Skip to content

Sync branch 4.0.x with main to release 4.0.5 #273

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 33 commits into from
Nov 1, 2023
Merged

Sync branch 4.0.x with main to release 4.0.5 #273

merged 33 commits into from
Nov 1, 2023

Conversation

ricardozanini
Copy link
Member

Many thanks for submitting your Pull Request ❤️!

What this PR does / why we need it:
This PR syncs the changes we made in the main to 4.0.x branch to keep the branch clean for the last fix/CVE upgrades.
This is a tentative to run on Java 1.8. It's possible that we might need to do a few adjustments.

Special notes for reviewers:

Additional information (if needed):

fjtirado and others added 25 commits October 20, 2023 10:59
@fjtirado @ricardozanini
Removing gson and everit dependencies
9a03964 
Signed-off-by: Francisco Javier Tirado Sarti <ftirados@redhat.com>
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@fjtirado @ricardozanini
Changing to networknt
6fc1408 
Signed-off-by: Francisco Javier Tirado Sarti <ftirados@redhat.com>
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@ricardozanini
Enable dependabot to upgrade libs (serverlessworkflow#240)
159c15d 
We can rely on GitHub's dependabot to open PRs with version upgrades and CVEs fixes to avoid future problems.

Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@fjtirado @ricardozanini
Review comments
c2c0122 
Signed-off-by: Francisco Javier Tirado Sarti <ftirados@redhat.com>
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@fjtirado @ricardozanini
Validation Error Test
7891b9f 
Signed-off-by: Francisco Javier Tirado Sarti <ftirados@redhat.com>
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@fjtirado @ricardozanini
Changing validator back to List
fd35a9e 
Signed-off-by: Francisco Javier Tirado Sarti <ftirados@redhat.com>
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@dependabot @ricardozanini
Bump org.apache.commons:commons-lang3 from 3.9 to 3.13.0
078a930 
Bumps org.apache.commons:commons-lang3 from 3.9 to 3.13.0.

---
updated-dependencies:
- dependency-name: org.apache.commons:commons-lang3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@visheshruparelia @ricardozanini
add missing support for contextAttributes in ProduceEvent
6a84c9e 
Signed-off-by: Vishesh Ruparelia <visheshruparelia18@gmail.com>
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@dependabot @ricardozanini
Bump ch.qos.logback:logback-classic from 1.4.8 to 1.4.9
1133bbb 
Bumps [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) from 1.4.8 to 1.4.9.
- [Commits](qos-ch/logback@v_1.4.8...v_1.4.9)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@ricardozanini
Update Code of Conduct to follow the new standard
ac9af39 
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@dependabot @ricardozanini
Bump org.thymeleaf:thymeleaf from 3.0.11.RELEASE to 3.1.2.RELEASE
7ca919e 
Bumps org.thymeleaf:thymeleaf from 3.0.11.RELEASE to 3.1.2.RELEASE.

---
updated-dependencies:
- dependency-name: org.thymeleaf:thymeleaf
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@dependabot @ricardozanini
Bump com.networknt:json-schema-validator from 1.0.86 to 1.0.87
b2cbb09 
Bumps [com.networknt:json-schema-validator](https://github.com/networknt/json-schema-validator) from 1.0.86 to 1.0.87.
- [Release notes](https://github.com/networknt/json-schema-validator/releases)
- [Changelog](https://github.com/networknt/json-schema-validator/blob/master/CHANGELOG.md)
- [Commits](networknt/json-schema-validator@1.0.86...1.0.87)

---
updated-dependencies:
- dependency-name: com.networknt:json-schema-validator
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@dependabot @ricardozanini
Bump org.mockito:mockito-core from 3.0.0 to 5.6.0
d14eac4 
Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 3.0.0 to 5.6.0.
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](mockito/mockito@v3.0.0...v5.6.0)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@dependabot @ricardozanini
Bump com.coveo:fmt-maven-plugin from 2.9 to 2.13
5a8b6f3 
Bumps [com.coveo:fmt-maven-plugin](https://github.com/coveooss/fmt-maven-plugin) from 2.9 to 2.13.
- [Release notes](https://github.com/coveooss/fmt-maven-plugin/releases)
- [Commits](spotify/fmt-maven-plugin@2.9.0...2.13.0)

---
updated-dependencies:
- dependency-name: com.coveo:fmt-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@dependabot @ricardozanini
Bump version.com.fasterxml.jackson from 2.15.2 to 2.15.3
2fc7d7f 
Bumps `version.com.fasterxml.jackson` from 2.15.2 to 2.15.3.

