Release

.config/checkstyle/checkstyle.xml

@@ -52,6 +52,7 @@
 	<module name="TreeWalker">
 		<!-- Checks - sorted alphabetically -->
 		<module name="ArrayTypeStyle"/>
+		<module name="AvoidDoubleBraceInitialization"/>
 		<module name="AvoidStarImport"/>
 		<module name="ConstantName"/>
 		<module name="DefaultComesLast"/>
@@ -68,6 +69,11 @@
 		<module name="FinalParameters"/>
 		<module name="GenericWhitespace"/>
 		<module name="HideUtilityClassConstructor"/>
+		<module name="IllegalCatch">
+			<!-- https://docs.pmd-code.org/pmd-doc-7.11.0/pmd_rules_java_errorprone.html#avoidcatchingnpe -->
+			<!-- https://docs.pmd-code.org/pmd-doc-7.11.0/pmd_rules_java_errorprone.html#avoidcatchingthrowable -->
+			<property name="illegalClassNames" value="Error,Throwable,NullPointerException,java.lang.Error,java.lang.Throwable,java.lang.NullPointerException"/>
+		</module>
 		<module name="IllegalImport"/>
 		<module name="InterfaceIsType"/>
 		<module name="JavadocStyle">
@@ -93,7 +99,6 @@
 		<module name="MethodParamPad"/>
 		<module name="MissingDeprecated"/>
 		<module name="MissingOverride"/>
-		<module name="MissingSwitchDefault"/>
 		<module name="ModifierOrder"/>
 		<module name="NeedBraces"/>
 		<module name="NoClone"/>
@@ -122,7 +127,13 @@
 		</module>
 		<module name="TypecastParenPad"/>
 		<module name="TypeName"/>
+		<module name="UnnecessaryParentheses"/>
+		<module name="UnnecessarySemicolonAfterOuterTypeDeclaration"/>
+		<module name="UnnecessarySemicolonAfterTypeMemberDeclaration"/>
+		<module name="UnnecessarySemicolonInEnumeration"/>
+		<module name="UnnecessarySemicolonInTryWithResources"/>
 		<module name="UnusedImports"/>
+		<module name="UnusedLocalVariable"/>
 		<module name="UpperEll"/>
 		<module name="VisibilityModifier">
 			<property name="packageAllowed" value="true"/>

.config/pmd/ruleset.xml

@@ -10,16 +10,38 @@
 
 	<!-- Only rules that don't overlap with CheckStyle! -->
 
+	<rule ref="category/java/bestpractices.xml/AvoidPrintStackTrace"/>
+	<rule ref="category/java/bestpractices.xml/AvoidStringBufferField"/>
 	<rule ref="category/java/bestpractices.xml/AvoidUsingHardCodedIP"/>
+	<rule ref="category/java/bestpractices.xml/ConstantsInInterface"/>
+	<rule ref="category/java/bestpractices.xml/ExhaustiveSwitchHasDefault"/>
+	<rule ref="category/java/bestpractices.xml/LiteralsFirstInComparisons"/>
+	<!-- CheckStyle can't handle this switch behavior -> delegated to PMD -->
+	<rule ref="category/java/bestpractices.xml/NonExhaustiveSwitch"/>
+	<rule ref="category/java/bestpractices.xml/OneDeclarationPerLine">
+		<properties>
+			<property name="strictMode" value="true"/>
+		</properties>
+	</rule>
 	<rule ref="category/java/bestpractices.xml/PreserveStackTrace"/>
+	<rule ref="category/java/bestpractices.xml/SimplifiableTestAssertion"/>
+	<rule ref="category/java/bestpractices.xml/SystemPrintln"/>
+	<rule ref="category/java/bestpractices.xml/UnusedAssignment"/>
+	<rule ref="category/java/bestpractices.xml/UnusedFormalParameter"/>
+	<rule ref="category/java/bestpractices.xml/UnusedPrivateField"/>
+	<rule ref="category/java/bestpractices.xml/UnusedPrivateMethod"/>
 	<rule ref="category/java/bestpractices.xml/UseCollectionIsEmpty"/>
+	<rule ref="category/java/bestpractices.xml/UseEnumCollections"/>
 	<rule ref="category/java/bestpractices.xml/UseStandardCharsets"/>
+	<rule ref="category/java/bestpractices.xml/UseTryWithResources"/>
 
