improve github action

.github/workflows/coverage.yml

@@ -0,0 +1,64 @@
+name: Coverage
+
+on:
+ push:
+ branches: [ master, upgrade ]
+ paths:
+ - 'accessors-smart/**'
+ - 'json-smart/**'
+ - '.github/workflows/coverage.yml'
+ pull_request:
+ branches: [ master ]
+ paths:
+ - 'accessors-smart/**'
+ - 'json-smart/**'
+ - '.github/workflows/coverage.yml'
+
+permissions:
+ contents: read
+
+jobs:
+ coverage:
+ name: Code Coverage
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout@v4
+
+ - name: Set up JDK 11
+ uses: actions/setup-java@v4
+ with:
+ java-version: 11
+ distribution: 'temurin'
+ cache: 'maven'
+
+ - name: Build and test accessors-smart with coverage
+ run: cd accessors-smart && ./mvnw -q clean install
+
+ - name: Build and test json-smart with coverage
+ run: cd json-smart && ./mvnw -q clean test
+
+ - name: Upload accessors-smart coverage to Coveralls
+ uses: coverallsapp/github-action@v2
+ with:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+ file: accessors-smart/target/site/jacoco/jacoco.xml
+ format: jacoco
+ flag-name: accessors-smart
+ parallel: true
+
+ - name: Upload json-smart coverage to Coveralls
+ uses: coverallsapp/github-action@v2
+ with:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+ file: json-smart/target/site/jacoco/jacoco.xml
+ format: jacoco
+ flag-name: json-smart
+ parallel: true
+
+ - name: Finish parallel build
+ uses: coverallsapp/github-action@v2
+ with:
+ github-token: ${{ secrets.GITHUB_TOKEN }}
+ parallel-finished: true

.github/workflows/json-smart-formatting.yml

@@ -4,9 +4,23 @@ on:
  push:
  branches:
  - master
+ - upgrade
+ paths:
+ - 'accessors-smart/**'
+ - 'json-smart/**'
+ - 'json-smart-action/**'
+ - '.github/workflows/json-smart-formatting.yml'
  pull_request:
  branches:
  - master
+ paths:
+ - 'accessors-smart/**'
+ - 'json-smart/**'
+ - 'json-smart-action/**'
+ - '.github/workflows/json-smart-formatting.yml'
+
+permissions:
+ contents: read
 
 jobs:
  formatting:
@@ -21,6 +35,14 @@ jobs:
  distribution: 'temurin'
  cache: 'maven'
 
+ - name: Cache local Maven repository
+ uses: actions/cache@v4
+ with:
+ path: ~/.m2/repository
+ key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+ restore-keys: |
+ ${{ runner.os }}-maven-
+
  - name: Check formatting accessors-smart
  run: cd accessors-smart; ./mvnw spotless:check
 

.github/workflows/json-smart-unit-tests.yml

@@ -5,16 +5,30 @@ on:
  branches:
  - master
  - update2024
+ - upgrade
+ paths:
+ - 'accessors-smart/**'
+ - 'json-smart/**'
+ - 'json-smart-action/**'
+ - '.github/workflows/json-smart-unit-tests.yml'
  pull_request:
  branches:
  - master
+ paths:
+ - 'accessors-smart/**'
+ - 'json-smart/**'
+ - 'json-smart-action/**'
+ - '.github/workflows/json-smart-unit-tests.yml'
+
+permissions:
+ contents: read
 
 jobs:
  publish:
  runs-on: ubuntu-latest
  strategy:
  matrix:
- java-version: [8, 11, 16, 17, 21]
+ java-version: [8, 11, 17, 21, 22, 23]
  steps:
  - uses: actions/checkout@v4
 
@@ -25,6 +39,14 @@ jobs:
  distribution: 'temurin'
  cache: 'maven'
 
+ - name: Cache local Maven repository
+ uses: actions/cache@v4
+ with:
+ path: ~/.m2/repository
+ key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+ restore-keys: |
+ ${{ runner.os }}-maven-
+
  - name: Unit tests accessors-smart
  run: cd accessors-smart; ./mvnw -B install; ./mvnw -B clean test
 

