From 7aee2acf0cfc814bbf9564c71642d1867ee16cd6 Mon Sep 17 00:00:00 2001 From: urielch Date: Sat, 2 Aug 2025 10:19:06 +0200 Subject: [PATCH 01/14] improve testing --- .github/workflows/json-smart-formatting.yml | 12 ++++ .github/workflows/json-smart-unit-tests.yml | 14 +++- .github/workflows/security.yml | 77 +++++++++++++++++++++ README.md | 4 +- accessors-smart/pom.xml | 14 ++-- json-smart-action/pom.xml | 10 +-- json-smart/pom.xml | 10 +-- 7 files changed, 122 insertions(+), 19 deletions(-) create mode 100644 .github/workflows/security.yml diff --git a/.github/workflows/json-smart-formatting.yml b/.github/workflows/json-smart-formatting.yml index facc672..d385264 100644 --- a/.github/workflows/json-smart-formatting.yml +++ b/.github/workflows/json-smart-formatting.yml @@ -4,10 +4,14 @@ on: push: branches: - master + - upgrade pull_request: branches: - master +permissions: + contents: read + jobs: formatting: runs-on: ubuntu-latest @@ -21,6 +25,14 @@ jobs: distribution: 'temurin' cache: 'maven' + - name: Cache local Maven repository + uses: actions/cache@v4 + with: + path: ~/.m2/repository + key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} + restore-keys: | + ${{ runner.os }}-maven- + - name: Check formatting accessors-smart run: cd accessors-smart; ./mvnw spotless:check diff --git a/.github/workflows/json-smart-unit-tests.yml b/.github/workflows/json-smart-unit-tests.yml index de3c842..e36150b 100644 --- a/.github/workflows/json-smart-unit-tests.yml +++ b/.github/workflows/json-smart-unit-tests.yml @@ -5,16 +5,20 @@ on: branches: - master - update2024 + - upgrade pull_request: branches: - master +permissions: + contents: read + jobs: publish: runs-on: ubuntu-latest strategy: matrix: - java-version: [8, 11, 16, 17, 21] + java-version: [8, 11, 17, 21, 22, 23] steps: - uses: actions/checkout@v4 @@ -25,6 +29,14 @@ jobs: distribution: 'temurin' cache: 'maven' + - name: Cache local Maven repository + uses: actions/cache@v4 + with: + path: ~/.m2/repository + key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} + restore-keys: | + ${{ runner.os }}-maven- + - name: Unit tests accessors-smart run: cd accessors-smart; ./mvnw -B install; ./mvnw -B clean test diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml new file mode 100644 index 0000000..e3121eb --- /dev/null +++ b/.github/workflows/security.yml @@ -0,0 +1,77 @@ +name: Security Scanning + +on: + push: + branches: [ master, upgrade ] + pull_request: + branches: [ master ] + schedule: + - cron: '0 6 * * 1' # Weekly on Monday at 6am UTC + +permissions: + contents: read + security-events: write + actions: read + +jobs: + codeql: + name: CodeQL Analysis + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + language: [ 'java' ] + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up JDK 11 + uses: actions/setup-java@v4 + with: + java-version: 11 + distribution: 'temurin' + cache: 'maven' + + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + + - name: Build project + run: | + cd accessors-smart && ./mvnw clean compile + cd ../json-smart && ./mvnw clean compile + cd ../json-smart-action && ./mvnw clean compile + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + + dependency-check: + name: Dependency Vulnerability Scan + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up JDK 11 + uses: actions/setup-java@v4 + with: + java-version: 11 + distribution: 'temurin' + cache: 'maven' + + - name: Run OWASP Dependency Check + run: | + cd accessors-smart && ./mvnw org.owasp:dependency-check-maven:check + cd ../json-smart && ./mvnw org.owasp:dependency-check-maven:check + cd ../json-smart-action && ./mvnw org.owasp:dependency-check-maven:check + continue-on-error: true + + - name: