Merge branch 'develop' into chore/tests-refactor-localvc-test-services

.github/workflows/analysis-of-endpoint-connections.yml

@@ -1,12 +1,8 @@
+name: Analysis of Endpoint Connections
+
 on:
   workflow_dispatch:
-  pull_request:
-    types:
-      - opened
-      - synchronize
-    paths:
-      - 'src/main/java/**'
-      - 'src/main/webapp/**'
+  push:
 
 # Keep in sync with build.yml and test.yml and codeql-analysis.yml
 env:
@@ -15,7 +11,7 @@ env:
   java: 21
 
 jobs:
-  analysis-of-endpoint-connections:
+  Parse-rest-calls-and-endpoints:
     timeout-minutes: 10
     runs-on: ubuntu-latest
     steps:
@@ -24,39 +20,70 @@ jobs:
         with:
           fetch-depth: 0
 
-      - name: Get list of modified files
-        run: |
-          git diff --name-only origin/${{ github.event.pull_request.base.ref }} HEAD > modified_files.txt
+      - name: Set up JDK 21
+        uses: actions/setup-java@v4
+        with:
+          java-version: '${{ env.java }}'
+          distribution: 'temurin'
+          cache: 'gradle'
 
-      # Analyze the client sided REST-API calls
-      - name: Set up Node.js
+      - name: Set up node.js
         uses: actions/setup-node@v4
         with:
           node-version: '${{ env.node }}'
 
-      - name: Install and compile TypeScript
+      - name: Parse client sided REST-API calls
         run: |
-          cd supporting_scripts/analysis-of-endpoint-connections/src/main/typeScript/
           npm install
-          tsc -p tsconfig.analysisOfEndpointConnections.json
-
-      - name: Run analysis-of-endpoint-connections-client
-        run: |
+          tsc -p supporting_scripts/analysis-of-endpoint-connections/src/main/typeScript/tsconfig.analysisOfEndpointConnections.json
           node supporting_scripts/analysis-of-endpoint-connections/src/main/typeScript/AnalysisOfEndpointConnectionsClient.js
 
-      - name: Upload JSON file
+      - name: Parse server sided Endpoints
+        run: ./gradlew :supporting_scripts:analysis-of-endpoint-connections:runEndpointParser
+
+      - name: Upload parsing results
         uses: actions/upload-artifact@v4
         with:
-          name: rest-calls-json
-          path: supporting_scripts/analysis-of-endpoint-connections/restCalls.json
+          name: REST API Parsing Results
+          path: |
+            supporting_scripts/analysis-of-endpoint-connections/endpoints.json
+            supporting_scripts/analysis-of-endpoint-connections/restCalls.json
+
+  Analysis-of-endpoint-connections:
+    needs: Parse-rest-calls-and-endpoints
+    timeout-minutes: 10
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
 
-      # Analyze the server sided endpoints
       - name: Set up JDK 21
         uses: actions/setup-java@v4
         with:
           distribution: 'temurin'
           java-version: '${{ env.java }}'
+          cache: 'gradle'
 
-      - name: Run analysis-of-endpoint-connections
-        run: |
-          ./gradlew :supporting_scripts:analysis-of-endpoint-connections:run --args="$(cat modified_files.txt)"
+      - name: Download JSON files
+        uses: actions/download-artifact@v4
+        with:
+          name: REST API Parsing Results
+          path: supporting_scripts/analysis-of-endpoint-connections/
+
+      - name: Analyze endpoints
+        run:
+          ./gradlew :supporting_scripts:analysis-of-endpoint-connections:runEndpointAnalysis
+
+      - name: Analyze rest calls
+        run:
+          ./gradlew :supporting_scripts:analysis-of-endpoint-connections:runRestCallAnalysis
+
+      - name: Upload analysis results
+        uses: actions/upload-artifact@v4
+        with:
+          name: Endpoint and REST Call Analysis Results
+          path: |
+            supporting_scripts/analysis-of-endpoint-connections/endpointAnalysisResult.json
+            supporting_scripts/analysis-of-endpoint-connections/restCallAnalysisResult.json

build.gradle

@@ -322,7 +322,7 @@ dependencies {
     implementation "com.github.docker-java:docker-java-transport-httpclient5:${docker_java_version}"
 
