Skip to content

Commit

Permalink
#46: Fix CVE-2024-21634 in software.amazon.ion:ion-java (#47)
Browse files Browse the repository at this point in the history
  • Loading branch information
@kaklakariada
kaklakariada committed Jan 19, 2024
1 parent 794d1fa commit 7e6c670
Show file tree
Hide file tree
Showing 23 changed files with 1,118 additions and 841 deletions.
2 changes: 2 additions & 0 deletions .github/workflows/broken_links_checker.yml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 5 additions & 3 deletions .github/workflows/ci-build-next-java.yml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

61 changes: 32 additions & 29 deletions .github/workflows/ci-build.yml
View file
Original file line number Diff line number Diff line change
@@ -1,40 +1,41 @@
# Generated by Project Keeper
# https://github.com/exasol/project-keeper/blob/main/project-keeper/src/main/resources/templates/.github/workflows/ci-build-db-version-matrix.yml
name: CI Build

on:
push:
branches:
- main
pull_request:

jobs:
build:
runs-on: ubuntu-20.04 # UDFs fail with "VM error: Internal error: VM crashed" on ubuntu-latest
name: Build with Exasol ${{ matrix.docker_db_version }}
matrix-build:
runs-on: ubuntu-20.04
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.docker_db_version }}
group: ${{ github.workflow }}-${{ github.ref }}-${{ matrix.exasol_db_version }}
cancel-in-progress: true
strategy:
fail-fast: false
matrix:
docker_db_version: ["7.1.24", "8.23.1"]
exasol_db_version: ["8.24.0", "7.1.25"]
env:
DEFAULT_DB_VERSION: "8.23.1"
DEFAULT_EXASOL_DB_VERSION: "8.24.0"
steps:
- name: Free Disk Space
if: ${{ false }}
run: |
sudo rm -rf /usr/local/lib/android
sudo rm -rf /usr/share/dotnet
- name: Checkout the repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up JDK 11 & 17
uses: actions/setup-java@v3
- name: Set up JDKs
uses: actions/setup-java@v4
with:
distribution: "temurin"
java-version: |
17
11
17
cache: "maven"
- name: Cache SonarCloud packages
uses: actions/cache@v3
Expand All @@ -45,31 +46,33 @@ jobs:
- name: Enable testcontainer reuse
run: echo 'testcontainers.reuse.enable=true' > "$HOME/.testcontainers.properties"
- name: Run tests and build with Maven
run: >
JAVA_HOME=$JAVA_HOME_11_X64
mvn --batch-mode clean verify
-Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn
-Dcom.exasol.dockerdb.image=${{ matrix.docker_db_version }}
-DtrimStackTrace=false
run: |
mvn --batch-mode clean verify \
-Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
-DtrimStackTrace=false \
-Dcom.exasol.dockerdb.image=${{ matrix.exasol_db_version }}
env:
# Passing system property via -Dcom.exasol.dockerdb.image does not work because the scalatest plugin does
# not forward it to the test. So we use this environment variable, see KinesisAbstractIntegrationTest.getExasolDockerImageVersion()
EXASOL_DOCKER_VERSION: ${{ matrix.docker_db_version }}
- name: Publish Test Report
# Set additional environment variable as in scala projects the scalatest plugin does not forward
# the system property -Dcom.exasol.dockerdb.image to the test's implementation.
EXASOL_DB_VERSION: ${{ matrix.exasol_db_version }}
- name: Publish Test Report for Exasol ${{ matrix.exasol_db_version }}
uses: scacap/action-surefire-report@v1
if: ${{ always() && github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]' }}
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
- name: Sonar analysis
if: ${{ env.SONAR_TOKEN != null && matrix.docker_db_version == env.DEFAULT_DB_VERSION }}
run: >
JAVA_HOME=$JAVA_HOME_17_X64
mvn --batch-mode org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
-Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn
-DtrimStackTrace=false
-Dsonar.organization=exasol
-Dsonar.host.url=https://sonarcloud.io
-Dsonar.token=$SONAR_TOKEN
if: ${{ env.SONAR_TOKEN != null && matrix.exasol_db_version == env.DEFAULT_EXASOL_DB_VERSION }}
run: |
mvn --batch-mode org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \
-Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
-DtrimStackTrace=false \
-Dsonar.token=$SONAR_TOKEN
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

build:
needs: matrix-build
runs-on: ubuntu-latest
steps:
- run: echo "Build successful"
11 changes: 7 additions & 4 deletions .github/workflows/dependencies_check.yml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 9 additions & 1 deletion .github/workflows/linting.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,14 @@ jobs:
cancel-in-progress: true
steps:
- name: Checkout the repository
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Set up JDKs
uses: actions/setup-java@v4
with:
distribution: "temurin"
java-version: |
11
17
cache: "maven"
- name: Run scalafix checks
run: mvn --batch-mode clean compile test-compile scalastyle:check scalafix:scalafix spotless:check
14 changes: 9 additions & 5 deletions .github/workflows/release_droid_prepare_original_checksum.yml
View file
Original file line number Diff line number Diff line change
@@ -1,25 +1,29 @@
# Generated by Project Keeper
# https://github.com/exasol/project-keeper/blob/main/project-keeper/src/main/resources/templates/.github/workflows/release_droid_prepare_original_checksum.yml
name: Release Droid - Prepare Original Checksum

on:
workflow_dispatch:

jobs:
build:
runs-on: ubuntu-20.04 # UDFs fail with "VM error: Internal error: VM crashed" on ubuntu-latest
runs-on: ubuntu-20.04
steps:
- name: Free Disk Space
if: ${{ false }}
run: |
sudo rm -rf /usr/local/lib/android
sudo rm -rf /usr/share/dotnet
- name: Checkout the repository
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up JDK 11
uses: actions/setup-java@v3
- name: Set up JDKs
uses: actions/setup-java@v4
with:
distribution: "temurin"
java-version: 11
java-version: |
11
17
cache: "maven"
- name: Enable testcontainer reuse
run: echo 'testcontainers.reuse.enable=true' > "$HOME/.testcontainers.properties"
Expand Down
11 changes: 7 additions & 4 deletions .github/workflows/release_droid_print_quick_checksum.yml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

20 changes: 16 additions & 4 deletions .github/workflows/release_droid_upload_github_release_assets.yml
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 8 additions & 2 deletions .project-keeper.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,12 @@ sources:
path: extension/package.json
version:
fromSource: pom.xml
build:
runnerOs: ubuntu-20.04
freeDiskSpace: false
exasolDbVersions:
- "8.24.0"
- "7.1.25"
excludes:
- "E-PK-CORE-18: Outdated content: '.github/workflows/ci-build.yml'"
- "E-PK-CORE-18: Outdated content: '.github/workflows/release_droid_prepare_original_checksum.yml'"
# Uploads extension to GitHub release
- "E-PK-CORE-18: Outdated content: '.github/workflows/release_droid_upload_github_release_assets.yml'"
5 changes: 3 additions & 2 deletions .vscode/settings.json
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,9 @@
{
"editor.formatOnSave": true,
"editor.codeActionsOnSave": {
"source.organizeImports": true,
"source.generate.finalModifiers": true
"source.organizeImports": "explicit",
"source.generate.finalModifiers": "explicit",
"source.fixAll": "explicit"
},
"java.saveActions.organizeImports": true,
"java.sources.organizeImports.starThreshold": 3,
Expand Down
Loading

0 comments on commit 7e6c670

Please sign in to comment.