Upload dependency check results + uses: actions/upload-artifact@v4 + if: always() + with: + name: dependency-check-reports + path: '**/target/dependency-check-report.html' \ No newline at end of file diff --git a/README.md b/README.md index 3591d97..9d9b3d4 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,9 @@ # json-smart-v2 -[![Build Status](https://travis-ci.org/netplex/json-smart-v2.svg?branch=master)](https://travis-ci.org/netplex/json-smart-v2) +[![CI](https://github.com/netplex/json-smart-v2/actions/workflows/json-smart-unit-tests.yml/badge.svg)](https://github.com/netplex/json-smart-v2/actions/workflows/json-smart-unit-tests.yml) +[![Security](https://github.com/netplex/json-smart-v2/actions/workflows/security.yml/badge.svg)](https://github.com/netplex/json-smart-v2/actions/workflows/security.yml) [![Maven Central](https://maven-badges.herokuapp.com/maven-central/net.minidev/json-smart/badge.svg?style=flat-square)](https://maven-badges.herokuapp.com/maven-central/net.minidev/json-smart/) [![Coverage Status](https://coveralls.io/repos/github/netplex/json-smart-v2/badge.svg?branch=master)](https://coveralls.io/github/netplex/json-smart-v2?branch=master) +[![Java 8+](https://img.shields.io/badge/Java-8%2B-blue.svg)](https://openjdk.java.net/) Json-smart development started in 2010, when SQL servers did not support native JSON fields, NoSQL databases were slowly emerging, and all the existing JSON APIs were bogus. I wrote lots of tests to benchmark and compare JSON java parsers. diff --git a/accessors-smart/pom.xml b/accessors-smart/pom.xml index ef87765..b8d88af 100644 --- a/accessors-smart/pom.xml +++ b/accessors-smart/pom.xml @@ -92,7 +92,7 @@ limitations under the License. org.apache.maven.plugins maven-gpg-plugin - 3.2.7 + 3.2.8 sign-artifacts @@ -178,7 +178,7 @@ limitations under the License. org.apache.maven.plugins maven-compiler-plugin - 3.13.0 + 3.15.1 UTF-8 ${maven.compiler.source} @@ -189,7 +189,7 @@ limitations under the License. org.apache.maven.plugins maven-resources-plugin - 3.3.1 + 3.4.0 UTF-8 @@ -198,13 +198,13 @@ limitations under the License. org.apache.maven.plugins maven-jar-plugin - 3.4.2 + 3.5.1 org.apache.maven.plugins maven-javadoc-plugin - 3.10.1 + 3.11.2 8 @@ -243,7 +243,7 @@ limitations under the License. com.diffplug.spotless spotless-maven-plugin - 2.44.2 + 2.47.0 @@ -266,7 +266,7 @@ limitations under the License. org.junit.jupiter junit-jupiter-api - 5.11.2 + 5.13.4 test diff --git a/json-smart-action/pom.xml b/json-smart-action/pom.xml index 27e3c1e..e19947d 100644 --- a/json-smart-action/pom.xml +++ b/json-smart-action/pom.xml @@ -169,7 +169,7 @@ org.apache.maven.plugins maven-compiler-plugin - 3.14.0 + 3.15.1 UTF-8 ${maven.compiler.source} @@ -180,7 +180,7 @@ org.apache.maven.plugins maven-resources-plugin - 3.3.1 + 3.4.0 UTF-8 @@ -189,7 +189,7 @@ org.apache.maven.plugins maven-jar-plugin - 3.4.2 + 3.5.1 @@ -214,7 +214,7 @@ org.apache.felix maven-bundle-plugin - 5.1.9 + 5.1.10 true @@ -233,7 +233,7 @@ com.diffplug.spotless spotless-maven-plugin - 2.46.1 + 2.47.0 diff --git a/json-smart/pom.xml b/json-smart/pom.xml index 3a6f0ed..2ceb7ff 100644 --- a/json-smart/pom.xml +++ b/json-smart/pom.xml @@ -185,7 +185,7 @@ limitations under the License. org.apache.maven.plugins maven-compiler-plugin - 3.14.0 + 3.15.1 UTF-8 ${maven.compiler.source} @@ -196,7 +196,7 @@ limitations under the License. org.apache.maven.plugins maven-resources-plugin - 3.3.1 + 3.4.0 UTF-8 @@ -205,7 +205,7 @@ limitations under the License. org.apache.maven.plugins maven-jar-plugin - 3.4.2 + 3.5.1 @@ -231,7 +231,7 @@ limitations under the License. org.apache.felix maven-bundle-plugin - 5.1.9 + 5.1.10 true @@ -254,7 +254,7 @@ limitations under the License. com.diffplug.spotless spotless-maven-plugin - 2.46.1 + 2.47.0 From c18ae143e82edee3326120ba90d2df2c6482c5f2 Mon Sep 17 00:00:00 2001 From: urielch Date: Sat, 2 Aug 2025 10:25:28 +0200 Subject: [PATCH 02/14] fix maven-resources-plugin version to 3.3.1 --- accessors-smart/pom.xml | 2 +- json-smart-action/pom.xml | 2 +- json-smart/pom.xml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/accessors-smart/pom.xml b/accessors-smart/pom.xml index b8d88af..eb23759 100644 --- a/accessors-smart/pom.xml +++ b/accessors-smart/pom.xml @@ -189,7 +189,7 @@ limitations under the License. org.apache.maven.plugins maven-resources-plugin - 3.4.0 + 3.3.1 UTF-8 diff --git a/json-smart-action/pom.xml b/json-smart-action/pom.xml index e19947d..8c7f473 100644 --- a/json-smart-action/pom.xml +++ b/json-smart-action/pom.xml @@ -180,7 +180,7 @@ org.apache.maven.plugins maven-resources-plugin - 3.4.0 + 3.3.1 UTF-8 diff --git a/json-smart/pom.xml b/json-smart/pom.xml index 2ceb7ff..8718f97 100644 --- a/json-smart/pom.xml +++ b/json-smart/pom.xml @@ -196,7 +196,7 @@ limitations under the License. org.apache.maven.plugins maven-resources-plugin - 3.4.0 + 3.3.1 UTF-8 From c5a8a7c93992d44f671b2b5f2497718c972b5053 Mon Sep 17 00:00:00 2001 From: urielch Date: Sat, 2 Aug 2025 10:33:20 +0200 Subject: [PATCH 03/14] patch on github ations --- .github/workflows/json-smart-formatting.yml | 6 +++--- .github/workflows/security.yml | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/json-smart-formatting.yml b/.github/workflows/json-smart-formatting.yml index d385264..d4ad2a2 100644 --- a/.github/workflows/json-smart-formatting.yml +++ b/.github/workflows/json-smart-formatting.yml @@ -34,10 +34,10 @@ jobs: ${{ runner.os }}-maven- - name: Check formatting accessors-smart - run: cd accessors-smart; ./mvnw spotless:check + run: cd accessors-smart; ./mvnw com.diffplug.spotless:spotless-maven-plugin:check - name: Check formatting json-smart - run: cd json-smart; ./mvnw spotless:check + run: cd json-smart; ./mvnw com.diffplug.spotless:spotless-maven-plugin:check - name: Check formatting json-smart-action - run: cd json-smart-action; ./mvnw spotless:check + run: cd json-smart-action; ./mvnw com.diffplug.spotless:spotless-maven-plugin:check diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index e3121eb..7651472 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -64,9 +64,9 @@ jobs: - name: Run OWASP Dependency Check run: | - cd accessors-smart && ./mvnw org.owasp:dependency-check-maven:check - cd ../json-smart && ./mvnw org.owasp:dependency-check-maven:check - cd ../json-smart-action && ./mvnw org.owasp:dependency-check-maven:check + cd accessors-smart && ./mvnw org.owasp:dependency-check-maven:check -DnvdApiKey=${{ secrets.NVD_API_KEY }} + cd ../json-smart && ./mvnw org.owasp:dependency-check-maven:check -DnvdApiKey=${{ secrets.NVD_API_KEY }} + cd ../json-smart-action && ./mvnw org.owasp:dependency-check-maven:check -DnvdApiKey=${{ secrets.NVD_API_KEY }} continue-on-error: true - name: Upload dependency check results From 4cf87ea25450541fa145649f3508fb2e888853f5 Mon Sep 17 00:00:00 2001 From: urielch Date: Sat, 2 Aug 2025 10:35:37 +0200 Subject: [PATCH 04/14] patch versions --- .github/workflows/json-smart-formatting.yml | 6 +++--- accessors-smart/pom.xml | 2 +- json-smart-action/pom.xml | 2 +- json-smart/pom.xml | 2 +- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/json-smart-formatting.yml b/.github/workflows/json-smart-formatting.yml index d4ad2a2..d385264 100644 --- a/.github/workflows/json-smart-formatting.yml +++ b/.github/workflows/json-smart-formatting.yml @@ -34,10 +34,10 @@ jobs: ${{ runner.os }}-maven- - name: Check