Prepare for next release #199
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Change default values for StorageServiceProperties.
Bumps [io.freefair.maven-publish-java](https://github.com/freefair/gradle-plugins) from 6.5.1 to 8.0.1. - [Release notes](https://github.com/freefair/gradle-plugins/releases) - [Commits](freefair/gradle-plugins@6.5.1...8.0.1) --- updated-dependencies: - dependency-name: io.freefair.maven-publish-java dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
…opment/io.freefair.maven-publish-java-8.0.1
Bumps org.owasp.dependencycheck from 7.4.1 to 8.2.1. --- updated-dependencies: - dependency-name: org.owasp.dependencycheck dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
…opment/org.owasp.dependencycheck-8.2.1
Bumps [org.springframework.restdocs:spring-restdocs-mockmvc](https://github.com/spring-projects/spring-restdocs) from 2.0.6.RELEASE to 2.0.7.RELEASE. - [Release notes](https://github.com/spring-projects/spring-restdocs/releases) - [Commits](spring-projects/spring-restdocs@v2.0.6.RELEASE...v2.0.7.RELEASE) --- updated-dependencies: - dependency-name: org.springframework.restdocs:spring-restdocs-mockmvc dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [org.springframework:spring-messaging](https://github.com/spring-projects/spring-framework) from 5.3.23 to 5.3.26. - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v5.3.23...v5.3.26) --- updated-dependencies: - dependency-name: org.springframework:spring-messaging dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [org.postgresql:postgresql](https://github.com/pgjdbc/pgjdbc) from 42.5.1 to 42.6.0. - [Release notes](https://github.com/pgjdbc/pgjdbc/releases) - [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md) - [Commits](pgjdbc/pgjdbc@REL42.5.1...REL42.6.0) --- updated-dependencies: - dependency-name: org.postgresql:postgresql dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [org.javers:javers-spring-boot-starter-sql](https://github.com/javers/javers) from 6.8.2 to 6.14.0. - [Release notes](https://github.com/javers/javers/releases) - [Commits](javers/javers@6.8.2...javers-6.14.0) --- updated-dependencies: - dependency-name: org.javers:javers-spring-boot-starter-sql dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…opment/org.springframework.restdocs-spring-restdocs-mockmvc-2.0.7.RELEASE
…opment/org.postgresql-postgresql-42.6.0
…opment/org.springframework-spring-messaging-5.3.26
…opment/org.javers-javers-spring-boot-starter-sql-6.14.0
Bumps `springDocVersion` from 1.6.14 to 1.7.0. Updates `org.springdoc:springdoc-openapi-ui` from 1.6.14 to 1.7.0 - [Release notes](https://github.com/springdoc/springdoc-openapi/releases) - [Changelog](https://github.com/springdoc/springdoc-openapi/blob/master/CHANGELOG.md) - [Commits](springdoc/springdoc-openapi@v1.6.14...v1.7.0) Updates `org.springdoc:springdoc-openapi-data-rest` from 1.6.14 to 1.7.0 - [Release notes](https://github.com/springdoc/springdoc-openapi/releases) - [Changelog](https://github.com/springdoc/springdoc-openapi/blob/master/CHANGELOG.md) - [Commits](springdoc/springdoc-openapi@v1.6.14...v1.7.0) Updates `org.springdoc:springdoc-openapi-webmvc-core` from 1.6.14 to 1.7.0 - [Release notes](https://github.com/springdoc/springdoc-openapi/releases) - [Changelog](https://github.com/springdoc/springdoc-openapi/blob/master/CHANGELOG.md) - [Commits](springdoc/springdoc-openapi@v1.6.14...v1.7.0) --- updated-dependencies: - dependency-name: org.springdoc:springdoc-openapi-ui dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.springdoc:springdoc-openapi-data-rest dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: org.springdoc:springdoc-openapi-webmvc-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…ile_structure_does_not_have_leading_zeros Date-based file structure does not have leading zeros.
