diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml new file mode 100644 index 0000000..856a36b --- /dev/null +++ b/.github/workflows/coverage.yml @@ -0,0 +1,64 @@ +name: Coverage + +on: + push: + branches: [ master, upgrade ] + paths: + - 'accessors-smart/**' + - 'json-smart/**' + - '.github/workflows/coverage.yml' + pull_request: + branches: [ master ] + paths: + - 'accessors-smart/**' + - 'json-smart/**' + - '.github/workflows/coverage.yml' + +permissions: + contents: read + +jobs: + coverage: + name: Code Coverage + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up JDK 11 + uses: actions/setup-java@v4 + with: + java-version: 11 + distribution: 'temurin' + cache: 'maven' + + - name: Build and test accessors-smart with coverage + run: cd accessors-smart && ./mvnw -q clean install + + - name: Build and test json-smart with coverage + run: cd json-smart && ./mvnw -q clean test + + - name: Upload accessors-smart coverage to Coveralls + uses: coverallsapp/github-action@v2 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + file: accessors-smart/target/site/jacoco/jacoco.xml + format: jacoco + flag-name: accessors-smart + parallel: true + + - name: Upload json-smart coverage to Coveralls + uses: coverallsapp/github-action@v2 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + file: json-smart/target/site/jacoco/jacoco.xml + format: jacoco + flag-name: json-smart + parallel: true + + - name: Finish parallel build + uses: coverallsapp/github-action@v2 + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + parallel-finished: true \ No newline at end of file diff --git a/.github/workflows/json-smart-formatting.yml b/.github/workflows/json-smart-formatting.yml index facc672..5eb5121 100644 --- a/.github/workflows/json-smart-formatting.yml +++ b/.github/workflows/json-smart-formatting.yml @@ -4,9 +4,23 @@ on: push: branches: - master + - upgrade + paths: + - 'accessors-smart/**' + - 'json-smart/**' + - 'json-smart-action/**' + - '.github/workflows/json-smart-formatting.yml' pull_request: branches: - master + paths: + - 'accessors-smart/**' + - 'json-smart/**' + - 'json-smart-action/**' + - '.github/workflows/json-smart-formatting.yml' + +permissions: + contents: read jobs: formatting: @@ -21,6 +35,14 @@ jobs: distribution: 'temurin' cache: 'maven' + - name: Cache local Maven repository + uses: actions/cache@v4 + with: + path: ~/.m2/repository + key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} + restore-keys: | + ${{ runner.os }}-maven- + - name: Check formatting accessors-smart run: cd accessors-smart; ./mvnw spotless:check diff --git a/.github/workflows/json-smart-unit-tests.yml b/.github/workflows/json-smart-unit-tests.yml index de3c842..480a5ea 100644 --- a/.github/workflows/json-smart-unit-tests.yml +++ b/.github/workflows/json-smart-unit-tests.yml @@ -5,16 +5,30 @@ on: branches: - master - update2024 + - upgrade + paths: + - 'accessors-smart/**' + - 'json-smart/**' + - 'json-smart-action/**' + - '.github/workflows/json-smart-unit-tests.yml' pull_request: branches: - master + paths: + - 'accessors-smart/**' + - 'json-smart/**' + - 'json-smart-action/**' + - '.github/workflows/json-smart-unit-tests.yml' + +permissions: + contents: read jobs: publish: runs-on: ubuntu-latest strategy: matrix: - java-version: [8, 11, 16, 17, 21] + java-version: [8, 11, 17, 21, 22, 23] steps: - uses: actions/checkout@v4 @@ -25,6 +39,14 @@ jobs: distribution: 'temurin' cache: 'maven' + - name: Cache local Maven repository + uses: actions/cache@v4 + with: + path: ~/.m2/repository + key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }} + restore-keys: | + ${{ runner.os }}-maven- + - name: Unit tests accessors-smart run: cd accessors-smart; ./mvnw -B install; ./mvnw -B clean test diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml new file mode 100644 index 0000000..2a1bfbd --- /dev/null +++ b/.github/workflows/security.yml @@ -0,0 +1,90 @@ +name: Security Scanning + +on: + push: + branches: [ master, upgrade ] + paths: + - 'accessors-smart/**' + - 'json-smart/**' + - 'json-smart-action/**' + - '.github/workflows/security.yml' + pull_request: + branches: [ master ] + paths: + - 'accessors-smart/**' + - 'json-smart/**' + - 'json-smart-action/**' + - '.github/workflows/security.yml' + schedule: + - cron: '0 6 * * 1' # Weekly on Monday at 6am UTC + +permissions: + contents: read + security-events: write + actions: read + +jobs: + codeql: + name: CodeQL Analysis + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + language: [ 'java' ] + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up JDK 11 + uses: actions/setup-java@v4 + with: + java-version: 11 + distribution: 'temurin' + cache: 'maven' + + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + + - name: Build project accessors-smart + run: cd accessors-smart && ./mvnw -q clean install + + - name: Build project json-smart + run: cd json-smart && ./mvnw -q clean install + + - name: Build project json-smart-action + run: cd json-smart-action && ./mvnw -q clean install + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + + dependency-check: + name: Dependency Vulnerability Scan + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up JDK 11 + uses: actions/setup-java@v4 + with: + java-version: 11 + distribution: 'temurin' + cache: 'maven' + + - name: Run OWASP Dependency Check + run: | + cd accessors-smart && ./mvnw -q org.owasp:dependency-check-maven:check -DnvdApiKey=${{ secrets.NVD_API_KEY }} + cd ../json-smart && ./mvnw -q org.owasp:dependency-check-maven:check -DnvdApiKey=${{ secrets.NVD_API_KEY }} + cd ../json-smart-action && ./mvnw -q org.owasp:dependency-check-maven:check -DnvdApiKey=${{ secrets.NVD_API_KEY }} + continue-on-error: true + + - name: Upload dependency check results + uses: actions/upload-artifact@v4 + if: always() + with: + name: dependency-check-reports + path: '**/target/dependency-check-report.html' \ No newline at end of file diff --git a/.gitignore b/.gitignore index 4b7b9ce..76f248c 100644 --- a/.gitignore +++ b/.gitignore @@ -9,3 +9,4 @@ **/bin **/target **/.vscode/ +.env diff --git a/README.md b/README.md index 3591d97..9d9b3d4 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,9 @@ # json-smart-v2 -[![Build Status](https://travis-ci.org/netplex/json-smart-v2.svg?branch=master)](https://travis-ci.org/netplex/json-smart-v2) +[![CI](https://github.com/netplex/json-smart-v2/actions/workflows/json-smart-unit-tests.yml/badge.svg)](https://github.com/netplex/json-smart-v2/actions/workflows/json-smart-unit-tests.yml) +[![Security](https://github.com/netplex/json-smart-v2/actions/workflows/security.yml/badge.svg)](https://github.com/netplex/json-smart-v2/actions/workflows/security.yml) [![Maven Central](https://maven-badges.herokuapp.com/maven-central/net.minidev/json-smart/badge.svg?style=flat-square)](https://maven-badges.herokuapp.com/maven-central/net.minidev/json-smart/) [![Coverage Status](https://coveralls.io/repos/github/netplex/json-smart-v2/badge.svg?branch=master)](https://coveralls.io/github/netplex/json-smart-v2?branch=master) +[![Java 8+](https://img.shields.io/badge/Java-8%2B-blue.svg)](https://openjdk.java.net/) Json-smart development started in 2010, when SQL servers did not support native JSON fields, NoSQL databases were slowly emerging, and all the existing JSON APIs were bogus. I wrote lots of tests to benchmark and compare JSON java parsers. diff --git a/accessors-smart/pom.xml b/accessors-smart/pom.xml index ef87765..98621d7 100644 --- a/accessors-smart/pom.xml +++ b/accessors-smart/pom.xml @@ -92,7 +92,7 @@ limitations under the License. org.apache.maven.plugins maven-gpg-plugin - 3.2.7 + 3.2.8 sign-artifacts @@ -178,7 +178,7 @@ limitations under the License. org.apache.maven.plugins maven-compiler-plugin - 3.13.0 + 3.14.0 UTF-8 ${maven.compiler.source} @@ -204,7 +204,7 @@ limitations under the License. org.apache.maven.plugins maven-javadoc-plugin - 3.10.1 + 3.11.2 8 @@ -243,7 +243,7 @@ limitations under the License. com.diffplug.spotless spotless-maven-plugin - 2.44.2 + 2.46.1 @@ -259,6 +259,25 @@ limitations under the License. + + org.jacoco + jacoco-maven-plugin + 0.8.13 + + + + prepare-agent + + + + report + test + + report + + + + @@ -266,7 +285,7 @@ limitations under the License. org.junit.jupiter junit-jupiter-api - 5.11.2 + 5.13.4 test diff --git a/json-smart-action/pom.xml b/json-smart-action/pom.xml index 27e3c1e..13dc87a 100644 --- a/json-smart-action/pom.xml +++ b/json-smart-action/pom.xml @@ -212,6 +212,7 @@ + org.apache.felix maven-bundle-plugin 5.1.9 diff --git a/json-smart/pom.xml b/json-smart/pom.xml index 3a6f0ed..6fc3938 100644 --- a/json-smart/pom.xml +++ b/json-smart/pom.xml @@ -270,6 +270,25 @@ limitations under the License. + + org.jacoco + jacoco-maven-plugin + 0.8.13 + + + + prepare-agent + + + + report + test + + report + + + +