diff --git a/.github/workflows/pre-merge.yaml b/.github/workflows/pre-merge.yaml index 63bc6d6..704a349 100644 --- a/.github/workflows/pre-merge.yaml +++ b/.github/workflows/pre-merge.yaml @@ -18,7 +18,7 @@ jobs: - name: Checkout uses: actions/checkout@v3 - name: Cache - uses: gradle/gradle-build-action@v2 + uses: gradle/gradle-build-action@v2.4.2 - name: Validate run: ./gradlew check validatePlugins --continue - name: Integration Test diff --git a/.github/workflows/publish-plugin.yaml b/.github/workflows/publish-plugin.yaml index 9c286b6..d708294 100644 --- a/.github/workflows/publish-plugin.yaml +++ b/.github/workflows/publish-plugin.yaml @@ -15,7 +15,7 @@ jobs: - name: Checkout uses: actions/checkout@v3 - name: Cache - uses: gradle/gradle-build-action@v2 + uses: gradle/gradle-build-action@v2.4.2 - name: Validate run: ./gradlew check validatePlugins --continue - name: Integration Test diff --git a/build.gradle.kts b/build.gradle.kts index 58e1b3c..8ed92a7 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -69,6 +69,8 @@ tasks.named("publishPlugins") { } gradlePlugin { + website.set("https://github.com/Liftric/dependency-track-companion-plugin") + vcsUrl.set("https://github.com/Liftric/dependency-track-companion-plugin") testSourceSets(integrationTest) plugins { create("dependency-track-companion-plugin") { @@ -76,17 +78,11 @@ gradlePlugin { implementationClass = "$group.dtcp.DepTrackCompanionPlugin" displayName = name description = "Common tasks for Dependency Track interaction, like SBOM upload or VEX Generation" + tags.set(listOf("dependency", "track", "sbom", "vex", "upload", "generate")) } } } -pluginBundle { - website = "https://github.com/Liftric/dependency-track-companion-plugin" - vcsUrl = "https://github.com/Liftric/dependency-track-companion-plugin" - description = "Common tasks for Dependency Track interaction, like SBOM upload or VEX Generation" - tags = listOf("dependency", "track", "sbom", "vex", "upload", "generate") -} - dependencies { implementation(platform(libs.kotlinBom)) implementation(libs.kotlinStdlibJdk8) diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index 60c76b3..ab79162 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,5 +1,5 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-7.4.2-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.9-bin.zip zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists \ No newline at end of file diff --git a/settings.gradle.kts b/settings.gradle.kts index 7e0c7b4..f98f0b9 100644 --- a/settings.gradle.kts +++ b/settings.gradle.kts @@ -4,17 +4,17 @@ pluginManagement { dependencyResolutionManagement { versionCatalogs { create("libs") { - version("kotlin", "1.8.21") - version("ktor", "2.3.0") - version("cyclonedx-core-java", "7.3.2") - version("cyclonedx-gradle-plugin", "1.7.4") - version("junit-bom", "5.9.3") + version("kotlin", "1.9.25") + version("ktor", "2.3.12") + version("cyclonedx-core-java", "9.0.5") + version("cyclonedx-gradle-plugin", "1.9.0") + version("junit-bom", "5.10.3") - plugin("versioning", "net.nemerosa.versioning").version("3.0.0") - plugin("dockerCompose", "com.avast.gradle.docker-compose").version("0.16.12") + plugin("versioning", "net.nemerosa.versioning").version("3.1.0") + plugin("dockerCompose", "com.avast.gradle.docker-compose").version("0.17.7") plugin("kotlinJvm", "org.jetbrains.kotlin.jvm").versionRef("kotlin") plugin("kotlinSerialization", "org.jetbrains.kotlin.plugin.serialization").versionRef("kotlin") - plugin("gradlePluginPublish", "com.gradle.plugin-publish").version("1.2.0") + plugin("gradlePluginPublish", "com.gradle.plugin-publish").version("1.2.1") library("kotlinStdlibJdk8", "org.jetbrains.kotlin", "kotlin-stdlib-jdk8").versionRef("kotlin") library("cyclonedxCoreJava", "org.cyclonedx", "cyclonedx-core-java").versionRef("cyclonedx-core-java") diff --git a/src/main/kotlin/com/liftric/dtcp/extensions/RiskScore.kt b/src/main/kotlin/com/liftric/dtcp/extensions/RiskScore.kt index 0b225fb..420abf8 100644 --- a/src/main/kotlin/com/liftric/dtcp/extensions/RiskScore.kt +++ b/src/main/kotlin/com/liftric/dtcp/extensions/RiskScore.kt @@ -6,9 +6,8 @@ import org.gradle.api.tasks.Input import org.gradle.api.tasks.Internal import org.gradle.api.tasks.Optional import kotlin.time.Duration -import kotlin.time.ExperimentalTime -data class RiskScore @OptIn(ExperimentalTime::class) constructor( +data class RiskScore constructor( val maxRiskScore: Double?, val timeout: Duration?, ) @@ -20,12 +19,10 @@ class RiskScoreBuilder(@get:Internal val proj: Project) { @get:Optional val maxRiskScore: Property = proj.objects.property(Double::class.java) - @OptIn(ExperimentalTime::class) @get:Input @get:Optional val timeout: Property = proj.objects.property(Duration::class.java) - @OptIn(ExperimentalTime::class) fun build(): RiskScore = RiskScore( maxRiskScore = this.maxRiskScore.orNull, timeout = this.timeout.orNull, diff --git a/src/main/kotlin/com/liftric/dtcp/tasks/GenerateVexTask.kt b/src/main/kotlin/com/liftric/dtcp/tasks/GenerateVexTask.kt index f6acc71..906617e 100644 --- a/src/main/kotlin/com/liftric/dtcp/tasks/GenerateVexTask.kt +++ b/src/main/kotlin/com/liftric/dtcp/tasks/GenerateVexTask.kt @@ -4,7 +4,8 @@ import com.liftric.dtcp.extensions.VexComponent import com.liftric.dtcp.extensions.VexComponentBuilder import com.liftric.dtcp.extensions.VexVulnerability import com.liftric.dtcp.extensions.VexVulnerabilityBuilder -import org.cyclonedx.generators.json.BomJsonGenerator14 +import org.cyclonedx.Version +import org.cyclonedx.generators.json.BomJsonGenerator import org.cyclonedx.model.Bom import org.cyclonedx.model.vulnerability.Vulnerability import org.cyclonedx.parsers.JsonParser @@ -128,7 +129,7 @@ abstract class GenerateVexTask : DefaultTask() { private fun parseInputFile(file: File): Bom = JsonParser().parse(file) private fun writeVexFile(outputFile: File) { - val json = BomJsonGenerator14(vexFile).toJsonString() + val json = BomJsonGenerator(vexFile, Version.VERSION_14).toJsonString() Files.createDirectories(Paths.get(outputFile.parent)) outputFile.writeText(json) } diff --git a/src/main/kotlin/com/liftric/dtcp/tasks/GetOutdatedDependenciesTask.kt b/src/main/kotlin/com/liftric/dtcp/tasks/GetOutdatedDependenciesTask.kt index 10c944f..b3e04c4 100644 --- a/src/main/kotlin/com/liftric/dtcp/tasks/GetOutdatedDependenciesTask.kt +++ b/src/main/kotlin/com/liftric/dtcp/tasks/GetOutdatedDependenciesTask.kt @@ -3,7 +3,6 @@ package com.liftric.dtcp.tasks import com.liftric.dtcp.model.Component import com.liftric.dtcp.model.DirectDependency import com.liftric.dtcp.service.DependencyTrack -import kotlinx.serialization.decodeFromString import kotlinx.serialization.json.Json import org.gradle.api.DefaultTask import org.gradle.api.GradleException diff --git a/src/main/kotlin/com/liftric/dtcp/tasks/RiskScoreTask.kt b/src/main/kotlin/com/liftric/dtcp/tasks/RiskScoreTask.kt index 2e0c6d2..e227b9c 100644 --- a/src/main/kotlin/com/liftric/dtcp/tasks/RiskScoreTask.kt +++ b/src/main/kotlin/com/liftric/dtcp/tasks/RiskScoreTask.kt @@ -11,7 +11,6 @@ import org.gradle.api.tasks.TaskAction import org.gradle.api.tasks.Input import org.gradle.api.tasks.Nested import org.gradle.api.tasks.Optional -import kotlin.time.ExperimentalTime abstract class RiskScoreTask : DefaultTask() { @get:Input @@ -36,7 +35,6 @@ abstract class RiskScoreTask : DefaultTask() { @get:Optional abstract val riskScore: Property - @OptIn(ExperimentalTime::class) @TaskAction fun riskScoreTask() { val apiKeyValue = apiKey.get()