Fixed vulnerabilities

exasol · Oct 26, 2023 · 826cf6f · 826cf6f
1 parent fe2888e
commit 826cf6f
Show file tree

Hide file tree

Showing 13 changed files with 266 additions and 205 deletions.
diff --git a/.gitattributes b/.gitattributes
@@ -1,11 +1,10 @@
-doc/changes/changelog.md  linguist-generated=true
-dependencies.md           linguist-generated=true
-pk_generated_parent.pom   linguist-generated=true
-
 .github/workflows/broken_links_checker.yml                       linguist-generated=true
-.github/workflows/ci-build.yml                                   linguist-generated=true
 .github/workflows/dependencies_check.yml                         linguist-generated=true
 .github/workflows/prepare_aws_marketplace_release.yml            linguist-generated=true
-.github/workflows/release_droid_prepare_original_checksum.yml    linguist-generated=true
 .github/workflows/release_droid_print_quick_checksum.yml         linguist-generated=true
 .github/workflows/release_droid_upload_github_release_assets.yml linguist-generated=true
+.settings/org.eclipse.jdt.core.prefs                             linguist-generated=true
+.settings/org.eclipse.jdt.ui.prefs                               linguist-generated=true
+dependencies.md                                                  linguist-generated=true
+doc/changes/changelog.md                                         linguist-generated=true
+pk_generated_parent.pom                                          linguist-generated=true
diff --git a/.github/workflows/broken_links_checker.yml b/.github/workflows/broken_links_checker.yml
diff --git a/.github/workflows/ci-build.yml b/.github/workflows/ci-build.yml
@@ -8,13 +8,17 @@ on:
 
 jobs:
   build:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04 # UDFs fail with "VM error: Internal error: VM crashed" on ubuntu-latest
     concurrency:
       group: ${{ github.workflow }}-${{ github.ref }}
       cancel-in-progress: true
     steps:
+      - name: Free Disk Space
+        run: |
+          sudo rm -rf /usr/local/lib/android
+          sudo rm -rf /usr/share/dotnet
       - name: Checkout the repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
       - name: Set up JDK 11 & 17
@@ -34,24 +38,26 @@ jobs:
       - name: Enable testcontainer reuse
         run: echo 'testcontainers.reuse.enable=true' > "$HOME/.testcontainers.properties"
       - name: Run tests and build with Maven
-        run: |
-          JAVA_HOME=$JAVA_HOME_11_X64 mvn --batch-mode clean verify \
-              -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
-              -DtrimStackTrace=false
+        run: >
+          JAVA_HOME=$JAVA_HOME_11_X64
+          mvn --batch-mode clean verify
+          -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn
+          -DtrimStackTrace=false
       - name: Publish Test Report
         uses: scacap/action-surefire-report@v1
         if: ${{ always() && github.event.pull_request.head.repo.full_name == github.repository && github.actor != 'dependabot[bot]' }}
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
       - name: Sonar analysis
         if: ${{ env.SONAR_TOKEN != null }}
-        run: |
-          JAVA_HOME=$JAVA_HOME_17_X64 mvn --batch-mode org.sonarsource.scanner.maven:sonar-maven-plugin:sonar \
-              -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn \
-              -DtrimStackTrace=false \
-              -Dsonar.organization=exasol \
-              -Dsonar.host.url=https://sonarcloud.io \
-              -Dsonar.login=$SONAR_TOKEN
+        run: >
+          JAVA_HOME=$JAVA_HOME_17_X64
+          mvn --batch-mode org.sonarsource.scanner.maven:sonar-maven-plugin:sonar
+          -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn
+          -DtrimStackTrace=false
+          -Dsonar.organization=exasol
+          -Dsonar.host.url=https://sonarcloud.io
+          -Dsonar.token=$SONAR_TOKEN
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
diff --git a/.github/workflows/dependencies_check.yml b/.github/workflows/dependencies_check.yml
diff --git a/.github/workflows/release_droid_prepare_original_checksum.yml b/.github/workflows/release_droid_prepare_original_checksum.yml
@@ -5,18 +5,22 @@ on:
 
 jobs:
   build:
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04 # UDFs fail with "VM error: Internal error: VM crashed" on ubuntu-latest
     steps:
+      - name: Free Disk Space
+        run: |
+          sudo rm -rf /usr/local/lib/android
+          sudo rm -rf /usr/share/dotnet
       - name: Checkout the repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
       - name: Set up JDK 11
         uses: actions/setup-java@v3
         with:
-          distribution: 'temurin'
+          distribution: "temurin"
           java-version: 11
-          cache: 'maven'
+          cache: "maven"
       - name: Enable testcontainer reuse
         run: echo 'testcontainers.reuse.enable=true' > "$HOME/.testcontainers.properties"
       - name: Run tests and build with Maven
@@ -28,4 +32,4 @@ jobs:
         with:
           name: original_checksum
           retention-days: 5
-          path: original_checksum
+          path: original_checksum
diff --git a/.github/workflows/release_droid_print_quick_checksum.yml b/.github/workflows/release_droid_print_quick_checksum.yml
diff --git a/.github/workflows/release_droid_upload_github_release_assets.yml b/.github/workflows/release_droid_upload_github_release_assets.yml
diff --git a/.gitignore b/.gitignore
@@ -19,8 +19,9 @@ pom.xml.versionsBackup
 *.orig
 *.old
 *.md.html
-.settings/org.eclipse.core.resources.prefs
-.settings/org.eclipse.jdt.apt.core.prefs
-.settings/org.eclipse.m2e.core.prefs
-
+/.settings/org.eclipse.core.resources.prefs
+/.settings/org.eclipse.jdt.apt.core.prefs
+/.settings/org.eclipse.m2e.core.prefs
+/.settings/org.moreunit.prefs
+/.settings/org.sonarlint.eclipse.core.prefs
 *.flattened-pom.xml
diff --git a/.project-keeper.yml b/.project-keeper.yml
@@ -4,13 +4,9 @@ sources:
     modules:
       - jar_artifact
       - integration_tests
+linkReplacements:
 excludes:
   - "E-PK-CORE-18: Outdated content: '.github/workflows/ci-build-next-java.yml'"
   - "E-PK-CORE-18: Outdated content: '.settings/org.eclipse.jdt.core.prefs'"
-  - regex: "(?s)E-PK-CORE-53: The dependencies.md file has outdated content.*"
-linkReplacements:
-  - "LICENSE-exasol-jdbc.txt|https://docs.exasol.com/connect_exasol/drivers/jdbc.htm"
-  - "https://github.com/paul-hammant/paranamer/paranamer|https://github.com/paul-hammant/paranamer"
-  - "https://netty.io/netty-all/|https://netty.io"
-  - "https://www.mojohaus.org/flatten-maven-plugin/flatten-maven-plugin|https://www.mojohaus.org/flatten-maven-plugin"
-  - "LICENSE.txt|LICENSE"
+  - "E-PK-CORE-18: Outdated content: '.github/workflows/ci-build.yml'"
+  - "E-PK-CORE-18: Outdated content: '.github/workflows/release_droid_prepare_original_checksum.yml'"