diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml index bb69457..8067a90 100644 --- a/.github/workflows/security-scan.yml +++ b/.github/workflows/security-scan.yml @@ -49,12 +49,12 @@ jobs: sarif_file: 'results.sarif' - name: CVE Description escaped extraction and print run: | - SCAN_RESULTS=$(jq -r 'try .runs[0].tool.driver.rules | try map(.shortDescription.text) | join("\\n")' results.sarif) + SCAN_RESULTS=$(jq -r 'try .runs[0].tool.driver.rules | try map(.help.text) | join("\\n\\n********************\\n\\n")' results.sarif) echo "CVE_CRITICAL=$(echo $SCAN_RESULTS | grep -o CRITICAL | wc -l)" >> $GITHUB_ENV echo "CVE_HIGH=$(echo $SCAN_RESULTS | grep -o HIGH | wc -l)" >> $GITHUB_ENV echo "CVE_MEDIUM=$(echo $SCAN_RESULTS | grep -o MEDIUM | wc -l)" >> $GITHUB_ENV - echo $SCAN_RESULTS + printf "$SCAN_RESULTS" - name: Fails if CVE HIGH or CRITICAL are detected id: cve-threshold if: env.CVE_HIGH > 0 || env.CVE_CRITICAL > 0 diff --git a/Dockerfile b/Dockerfile index 7ab104b..45af072 100644 --- a/Dockerfile +++ b/Dockerfile @@ -8,7 +8,7 @@ ARG IMAGE_VERSION="21-alpine-3.21" ARG IMAGE_SHA="cafcfad1d9d3b6e7dd983fa367f085ca1c846ce792da59bcb420ac4424296d56" ARG GRADLE_VERSION="8.10.2" ARG GRADLE_DOWNLOAD_SHA256="31c55713e40233a8303827ceb42ca48a47267a0ad4bab9177123121e71524c26" -ARG APPINSIGHTS_VERSION="3.7.1" +ARG APPINSIGHTS_VERSION="3.7.2" # 🌍 Timezone Configuration ARG TZ="Europe/Rome" diff --git a/build.gradle.kts b/build.gradle.kts index 8d1de34..6ade70b 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -1,11 +1,11 @@ plugins { java - id("org.springframework.boot") version "3.4.3" + id("org.springframework.boot") version "3.4.5" id("io.spring.dependency-management") version "1.1.7" jacoco - id("org.sonarqube") version "6.0.1.5171" - id("com.github.ben-manes.versions") version "0.51.0" - id("org.openapi.generator") version "7.10.0" + id("org.sonarqube") version "6.1.0.5360" + id("com.github.ben-manes.versions") version "0.52.0" + id("org.openapi.generator") version "7.13.0" id("com.gorylenko.gradle-git-properties") version "2.5.0" } @@ -29,10 +29,10 @@ repositories { mavenCentral() } -val springDocOpenApiVersion = "2.8.5" +val springDocOpenApiVersion = "2.8.6" val openApiToolsVersion = "0.2.6" -val micrometerVersion = "1.4.3" -val httpClientVersion = "5.4.2" +val micrometerVersion = "1.4.6" +val httpClientVersion = "5.4.4" dependencies { implementation("org.springframework.boot:spring-boot-starter") diff --git a/gradle.lockfile b/gradle.lockfile index bb6c3dc..3f68394 100644 --- a/gradle.lockfile +++ b/gradle.lockfile @@ -2,25 +2,25 @@ # Manual edits can break the build and are not advised. # This file is expected to be part of source control. aopalliance:aopalliance:1.0=compileClasspath -ch.qos.logback:logback-classic:1.5.16=compileClasspath -ch.qos.logback:logback-core:1.5.16=compileClasspath -com.fasterxml.jackson.core:jackson-annotations:2.18.2=compileClasspath -com.fasterxml.jackson.core:jackson-core:2.18.2=compileClasspath -com.fasterxml.jackson.core:jackson-databind:2.18.2=compileClasspath -com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:2.18.2=compileClasspath -com.fasterxml.jackson.datatype:jackson-datatype-jdk8:2.18.2=compileClasspath -com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.18.2=compileClasspath -com.fasterxml.jackson.module:jackson-module-parameter-names:2.18.2=compileClasspath -com.fasterxml.jackson:jackson-bom:2.18.2=compileClasspath +ch.qos.logback:logback-classic:1.5.18=compileClasspath +ch.qos.logback:logback-core:1.5.18=compileClasspath +com.fasterxml.jackson.core:jackson-annotations:2.18.3=compileClasspath +com.fasterxml.jackson.core:jackson-core:2.18.3=compileClasspath +com.fasterxml.jackson.core:jackson-databind:2.18.3=compileClasspath +com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:2.18.3=compileClasspath +com.fasterxml.jackson.datatype:jackson-datatype-jdk8:2.18.3=compileClasspath +com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.18.3=compileClasspath +com.fasterxml.jackson.module:jackson-module-parameter-names:2.18.3=compileClasspath +com.fasterxml.jackson:jackson-bom:2.18.3=compileClasspath com.fasterxml:classmate:1.7.0=compileClasspath -io.micrometer:context-propagation:1.1.2=compileClasspath -io.micrometer:micrometer-commons:1.14.4=compileClasspath -io.micrometer:micrometer-core:1.14.4=compileClasspath -io.micrometer:micrometer-jakarta9:1.14.4=compileClasspath -io.micrometer:micrometer-observation:1.14.4=compileClasspath -io.micrometer:micrometer-registry-prometheus:1.14.4=compileClasspath -io.micrometer:micrometer-tracing-bridge-otel:1.4.3=compileClasspath -io.micrometer:micrometer-tracing:1.4.3=compileClasspath +io.micrometer:context-propagation:1.1.3=compileClasspath +io.micrometer:micrometer-commons:1.14.6=compileClasspath +io.micrometer:micrometer-core:1.14.6=compileClasspath +io.micrometer:micrometer-jakarta9:1.14.6=compileClasspath +io.micrometer:micrometer-observation:1.14.6=compileClasspath +io.micrometer:micrometer-registry-prometheus:1.14.6=compileClasspath +io.micrometer:micrometer-tracing-bridge-otel:1.4.6=compileClasspath +io.micrometer:micrometer-tracing:1.4.5=compileClasspath io.opentelemetry.instrumentation:opentelemetry-instrumentation-api-incubator:2.9.0-alpha=compileClasspath io.opentelemetry.instrumentation:opentelemetry-instrumentation-api:2.9.0=compileClasspath io.opentelemetry.semconv:opentelemetry-semconv:1.25.0-alpha=compileClasspath @@ -36,52 +36,52 @@ io.prometheus:prometheus-metrics-config:1.3.6=compileClasspath io.prometheus:prometheus-metrics-core:1.3.6=compileClasspath io.prometheus:prometheus-metrics-model:1.3.6=compileClasspath io.prometheus:prometheus-metrics-tracer-common:1.3.6=compileClasspath -io.swagger.core.v3:swagger-annotations-jakarta:2.2.28=compileClasspath -io.swagger.core.v3:swagger-core-jakarta:2.2.28=compileClasspath -io.swagger.core.v3:swagger-models-jakarta:2.2.28=compileClasspath +io.swagger.core.v3:swagger-annotations-jakarta:2.2.29=compileClasspath +io.swagger.core.v3:swagger-core-jakarta:2.2.29=compileClasspath +io.swagger.core.v3:swagger-models-jakarta:2.2.29=compileClasspath jakarta.activation:jakarta.activation-api:2.1.3=compileClasspath jakarta.annotation:jakarta.annotation-api:2.1.1=compileClasspath jakarta.validation:jakarta.validation-api:3.0.2=compileClasspath jakarta.xml.bind:jakarta.xml.bind-api:4.0.2=compileClasspath org.apache.commons:commons-lang3:3.17.0=compileClasspath -org.apache.httpcomponents.client5:httpclient5:5.4.2=compileClasspath -org.apache.httpcomponents.core5:httpcore5-h2:5.3.3=compileClasspath -org.apache.httpcomponents.core5:httpcore5:5.3.3=compileClasspath +org.apache.httpcomponents.client5:httpclient5:5.4.4=compileClasspath +org.apache.httpcomponents.core5:httpcore5-h2:5.3.4=compileClasspath +org.apache.httpcomponents.core5:httpcore5:5.3.4=compileClasspath org.apache.logging.log4j:log4j-api:2.24.3=compileClasspath org.apache.logging.log4j:log4j-to-slf4j:2.24.3=compileClasspath -org.apache.tomcat.embed:tomcat-embed-core:10.1.36=compileClasspath -org.apache.tomcat.embed:tomcat-embed-el:10.1.36=compileClasspath -org.apache.tomcat.embed:tomcat-embed-websocket:10.1.36=compileClasspath +org.apache.tomcat.embed:tomcat-embed-core:10.1.40=compileClasspath +org.apache.tomcat.embed:tomcat-embed-el:10.1.40=compileClasspath +org.apache.tomcat.embed:tomcat-embed-websocket:10.1.40=compileClasspath