merge

Signed-off-by: Marlon Pina Tojal <[email protected]>

.eslintignore

@@ -0,0 +1,2 @@
+node_modules
+

.eslintrc.js

@@ -1,17 +1,18 @@
 module.exports = {
   root: true,
   env: {
-    node: true
+    node: true,
   },
-  'extends': [
+  parserOptions: {
+    parser: '@babel/eslint-parser',
+  },
+  extends: [
+    'eslint:recommended',
     'plugin:vue/essential',
-    'eslint:recommended'
+    'plugin:prettier/recommended',
   ],
   rules: {
     'no-console': process.env.NODE_ENV === 'production' ? 'error' : 'off',
-    'no-debugger': process.env.NODE_ENV === 'production' ? 'error' : 'off'
+    'no-debugger': process.env.NODE_ENV === 'production' ? 'error' : 'off',
   },
-  parserOptions: {
-    parser: 'babel-eslint'
-  }
-}
+};

.github/ISSUE_TEMPLATE/defect-report.yml

@@ -61,9 +61,9 @@ body:
     options:
     - 4.7.x
     - 4.8.x
-    - 4.9.0
-    - 4.9.1
-    - 4.10.0-SNAPSHOT
+    - 4.9.x
+    - 4.10.0
+    - 4.11.0-SNAPSHOT
   validations:
     required: true
 - type: dropdown

.github/release.yml

@@ -0,0 +1,14 @@
+changelog:
+  categories:
+  - title: Enhancements 🚀
+    labels:
+    - enhancement
+  - title: Bug Fixes 🐛
+    labels:
+    - defect
+  - title: Dependency Updates 🤖
+    labels:
+    - dependencies
+  - title: Other Changes
+    labels:
+    - "*"

.github/workflows/_meta-build.yaml

@@ -14,13 +14,13 @@ on:
       app-version:
         type: string
         required: false
-        default: "snapshot"
-        description: "Set the version that should be set/used as tag for the container image"
+        default: 'snapshot'
+        description: 'Set the version that should be set/used as tag for the container image'
       publish-container:
         type: boolean
         required: false
         default: false
-        description: "Set if the container image gets publish and scan once its build"
+        description: 'Set if the container image gets publish and scan once its build'
     secrets:
       registry-0-usr:
         required: true
@@ -41,7 +41,7 @@ jobs:
         uses: actions/[email protected]
 
       - name: Set up NodeJs
-        uses: actions/[email protected].0
+        uses: actions/[email protected].2
         with:
           node-version: ${{ matrix.node-version }}
           cache: 'npm'
@@ -54,7 +54,7 @@ jobs:
           npm run build --if-present
 
       - name: Upload Artifacts
-        uses: actions/upload-artifact@v3.1.3
+        uses: actions/upload-artifact@v4.3.1
         with:
           name: assembled-frontend-node${{ matrix.node-version }}
           path: |-
@@ -71,15 +71,15 @@ jobs:
         uses: actions/[email protected]
 
       - name: Download Artifacts
-        uses: actions/download-artifact@v3.0.2
+        uses: actions/download-artifact@v4.1.4
         with:
           name: assembled-frontend-node${{ inputs.node-version-package }}
 
       - name: Set up QEMU
         uses: docker/[email protected]
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3.0.0
+        uses: docker/setup-buildx-action@v3.1.0
         id: buildx
         with:
           install: true
@@ -116,7 +116,7 @@ jobs:
 
       - name: Run Trivy Vulnerability Scanner
         if: ${{ inputs.publish-container }}
-        uses: aquasecurity/trivy-action@0.14.0
+        uses: aquasecurity/trivy-action@0.18.0
         with:
           image-ref: docker.io/dependencytrack/frontend:${{ inputs.app-version }}
           format: 'sarif'
@@ -126,6 +126,6 @@ jobs:
 
       - name: Upload Trivy Scan Results to GitHub Security Tab
         if: ${{ inputs.publish-container }}
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: 'trivy-results.sarif'

.github/workflows/ci-publish.yaml

@@ -49,7 +49,7 @@ jobs:
         uses: actions/[email protected]
 
       - name: Download Artifacts
-        uses: actions/download-artifact@v3.0.2
+        uses: actions/download-artifact@v4.1.4
         with:
           name: assembled-frontend-node18
 
@@ -74,6 +74,9 @@ jobs:
           \`\`\`
           EOF
 
+          gh release view ${{ needs.read-version.outputs.version }} \
+            --json body --jq .body >> .github/default-release-notes.md
+
           gh release edit ${{ needs.read-version.outputs.version }} \
             --notes-file ".github/default-release-notes.md"
 

.github/workflows/ci-release.yaml

@@ -6,7 +6,7 @@ on:
       version-to-bump:
         type: choice
         required: true
-        description: "Select which part of the version to bump and release"
+        description: 'Select which part of the version to bump and release'
         options:
           - patch
           - minor
@@ -24,7 +24,7 @@ jobs:
         uses: actions/[email protected]
 
       - name: Set up NodeJs
-        uses: actions/[email protected].0
+        uses: actions/[email protected].2
         with:
           node-version: '18'
           cache: 'npm'
@@ -41,7 +41,7 @@ jobs:
       - name: Create GitHub Release
         env:
           GITHUB_TOKEN: ${{ secrets.BOT_RELEASE_TOKEN }}
-          GH_OPTS: ""
+          GH_OPTS: ''
         run: |-
           VERSION=`jq -r '.version' package.json`
 