 	<!-- Native code is platform dependent; Loading external native libs might pose a security threat -->
 	<rule ref="category/java/codestyle.xml/AvoidUsingNativeCode"/>
 	<rule ref="category/java/codestyle.xml/IdenticalCatchBranches"/>
+	<rule ref="category/java/codestyle.xml/LambdaCanBeMethodReference"/>
 	<rule ref="category/java/codestyle.xml/NoPackage"/>
 	<rule ref="category/java/codestyle.xml/PrematureDeclaration"/>
+	<rule ref="category/java/codestyle.xml/UnnecessarySemicolon"/>
 
 	<rule ref="category/java/design.xml">
 		<!-- Sometimes abstract classes have just fields -->
@@ -76,9 +98,6 @@
 
 		<!-- Limit too low -->
 		<exclude name="UseObjectForClearerAPI"/>
-
-		<!-- Handled by checkstyle -->
-		<exclude name="UseUtilityClass"/>
 	</rule>
 
 	<rule ref="category/java/design.xml/AvoidDeeplyNestedIfStmts">
@@ -114,17 +133,33 @@
 		</properties>
 	</rule>
 
+	<rule ref="category/java/errorprone.xml/AssignmentToNonFinalStatic"/>
+	<rule ref="category/java/errorprone.xml/AvoidDecimalLiteralsInBigDecimalConstructor"/>
+	<rule ref="category/java/errorprone.xml/AvoidMultipleUnaryOperators"/>
 	<rule ref="category/java/errorprone.xml/AvoidUsingOctalValues"/>
 	<rule ref="category/java/errorprone.xml/BrokenNullCheck"/>
 	<rule ref="category/java/errorprone.xml/ComparisonWithNaN"/>
 	<rule ref="category/java/errorprone.xml/DoNotCallGarbageCollectionExplicitly"/>
 	<rule ref="category/java/errorprone.xml/DontImportSun"/>
+	<rule ref="category/java/errorprone.xml/DontUseFloatTypeForLoopIndices"/>
+	<rule ref="category/java/errorprone.xml/EqualsNull"/>
+	<rule ref="category/java/errorprone.xml/IdempotentOperations"/>
+	<rule ref="category/java/errorprone.xml/ImplicitSwitchFallThrough"/>
+	<rule ref="category/java/errorprone.xml/InstantiationToGetClass"/>
+	<rule ref="category/java/errorprone.xml/InvalidLogMessageFormat"/>
+	<rule ref="category/java/errorprone.xml/JumbledIncrementer"/>
 	<rule ref="category/java/errorprone.xml/MisplacedNullCheck"/>
+	<rule ref="category/java/errorprone.xml/MoreThanOneLogger"/>
+	<rule ref="category/java/errorprone.xml/NonStaticInitializer"/>
+	<rule ref="category/java/errorprone.xml/ReturnFromFinallyBlock"/>
+	<rule ref="category/java/errorprone.xml/SingletonClassReturningNewInstance"/>
+	<rule ref="category/java/errorprone.xml/UnconditionalIfStatement"/>
 	<rule ref="category/java/errorprone.xml/UnnecessaryCaseChange"/>
+	<rule ref="category/java/errorprone.xml/UselessOperationOnImmutable"/>
 
 
 	<rule ref="category/java/multithreading.xml">
-		<!-- Just bloats code -->
+		<!-- Just bloats code; improved in JEP-491/Java 24+ -->
 		<exclude name="AvoidSynchronizedAtMethodLevel"/>
 
 		<!-- NOPE -->

.github/workflows/broken-links.yml

@@ -19,7 +19,7 @@ jobs:
 
       - name: Link Checker
         id: lychee
-        uses: lycheeverse/lychee-action@v2
+        uses: lycheeverse/lychee-action@82202e5e9c2f4ef1a55a3d02563e1cb6041e5332 # v2
         with:
           fail: false # Don't fail on broken links, create an issue instead
 
