diff --git a/.github/workflows/issues-jira.yml b/.github/workflows/issues-jira.yml
new file mode 100644
index 0000000..7bf0469
--- /dev/null
+++ b/.github/workflows/issues-jira.yml
@@ -0,0 +1,31 @@
+name: Create Jira Ticket for Github Issue
+
+on:
+ issues:
+ types: [opened]
+
+jobs:
+ issue-jira:
+ runs-on: ubuntu-latest
+ steps:
+
+ - name: Login to Jira
+ uses: atlassian/gajira-login@master
+ env:
+ JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
+ JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
+ JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
+
+ - name: Create Jira Issue
+ id: create_jira
+ uses: atlassian/gajira-create@master
+ with:
+ project: ${{ secrets.JIRA_PROJECT }}
+ issuetype: ${{ secrets.JIRA_ISSUE_TYPE }}
+ summary: Github | Issue | ${{ github.event.repository.name }} | ${{ github.event.issue.title }}
+ description: |
+ *GitHub Issue:* ${{ github.event.issue.html_url }}
+
+ *Description:*
+ ${{ github.event.issue.body }}
+ fields: "${{ secrets.ISSUES_JIRA_FIELDS }}"
\ No newline at end of file
diff --git a/.github/workflows/jira.yml b/.github/workflows/jira.yml
deleted file mode 100644
index caa4bbd..0000000
--- a/.github/workflows/jira.yml
+++ /dev/null
@@ -1,33 +0,0 @@
-name: Create JIRA ISSUE
-on:
- pull_request:
- types: [opened]
-jobs:
- security-jira:
- if: ${{ github.actor == 'dependabot[bot]' || github.actor == 'snyk-bot' || contains(github.event.pull_request.head.ref, 'snyk-fix-') || contains(github.event.pull_request.head.ref, 'snyk-upgrade-')}}
- runs-on: ubuntu-latest
- steps:
- - uses: actions/checkout@v2
- - name: Login into JIRA
- uses: atlassian/gajira-login@master
- env:
- JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
- JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
- JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
- - name: Create a JIRA Issue
- id: create
- uses: atlassian/gajira-create@master
- with:
- project: ${{ secrets.JIRA_PROJECT }}
- issuetype: ${{ secrets.JIRA_ISSUE_TYPE }}
- summary: |
- ${{ github.event.pull_request.title }}
- description: |
- PR: ${{ github.event.pull_request.html_url }}
-
- fields: "${{ secrets.JIRA_FIELDS }}"
- - name: Transition issue
- uses: atlassian/gajira-transition@v3
- with:
- issue: ${{ steps.create.outputs.issue }}
- transition: ${{ secrets.JIRA_TRANSITION }}
diff --git a/.github/workflows/policy-scan.yml b/.github/workflows/policy-scan.yml
new file mode 100644
index 0000000..ff25923
--- /dev/null
+++ b/.github/workflows/policy-scan.yml
@@ -0,0 +1,46 @@
+name: Checks the security policy and configurations
+on:
+ pull_request:
+ types: [opened, synchronize, reopened]
+jobs:
+ security-policy:
+ if: github.event.repository.visibility == 'public'
+ runs-on: ubuntu-latest
+ defaults:
+ run:
+ shell: bash
+ steps:
+ - uses: actions/checkout@master
+ - name: Checks for SECURITY.md policy file
+ run: |
+ if ! [[ -f "SECURITY.md" || -f ".github/SECURITY.md" ]]; then exit 1; fi
+ security-license:
+ if: github.event.repository.visibility == 'public'
+ runs-on: ubuntu-latest
+ defaults:
+ run:
+ shell: bash
+ steps:
+ - uses: actions/checkout@master
+ - name: Checks for License file
+ run: |
+ expected_license_files=("LICENSE" "LICENSE.txt" "LICENSE.md" "License.txt")
+ license_file_found=false
+ current_year=$(date +"%Y")
+
+ for license_file in "${expected_license_files[@]}"; do
+ if [ -f "$license_file" ]; then
+ license_file_found=true
+ # check the license file for the current year, if not exists, exit with error
+ if ! grep -q "$current_year" "$license_file"; then
+ echo "License file $license_file does not contain the current year."
+ exit 2
+ fi
+ break
+ fi
+ done
+
+ if [ "$license_file_found" = false ]; then
+ echo "No license file found. Please add a license file to the repository."
