Merge pull request #593 from NASA-PDS/main

Merge main back to develop

.github/dependabot.yml

@@ -9,18 +9,22 @@ updates:
     directory: "/"
     schedule:
         interval: "monthly"
+    target-branch: "develop"
 
   - package-ecosystem: "github-actions" # See documentation for possible values
     directory: "/" # Location of package manifests
     schedule:
       interval: "weekly"
+    target-branch: "develop"
 
   - package-ecosystem: "docker" # See documentation for possible values
     directory: "/docker/" # Location of package manifests
     schedule:
       interval: "weekly"
+    target-branch: "develop"
 
   - package-ecosystem: "terraform" # See documentation for possible values
     directory: "/terraform/" # Location of package manifests
     schedule:
       interval: "weekly"
+    target-branch: "develop"

.github/workflows/codeql-analysis.yml

@@ -1,56 +1,45 @@
-# For most projects, this workflow file will not need changing; you simply need
-# to commit it to your repository.
-#
-# You may wish to alter this file to override the set of languages analyzed,
-# or to provide custom queries or build logic.
-#
-# ******** NOTE ********
-# We have attempted to detect the languages in your repository. Please check
-# the `language` matrix defined below to confirm you have the correct set of
-# supported CodeQL languages.
-#
 name: "CodeQL"
 
 on:
   schedule:
-    - cron: '23 23 * * 0'
+    - cron:  '23 23 * * 0'
   workflow_dispatch:
 
 jobs:
   analyze:
     name: Analyze
     runs-on: ubuntu-latest
-    permissions:
-      actions: read
-      contents: read
-      security-events: write
+    if: github.actor != 'pdsen-ci'
 
     strategy:
       fail-fast: false
       matrix:
-        language: [ 'java' ]
-        # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
-        # Learn more about CodeQL language support at https://git.io/codeql-language-support
+        # Override automatic language detection by changing the below list
+        # Supported options are ['csharp', 'cpp', 'go', 'java', 'javascript', 'python']
+#         language: ['java', 'python']
+        language: ['java']
+        # Learn more...
+        # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
+      with:
+        # We must fetch at least the immediate parents so that if this is
+        # a pull request then we can checkout the head.
+        fetch-depth: 2
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v3
       with:
-        languages: ${{ matrix.language }}
-        queries: security-and-quality, security-extended
-        # If you wish to specify custom queries, you can do so here or in a config file.
-        # By default, queries listed here will override any specified in a config file.
-        # Prefix the list here with "+" to use these queries and those in the config file.
-        # queries: ./path/to/local/query, your-org/your-repo/queries@main
+         languages: ${{ matrix.language }}
+         queries: security-and-quality, security-extended
 
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
-    # - name: Autobuild
-    #   uses: github/codeql-action/autobuild@v2
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v3
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -59,15 +48,8 @@ jobs:
     #    and modify them (or add more) to build your code if your project
     #    uses a compiled language
 
-    -
-        name: ☕️ Set up OpenJDK
-        uses: actions/setup-java@v3
-        with:
-            distribution: 'adopt'
-            java-version: 17
-
-    - run: |
-       mvn clean install
+#     - run: |
+#       mvn clean compile site -DskipTests
 
     - name: Perform CodeQL Analysis
       uses: github/codeql-action/analyze@v3
@@ -91,7 +73,35 @@ jobs:
         
       
     - name: Upload CodeQL Artifacts
-      uses: actions/upload-artifact@v3
+      uses: actions/upload-artifact@v4
       with:
         name: codeql-artifacts
         path: ${{ env.RESULTS_DIR }}
+
+
+  sloc-count:
+      name: SLOC Count
+      runs-on: ubuntu-latest
+      if: github.actor != 'pdsen-ci'
+      steps:
+          -
+              name: 💳 Checkout
+              uses: actions/checkout@v4
+              with:
+                  lfs: true
+                  fetch-depth: 0
+                  token: ${{secrets.ADMIN_GITHUB_TOKEN}}
+
+          -
+            name: Count Lines of Code (cloc)
+            uses: djdefi/cloc-action@6
+            with:
+                options: --report-file=cloc.md
+
+
+          -
+            name: Upload SLOC
+            uses: actions/upload-artifact@v4
+            with:
+              name: sloc-count
+              path: ${{ github.workspace }}/cloc.md

.secrets.baseline

@@ -191,7 +191,7 @@
       {
         "type": "Email Address",
         "filename": "service/src/main/java/gov/nasa/pds/api/registry/controllers/RegistryApiResponseEntityExceptionHandler.java",
-        "hashed_secret": "5255a5e4f0743ee4370d492e3e7f8a70c8a572b6",
+        "hashed_secret": "4fb813c304003b3813b35a85f05b7cb0c3994cc1",
         "is_verified": false,
         "line_number": 21,
         "is_secret": false
@@ -218,5 +218,5 @@
       }
     ]
   },
-  "generated_at": "2024-09-05T22:13:10Z"
+  "generated_at": "2024-11-25T20:57:57Z"
 }

CHANGELOG.md

@@ -1,8 +1,8 @@
 # Changelog
 
-## [release/1.5.0](https://github.com/NASA-PDS/registry-api/tree/release/1.5.0) (2024-09-03)
+## [v1.5.0](https://github.com/NASA-PDS/registry-api/tree/v1.5.0) (2024-09-03)
 
-[Full Changelog](https://github.com/NASA-PDS/registry-api/compare/v1.4.1...release/1.5.0)
+[Full Changelog](https://github.com/NASA-PDS/registry-api/compare/v1.4.1...v1.5.0)
 
 **Requirements:**
 
@@ -50,11 +50,7 @@
 
 ## [v1.4.1](https://github.com/NASA-PDS/registry-api/tree/v1.4.1) (2024-02-29)
 
-[Full Changelog](https://github.com/NASA-PDS/registry-api/compare/release/1.4.1...v1.4.1)
-
-## [release/1.4.1](https://github.com/NASA-PDS/registry-api/tree/release/1.4.1) (2024-02-29)
-
-[Full Changelog](https://github.com/NASA-PDS/registry-api/compare/v1.4.0...release/1.4.1)
+[Full Changelog](https://github.com/NASA-PDS/registry-api/compare/v1.4.0...v1.4.1)
 
 **Defects:**
 

CONTRIBUTING.md

@@ -66,3 +66,5 @@ There are a few steps required to prepare for merging code back into the main br
 1. Run all regression checks to make sure changes have re-introduced already fixed bugs.
 1. Move from draft to ready for review if in draft mode.
 1. Request review.
+
+

service/src/main/java/gov/nasa/pds/api/registry/controllers/RegistryApiResponseEntityExceptionHandler.java

@@ -18,7 +18,7 @@ public class RegistryApiResponseEntityExceptionHandler extends ResponseEntityExc
 
   private String errorDisclaimerHeader = "An error occured.\n";
   private String errorDisclaimerFooter =
-      "For assistance, forward this error message to [email protected].org";
+      "For assistance, forward this error message to [email protected].gov";
 
   // TODO refactor code to avoid repeating oneself.