.github/workflows/security.yml

@@ -0,0 +1,90 @@
+name: Security Scanning
+
+on:
+ push:
+ branches: [ master, upgrade ]
+ paths:
+ - 'accessors-smart/**'
+ - 'json-smart/**'
+ - 'json-smart-action/**'
+ - '.github/workflows/security.yml'
+ pull_request:
+ branches: [ master ]
+ paths:
+ - 'accessors-smart/**'
+ - 'json-smart/**'
+ - 'json-smart-action/**'
+ - '.github/workflows/security.yml'
+ schedule:
+ - cron: '0 6 * * 1' # Weekly on Monday at 6am UTC
+
+permissions:
+ contents: read
+ security-events: write
+ actions: read
+
+jobs:
+ codeql:
+ name: CodeQL Analysis
+ runs-on: ubuntu-latest
+ strategy:
+ fail-fast: false
+ matrix:
+ language: [ 'java' ]
+
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout@v4
+
+ - name: Set up JDK 11
+ uses: actions/setup-java@v4
+ with:
+ java-version: 11
+ distribution: 'temurin'
+ cache: 'maven'
+
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init@v3
+ with:
+ languages: ${{ matrix.language }}
+
+ - name: Build project accessors-smart
+ run: cd accessors-smart && ./mvnw -q clean install
+
+ - name: Build project json-smart
+ run: cd json-smart && ./mvnw -q clean install
+
+ - name: Build project json-smart-action
+ run: cd json-smart-action && ./mvnw -q clean install
+
+ - name: Perform CodeQL Analysis
+ uses: github/codeql-action/analyze@v3
+
+ dependency-check:
+ name: Dependency Vulnerability Scan
+ runs-on: ubuntu-latest
+
+ steps:
+ - name: Checkout repository
+ uses: actions/checkout@v4
+
+ - name: Set up JDK 11
+ uses: actions/setup-java@v4
+ with:
+ java-version: 11
+ distribution: 'temurin'
+ cache: 'maven'
+
+ - name: Run OWASP Dependency Check
+ run: |
+ cd accessors-smart && ./mvnw -q org.owasp:dependency-check-maven:check -DnvdApiKey=${{ secrets.NVD_API_KEY }}
+ cd ../json-smart && ./mvnw -q org.owasp:dependency-check-maven:check -DnvdApiKey=${{ secrets.NVD_API_KEY }}
+ cd ../json-smart-action && ./mvnw -q org.owasp:dependency-check-maven:check -DnvdApiKey=${{ secrets.NVD_API_KEY }}
+ continue-on-error: true
+
+ - name: Upload dependency check results
+ uses: actions/upload-artifact@v4
+ if: always()
+ with:
+ name: dependency-check-reports
+ path: '**/target/dependency-check-report.html'

.gitignore

@@ -9,3 +9,4 @@
 **/bin
 **/target
 **/.vscode/
+.env

README.md

@@ -1,7 +1,9 @@
 # json-smart-v2
-[![Build Status](https://travis-ci.org/netplex/json-smart-v2.svg?branch=master)](https://travis-ci.org/netplex/json-smart-v2)
+[![CI](https://github.com/netplex/json-smart-v2/actions/workflows/json-smart-unit-tests.yml/badge.svg)](https://github.com/netplex/json-smart-v2/actions/workflows/json-smart-unit-tests.yml)
+[![Security](https://github.com/netplex/json-smart-v2/actions/workflows/security.yml/badge.svg)](https://github.com/netplex/json-smart-v2/actions/workflows/security.yml)
 [![Maven Central](https://maven-badges.herokuapp.com/maven-central/net.minidev/json-smart/badge.svg?style=flat-square)](https://maven-badges.herokuapp.com/maven-central/net.minidev/json-smart/)
 [![Coverage Status](https://coveralls.io/repos/github/netplex/json-smart-v2/badge.svg?branch=master)](https://coveralls.io/github/netplex/json-smart-v2?branch=master)
+[![Java 8+](https://img.shields.io/badge/Java-8%2B-blue.svg)](https://openjdk.java.net/)
 