@@ -38,7 +38,7 @@ jobs:
 
       - name: Create Issue From File
         if: env.lychee_exit_code != 0
-        uses: peter-evans/create-issue-from-file@v5
+        uses: peter-evans/create-issue-from-file@e8ef132d6df98ed982188e460ebb3b5d4ef3a9cd # v5
         with:
           issue-number: ${{ steps.find-issue.outputs.number }}
           title: Link Checker Report

.github/workflows/check-build.yml

@@ -127,7 +127,4 @@ jobs:
         name: pmd-report
         if-no-files-found: ignore
         path: |
-          target/site/*.html
-          target/site/css/**
-          target/site/images/logos/maven-feather.png
-          target/site/images/external.png
+          target/reports/**

.github/workflows/release.yml

@@ -26,7 +26,7 @@ jobs:
         cache: 'maven'
 
     - name: Build with Maven
-      run: ./mvnw -B clean package
+      run: ./mvnw -B clean package -T2C
 
     - name: Check for uncommited changes
       run: |
@@ -64,7 +64,7 @@ jobs:
       run: |
         mvnwPath=$(readlink -f ./mvnw)
         modules=("") # root
-        modules+=($(grep -ozP '(?<=module>)[^<]+' 'pom.xml' | tr -d '\0'))
+        modules+=($(grep -oP '(?<=<module>)[^<]+' 'pom.xml'))
         for i in "${modules[@]}"
         do
             echo "Processing $i/pom.xml"
@@ -89,7 +89,7 @@ jobs:
 
     - name: Create Release
       id: create_release
-      uses: shogo82148/actions-create-release@v1
+      uses: shogo82148/actions-create-release@e5f206451d4ace2da9916d01f1aef279997f8659 # v1
       with:
         tag_name: v${{ steps.version.outputs.release }}
         release_name: v${{ steps.version.outputs.release }}
@@ -121,22 +121,22 @@ jobs:
         git config --global user.name "GitHub Actions"
         git pull
 
-    - name: Set up JDK Apache Maven Central
+    - name: Set up JDK
       uses: actions/setup-java@v4
       with: # running setup-java again overwrites the settings.xml
         java-version: '17'
         distribution: 'temurin'
-        server-id: ossrh
+        server-id: sonatype-central-portal
         server-username: MAVEN_CENTRAL_USERNAME
         server-password: MAVEN_CENTRAL_TOKEN
         gpg-passphrase: MAVEN_GPG_PASSPHRASE
         gpg-private-key: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }}
 
-    - name: Publish to Apache Maven Central
-      run: ../mvnw -B deploy -Possrh -DskipTests
+    - name: Publish to Central Portal
+      run: ../mvnw -B deploy -P publish-sonatype-central-portal -DskipTests
       env:
-        MAVEN_CENTRAL_USERNAME: ${{ secrets.S01_OSS_SONATYPE_MAVEN_USERNAME }}
-        MAVEN_CENTRAL_TOKEN: ${{ secrets.S01_OSS_SONATYPE_MAVEN_TOKEN }}
+        MAVEN_CENTRAL_USERNAME: ${{ secrets.SONATYPE_MAVEN_CENTRAL_PORTAL_USERNAME }}
+        MAVEN_CENTRAL_TOKEN: ${{ secrets.SONATYPE_MAVEN_CENTRAL_PORTAL_TOKEN }}
         MAVEN_GPG_PASSPHRASE: ${{ secrets.MAVEN_GPG_PASSPHRASE }}
       working-directory: ${{ env.PRIMARY_MAVEN_MODULE }}
 
@@ -165,7 +165,7 @@ jobs:
       working-directory: ${{ env.PRIMARY_MAVEN_MODULE }}
 
     - name: Deploy to Github pages
-      uses: peaceiris/actions-gh-pages@v4
+      uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4
       with:
         github_token: ${{ secrets.GITHUB_TOKEN }}
         publish_dir: ./${{ env.PRIMARY_MAVEN_MODULE }}/target/site
@@ -188,7 +188,7 @@ jobs:
       run: |
         mvnwPath=$(readlink -f ./mvnw)
         modules=("") # root
-        modules+=($(grep -ozP '(?<=module>)[^<]+' 'pom.xml' | tr -d '\0'))
+        modules+=($(grep -oP '(?<=<module>)[^<]+' 'pom.xml'))
         for i in "${modules[@]}"
         do
             echo "Processing $i/pom.xml"

