diff --git a/.github/ISSUE_TEMPLATE/bug_report_template.md b/.github/ISSUE_TEMPLATE/bug_report_template.md new file mode 100644 index 0000000..b38bdf6 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/bug_report_template.md @@ -0,0 +1,29 @@ +--- +name: Bug Report +about: Use this template for reporting a bug +labels: needs triage, bug report +--- + +### Description + + +### Affected Linter Version + + +### To Reproduce + + +### Expected Behavior + + +### Actual Behavior + + +### Linter Output / Error Message + +``` +Paste linter output or stack trace here ... +``` + +### Screenshots + diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml new file mode 100644 index 0000000..84c4f66 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/config.yml @@ -0,0 +1,8 @@ +blank_issues_enabled: true +contact_links: + - name: DSF Documentation + url: https://dsf.dev/process-development/linter-tool/linter-tool.html + about: Read the DSF Linter documentation. + - name: Getting Help + url: https://github.com/datasharingframework/dsf-linter/discussions + about: For general questions about the DSF Linter, please use GitHub Discussions. diff --git a/.github/ISSUE_TEMPLATE/feature_request_template.md b/.github/ISSUE_TEMPLATE/feature_request_template.md new file mode 100644 index 0000000..44b0354 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/feature_request_template.md @@ -0,0 +1,14 @@ +--- +name: Feature Request +about: Use this template if you want to request a new feature or linting rule +labels: needs triage, enhancement +--- + +### Related Problem + + +### Proposed Solution + + +### Additional Context + diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..84eb421 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,44 @@ +version: 2 +updates: + # Java / Maven dependencies + - package-ecosystem: "maven" + directory: "/" + target-branch: "develop" + schedule: + interval: "weekly" + day: "sunday" + open-pull-requests-limit: 10 + ignore: + - dependency-name: "*" + update-types: ["version-update:semver-major"] + groups: + fhir: + patterns: + - "hapi-fhir*" + - "org.hl7.fhir*" + slf4j: + patterns: + - "org.slf4j*" + testing-tools: + patterns: + - "org.junit*" + - "org.mockito*" + safe-patch-updates: + update-types: + - "patch" + remaining-minor-updates: + update-types: + - "minor" + + # GitHub Actions + - package-ecosystem: "github-actions" + directory: "/" + target-branch: "develop" + schedule: + interval: "weekly" + day: "sunday" + open-pull-requests-limit: 5 + groups: + github-actions: + patterns: + - "*" diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md new file mode 100644 index 0000000..fd90986 --- /dev/null +++ b/.github/pull_request_template.md @@ -0,0 +1,9 @@ +Closes #issuenumber(s). + +### Changes + + +### How Was This Patch Tested? + +- [ ] Unit tests +- [ ] Manual executed tests diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..409ece2 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,38 @@ +name: DSF Linter Build + +on: + push: + branches: [ "main", "develop", "release/*", "hotfix/*" ] + tags: + - v[0-9]+.[0-9]+.[0-9]+ + - v[0-9]+.[0-9]+.[0-9]+-M[0-9]+ + - v[0-9]+.[0-9]+.[0-9]+-RC[0-9]+ + pull_request: + branches: [ "main", "develop" ] + schedule: + - cron: '11 15 * * 0' # Sundays, 15:11 + +permissions: {} + +concurrency: + group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.sha }} + cancel-in-progress: true + +jobs: + build: + runs-on: ubuntu-latest + permissions: + contents: read + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up JDK 25 + uses: actions/setup-java@v4 + with: + distribution: 'zulu' + java-version: 25 + cache: 'maven' + + - name: Build with Maven + run: mvn verify --batch-mode --fail-at-end diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..471259b --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,54 @@ +name: CodeQL Analysis + +on: + push: + branches: [ "main", "develop" ] + pull_request: + branches: [ "main", "develop" ] + schedule: + - cron: '11 15 * * 0' # Sundays, 15:11 + +permissions: {} + +jobs: + codeql: + runs-on: ubuntu-latest + permissions: + contents: read + security-events: write + strategy: + fail-fast: false + matrix: + include: + - language: actions + build-mode: none + - language: java-kotlin + build-mode: manual + name: 'codeql: ${{ matrix.language }}' + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up JDK 25 + if: ${{ matrix.language == 'java-kotlin' }} + uses: actions/setup-java@v4 + with: + distribution: 'zulu' + java-version: 25 + cache: 'maven' + + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + build-mode: ${{ matrix.build-mode }} + queries: security-extended, security-and-quality + + - name: Build with Maven + if: ${{ matrix.language == 'java-kotlin' }} + run: mvn package --batch-mode --fail-at-end -DskipTests + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: '/language:${{ matrix.language }}' diff --git a/.github/workflows/maven-publish.yml b/.github/workflows/maven-publish.yml new file mode 100644 index 0000000..bdd8bd4 --- /dev/null +++ b/.github/workflows/maven-publish.yml @@ -0,0 +1,54 @@ +name: DSF Linter Publish with Maven + +on: + pull_request: + types: closed + branches: [ "main" ] + +jobs: + publish: + # Only run if pull requests are merged, omit running if pull requests are closed without merging + if: github.event.pull_request.merged + runs-on: ubuntu-latest + + permissions: + contents: read + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Set up JDK 21 + uses: actions/setup-java@v4 + with: + distribution: 'zulu' + java-version: 21 + cache: 'maven' + + - name: Import GPG key + run: | + echo "${{ secrets.MAVEN_GPG_PRIVATE_KEY }}" | gpg --batch --import + gpg --list-secret-keys --keyid-format LONG + + - name: Create Maven settings.xml with Sonatype credentials + run: | + mkdir -p ~/.m2 + cat > ~/.m2/settings.xml < + + + central + ${{ secrets.OSSRH_USERNAME }} + ${{ secrets.OSSRH_TOKEN }} + + + + EOF + + - name: Publish to Maven Central + env: + MAVEN_GPG_PASSPHRASE: ${{ secrets.MAVEN_GPG_PASSPHRASE }} + run: mvn --batch-mode --fail-at-end -P release -Dgpg.passphrase="${MAVEN_GPG_PASSPHRASE}" clean deploy diff --git a/linter-cli/pom.xml b/linter-cli/pom.xml index 9c19482..beaf64f 100644 --- a/linter-cli/pom.xml +++ b/linter-cli/pom.xml @@ -5,7 +5,7 @@ 4.0.0 - dev.dsf.utils.linter + dev.dsf.linter dsf-linter 0.1.2 @@ -13,14 +13,13 @@ linter-cli - 25 - 25 - UTF-8 + + true - dev.dsf.utils.linter + dev.dsf.linter linter-core ${project.version} @@ -48,7 +47,6 @@ org.apache.maven.plugins maven-shade-plugin - 3.4.1 package diff --git a/linter-core/pom.xml b/linter-core/pom.xml index 6186007..ed76a58 100644 --- a/linter-core/pom.xml +++ b/linter-core/pom.xml @@ -9,7 +9,7 @@ - dev.dsf.utils.linter + dev.dsf.linter dsf-linter 0.1.2 @@ -17,12 +17,6 @@ linter-core - - 25 - 25 - UTF-8 - - 1.15.8 @@ -79,7 +73,7 @@ com.fasterxml.jackson.core jackson-core - 2.18.0 + 2.18.6 @@ -156,11 +150,38 @@ + + + org.apache.maven.plugins + maven-source-plugin + + + attach-sources + + jar-no-fork + + + + + + + + org.apache.maven.plugins + maven-javadoc-plugin + + + attach-javadocs + + jar + + + + + org.apache.maven.plugins maven-shade-plugin - 3.4.1 package @@ -189,9 +210,7 @@ org.apache.maven.plugins maven-surefire-plugin - 3.0.0-M9 - -Dnet.bytebuddy.experimental=true diff --git a/pom.xml b/pom.xml index 28787fd..d93b823 100644 --- a/pom.xml +++ b/pom.xml @@ -4,32 +4,155 @@ xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> 4.0.0 - dev.dsf.utils.linter + dev.dsf.linter dsf-linter 0.1.2 pom + DSF Linter + Linting tool for DSF plugins that validates BPMN, FHIR, and plugin configuration from JAR artifacts, with HTML/JSON reports. + https://dsf.dev/process-development/linter-tool/linter-tool.html + Apache License, Version 2.0 - http://www.apache.org/licenses/LICENSE-2.0 + https://www.apache.org/licenses/LICENSE-2.0 repo - Heilbronn University of Applied Sciences + GECKO Institute, Heilbronn University of Applied Sciences + https://www.hs-heilbronn.de + + + Khalil Malla + dsf-gecko@hs-heilbronn.de + GECKO Institute, Heilbronn University of Applied Sciences + https://www.hs-heilbronn.de + + + + + scm:git:git://github.com/datasharingframework/dsf-linter.git + scm:git:ssh://github.com/datasharingframework/dsf-linter.git + https://github.com/datasharingframework/dsf-linter/tree/main + + linter-core linter-cli - 25 - 25 UTF-8 - \ No newline at end of file + + + + + org.apache.maven.plugins + maven-compiler-plugin + 3.15.0 + + 25 + + + + org.apache.maven.plugins + maven-source-plugin + 3.4.0 + + + org.apache.maven.plugins + maven-javadoc-plugin + 3.12.0 + + none + true + + + + org.apache.maven.plugins + maven-surefire-plugin + 3.5.4 + + + org.apache.maven.plugins + maven-shade-plugin + 3.6.1 + + + org.apache.maven.plugins + maven-gpg-plugin + 3.2.8 + + + org.sonatype.central + central-publishing-maven-plugin + 0.10.0 + + + + + + + + central + Maven Central + https://central.sonatype.com/api/v1/publisher + + + github + GitHub Packages + https://maven.pkg.github.com/datasharingframework/dsf-linter + + + + + + release + + + + + org.apache.maven.plugins + maven-gpg-plugin + + + sign-artifacts + verify + + sign + + + + --pinentry-mode + loopback + + + + + + + + org.sonatype.central + central-publishing-maven-plugin + true + + + central + + false + validated + + + + + + + +