formatting accessors-smart - run: cd accessors-smart; ./mvnw com.diffplug.spotless:spotless-maven-plugin:check + run: cd accessors-smart; ./mvnw spotless:check - name: Check formatting json-smart - run: cd json-smart; ./mvnw com.diffplug.spotless:spotless-maven-plugin:check + run: cd json-smart; ./mvnw spotless:check - name: Check formatting json-smart-action - run: cd json-smart-action; ./mvnw com.diffplug.spotless:spotless-maven-plugin:check + run: cd json-smart-action; ./mvnw spotless:check diff --git a/accessors-smart/pom.xml b/accessors-smart/pom.xml index eb23759..124a210 100644 --- a/accessors-smart/pom.xml +++ b/accessors-smart/pom.xml @@ -243,7 +243,7 @@ limitations under the License. com.diffplug.spotless spotless-maven-plugin - 2.47.0 + 2.46.1 diff --git a/json-smart-action/pom.xml b/json-smart-action/pom.xml index 8c7f473..564f919 100644 --- a/json-smart-action/pom.xml +++ b/json-smart-action/pom.xml @@ -233,7 +233,7 @@ com.diffplug.spotless spotless-maven-plugin - 2.47.0 + 2.46.1 diff --git a/json-smart/pom.xml b/json-smart/pom.xml index 8718f97..2d0d84a 100644 --- a/json-smart/pom.xml +++ b/json-smart/pom.xml @@ -254,7 +254,7 @@ limitations under the License. com.diffplug.spotless spotless-maven-plugin - 2.47.0 + 2.46.1 From 4379f313d5128fa1e0f2cbb452e93e907f662a73 Mon Sep 17 00:00:00 2001 From: urielch Date: Sat, 2 Aug 2025 10:41:29 +0200 Subject: [PATCH 05/14] fix version --- json-smart-action/pom.xml | 3 ++- json-smart/pom.xml | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/json-smart-action/pom.xml b/json-smart-action/pom.xml index 564f919..35404ca 100644 --- a/json-smart-action/pom.xml +++ b/json-smart-action/pom.xml @@ -212,9 +212,10 @@ + org.apache.felix maven-bundle-plugin - 5.1.10 + 5.1.9 true diff --git a/json-smart/pom.xml b/json-smart/pom.xml index 2d0d84a..3f55971 100644 --- a/json-smart/pom.xml +++ b/json-smart/pom.xml @@ -231,7 +231,7 @@ limitations under the License. org.apache.felix maven-bundle-plugin - 5.1.10 + 5.1.9 true From 6837e8ac4f21bc7926f47298a40ce54f841fb8e6 Mon Sep 17 00:00:00 2001 From: urielch Date: Sat, 2 Aug 2025 10:44:09 +0200 Subject: [PATCH 06/14] rollback versions --- accessors-smart/pom.xml | 2 +- json-smart-action/pom.xml | 2 +- json-smart/pom.xml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/accessors-smart/pom.xml b/accessors-smart/pom.xml index 124a210..7793036 100644 --- a/accessors-smart/pom.xml +++ b/accessors-smart/pom.xml @@ -198,7 +198,7 @@ limitations under the License. org.apache.maven.plugins maven-jar-plugin - 3.5.1 + 3.4.2 diff --git a/json-smart-action/pom.xml b/json-smart-action/pom.xml index 35404ca..da9bfac 100644 --- a/json-smart-action/pom.xml +++ b/json-smart-action/pom.xml @@ -189,7 +189,7 @@ org.apache.maven.plugins maven-jar-plugin - 3.5.1 + 3.4.2 diff --git a/json-smart/pom.xml b/json-smart/pom.xml index 3f55971..dd99e21 100644 --- a/json-smart/pom.xml +++ b/json-smart/pom.xml @@ -205,7 +205,7 @@ limitations under the License. org.apache.maven.plugins maven-jar-plugin - 3.5.1 + 3.4.2 From 9dd4ac4cffe0451231329822e1dd98955b6b9b1a Mon Sep 17 00:00:00 2001 From: urielch Date: Sat, 2 Aug 2025 10:53:50 +0200 Subject: [PATCH 07/14] downgrade --- accessors-smart/pom.xml | 2 +- json-smart-action/pom.xml | 2 +- json-smart/pom.xml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/accessors-smart/pom.xml b/accessors-smart/pom.xml index 7793036..2770188 100644 --- a/accessors-smart/pom.xml +++ b/accessors-smart/pom.xml @@ -178,7 +178,7 @@ limitations under the License. org.apache.maven.plugins maven-compiler-plugin - 3.15.1 + 3.14.0 UTF-8 ${maven.compiler.source} diff --git a/json-smart-action/pom.xml b/json-smart-action/pom.xml index da9bfac..13dc87a 100644 --- a/json-smart-action/pom.xml +++ b/json-smart-action/pom.xml @@ -169,7 +169,7 @@ org.apache.maven.plugins maven-compiler-plugin - 3.15.1 + 3.14.0 UTF-8 ${maven.compiler.source} diff --git a/json-smart/pom.xml b/json-smart/pom.xml index dd99e21..3a6f0ed 100644 --- a/json-smart/pom.xml +++ b/json-smart/pom.xml @@ -185,7 +185,7 @@ limitations under the License. org.apache.maven.plugins maven-compiler-plugin - 3.15.1 + 3.14.0 UTF-8 ${maven.compiler.source} From 20714c2d9bab855339ddff4b20de59cc0cbe83b7 Mon Sep 17 00:00:00 2001 From: urielch Date: Sat, 2 Aug 2025 12:33:23 +0200 Subject: [PATCH 08/14] add condition for github workflows --- .github/workflows/json-smart-formatting.yml | 10 ++++++++++ .github/workflows/json-smart-unit-tests.yml | 10 ++++++++++ .github/workflows/security.yml | 10 ++++++++++ 3 files changed, 30 insertions(+) diff --git a/.github/workflows/json-smart-formatting.yml b/.github/workflows/json-smart-formatting.yml index d385264..5eb5121 100644 --- a/.github/workflows/json-smart-formatting.yml +++ b/.github/workflows/json-smart-formatting.yml @@ -5,9 +5,19 @@ on: branches: - master - upgrade + paths: + - 'accessors-smart/**' + - 'json-smart/**' + - 'json-smart-action/**' + - '.github/workflows/json-smart-formatting.yml' pull_request: branches: - master + paths: + - 'accessors-smart/**' + - 'json-smart/**' + - 'json-smart-action/**' + - '.github/workflows/json-smart-formatting.yml' permissions: contents: read diff --git a/.github/workflows/json-smart-unit-tests.yml b/.github/workflows/json-smart-unit-tests.yml index e36150b..480a5ea 100644 --- a/.github/workflows/json-smart-unit-tests.yml +++ b/.github/workflows/json-smart-unit-tests.yml @@ -6,9 +6,19 @@ on: - master - update2024 - upgrade + paths: + - 'accessors-smart/**' + - 'json-smart/**' + - 'json-smart-action/**' + - '.github/workflows/json-smart-unit-tests.yml' pull_request: branches: - master + paths: + - 'accessors-smart/**' + - 'json-smart/**' + - 'json-smart-action/**' + - '.github/workflows/json-smart-unit-tests.yml' permissions: contents: read diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 7651472..8c9a8df 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -3,8 +3,18 @@ name: Security Scanning on: push: branches: [ master, upgrade ] + paths: + - 'accessors-smart/**' + - 'json-smart/**' + - 'json-smart-action/**' + - '.github/workflows/security.yml' pull_request: branches: [ master ] + paths: + - 'accessors-smart/**' + - 'json-smart/**' + - 'json-smart-action/**' + - '.github/workflows/security.yml' schedule: - cron: '0 6 * * 1' # Weekly on Monday at 6am UTC From d028b7c94460a86e275278218f699cfe03863f6a Mon Sep 17 00:00:00 2001 From: urielch Date: Sat, 2 Aug 2025 13:29:56 +0200 Subject: [PATCH 09/14] patch action --- .github/workflows/security.yml | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 8c9a8df..9fb94db 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -48,11 +48,14 @@ jobs: with: languages: ${{ matrix.language }} - - name: Build project - run: | - cd accessors-smart && ./mvnw clean compile - cd ../json-smart && ./mvnw clean compile - cd ../json-smart-action && ./mvnw clean compile + - name: Build project accessors-smart + run: cd accessors-smart && ./mvnw -q clean compile + + - name: Build project json-smart + run: cd json-smart && ./mvnw -q clean compile + + - name: Build project json-smart-action + run: cd json-smart-action && ./mvnw -q clean compile - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 From 39ab9e88bdad3449c6379aad6d0d19bb110892c0 Mon Sep 17 00:00:00 2001 From: urielch Date: Sat, 2 Aug 2025 13:36:14 +0200 Subject: [PATCH 10/14] test patch action --- .github/workflows/security.