+ exit 1
+ fi
\ No newline at end of file
diff --git a/.github/workflows/publish-release.yml b/.github/workflows/publish-release.yml
index ed96868..53550d9 100644
--- a/.github/workflows/publish-release.yml
+++ b/.github/workflows/publish-release.yml
@@ -10,6 +10,11 @@ jobs:
steps:
- name: Checkout project sources
uses: actions/checkout@v3
+ - name: Set up JDK 17
+ uses: actions/setup-java@v4
+ with:
+ distribution: 'temurin'
+ java-version: '17'
- name: Setup Gradle
uses: gradle/gradle-build-action@v2
- name: Setup local.properties
@@ -24,8 +29,8 @@ jobs:
run: |
./gradlew publishAndReleaseToMavenCentral --no-configuration-cache
env:
- ORG_GRADLE_PROJECT_mavenCentralUsername: ${{ secrets.mavenCentralUsername }}
- ORG_GRADLE_PROJECT_mavenCentralPassword: ${{ secrets.mavenCentralPassword }}
+ ORG_GRADLE_PROJECT_mavenCentralUsername: ${{ secrets.MAVEN_USERNAME }}
+ ORG_GRADLE_PROJECT_mavenCentralPassword: ${{ secrets.MAVEN_PASSWORD }}
ORG_GRADLE_PROJECT_signingInMemoryKey: ${{ secrets.signingInMemoryKey }}
ORG_GRADLE_PROJECT_signingInMemoryKeyId: ${{ secrets.signingInMemoryKeyId }}
ORG_GRADLE_PROJECT_signingInMemoryKeyPassword: ${{ secrets.signingInMemoryKeyPassword }}
\ No newline at end of file
diff --git a/.github/workflows/publish-snapshot.yml b/.github/workflows/publish-snapshot.yml
index 7cf1c3b..f7d3e30 100644
--- a/.github/workflows/publish-snapshot.yml
+++ b/.github/workflows/publish-snapshot.yml
@@ -11,9 +11,14 @@ jobs:
steps:
- name: Checkout project sources
uses: actions/checkout@v3
+ - name: Set up JDK 17
+ uses: actions/setup-java@v4
+ with:
+ distribution: 'temurin'
+ java-version: '17'
- name: Check whether the version is a snapshot
run: |
- if grep -q "\-SNAPSHOT" ./contentstack/build.gradle
+ if grep -q "\-SNAPSHOT" ./gradle.properties
then
:
else
@@ -33,8 +38,8 @@ jobs:
run: |
./gradlew publishAllPublicationsToMavenCentralRepository
env:
- ORG_GRADLE_PROJECT_mavenCentralUsername: ${{ secrets.mavenCentralUsername }}
- ORG_GRADLE_PROJECT_mavenCentralPassword: ${{ secrets.mavenCentralPassword }}
+ ORG_GRADLE_PROJECT_mavenCentralUsername: ${{ secrets.MAVEN_USERNAME }}
+ ORG_GRADLE_PROJECT_mavenCentralPassword: ${{ secrets.MAVEN_PASSWORD }}
ORG_GRADLE_PROJECT_signingInMemoryKey: ${{ secrets.signingInMemoryKey }}
ORG_GRADLE_PROJECT_signingInMemoryKeyId: ${{ secrets.signingInMemoryKeyId }}
ORG_GRADLE_PROJECT_signingInMemoryKeyPassword: ${{ secrets.signingInMemoryKeyPassword }}
\ No newline at end of file
diff --git a/.github/workflows/sast-scan.yml b/.github/workflows/sast-scan.yml
deleted file mode 100644
index 3b9521a..0000000
--- a/.github/workflows/sast-scan.yml
+++ /dev/null
@@ -1,11 +0,0 @@
-name: SAST Scan
-on:
- pull_request:
- types: [opened, synchronize, reopened]
-jobs:
- security-sast:
- runs-on: ubuntu-latest
- steps:
- - uses: actions/checkout@v2
- - name: Semgrep Scan
- run: docker run -v /var/run/docker.sock:/var/run/docker.sock -v "${PWD}:/src" returntocorp/semgrep semgrep scan --config auto
\ No newline at end of file
diff --git a/.github/workflows/sca-scan.yml b/.github/workflows/sca-scan.yml
index 6cde258..95f6d0a 100644
--- a/.github/workflows/sca-scan.yml
+++ b/.github/workflows/sca-scan.yml
@@ -7,8 +7,18 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
+ - name: Set up JDK 17
+ uses: actions/setup-java@v4