…opment/springDocVersion-1.7.0
Bumps com.fasterxml.jackson.datatype:jackson-datatype-jsr310 from 2.13.4 to 2.14.2. --- updated-dependencies: - dependency-name: com.fasterxml.jackson.datatype:jackson-datatype-jsr310 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [org.apache.tika:tika-core](https://github.com/apache/tika) from 2.6.0 to 2.7.0. - [Release notes](https://github.com/apache/tika/releases) - [Changelog](https://github.com/apache/tika/blob/main/CHANGES.txt) - [Commits](apache/tika@2.6.0...2.7.0) --- updated-dependencies: - dependency-name: org.apache.tika:tika-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps io.github.gradle-nexus.publish-plugin from 1.1.0 to 1.3.0. --- updated-dependencies: - dependency-name: io.github.gradle-nexus.publish-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps com.sun.xml.bind:jaxb-impl from 4.0.1 to 4.0.2. --- updated-dependencies: - dependency-name: com.sun.xml.bind:jaxb-impl dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
…opment/com.sun.xml.bind-jaxb-impl-4.0.2
…opment/org.apache.tika-tika-core-2.7.0
…opment/com.fasterxml.jackson.datatype-jackson-datatype-jsr310-2.14.2
Bumps [com.fasterxml.jackson.module:jackson-module-afterburner](https://github.com/FasterXML/jackson-modules-base) from 2.13.4 to 2.14.2. - [Release notes](https://github.com/FasterXML/jackson-modules-base/releases) - [Commits](FasterXML/jackson-modules-base@jackson-modules-base-2.13.4...jackson-modules-base-2.14.2) --- updated-dependencies: - dependency-name: com.fasterxml.jackson.module:jackson-module-afterburner dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [io.freefair.lombok](https://github.com/freefair/gradle-plugins) from 6.6.1 to 8.0.1. - [Release notes](https://github.com/freefair/gradle-plugins/releases) - [Commits](freefair/gradle-plugins@6.6.1...8.0.1) --- updated-dependencies: - dependency-name: io.freefair.lombok dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bump to spring boot3
…opment/com.fasterxml.jackson.datatype-jackson-datatype-joda-2.15.2
…opment/com.fasterxml.jackson.jaxrs-jackson-jaxrs-json-provider-2.15.2
Bumps com.fasterxml.jackson.datatype:jackson-datatype-jsr310 from 2.14.2 to 2.15.2. --- updated-dependencies: - dependency-name: com.fasterxml.jackson.datatype:jackson-datatype-jsr310 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [com.fasterxml.jackson.module:jackson-module-afterburner](https://github.com/FasterXML/jackson-modules-base) from 2.14.2 to 2.15.2. - [Commits](FasterXML/jackson-modules-base@jackson-modules-base-2.14.2...jackson-modules-base-2.15.2) --- updated-dependencies: - dependency-name: com.fasterxml.jackson.module:jackson-module-afterburner dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…rom_v1_to_v2 Bump CodeQL from v1 to v2.
…opment/com.fasterxml.jackson.datatype-jackson-datatype-jsr310-2.15.2
…opment/com.fasterxml.jackson.module-jackson-module-afterburner-2.15.2
Bumps commons-io:commons-io from 2.11.0 to 2.13.0. --- updated-dependencies: - dependency-name: commons-io:commons-io dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [org.javers:javers-spring-boot-starter-sql](https://github.com/javers/javers) from 7.0.0 to 7.0.1. - [Release notes](https://github.com/javers/javers/releases) - [Commits](javers/javers@javers-7.0.0...javers-7.0.1) --- updated-dependencies: - dependency-name: org.javers:javers-spring-boot-starter-sql dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [org.apache.tika:tika-core](https://github.com/apache/tika) from 2.7.0 to 2.8.0. - [Changelog](https://github.com/apache/tika/blob/main/CHANGES.txt) - [Commits](apache/tika@2.7.0...2.8.0) --- updated-dependencies: - dependency-name: org.apache.tika:tika-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
![sonatype-lift[bot]](https://avatars.githubusercontent.com/in/9843?s=60&v=4){kind=small}
| @Schema(description = "The primary language of the resource. Possible codes are IETF BCP 47 or ISO 639-1.", example = "en, de, fr", required = false) | ||
| @Searchable | ||
| @Field(type = FieldType.Keyword, name = "language") | ||
| private String language; |
There was a problem hiding this comment.
UnnecessarilyFullyQualified: This fully qualified name is unambiguous to the compiler if imported.
