d24e35 | ||
|
e5fce15331 | ||
|
409863b3f9 | ||
|
c03641f50d | ||
|
98a5fa6aa2 | ||
|
c8174f21ea | ||
|
aaa6e4323a | ||
|
94725c5b92 |
11
.github/dependabot.yml
vendored
Normal file
11
.github/dependabot.yml
vendored
Normal file
@ -0,0 +1,11 @@
|
||||
# To get started with Dependabot version updates, you'll need to specify which
|
||||
# package ecosystems to update and where the package manifests are located.
|
||||
# Please see the documentation for all configuration options:
|
||||
# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
|
||||
|
||||
version: 2
|
||||
updates:
|
||||
- package-ecosystem: "gradle" # See documentation for possible values
|
||||
directory: "/" # Location of package manifests
|
||||
schedule:
|
||||
interval: "daily"
|
60
.github/workflows/codacy.yml
vendored
Normal file
60
.github/workflows/codacy.yml
vendored
Normal file
@ -0,0 +1,60 @@
|
||||
# This workflow uses actions that are not certified by GitHub.
|
||||
# They are provided by a third-party and are governed by
|
||||
# separate terms of service, privacy policy, and support
|
||||
# documentation.
|
||||
|
||||
# This workflow checks out code, performs a Codacy security scan
|
||||
# and integrates the results with the
|
||||
# GitHub Advanced Security code scanning feature. For more information on
|
||||
# the Codacy security scan action usage and parameters, see
|
||||
# https://github.com/codacy/codacy-analysis-cli-action.
|
||||
# For more information on Codacy Analysis CLI in general, see
|
||||
# https://github.com/codacy/codacy-analysis-cli.
|
||||
|
||||
name: Codacy Security Scan
|
||||
|
||||
on:
|
||||
push:
|
||||
branches: [ main ]
|
||||
pull_request:
|
||||
# The branches below must be a subset of the branches above
|
||||
branches: [ main ]
|
||||
schedule:
|
||||
- cron: '41 23 * * 3'
|
||||
|
||||
permissions:
|
||||
contents: read
|
||||
|
||||
jobs:
|
||||
codacy-security-scan:
|
||||
permissions:
|
||||
contents: read # for actions/checkout to fetch code
|
||||
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
|
||||
name: Codacy Security Scan
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
# Checkout the repository to the GitHub Actions runner
|
||||
- name: Checkout code
|
||||
uses: actions/checkout@v2
|
||||
|
||||
# Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
|
||||
- name: Run Codacy Analysis CLI
|
||||
uses: codacy/codacy-analysis-cli-action@d840f886c4bd4edc059706d09c6a1586111c540b
|
||||
with:
|
||||
# Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
|
||||
# You can also omit the token and run the tools that support default configurations
|
||||
project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
|
||||
verbose: true
|
||||
output: results.sarif
|
||||
format: sarif
|
||||
# Adjust severity of non-security issues
|
||||
gh-code-scanning-compat: true
|
||||
# Force 0 exit code to allow SARIF file generation
|
||||
# This will handover control about PR rejection to the GitHub side
|
||||
max-allowed-issues: 2147483647
|
||||
|
||||
# Upload the SARIF file generated in the previous step
|
||||
- name: Upload SARIF results file
|
||||
uses: github/codeql-action/upload-sarif@v1
|
||||
with:
|
||||
sarif_file: results.sarif
|
@ -11,6 +11,6 @@
|
||||
- Sambo Chea <sombochea@cubetiqs.com>
|
||||
|
||||
### Language and Framework
|
||||
- Spring Boot: 2.6.2
|
||||
- Kotlin: 1.6.10
|
||||
- Gradle: 7.3.2
|
||||
- Spring Boot: 2.6.6
|
||||
- Kotlin: 1.6.20
|
||||
- Gradle: 7.4.1
|
||||
|
@ -7,8 +7,8 @@ plugins {
|
||||
kotlin("plugin.spring")
|
||||
}
|
||||
|
||||
val kotlinVersion = "1.6.10"
|
||||
val springBootVersion = "2.6.2"
|
||||
val kotlinVersion = "1.6.20"
|
||||
val springBootVersion = "2.6.6"
|
||||
|
||||
// find the last commit
|
||||
fun getGitHashLastCommit(): String {
|
||||
@ -33,7 +33,7 @@ springBoot {
|
||||
|
||||
dependencies {
|
||||
// Migrating from SpringFox
|
||||
implementation("org.springdoc:springdoc-openapi-ui:1.6.2")
|
||||
implementation("org.springdoc:springdoc-openapi-ui:1.6.7")
|
||||
|
||||
// SPRING FRAMEWORK AND CORE
|
||||
implementation("org.springframework.boot:spring-boot-starter-web")
|
||||
|
@ -1,10 +1,10 @@
|
||||
import org.jetbrains.kotlin.gradle.tasks.KotlinCompile
|
||||
|
||||
plugins {
|
||||
id("org.springframework.boot") version "2.6.2" apply false
|
||||
id("org.springframework.boot") version "2.6.6" apply false
|
||||
id("io.spring.dependency-management") version "1.0.11.RELEASE" apply false
|
||||
kotlin("jvm") version "1.6.10" apply false
|
||||
kotlin("plugin.spring") version "1.6.10" apply false
|
||||
kotlin("jvm") version "1.6.20" apply false
|
||||
kotlin("plugin.spring") version "1.6.20" apply false
|
||||
// kotlin("plugin.jpa") version "1.6.10" apply false
|
||||
}
|
||||
|
||||
@ -18,6 +18,7 @@ allprojects {
|
||||
ext["logback.version"] = "1.2.9"
|
||||
|
||||
repositories {
|
||||
mavenCentral()
|
||||
maven("https://m.ctdn.net")
|
||||
}
|
||||
|
||||
|
2
gradle/wrapper/gradle-wrapper.properties
vendored
2
gradle/wrapper/gradle-wrapper.properties
vendored
@ -1,5 +1,5 @@
|
||||
distributionBase=GRADLE_USER_HOME
|
||||
distributionPath=wrapper/dists
|
||||
distributionUrl=https://mirror.ctdn.net/gradle/gradle-7.3.2-bin.zip
|
||||
distributionUrl=https://mirror.ctdn.net/gradle/gradle-7.4.1-bin.zip
|
||||
zipStoreBase=GRADLE_USER_HOME
|
||||
zipStorePath=wrapper/dists
|
Loading…
Reference in New Issue
Block a user