+ with:
+ distribution: 'temurin'
+ java-version: '17'
+ - name: Setup local.properties
+ run: |
+ cat << EOF >> local.properties
+ sdk.dir=$ANDROID_HOME
+ EOF
- name: Run Snyk to check for vulnerabilities
- uses: snyk/actions/gradle@master
+ uses: snyk/actions/setup@master
env:
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
with:
diff --git a/.idea/AndroidProjectSystem.xml b/.idea/AndroidProjectSystem.xml
new file mode 100644
index 0000000..4a53bee
--- /dev/null
+++ b/.idea/AndroidProjectSystem.xml
@@ -0,0 +1,6 @@
+
+
+
+
+
+
\ No newline at end of file
diff --git a/.idea/compiler.xml b/.idea/compiler.xml
index b589d56..b86273d 100644
--- a/.idea/compiler.xml
+++ b/.idea/compiler.xml
@@ -1,6 +1,6 @@
-
+
\ No newline at end of file
diff --git a/.idea/deploymentTargetSelector.xml b/.idea/deploymentTargetSelector.xml
new file mode 100644
index 0000000..da3c40b
--- /dev/null
+++ b/.idea/deploymentTargetSelector.xml
@@ -0,0 +1,10 @@
+
+
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/.idea/gradle.xml b/.idea/gradle.xml
index 38c211a..6bc62ee 100644
--- a/.idea/gradle.xml
+++ b/.idea/gradle.xml
@@ -4,16 +4,16 @@
diff --git a/.idea/migrations.xml b/.idea/migrations.xml
new file mode 100644
index 0000000..f8051a6
--- /dev/null
+++ b/.idea/migrations.xml
@@ -0,0 +1,10 @@
+
+
+
+
+
+
\ No newline at end of file
diff --git a/.idea/misc.xml b/.idea/misc.xml
index 34d68b5..a60d85d 100644
--- a/.idea/misc.xml
+++ b/.idea/misc.xml
@@ -12,7 +12,7 @@
-
+
diff --git a/.idea/runConfigurations.xml b/.idea/runConfigurations.xml
new file mode 100644
index 0000000..16660f1
--- /dev/null
+++ b/.idea/runConfigurations.xml
@@ -0,0 +1,17 @@
+
+
+
+
+
+
\ No newline at end of file
diff --git a/.talismanrc b/.talismanrc
new file mode 100644
index 0000000..345ca2f
--- /dev/null
+++ b/.talismanrc
@@ -0,0 +1,5 @@
+fileignoreconfig:
+- filename: .github/workflows/secrets-scan.yml
+ ignore_detectors:
+ - filecontent
+version: "1.0"
\ No newline at end of file
diff --git a/.vscode/settings.json b/.vscode/settings.json
new file mode 100644
index 0000000..c5f3f6b
--- /dev/null
+++ b/.vscode/settings.json
@@ -0,0 +1,3 @@
+{
+ "java.configuration.updateBuildConfiguration": "interactive"
+}
\ No newline at end of file
diff --git a/CODEOWNERS b/CODEOWNERS
index 0773923..0496bc6 100644
--- a/CODEOWNERS
+++ b/CODEOWNERS
@@ -1 +1,11 @@
-* @contentstack/security-admin
\ No newline at end of file
+* @contentstack/devex-pr-reviewers
+
+.github/workflows/sca-scan.yml @contentstack/security-admin
+
+.github/workflows/codeql-anaylsis.yml @contentstack/security-admin
+
+**/.snyk @contentstack/security-admin
+
+.github/workflows/policy-scan.yml @contentstack/security-admin
+
+.github/workflows/issues-jira.yml @contentstack/security-admin
diff --git a/License.md b/LICENSE
similarity index 94%
rename from License.md
rename to LICENSE
index 4a3aedb..9a96f10 100644
--- a/License.md
+++ b/LICENSE
@@ -1,5 +1,5 @@
The MIT License (MIT)
-Copyright © 2012-2024 Contentstack. All Rights Reserved
+Copyright © 2012-2025 Contentstack. All Rights Reserved
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and
associated documentation files (the "Software"), to deal in the Software without restriction,
diff --git a/app/build.gradle b/app/build.gradle
index f5d238f..2ceef54 100644
--- a/app/build.gradle