.github/workflows/sync-labels.yml

@@ -20,6 +20,6 @@ jobs:
         with:
           sparse-checkout: .github/labels.yml
 
-      - uses: EndBug/label-sync@v2
+      - uses: EndBug/label-sync@52074158190acb45f3077f9099fea818aa43f97a # v2
         with:
           config-file: .github/labels.yml

.github/workflows/test-deploy.yml

@@ -13,21 +13,21 @@ jobs:
     steps:
     - uses: actions/checkout@v4
 
-    - name: Set up JDK OSSRH
+    - name: Set up JDK
       uses: actions/setup-java@v4
       with: # running setup-java again overwrites the settings.xml
         distribution: 'temurin'
         java-version: '17'
-        server-id: ossrh
+        server-id: sonatype-central-portal
         server-username: MAVEN_CENTRAL_USERNAME
         server-password: MAVEN_CENTRAL_TOKEN
         gpg-passphrase: MAVEN_GPG_PASSPHRASE
         gpg-private-key: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }}
 
-    - name: Publish to OSSRH
-      run: ../mvnw -B deploy -Possrh -DskipTests
+    - name: Publish to Central Portal
+      run: ../mvnw -B deploy -P publish-sonatype-central-portal -DskipTests
       working-directory: ${{ env.PRIMARY_MAVEN_MODULE }}
       env:
-        MAVEN_CENTRAL_USERNAME: ${{ secrets.S01_OSS_SONATYPE_MAVEN_USERNAME }}
-        MAVEN_CENTRAL_TOKEN: ${{ secrets.S01_OSS_SONATYPE_MAVEN_TOKEN }}
+        MAVEN_CENTRAL_USERNAME: ${{ secrets.SONATYPE_MAVEN_CENTRAL_PORTAL_USERNAME }}
+        MAVEN_CENTRAL_TOKEN: ${{ secrets.SONATYPE_MAVEN_CENTRAL_PORTAL_TOKEN }}
         MAVEN_GPG_PASSPHRASE: ${{ secrets.MAVEN_GPG_PASSPHRASE }}

.github/workflows/update-from-template.yml

@@ -202,7 +202,7 @@ jobs:
           GH_TOKEN: ${{ secrets.UPDATE_FROM_TEMPLATE_PAT }}
         run: |
           not_failed_conclusion="skipped|neutral|success"
-          not_relevant_app_slug="dependabot|github-pages|sonarcloud"
+          not_relevant_app_slug="dependabot|github-pages|sonarqubecloud"
 
           echo "Waiting for checks to start..."
           sleep 40s
@@ -212,7 +212,7 @@ jobs:
 
             echo "Checking if update-branch-merged exists"
             git fetch
-            if [[ $(git rev-parse origin/${{ env.UPDATE_BRANCH_MERGED }}) ]]; then
+            if [[ $(git ls-remote --heads origin refs/heads/${{ env.UPDATE_BRANCH_MERGED }}) ]]; then
               echo "Branch still exists; Continuing..."
             else
               echo "Branch origin/${{ env.UPDATE_BRANCH_MERGED }} is missing"

.gitignore

@@ -71,6 +71,7 @@ hs_err_pid*
 .idea/*
 !.idea/saveactions_settings.xml
 !.idea/checkstyle-idea.xml
+!.idea/externalDependencies.xml
 
 !.idea/inspectionProfiles/
 .idea/inspectionProfiles/*

CHANGELOG.md

@@ -1,3 +1,7 @@
+# 2.0.1
+* Migrated deployment to _Sonatype Maven Central Portal_ [#155](https://github.com/xdev-software/standard-maven-template/issues/155)
+* Updated dependencies
+
 # 2.0.0
 * Added support for Spring Security 6.4+ / Spring Boot 3.4+ #100
   * Spring now