Suggested change
| private String language; | |
| SuppressWarnings |
❗❗ 51 similar findings have been found in this PR
🔎 Expand here to view all instances of this finding
| File Path | Line Number |
|---|---|
| src/main/java/edu/kit/datamanager/repo/domain/GeoLocation.java | 48 |
| src/main/java/edu/kit/datamanager/repo/domain/DataResource.java | 182 |
| src/main/java/edu/kit/datamanager/repo/domain/Subject.java | 47 |
| src/main/java/edu/kit/datamanager/repo/domain/DataResource.java | 184 |
| src/main/java/edu/kit/datamanager/repo/domain/RelatedIdentifier.java | 126 |
| src/main/java/edu/kit/datamanager/repo/domain/DataResource.java | 106 |
| src/main/java/edu/kit/datamanager/repo/domain/DataResource.java | 143 |
| src/main/java/edu/kit/datamanager/repo/domain/Contributor.java | 86 |
| src/main/java/edu/kit/datamanager/repo/configuration/StorageServiceProperties.java | 28 |
| src/main/java/edu/kit/datamanager/repo/domain/Contributor.java | 88 |
Showing 10 of 51 findings. Visit the Lift Web Console to see all.
ℹ️ Expand to see all @sonatype-lift commands
You can reply with the following commands. For example, reply with @sonatype-lift ignoreall to leave out all findings.
| Command | Usage |
|---|---|
@sonatype-lift ignore |
Leave out the above finding from this PR |
@sonatype-lift ignoreall |
Leave out all the existing findings from this PR |
@sonatype-lift exclude <file|issue|path|tool> |
Exclude specified file|issue|path|tool from Lift findings by updating your config.toml file |
Note: When talking to LiftBot, you need to refresh the page to see its response.
Click here to add LiftBot to another repo.
…opment/org.apache.tika-tika-core-2.8.0
…opment/org.javers-javers-spring-boot-starter-sql-7.0.1
…opment/commons-io-commons-io-2.13.0
🛠 Lift Auto-fixSome of the Lift findings in this PR can be automatically fixed. You can download and apply these changes in your local project directory of your branch to review the suggestions before committing.1 # Download the patch
curl https://lift.sonatype.com/api/patch/github.com/kit-data-manager/repo-core/199.diff -o lift-autofixes.diff
# Apply the patch with git
git apply lift-autofixes.diff
# Review the changes
git diffWant it all in a single command? Open a terminal in your project's directory and copy and paste the following command: curl https://lift.sonatype.com/api/patch/github.com/kit-data-manager/repo-core/199.diff | git applyOnce you're satisfied, commit and push your changes in your project. Footnotes |
…d ControllerAdvice for translating ConstraintViolationException to BAD_REQUEST
…_for_empty_ACL_SID Missing check for empty ACL SID
| private Long id; | ||
| @SecureUpdate("FORBIDDEN") | ||
| @NotNull(message = "Subject ID of ACL entry must not be null.") | ||
| private String sid; |
There was a problem hiding this comment.
UnnecessarilyFullyQualified: This fully qualified name is unambiguous to the compiler if imported.
Suggested change
| private String sid; | |
| SuppressWarnings |
❗❗ 2 similar findings have been found in this PR
🔎 Expand here to view all instances of this finding
| File Path | Line Number |
|---|---|
| src/main/java/edu/kit/datamanager/repo/domain/acl/AclEntry.java | 57 |
| src/main/java/edu/kit/datamanager/repo/domain/acl/AclEntry.java | 51 |
Visit the Lift Web Console to find more details in your report.
ℹ️ Expand to see all @sonatype-lift commands
You can reply with the following commands. For example, reply with @sonatype-lift ignoreall to leave out all findings.
| Command | Usage |
|---|---|
@sonatype-lift ignore |
Leave out the above finding from this PR |
@sonatype-lift ignoreall |
Leave out all the existing findings from this PR |
@sonatype-lift exclude <file|issue|path|tool> |
Exclude specified file|issue|path|tool from Lift findings by updating your config.toml file |
Note: When talking to LiftBot, you need to refresh the page to see its response.
Click here to add LiftBot to another repo.
Bumps org.owasp.dependencycheck from 8.2.1 to 8.3.1. --- updated-dependencies: - dependency-name: org.owasp.dependencycheck dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…opment/org.owasp.dependencycheck-8.3.1
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.