metaschema-framework · dependabot · Oct 23, 2023 · Oct 23, 2023 · Oct 23, 2023 · Oct 24, 2023
@@ -0,0 +1,19 @@
+# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json
+language: "en-US"
+early_access: false
+reviews:
+  request_changes_workflow: false
+  high_level_summary: true
+  poem: false
+  review_status: true
+  collapse_walkthrough: true
+  auto_review:
+    enabled: true
+    ignore_title_keywords:
+      - "WIP"
+      - "DO NOT MERGE"
+    drafts: true
+    base_branches:
+     - "develop"
+chat:
+  auto_reply: true
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -2,14 +2,17 @@ on:
   push:
     branches:
     - main
-    - develop
     - release-*
+    - develop
+    - feature-*
   pull_request:
     types: [opened, synchronize, reopened]
     branches:
     - main
-    - develop
     - release-*
+    - develop
+    - feature-*
+  merge_group:
   workflow_dispatch:
 name: Build and Test Code
 jobs:
@@ -24,7 +27,7 @@ jobs:
       BUILD_SNAPSHOT: ${{ (github.event_name == 'push' || github.event_name == 'workflow_dispatch') &&
                           (github.ref_name == 'develop' || startsWith(github.ref_name, 'release-')) }}
     steps:
-    - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608
+    - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
       with:
         submodules: recursive
         filter: tree:0
@@ -38,7 +41,7 @@ jobs:
     - id: setup-java-deploy
       name: Set up JDK 11 (deploy)
       if: ${{ env.BUILD_SNAPSHOT == 'true' }}
-      uses: actions/setup-java@0ab4596768b603586c0de567f2430c30f5b0d2b0
+      uses: actions/setup-java@5896cecc08fd8a1fbdfaf517e29b571164b031f7
       with:
         java-version: 11
         distribution: 'temurin'
@@ -50,14 +53,14 @@ jobs:
         gpg-passphrase: MAVEN_GPG_PASSPHRASE # env variable for GPG private key passphrase
     - name: Set up JDK 11 (build only)
       if:  ${{ steps.setup-java-deploy.outcome == 'skipped' }}
-      uses: actions/setup-java@0ab4596768b603586c0de567f2430c30f5b0d2b0
+      uses: actions/setup-java@5896cecc08fd8a1fbdfaf517e29b571164b031f7
       with:
         java-version: 11
         distribution: 'temurin'
         cache: 'maven'
     - name: Initialize CodeQL
       if: github.event_name == 'push'
-      uses: github/codeql-action/init@6a28655e3dcb49cb0840ea372fd6d17733edd8a4
+      uses: github/codeql-action/init@3ab4101902695724f9365a384f86c1074d94e18c
       with:
         languages: java
     # -------------------------
@@ -78,7 +81,7 @@ jobs:
         mvn -B -e -Prelease -Preporting install
     - name: Perform CodeQL Analysis
       if: github.event_name == 'push'
-      uses: github/codeql-action/analyze@6a28655e3dcb49cb0840ea372fd6d17733edd8a4
+      uses: github/codeql-action/analyze@3ab4101902695724f9365a384f86c1074d94e18c
       with:
         upload: ${{ (github.event_name == 'push' || github.event_name == 'workflow_dispatch') && github.ref_name == 'develop' && 'always' || 'never' }}
     - name: Test Website

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -3,6 +3,18 @@ on:
     tags:
     - "v*"
   workflow_dispatch:
+    inputs:
+      release:
+        description: 'Delpoy release?'
+        type: boolean
+        default: false
+      website:
+        description: 'Deploy website?'
+        type: boolean
+        default: false
+      pages-branch:
+        description: 'Pages branch name'
+        default: nist-pages
 name: Deploy Tagged Release
 jobs:
   deploy-to-nexus:
@@ -12,7 +24,7 @@ jobs:
       actions: read
       contents: write
     steps:
-    - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608
+    - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
       with:
         submodules: recursive
         filter: tree:0
@@ -24,7 +36,7 @@ jobs:
       with:
         maven-version: 3.9.3
     - name: Set up JDK 11
-      uses: actions/setup-java@0ab4596768b603586c0de567f2430c30f5b0d2b0
+      uses: actions/setup-java@5896cecc08fd8a1fbdfaf517e29b571164b031f7
       with:
         java-version: 11
         distribution: 'temurin'
@@ -38,6 +50,7 @@ jobs:
     # Maven Deploy
     # -------------------------
     - name: Deploy Maven Artifacts
+      if: github.event_name == 'push' || (github.event_name == 'workflow_dispatch' && contains('true', github.event.inputs.release))
       run: |
         mvn -B -e -Pgpg -Prelease -Preporting deploy
         # mvn -Pgpg -Prelease nexus-staging:close -DstagingDescription="closing to release"
@@ -46,6 +59,7 @@ jobs:
         MAVEN_CENTRAL_TOKEN: ${{ secrets.SONATYPE_PASSWORD }}
         MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
     - name: Create release
+      if: github.event_name == 'push' || (github.event_name == 'workflow_dispatch' && contains('true', github.event.inputs.release))
       uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844
       with:
         draft: true
@@ -57,9 +71,14 @@ jobs:
     # Maven Site
     # -------------------------
     - name: Build Website
+      if: github.event_name == 'push' || (github.event_name == 'workflow_dispatch' && contains('true', github.event.inputs.website))
       run: |
         mvn -B -e -Prelease -Preporting install site site:stage
-    - name: Run Website Deploy Script
-      run: |
-        touch target/staging/.nojekyll
-        bash .github/workflows/deploy.sh --push-only -v -m "Deploying website [ci skip]"
+    - name: Website Deploy
+      uses: peaceiris/actions-gh-pages@373f7f263a76c20808c831209c920827a82a2847
+      if: github.event_name == 'push' || (github.event_name == 'workflow_dispatch' && contains('true', github.event.inputs.website))
+      with:
+        personal_token: ${{ secrets.COMMIT_TOKEN }}
+        publish_dir: ./target/staging
+        external_repository: ${{ github.repository }}
+        publish_branch: ${{ (github.event_name == 'workflow_dispatch' && github.event.inputs.pages-branch) || 'nist-pages' }}
@@ -3,7 +3,7 @@
 	<parent>
 		<groupId>gov.nist.secauto.metaschema</groupId>
 		<artifactId>metaschema-framework</artifactId>
-		<version>1.0.0-M1</version>
+		<version>1.0.0-M2-SNAPSHOT</version>
 	</parent>
 