 
 Json-smart development started in 2010, when SQL servers did not support native JSON fields, NoSQL databases were slowly emerging, and all the existing JSON APIs were bogus. I wrote lots of tests to benchmark and compare JSON java parsers. 

accessors-smart/pom.xml

@@ -92,7 +92,7 @@ limitations under the License.
  <!-- https://mvnrepository.com/artifact/org.apache.maven.plugins/maven-gpg-plugin -->
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-gpg-plugin</artifactId>
- <version>3.2.7</version>
+ <version>3.2.8</version>
  <executions>
  <execution>
  <id>sign-artifacts</id>
@@ -178,7 +178,7 @@ limitations under the License.
  <!-- https://mvnrepository.com/artifact/org.apache.maven.plugins/maven-compiler-plugin -->
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-compiler-plugin</artifactId>
- <version>3.13.0</version>
+ <version>3.14.0</version>
  <configuration>
  <encoding>UTF-8</encoding>
  <source>${maven.compiler.source}</source>
@@ -204,7 +204,7 @@ limitations under the License.
  <!-- https://mvnrepository.com/artifact/org.apache.maven.plugins/maven-javadoc-plugin -->
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-javadoc-plugin</artifactId>
- <version>3.10.1</version>
+ <version>3.11.2</version>
  <!-- ONLY NEEDED With jdk 1.7+ -->
  <configuration>
  <source>8</source>
@@ -243,7 +243,7 @@ limitations under the License.
  <plugin>
  <groupId>com.diffplug.spotless</groupId>
  <artifactId>spotless-maven-plugin</artifactId>
- <version>2.44.2</version>
+ <version>2.46.1</version>
  <configuration>
  <java>
  <includes>
@@ -259,14 +259,33 @@ limitations under the License.
  </java>
  </configuration>
  </plugin>
+ <plugin>
+ <groupId>org.jacoco</groupId>
+ <artifactId>jacoco-maven-plugin</artifactId>
+ <version>0.8.13</version>
+ <executions>
+ <execution>
+ <goals>
+ <goal>prepare-agent</goal>
+ </goals>
+ </execution>
+ <execution>
+ <id>report</id>
+ <phase>test</phase>
+ <goals>
+ <goal>report</goal>
+ </goals>
+ </execution>
+ </executions>
+ </plugin>
  </plugins>
  </build>
  <dependencies>
  <!-- https://mvnrepository.com/artifact/org.junit.jupiter/junit-jupiter-api -->
  <dependency>
  <groupId>org.junit.jupiter</groupId>
  <artifactId>junit-jupiter-api</artifactId>
- <version>5.11.2</version>
+ <version>5.13.4</version>
  <scope>test</scope>
  </dependency>
  <!-- https://mvnrepository.com/artifact/org.ow2.asm/asm -->

json-smart-action/pom.xml

@@ -212,6 +212,7 @@
  </executions>
  </plugin>
  <plugin>
+ <!-- https://mvnrepository.com/artifact/org.apache.felix/maven-bundle-plugin -->
  <groupId>org.apache.felix</groupId>
  <artifactId>maven-bundle-plugin</artifactId>
  <version>5.1.9</version>

json-smart/pom.xml

@@ -270,6 +270,25 @@ limitations under the License.
 </java>
 </configuration>
 </plugin>
+<plugin>
+<groupId>org.jacoco</groupId>
+<artifactId>jacoco-maven-plugin</artifactId>
+<version>0.8.13</version>
+<executions>
+<execution>
+<goals>
+<goal>prepare-agent</goal>
+</goals>
+</execution>
+<execution>
+<id>report</id>
+<phase>test</phase>
+<goals>
+<goal>report</goal>
+</goals>
+</execution>
+</executions>
+</plugin>
 </plugins>
 </build>
 <dependencies>