README.md

@@ -2,7 +2,7 @@
 [![Build](https://img.shields.io/github/actions/workflow/status/xdev-software/spring-security-advanced-authentication-ui/check-build.yml?branch=develop)](https://github.com/xdev-software/spring-security-advanced-authentication-ui/actions/workflows/check-build.yml?query=branch%3Adevelop)
 [![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=xdev-software_spring-security-advanced-authentication-ui&metric=alert_status)](https://sonarcloud.io/dashboard?id=xdev-software_spring-security-advanced-authentication-ui)
 
-# spring-security-advanced-authentication-ui
+# Advanced authentication UI for Spring Security
 
 Modernizes the default Spring Web Authentication/Login UI and makes it easier customizable.
 
@@ -35,7 +35,7 @@ A more detailed scenario is available in the [demo](./spring-security-advanced-a
 > [!NOTE]
 > By default [Bootstrap](https://github.com/twbs/bootstrap) is loaded from ``cdn.jsdelivr.net``.<br/>
 > Due to privacy and stability reasons you should ship your own version!<br/>
-> An example how this can be done is shown in the demo.
+> An example how this can be done is shown in the [demo](https://github.com/xdev-software/spring-security-advanced-authentication-ui/blob/4117d471e036de4dc2a58b2b484f2631afe7af50/spring-security-advanced-authentication-ui-demo/src/main/java/software/xdev/security/MainWebSecurity.java#L44-L51).
 
 > [!NOTE]
 > The ``Advanced``-subsystem uses the pre-``Spring Security 6.4`` / ``Spring Boot 3.4`` templating system (without Regex).<br/>

pom.xml

@@ -26,7 +26,7 @@
 
 	<licenses>
 		<license>
-			<name>Apache License, Version 2.0</name>
+			<name>Apache-2.0</name>
 			<url>https://www.apache.org/licenses/LICENSE-2.0.txt</url>
 			<distribution>repo</distribution>
 		</license>
@@ -45,7 +45,7 @@
 							<dependency>
 								<groupId>com.puppycrawl.tools</groupId>
 								<artifactId>checkstyle</artifactId>
-								<version>10.21.2</version>
+								<version>10.23.1</version>
 							</dependency>
 						</dependencies>
 						<configuration>
@@ -82,12 +82,12 @@
 							<dependency>
 								<groupId>net.sourceforge.pmd</groupId>
 								<artifactId>pmd-core</artifactId>
-								<version>7.10.0</version>
+								<version>7.13.0</version>
 							</dependency>
 							<dependency>
 								<groupId>net.sourceforge.pmd</groupId>
 								<artifactId>pmd-java</artifactId>
-								<version>7.10.0</version>
+								<version>7.13.0</version>
 							</dependency>
 						</dependencies>
 					</plugin>

spring-security-advanced-authentication-ui-demo/pom.xml

@@ -28,7 +28,7 @@
 
 		<mainClass>software.xdev.Application</mainClass>
 
-		<org.springframework.boot.version>3.4.2</org.springframework.boot.version>
+		<org.springframework.boot.version>3.4.5</org.springframework.boot.version>
 	</properties>
 
 	<dependencyManagement>
@@ -68,7 +68,7 @@
 		<dependency>
 			<groupId>com.webauthn4j</groupId>
 			<artifactId>webauthn4j-core</artifactId>
-			<version>0.28.5.RELEASE</version>
+			<version>0.29.2.RELEASE</version>
 		</dependency>
 
 		<dependency>
@@ -85,7 +85,7 @@
 			<plugin>
 				<groupId>org.apache.maven.plugins</groupId>
 				<artifactId>maven-compiler-plugin</artifactId>
-				<version>3.13.0</version>
+				<version>3.14.0</version>
 				<configuration>
 					<release>${maven.compiler.release}</release>
 					<compilerArgs>

spring-security-advanced-authentication-ui-demo/src/main/java/software/xdev/Application.java

@@ -4,7 +4,7 @@
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 
 
-@SuppressWarnings("checkstyle:HideUtilityClassConstructor")
+@SuppressWarnings({"checkstyle:HideUtilityClassConstructor", "PMD.UseUtilityClass"})
 @SpringBootApplication
 public class Application
 {