Skip to content

Explicitly declaring xstream to override a transitively imported version affected by CVE #2944

Explicitly declaring xstream to override a transitively imported version affected by CVE

Explicitly declaring xstream to override a transitively imported version affected by CVE #2944

#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements. See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership. The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
#
name: Kogito Runtimes
on:
pull_request:
types: [opened, synchronize, reopened, ready_for_review]
paths-ignore:
- 'LICENSE'
- '**/.gitignore'
- '**.md'
- '**.adoc'
- '*.txt'
- 'docsimg/**'
- '.ci/jenkins/**'
jobs:
runtime-build:
concurrency:
group: pr-kogito-runtimes_${{ matrix.os }}_${{ matrix.java-version }}_${{ matrix.maven-version }}_${{ github.head_ref }}
cancel-in-progress: true
timeout-minutes: 120
strategy:
matrix:
os: [ubuntu-latest]
java-version: [17]
maven-version: ['3.9.6']
fail-fast: false
runs-on: ${{ matrix.os }}
name: ${{ matrix.os }} / Java-${{ matrix.java-version }} / Maven-${{ matrix.maven-version }}
steps:
- name: Clean Disk Space
uses: apache/incubator-kie-kogito-pipelines/.ci/actions/ubuntu-disk-space@main
if: ${{ matrix.os == 'ubuntu-latest' }}
- name: Support long paths
if: ${{ matrix.os == 'windows-latest' }}
uses: apache/incubator-kie-kogito-pipelines/.ci/actions/long-paths@main
- name: Java and Maven Setup
uses: apache/incubator-kie-kogito-pipelines/.ci/actions/maven@main
with:
java-version: ${{ matrix.java-version }}
maven-version: ${{ matrix.maven-version }}
cache-key-prefix: ${{ runner.os }}-${{ matrix.java-version }}-maven${{ matrix.maven-version }}
- name: Build Chain
uses: apache/incubator-kie-kogito-pipelines/.ci/actions/build-chain@main
with:
annotations-prefix: ${{ runner.os }}-${{ matrix.java-version }}/${{ matrix.maven-version }}
github-token: "${{ secrets.GITHUB_TOKEN }}"
definition-file: https://raw.githubusercontent.com/${GROUP:apache}/incubator-kie-kogito-pipelines/${BRANCH:main}/.ci/pull-request-config.yaml
env:
BUILD_MVN_OPTS_CURRENT: '-Dvalidate-formatting'
- name: Junit Report
uses: apache/incubator-kie-kogito-pipelines/.ci/actions/action-junit-report@main
if: ${{ always() }}
with:
report_paths: '**/*-reports/TEST-*.xml'