Merge branch 'develop' into dependabot/maven/com.powsybl-powsybl-single-line-diagram-core-4.0.0

juancho0202 · web-flow · commit c8cb3b47b475 · 2023-11-29T10:32:41.000+01:00
Signed-off-by: Juan Munoz &lt;juancho0202@gmail.com&gt;
diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml
@@ -1,17 +1,35 @@
-# SPDX-FileCopyrightText: 2022 Alliander N.V.
+# SPDX-FileCopyrightText: 2023 Alliander N.V.
 #
 # SPDX-License-Identifier: Apache-2.0
+on:
+  push:
+    branches:
+      - main
 
-name: Release Project
+permissions:
+  contents: write
+  pull-requests: write
 
-on:
-  release:
-    types: [ released ]
+name: release-please
 
 jobs:
+  release_please:
+    runs-on: ubuntu-latest
+    outputs:
+      release_created: ${{ steps.release.outputs.release_created }}
+    steps:
+      - uses: google-github-actions/release-please-action@v3
+        id: release
+        with:
+          release-type: maven
+          package-name: compas-scl-auto-alignment
+  # The logic below handles the docker hub publication:
   push_to_registry:
+    needs: release_please
+    if: needs.release_please.outputs.release_created == "true"
     name: Build and publish
     runs-on: ubuntu-latest
+    timeout-minutes: 15
 
     steps:
       - name: Checkout
diff --git a/SECURITY.md b/SECURITY.md
@@ -0,0 +1,11 @@
+<!--
+SPDX-FileCopyrightText: 2023 Alliander N.V.
+
+SPDX-License-Identifier: Apache-2.0
+-->
+# Security Policy
+
+## Reporting a Vulnerability
+
+Please go to [Security Advisories](https://github.com/com-pas/compas-scl-auto-alignment/security/advisories) to privately report a security vulnerability, 
+our contributors will try to respond within a week of your report with a rough plan for a fix and new tests.
diff --git a/app/src/main/docker/Dockerfile.jvm b/app/src/main/docker/Dockerfile.jvm
@@ -21,7 +21,7 @@
 # docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/app-jvm
 #
 ###
-FROM registry.access.redhat.com/ubi8/ubi-minimal:8.8-1072.1697626218
+FROM registry.access.redhat.com/ubi8/ubi-minimal:8.9-1029
 
 ARG JAVA_PACKAGE=java-17-openjdk-headless
 ARG RUN_JAVA_VERSION=1.3.8
diff --git a/app/src/main/docker/Dockerfile.native b/app/src/main/docker/Dockerfile.native
@@ -14,7 +14,7 @@
 # docker run -i --rm -p 8080:8080 quarkus/app
 #
 ###
-FROM registry.access.redhat.com/ubi8/ubi-minimal:8.8-1072.1697626218
+FROM registry.access.redhat.com/ubi8/ubi-minimal:8.9-1029
 WORKDIR /work/
 RUN chown 1001 /work \
     && chmod "g+rwX" /work \
diff --git a/pom.xml b/pom.xml
@@ -25,8 +25,8 @@ SPDX-License-Identifier: Apache-2.0
 
         <compas.core.version>0.16.0</compas.core.version>
 
-        <quarkus.platform.version>3.5.1</quarkus.platform.version>
-        <log4j2.version>2.21.1</log4j2.version>
+        <quarkus.platform.version>3.5.3</quarkus.platform.version>
+        <log4j2.version>2.22.0</log4j2.version>
         <powsybl.sld.version>4.0.0</powsybl.sld.version>
         <gson.version>2.10.1</gson.version>
         <openpojo.version>0.9.1</openpojo.version>

Original file line number	Diff line number	Diff line change
`@@ -21,7 +21,7 @@`
`21`	`21`	`# docker run -i --rm -p 8080:8080 -p 5005:5005 -e JAVA_ENABLE_DEBUG="true" quarkus/app-jvm`
`22`	`22`	`#`
`23`	`23`	`###`
`24`		`-FROM registry.access.redhat.com/ubi8/ubi-minimal:8.8-1072.1697626218`
	`24`	`+FROM registry.access.redhat.com/ubi8/ubi-minimal:8.9-1029`
`25`	`25`
`26`	`26`	`ARG JAVA_PACKAGE=java-17-openjdk-headless`
`27`	`27`	`ARG RUN_JAVA_VERSION=1.3.8`
Original file line number	Diff line number	Diff line change
`@@ -14,7 +14,7 @@`
`14`	`14`	`# docker run -i --rm -p 8080:8080 quarkus/app`
`15`	`15`	`#`
`16`	`16`	`###`
`17`		`-FROM registry.access.redhat.com/ubi8/ubi-minimal:8.8-1072.1697626218`
	`17`	`+FROM registry.access.redhat.com/ubi8/ubi-minimal:8.9-1029`
`18`	`18`	`WORKDIR /work/`
`19`	`19`	`RUN chown 1001 /work \`
`20`	`20`	`&& chmod "g+rwX" /work \`