Updates `com.fasterxml.jackson.core:jackson-core` from 2.15.2 to 2.15.3
- [Release notes](https://github.com/FasterXML/jackson-core/releases)
- [Commits](FasterXML/jackson-core@jackson-core-2.15.2...jackson-core-2.15.3)

Updates `com.fasterxml.jackson.core:jackson-databind` from 2.15.2 to 2.15.3
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-yaml` from 2.15.2 to 2.15.3
- [Commits](FasterXML/jackson-dataformats-text@jackson-dataformats-text-2.15.2...jackson-dataformats-text-2.15.3)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson.core:jackson-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: com.fasterxml.jackson.core:jackson-databind
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-yaml
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@dependabot @ricardozanini
Bump org.apache.maven.plugins:maven-failsafe-plugin from 2.22.0 to 3.1.2
e237470 
Bumps [org.apache.maven.plugins:maven-failsafe-plugin](https://github.com/apache/maven-surefire) from 2.22.0 to 3.1.2.
- [Release notes](https://github.com/apache/maven-surefire/releases)
- [Commits](apache/maven-surefire@surefire-2.22.0...surefire-3.1.2)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-failsafe-plugin
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@ricardozanini
Introduce Release Workflow
f849d18 
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@ricardozanini
Remove gpg, deploy workflow
24c6569 
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@ricardozanini
formatting yml files
873033b 
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@ricardozanini
Remove unneeded attrs
9df5702 
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@ricardozanini
Fix commons-lang3 property version
12db914 
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@ricardozanini
Removing unused property versions
d85b198 
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@ricardozanini
Fix formatting, replace fmt for spotify group, rebase
8483f17 
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@ricardozanini
Sync main with 4.0.x
b332fc8 
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@ricardozanini
Downgrade to Java 1.8
67a6634 
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@ricardozanini
Align workflow to run on 4.0.* branch
4431edd 
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@ricardozanini ricardozanini mentioned this pull request Oct 20, 2023
Closed
2 tasks
@ricardozanini
Fix java version in setup-java action
432a7a1 
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@ricardozanini
Downgrading fmt plugin to cope with Java 1.8
7a9d0b3 
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@ricardozanini
Fix fmt downgrading
b4a187a 
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@ricardozanini
Change WorkflowValidatorImpl to match Java 8 API
271cc0b 
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@ricardozanini
Prepare for 4.0.5
dca3b9a 
Signed-off-by: Ricardo Zanini <zanini@redhat.com>
@ricardozanini
Copy link
Member Author

@manick02 @cdavernas I brought everything from the latest 4.0.4 release. The changes are all related to CVEs and a small bug to cope with 0.8.

It's running and compiling fine with Java 1.8 as you can see in the CI.

@visheshruparelia @fjtirado if you wanna test this PR on your end, please.

@ricardozanini ricardozanini mentioned this pull request Oct 20, 2023
Closed
manick02
manick02 approved these changes Oct 24, 2023
View reviewed changes
Copy link
Contributor

@manick02 manick02 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me

@ricardozanini ricardozanini mentioned this pull request Oct 24, 2023
Merged
cdavernas
cdavernas approved these changes Oct 24, 2023
View reviewed changes
Copy link
Member

@cdavernas cdavernas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not my AOE, but I trust you @ricardozanini

@tsurdilo care to take a look?

@fjtirado @ricardozanini
Keep id as mandatory for backward compatibility.
985790f 
Signed-off-by: Francisco Javier Tirado Sarti <ftirados@redhat.com>
@ricardozanini
Copy link
Member Author

Including the PR to keep the Workflow constructor the same as we have in 4.0.4 to not break the API.

@fjtirado @ricardozanini
Force id to be mandatory
d8cb9b7 
Signed-off-by: Francisco Javier Tirado Sarti <ftirados@redhat.com>
@ricardozanini ricardozanini merged commit 074ea1f into serverlessworkflow:4.0.x Nov 1, 2023
@ricardozanini ricardozanini deleted the sync-4.0.5 branch November 1, 2023 13:53
This was referenced Nov 1, 2023
Merged
Merged
@ricardozanini ricardozanini mentioned this pull request Nov 10, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@manick02 manick02 manick02 approved these changes

@cdavernas cdavernas cdavernas approved these changes

@tsurdilo tsurdilo Awaiting requested review from tsurdilo

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@ricardozanini @manick02 @cdavernas @fjtirado @visheshruparelia