+++ b/app/build.gradle
@@ -1,11 +1,11 @@
+import com.vanniktech.maven.publish.SonatypeHost
+
plugins {
- id 'com.android.application'
+ id 'com.android.library'
id "realm-android"
- id "com.vanniktech.maven.publish" version "0.27.0"
+ id "com.vanniktech.maven.publish" version "0.33.0"
}
-// import com.vanniktech.maven.publish.SonatypeHost
-
android {
compileSdkVersion 34
namespace 'com.contentstack.sdk.persistence'
@@ -19,6 +19,9 @@ android {
release {
minifyEnabled false
}
+ debug {
+ minifyEnabled false
+ }
}
compileOptions {
sourceCompatibility = "1.8"
@@ -30,10 +33,42 @@ android {
}
dependencies {
- implementation 'com.contentstack.sdk:android:3.14.0-20240208.095825-3'
+ implementation 'com.contentstack.sdk:android:4.0.1'
implementation 'androidx.appcompat:appcompat:1.6.1'
implementation 'com.google.android.material:material:1.11.0'
implementation 'androidx.constraintlayout:constraintlayout:2.1.4'
implementation 'androidx.lifecycle:lifecycle-livedata:2.7.0'
implementation 'androidx.lifecycle:lifecycle-viewmodel:2.7.0'
}
+
+mavenPublishing {
+ publishToMavenCentral("CENTRAL_PORTAL")
+
+ coordinates(GROUP, POM_ARTIFACT_ID, VERSION_NAME)
+
+ pom {
+ name = POM_NAME
+ description = POM_DESCRIPTION
+ inceptionYear = POM_INCEPTION_YEAR
+ url = POM_URL
+ licenses {
+ license {
+ name = POM_LICENSE_NAME
+ url = POM_LICENSE_URL
+ distribution = POM_LICENSE_DIST
+ }
+ }
+ developers {
+ developer {
+ id = POM_DEVELOPER_ID
+ name = POM_DEVELOPER_NAME
+ url = POM_DEVELOPER_URL
+ }
+ }
+ scm {
+ url = POM_SCM_URL
+ connection = POM_SCM_CONNECTION
+ developerConnection = POM_SCM_DEV_CONNECTION
+ }
+ }
+}
diff --git a/build.gradle b/build.gradle
index e2ac4f4..92bbada 100644
--- a/build.gradle
+++ b/build.gradle
@@ -5,8 +5,7 @@ buildscript {
}
dependencies {
- // classpath 'com.android.tools.build:gradle:8.2.2'
- classpath 'com.android.tools.build:gradle:7.4.2'
+ classpath 'com.android.tools.build:gradle:8.2.2'
classpath 'io.realm:realm-gradle-plugin:10.15.1'
}
}
diff --git a/gradle.properties b/gradle.properties
index be17087..3c83d27 100644
--- a/gradle.properties
+++ b/gradle.properties
@@ -12,12 +12,12 @@ org.gradle.jvmargs=-Xmx1536m
# http://www.gradle.org/docs/current/userguide/multi_project_builds.html#sec:decoupled_projects
# org.gradle.parallel=true
# org.gradle.jvmargs=-Xmx1024m
-SONATYPE_HOST=DEFAULT
RELEASE_SIGNING_ENABLED=true
-GROUP=com.contentstack.persistence
-POM_ARTIFACT_ID=sync
-VERSION_NAME=0.0.2-SNAPSHOT
-POM_NAME=sync
+androidVariantToPublish=release
+GROUP=com.contentstack
+POM_ARTIFACT_ID=persistence
+VERSION_NAME=0.0.2
+POM_NAME=contentstack-android-persistence
POM_DESCRIPTION=The Content Delivery SDK facilitates the retrieval of content from your Contentstack account, enabling seamless delivery to your web or mobile properties
POM_INCEPTION_YEAR=2018
POM_URL=https://github.com/contentstack/contentstack-android-persistence
diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties
index 34e9d6e..acec730 100644
--- a/gradle/wrapper/gradle-wrapper.properties
+++ b/gradle/wrapper/gradle-wrapper.properties
@@ -1,6 +1,6 @@
#Tue Jan 30 00:01:42 IST 2024
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.2-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.5-bin.zip
zipStoreBase=GRADLE_USER_HOME
zipStorePath=wrapper/dists