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 9fb94db..2a1bfbd 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -49,13 +49,13 @@ jobs: languages: ${{ matrix.language }} - name: Build project accessors-smart - run: cd accessors-smart && ./mvnw -q clean compile + run: cd accessors-smart && ./mvnw -q clean install - name: Build project json-smart - run: cd json-smart && ./mvnw -q clean compile + run: cd json-smart && ./mvnw -q clean install - name: Build project json-smart-action - run: cd json-smart-action && ./mvnw -q clean compile + run: cd json-smart-action && ./mvnw -q clean install - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 @@ -77,9 +77,9 @@ jobs: - name: Run OWASP Dependency Check run: | - cd accessors-smart && ./mvnw org.owasp:dependency-check-maven:check -DnvdApiKey=${{ secrets.NVD_API_KEY }} - cd ../json-smart && ./mvnw org.owasp:dependency-check-maven:check -DnvdApiKey=${{ secrets.NVD_API_KEY }} - cd ../json-smart-action && ./mvnw org.owasp:dependency-check-maven:check -DnvdApiKey=${{ secrets.NVD_API_KEY }} + cd accessors-smart && ./mvnw -q org.owasp:dependency-check-maven:check -DnvdApiKey=${{ secrets.NVD_API_KEY }} + cd ../json-smart && ./mvnw -q org.owasp:dependency-check-maven:check -DnvdApiKey=${{ secrets.NVD_API_KEY }} + cd ../json-smart-action && ./mvnw -q org.owasp:dependency-check-maven:check -DnvdApiKey=${{ secrets.NVD_API_KEY }} continue-on-error: true - name: Upload dependency check results From f8fbab82da35f3fedeb6d7a9e41abeaf1a7445d5 Mon Sep 17 00:00:00 2001 From: urielch Date: Sat, 2 Aug 2025 14:20:15 +0200 Subject: [PATCH 11/14] edd exta test in action --- .github/workflows/security.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 2a1bfbd..d02e3d7 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -49,13 +49,13 @@ jobs: languages: ${{ matrix.language }} - name: Build project accessors-smart - run: cd accessors-smart && ./mvnw -q clean install + run: cd accessors-smart && ./mvnw -q clean install test - name: Build project json-smart - run: cd json-smart && ./mvnw -q clean install + run: cd json-smart && ./mvnw -q clean install test - name: Build project json-smart-action - run: cd json-smart-action && ./mvnw -q clean install + run: cd json-smart-action && ./mvnw -q clean install test - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 From 08e708a99044a37a905a366a2a761d20c8a16cef Mon Sep 17 00:00:00 2001 From: urielch Date: Sat, 2 Aug 2025 18:26:57 +0200 Subject: [PATCH 12/14] add jacoco --- .github/workflows/coverage.yml | 49 ++++++++++++++++++++++++++++++++++ .github/workflows/security.yml | 6 ++--- .gitignore | 1 + accessors-smart/pom.xml | 19 +++++++++++++ json-smart/pom.xml | 19 +++++++++++++ 5 files changed, 91 insertions(+), 3 deletions(-) create mode 100644 .github/workflows/coverage.yml diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml new file mode 100644 index 0000000..c57a7c5 --- /dev/null +++ b/.github/workflows/coverage.yml @@ -0,0 +1,49 @@ +name: Coverage + +on: + push: + branches: [ master, upgrade ] + paths: + - 'accessors-smart/**' + - 'json-smart/**' + - '.github/workflows/coverage.yml' + pull_request: + branches: [ master ] + paths: + - 'accessors-smart/**' + - 'json-smart/**' + - '.github/workflows/coverage.yml' + +permissions: + contents: read + +jobs: + coverage: + name: Code Coverage + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up JDK 11 + uses: actions/setup-java@v4 + with: + java-version: 11 + distribution: 'temurin' + cache: 'maven' + + - name: Build and test accessors-smart with coverage + run: cd accessors-smart && ./mvnw -q clean test + + - name: Build and test json-smart with coverage + run: cd json-smart && ./mvnw -q clean test + + - name: Upload coverage to