@@ -52,4 +52,4 @@ jobs:
           gh release create "${VERSION}" ${GH_OPTS} \
             --target "${{ github.ref_name }}" \
             --title "${VERSION}" \
-            --notes-file ".github/default-release-notes.md"
+            --generate-notes

.github/workflows/codeql-analysis.yaml

@@ -1,4 +1,4 @@
-name: "CodeQL"
+name: 'CodeQL'
 
 on:
   push:
@@ -25,34 +25,34 @@ jobs:
         # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection
 
     steps:
-    - name: Checkout repository
-      uses: actions/[email protected]
-
-    # Initializes the CodeQL tools for scanning.
-    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
-      with:
-        languages: ${{ matrix.language }}
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-        # queries: ./path/to/local/query, your-org/your-repo/queries@main
-
-    # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
-    # If this step fails, then you should remove it and run the build manually (see below)
-    - name: Autobuild
-      uses: github/codeql-action/autobuild@v2
-
-    # ℹ️ Command-line programs to run using the OS shell.
-    # 📚 https://git.io/JvXDl
-
-    # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
-    #    and modify them (or add more) to build your code if your project
-    #    uses a compiled language
-
-    #- run: |
-    #   make bootstrap
-    #   make release
-
-    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      - name: Checkout repository
+        uses: actions/[email protected]
+
+      # Initializes the CodeQL tools for scanning.
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v3
+        with:
+          languages: ${{ matrix.language }}
+          # If you wish to specify custom queries, you can do so here or in a config file.
+          # By default, queries listed here will override any specified in a config file.
+          # Prefix the list here with "+" to use these queries and those in the config file.
+          # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+      # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
+      # If this step fails, then you should remove it and run the build manually (see below)
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v3
+
+      # ℹ️ Command-line programs to run using the OS shell.
+      # 📚 https://git.io/JvXDl
+
+      # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines
+      #    and modify them (or add more) to build your code if your project
+      #    uses a compiled language
+
+      #- run: |
+      #   make bootstrap
+      #   make release
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v3

.github/workflows/dependency-review.yaml

@@ -13,4 +13,4 @@ jobs:
         uses: actions/[email protected]
 
       - name: Dependency Review
-        uses: actions/dependency-review-action@v3
+        uses: actions/dependency-review-action@v4

.github/workflows/lint.yaml

@@ -0,0 +1,39 @@
+name: Lint
+on:
+  push:
+    branches:
+      - 'master' # Default branch
+  pull_request:
+    branches:
+      - 'master' # Default branch
+
+permissions:
+  contents: read
+
+env:
+  NODE_VERSION: 18
+
+jobs:
+  lint:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout Repository
+        uses: actions/[email protected]
+
+      - name: Set up NodeJs
+        uses: actions/[email protected]
+        with:
+          node-version: ${{ env.NODE_VERSION }}
+          cache: 'npm'
+
+      - name: Install Dependencies
+        run: npm install
+
+      - name: Lint Prettier
+        run: npm run prettier
+        continue-on-error: false
+
+      - name: Lint ESLint
+        run: npm run eslint
+        continue-on-error: true

.postcssrc.js

@@ -1,5 +1,5 @@
 module.exports = {
   plugins: {
-    autoprefixer: {}
-  }
-}
+    autoprefixer: {},
+  },
+};

.prettierrc.json

@@ -0,0 +1,6 @@
+{
+  "singleQuote": true,
+  "tabWidth": 2,
+  "semi": true,
+  "trailingComma": "all"
+}

.vscode/extensions.json

@@ -0,0 +1,8 @@
+{
+  "recommendations": [
+    "dbaeumer.vscode-eslint",
+    "esbenp.prettier-vscode",
+    "editorconfig.editorconfig",
+    "github.vscode-github-actions"
+  ]
+}

.vscode/settings.json

@@ -0,0 +1,11 @@
+{
+  "[javascript]": {
+    "editor.defaultFormatter": "esbenp.prettier-vscode"
+  },
+  "[vue]": {
+    "editor.defaultFormatter": "esbenp.prettier-vscode"
+  },
+  "editor.codeActionsOnSave": {
+    "source.fixAll.eslint": "explicit"
+  }
+}

CODE_OF_CONDUCT.md

@@ -8,19 +8,19 @@ In the interest of fostering an open and welcoming environment, we as contributo
 
 Examples of behavior that contributes to creating a positive environment include:
 
-* Using welcoming and inclusive language
-* Being respectful of differing viewpoints and experiences
-* Gracefully accepting constructive criticism
-* Focusing on what is best for the community
-* Showing empathy towards other community members
+- Using welcoming and inclusive language
+- Being respectful of differing viewpoints and experiences
+- Gracefully accepting constructive criticism
+- Focusing on what is best for the community
+- Showing empathy towards other community members
 
 Examples of unacceptable behavior by participants include:
 
-* The use of sexualized language or imagery and unwelcome sexual attention or advances
-* Trolling, insulting/derogatory comments, and personal or political attacks
-* Public or private harassment
-* Publishing others' private information, such as a physical or electronic address, without explicit permission
-* Other conduct which could reasonably be considered inappropriate in a professional setting
+- The use of sexualized language or imagery and unwelcome sexual attention or advances
+- Trolling, insulting/derogatory comments, and personal or political attacks
+- Public or private harassment
+- Publishing others' private information, such as a physical or electronic address, without explicit permission
+- Other conduct which could reasonably be considered inappropriate in a professional setting
 
 ## Our Responsibilities