     // use newest version of commons-compress to avoid security issues through outdated dependencies
-    implementation "org.apache.commons:commons-compress:1.27.0"
+    implementation "org.apache.commons:commons-compress:1.27.1"
 
 
     // import JHipster dependencies BOM
@@ -373,8 +373,8 @@ dependencies {
     implementation "org.springframework.boot:spring-boot-starter-oauth2-resource-server:${spring_boot_version}"
     implementation "org.springframework.boot:spring-boot-starter-oauth2-client:${spring_boot_version}"
 
-    implementation "org.springframework.ldap:spring-ldap-core:3.2.4"
-    implementation "org.springframework.data:spring-data-ldap:3.3.2"
+    implementation "org.springframework.ldap:spring-ldap-core:3.2.6"
+    implementation "org.springframework.data:spring-data-ldap:3.3.3"
 
     implementation("org.springframework.cloud:spring-cloud-starter-netflix-eureka-client:4.1.3") {
         // NOTE: these modules contain security vulnerabilities and are not needed
@@ -385,9 +385,9 @@ dependencies {
     implementation "org.springframework.cloud:spring-cloud-commons:4.1.4"
 
     implementation "io.netty:netty-all:4.1.112.Final"
-    implementation "io.projectreactor.netty:reactor-netty:1.1.21"
-    implementation "org.springframework:spring-messaging:6.1.11"
-    implementation "org.springframework.retry:spring-retry:2.0.7"
+    implementation "io.projectreactor.netty:reactor-netty:1.1.22"
+    implementation "org.springframework:spring-messaging:6.1.12"
+    implementation "org.springframework.retry:spring-retry:2.0.8"
 
     implementation "org.springframework.security:spring-security-config:${spring_security_version}"
     implementation "org.springframework.security:spring-security-data:${spring_security_version}"
@@ -427,7 +427,7 @@ dependencies {
     implementation "org.zalando:jackson-datatype-problem:0.27.1"
     implementation "com.ibm.icu:icu4j-charset:75.1"
     implementation "com.github.seancfoley:ipaddress:5.5.0"
-    implementation "org.apache.maven:maven-model:3.9.8"
+    implementation "org.apache.maven:maven-model:3.9.9"
     // NOTE: 3.0.2 is broken for splitting lecture specific PDFs
     implementation "org.apache.pdfbox:pdfbox:3.0.1"
     implementation "org.apache.commons:commons-csv:1.11.0"
@@ -436,7 +436,7 @@ dependencies {
     implementation "net.lingala.zip4j:zip4j:2.11.5"
     implementation "org.jgrapht:jgrapht-core:1.5.2"
     // use newest version of guava to avoid security issues through outdated dependencies
-    implementation "com.google.guava:guava:33.2.1-jre"
+    implementation "com.google.guava:guava:33.3.0-jre"
     implementation "com.sun.activation:jakarta.activation:2.0.1"
 
     // use newest version of gson to avoid security issues through outdated dependencies
@@ -470,11 +470,11 @@ dependencies {
     testImplementation "org.assertj:assertj-core:3.26.3"
     testImplementation "org.mockito:mockito-core:${mockito_version}"
     testImplementation "org.mockito:mockito-junit-jupiter:${mockito_version}"
-    testImplementation "io.github.classgraph:classgraph:4.8.174"
+    testImplementation "io.github.classgraph:classgraph:4.8.175"
     testImplementation "org.awaitility:awaitility:4.2.2"
     testImplementation "org.apache.maven.shared:maven-invoker:3.3.0"
-    testImplementation "org.gradle:gradle-tooling-api:8.9"
-    testImplementation "org.apache.maven.surefire:surefire-report-parser:3.3.1"
+    testImplementation "org.gradle:gradle-tooling-api:8.10"
+    testImplementation "org.apache.maven.surefire:surefire-report-parser:3.4.0"
     testImplementation "com.opencsv:opencsv:5.9"
     testImplementation("io.zonky.test:embedded-database-spring-test:2.5.1") {
         exclude group: "org.testcontainers", module: "mariadb"
@@ -486,7 +486,7 @@ dependencies {
     }
     testImplementation("net.bytebuddy:byte-buddy") {
         version {
-            strictly "1.14.18"
+            strictly "1.14.19"
         }
     }
     // cannot update due to "Syntax error in SQL statement "WITH ids_to_delete"
@@ -558,7 +558,7 @@ tasks.withType(Test).configureEach {
 }
 