 	<artifactId>cli-processor</artifactId>

@@ -66,6 +66,7 @@
 
 import edu.umd.cs.findbugs.annotations.NonNull;
 import edu.umd.cs.findbugs.annotations.Nullable;
+import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
 
 public class CLIProcessor {
   private static final Logger LOGGER = LogManager.getLogger(CLIProcessor.class);
@@ -253,6 +254,7 @@ public class CallingContext {
     @NonNull
     private final List<String> extraArgs;
 
+    @SuppressFBWarnings(value = "CT_CONSTRUCTOR_THROW", justification = "Use of final fields")
     public CallingContext(@NonNull List<String> args) {
       Map<String, ICommand> topLevelCommandMap = getTopLevelCommands().stream()
           .collect(Collectors.toUnmodifiableMap(ICommand::getName, Function.identity()));
@@ -344,36 +346,52 @@ protected Options toOptions() {
     public ExitStatus processCommand() {
       CommandLineParser parser = new DefaultParser();
       CommandLine cmdLine;
-      try {
-        cmdLine = parser.parse(toOptions(), getExtraArgs().toArray(new String[0]));
-      } catch (ParseException ex) {
-        String msg = ex.getMessage();
-        assert msg != null;
-        return handleInvalidCommand(msg);
-      }
 
-      if (cmdLine.hasOption(NO_COLOR_OPTION)) {
-        handleNoColor();
-      }
-
-      if (cmdLine.hasOption(QUIET_OPTION)) {
-        handleQuiet();
-      }
+      // this uses a two phase approach where:
+      // phase 1: checks if help or version are used
+      // phase 2: executes the command
 
+      // phase 1
       ExitStatus retval = null;
-      if (cmdLine.hasOption(VERSION_OPTION)) {
-        showVersion();
-        retval = ExitCode.OK.exit();
-      } else if (cmdLine.hasOption(HELP_OPTION)) {
-        showHelp();
-        retval = ExitCode.OK.exit();
-        // } else {
-        // retval = handleInvalidCommand(commandResult, options,
-        // "Invalid command arguments: " +
-        // cmdLine.getArgList().stream().collect(Collectors.joining(" ")));
+      {
+        try {
+          Options phase1Options = new Options();
+          phase1Options.addOption(HELP_OPTION);
+          phase1Options.addOption(VERSION_OPTION);
+
+          cmdLine = parser.parse(phase1Options, getExtraArgs().toArray(new String[0]), true);
+        } catch (ParseException ex) {
+          String msg = ex.getMessage();
+          assert msg != null;
+          return handleInvalidCommand(msg);
+        }
+
+        if (cmdLine.hasOption(VERSION_OPTION)) {
+          showVersion();
+          retval = ExitCode.OK.exit();
+        } else if (cmdLine.hasOption(HELP_OPTION)) {
+          showHelp();
+          retval = ExitCode.OK.exit();
+        }
       }
 
       if (retval == null) {
+        // phase 2
+        try {
+          cmdLine = parser.parse(toOptions(), getExtraArgs().toArray(new String[0]));
+        } catch (ParseException ex) {
+          String msg = ex.getMessage();
+          assert msg != null;
+          return handleInvalidCommand(msg);
+        }
+
+        if (cmdLine.hasOption(NO_COLOR_OPTION)) {
+          handleNoColor();
+        }
+
+        if (cmdLine.hasOption(QUIET_OPTION)) {
+          handleQuiet();
+        }
         retval = invokeCommand(cmdLine);
       }
 

@@ -26,15 +26,19 @@
 
 package gov.nist.secauto.metaschema.cli.processor.command;
 
+import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
+
 public class DefaultExtraArgument implements ExtraArgument {
   private final String name;
   private final boolean required;
   private final int number;
 
+  @SuppressFBWarnings(value = "CT_CONSTRUCTOR_THROW", justification = "Use of final fields")
   public DefaultExtraArgument(String name, boolean required) {
     this(name, required, 1);
   }
 
+  @SuppressFBWarnings(value = "CT_CONSTRUCTOR_THROW", justification = "Use of final fields")
   public DefaultExtraArgument(String name, boolean required, int number) {
     if (number < 1) {
       throw new IllegalArgumentException("number must be a positive value");