Coveralls + uses: coverallsapp/github-action@v2 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + path-to-lcov: | + accessors-smart/target/site/jacoco/jacoco.xml + json-smart/target/site/jacoco/jacoco.xml + format: jacoco \ No newline at end of file diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index d02e3d7..2a1bfbd 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -49,13 +49,13 @@ jobs: languages: ${{ matrix.language }} - name: Build project accessors-smart - run: cd accessors-smart && ./mvnw -q clean install test + run: cd accessors-smart && ./mvnw -q clean install - name: Build project json-smart - run: cd json-smart && ./mvnw -q clean install test + run: cd json-smart && ./mvnw -q clean install - name: Build project json-smart-action - run: cd json-smart-action && ./mvnw -q clean install test + run: cd json-smart-action && ./mvnw -q clean install - name: Perform CodeQL Analysis uses: github/codeql-action/analyze@v3 diff --git a/.gitignore b/.gitignore index 4b7b9ce..76f248c 100644 --- a/.gitignore +++ b/.gitignore @@ -9,3 +9,4 @@ **/bin **/target **/.vscode/ +.env diff --git a/accessors-smart/pom.xml b/accessors-smart/pom.xml index 2770188..98621d7 100644 --- a/accessors-smart/pom.xml +++ b/accessors-smart/pom.xml @@ -259,6 +259,25 @@ limitations under the License. + + org.jacoco + jacoco-maven-plugin + 0.8.13 + + + + prepare-agent + + + + report + test + + report + + + + diff --git a/json-smart/pom.xml b/json-smart/pom.xml index 3a6f0ed..6fc3938 100644 --- a/json-smart/pom.xml +++ b/json-smart/pom.xml @@ -270,6 +270,25 @@ limitations under the License. + + org.jacoco + jacoco-maven-plugin + 0.8.13 + + + + prepare-agent + + + + report + test + + report + + + + From 0827ee7f80350b7997e4b53f1c1a538ee26085c6 Mon Sep 17 00:00:00 2001 From: urielch Date: Sat, 2 Aug 2025 18:31:00 +0200 Subject: [PATCH 13/14] patch coverage --- .github/workflows/coverage.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index c57a7c5..96286f2 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -34,7 +34,7 @@ jobs: cache: 'maven' - name: Build and test accessors-smart with coverage - run: cd accessors-smart && ./mvnw -q clean test + run: cd accessors-smart && ./mvnw -q clean install - name: Build and test json-smart with coverage run: cd json-smart && ./mvnw -q clean test From bcef083fe360ce7e3471767b42133c63b3a17cf4 Mon Sep 17 00:00:00 2001 From: urielch Date: Sat, 2 Aug 2025 18:33:56 +0200 Subject: [PATCH 14/14] patch coverage --- .github/workflows/coverage.yml | 25 ++++++++++++++++++++----- 1 file changed, 20 insertions(+), 5 deletions(-) diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 96286f2..856a36b 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -39,11 +39,26 @@ jobs: - name: Build and test json-smart with coverage run: cd json-smart && ./mvnw -q clean test - - name: Upload coverage to Coveralls + - name: Upload accessors-smart coverage to Coveralls uses: coverallsapp/github-action@v2 with: github-token: ${{ secrets.GITHUB_TOKEN }} - path-to-lcov: | - accessors-smart/target/site/jacoco/jacoco.xml - json-smart/target/site/jacoco/jacoco.xml - format: jacoco \ No newline at end of file + file: accessors-smart/target/site/jacoco/jacoco.xml + format: jacoco + flag-name: accessors-smart + parallel: true + + - name: Upload json-smart coverage to Coveralls + uses: coverallsapp/github-action@v2 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + file: json-smart/target/site/jacoco/jacoco.xml + format: jacoco + flag-name: json-smart + parallel: true + + - name: Finish parallel build + uses: coverallsapp/github-action@v2 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + parallel-finished: true \ No newline at end of file