 wrapper {
-    gradleVersion = "8.9"
+    gradleVersion = "8.10"
 }
 
 tasks.register("stage") {

docker/nginx.yml

@@ -29,7 +29,8 @@ services:
                 hard: 1048576
         ports:
             - "80:80"
-            - "443:443"
+            - "443:443/tcp"
+            - "443:443/udp" # HTTP/3
             - "7921:7921" # Git SSH
         # expose the port to make it reachable docker internally even if the external port mapping changes
         expose:

docker/nginx/artemis-nginx.conf

@@ -18,8 +18,15 @@ server {
 }
 
 server {
-    listen 443 ssl http2;
-    listen [::]:443 ssl http2;
+    listen 443 ssl;
+    listen 443 quic reuseport;
+    listen [::]:443 ssl;
+    listen [::]:443 quic reuseport;
+    http2 on;
+    http3 on;
+    http3_hq on;
+    quic_retry on;
+
     server_name _;
 
     ssl_certificate     /certs/fullchain.pem;
@@ -36,6 +43,7 @@ server {
     ssl_stapling on;
     ssl_stapling_verify on;
 #   ssl_early_data on;
+    quic_gso on;
 
     include includes/artemis-server.conf;
 }

docker/nginx/artemis-server.conf

@@ -23,6 +23,8 @@ location / {
     fastcgi_send_timeout 900s;
     fastcgi_read_timeout 900s;
     client_max_body_size 128M;
+    # used to advertise the availability of HTTP/3
+    add_header alt-svc 'h3=":443"; ma=2592000,h3-29=":443"; ma=2592000';
  }
 
 location /api/authenticate {

gradle.properties

@@ -8,7 +8,7 @@ npm_version=10.7.0
 # Dependency versions
 jhipster_dependencies_version=8.6.0
 spring_boot_version=3.3.2
-spring_security_version=6.3.1
+spring_security_version=6.3.2
 # TODO: before we upgrade to 6.5.x, we need to make sure that there are no performance issues with empty sets or lists
 hibernate_version=6.4.9.Final
 # TODO: can we update to 5.x?
@@ -25,10 +25,11 @@ sshd_version=2.13.2
 checkstyle_version=10.17.0
 jplag_version=5.1.0
 slf4j_version=2.0.16
-sentry_version=7.13.0
+sentry_version=7.14.0
 liquibase_version=4.29.1
 docker_java_version=3.4.0
-logback_version=1.5.6
+logback_version=1.5.7
+java_parser_version=3.26.1
 
 # gradle plugin version
 gradle_node_plugin_version=7.0.2

gradle/wrapper/gradle-wrapper.properties

@@ -1,6 +1,6 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.9-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.10-bin.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME

gradlew

@@ -15,6 +15,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
+# SPDX-License-Identifier: Apache-2.0
+#
 
 ##############################################################################
 #
@@ -55,7 +57,7 @@
 #       Darwin, MinGW, and NonStop.
 #
 #   (3) This script is generated from the Groovy template
-#       https://github.com/gradle/gradle/blob/HEAD/subprojects/plugins/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+#       https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
 #       within the Gradle project.
 #
 #       You can find Gradle at https://github.com/gradle/gradle/.
@@ -84,7 +86,8 @@ done
 # shellcheck disable=SC2034
 APP_BASE_NAME=${0##*/}
 # Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036)
-APP_HOME=$( cd "${APP_HOME:-./}" > /dev/null && pwd -P ) || exit
+APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s
+' "$PWD" ) || exit
 
 # Use the maximum available, or set MAX_FD != -1 to use that value.
 MAX_FD=maximum

gradlew.bat

@@ -13,6 +13,8 @@
 @rem See the License for the specific language governing permissions and
 @rem limitations under the License.
 @rem
+@rem SPDX-License-Identifier: Apache-2.0
+@rem
 
 @if "%DEBUG%"=="" @echo off
 @rem ##########################################################################