org.hibernate.validator:hibernate-validator:8.0.2.Final=compileClasspath org.jboss.logging:jboss-logging:3.6.1.Final=compileClasspath org.jspecify:jspecify:1.0.0=compileClasspath org.openapitools:jackson-databind-nullable:0.2.6=compileClasspath -org.projectlombok:lombok:1.18.36=compileClasspath -org.slf4j:jul-to-slf4j:2.0.16=compileClasspath -org.slf4j:slf4j-api:2.0.16=compileClasspath -org.springdoc:springdoc-openapi-starter-common:2.8.5=compileClasspath -org.springdoc:springdoc-openapi-starter-webmvc-api:2.8.5=compileClasspath -org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.5=compileClasspath -org.springframework.boot:spring-boot-actuator-autoconfigure:3.4.3=compileClasspath -org.springframework.boot:spring-boot-actuator:3.4.3=compileClasspath -org.springframework.boot:spring-boot-autoconfigure:3.4.3=compileClasspath -org.springframework.boot:spring-boot-starter-actuator:3.4.3=compileClasspath -org.springframework.boot:spring-boot-starter-json:3.4.3=compileClasspath -org.springframework.boot:spring-boot-starter-logging:3.4.3=compileClasspath -org.springframework.boot:spring-boot-starter-tomcat:3.4.3=compileClasspath -org.springframework.boot:spring-boot-starter-validation:3.4.3=compileClasspath -org.springframework.boot:spring-boot-starter-web:3.4.3=compileClasspath -org.springframework.boot:spring-boot-starter:3.4.3=compileClasspath -org.springframework.boot:spring-boot:3.4.3=compileClasspath -org.springframework:spring-aop:6.2.3=compileClasspath -org.springframework:spring-beans:6.2.3=compileClasspath -org.springframework:spring-context:6.2.3=compileClasspath -org.springframework:spring-core:6.2.3=compileClasspath -org.springframework:spring-expression:6.2.3=compileClasspath -org.springframework:spring-jcl:6.2.3=compileClasspath -org.springframework:spring-web:6.2.3=compileClasspath -org.springframework:spring-webmvc:6.2.3=compileClasspath -org.webjars:swagger-ui:5.18.3=compileClasspath +org.projectlombok:lombok:1.18.38=compileClasspath +org.slf4j:jul-to-slf4j:2.0.17=compileClasspath +org.slf4j:slf4j-api:2.0.17=compileClasspath +org.springdoc:springdoc-openapi-starter-common:2.8.6=compileClasspath +org.springdoc:springdoc-openapi-starter-webmvc-api:2.8.6=compileClasspath +org.springdoc:springdoc-openapi-starter-webmvc-ui:2.8.6=compileClasspath +org.springframework.boot:spring-boot-actuator-autoconfigure:3.4.5=compileClasspath +org.springframework.boot:spring-boot-actuator:3.4.5=compileClasspath +org.springframework.boot:spring-boot-autoconfigure:3.4.5=compileClasspath +org.springframework.boot:spring-boot-starter-actuator:3.4.5=compileClasspath +org.springframework.boot:spring-boot-starter-json:3.4.5=compileClasspath +org.springframework.boot:spring-boot-starter-logging:3.4.5=compileClasspath +org.springframework.boot:spring-boot-starter-tomcat:3.4.5=compileClasspath +org.springframework.boot:spring-boot-starter-validation:3.4.5=compileClasspath +org.springframework.boot:spring-boot-starter-web:3.4.5=compileClasspath +org.springframework.boot:spring-boot-starter:3.4.5=compileClasspath +org.springframework.boot:spring-boot:3.4.5=compileClasspath +org.springframework:spring-aop:6.2.6=compileClasspath +org.springframework:spring-beans:6.2.6=compileClasspath +org.springframework:spring-context:6.2.6=compileClasspath +org.springframework:spring-core:6.2.6=compileClasspath +org.springframework:spring-expression:6.2.6=compileClasspath +org.springframework:spring-jcl:6.2.6=compileClasspath +org.springframework:spring-web:6.2.6=compileClasspath +org.springframework:spring-webmvc:6.2.6=compileClasspath +org.webjars:swagger-ui:5.20.1=compileClasspath org.webjars:webjars-locator-lite:1.0.1=compileClasspath org.yaml:snakeyaml:2.3=compileClasspath empty=