Merge pull request #375 from eclipse-tractusx/release/v1.7.0-RC4

release(1.7.0-RC4): merge release into main

.github/workflows/trivy-dev.yml

@@ -54,15 +54,13 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@0.14.0
         with:
           scan-type: "config"
-          # ignore-unfixed: true
-          exit-code: "1"
           hide-progress: false
           format: "sarif"
           output: "trivy-results1.sarif"
-          severity: "CRITICAL,HIGH"
+          vuln-type: "os,library"
 
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v2
@@ -88,14 +86,13 @@ jobs:
       # For public images, no ENV vars must be set.
       - name: Run Trivy vulnerability scanner
         if: always()
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@0.14.0
         with:
           # Path to Docker image
           image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}:dev"
           format: "sarif"
           output: "trivy-results2.sarif"
-          exit-code: "1"
-          severity: "CRITICAL,HIGH"
+          vuln-type: "os,library"
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()

.github/workflows/trivy.yml

@@ -54,15 +54,13 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@0.14.0
         with:
           scan-type: "config"
-          # ignore-unfixed: true
-          exit-code: "1"
           hide-progress: false
           format: "sarif"
           output: "trivy-results1.sarif"
-          severity: "CRITICAL,HIGH"
+          vuln-type: "os,library"
 
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v2
@@ -88,14 +86,13 @@ jobs:
       # For public images, no ENV vars must be set.
       - name: Run Trivy vulnerability scanner
         if: always()
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@0.14.0
         with:
           # Path to Docker image
           image-ref: "${{ env.IMAGE_NAMESPACE }}/${{ env.IMAGE_NAME }}:latest"
           format: "sarif"
           output: "trivy-results2.sarif"
-          exit-code: "1"
-          severity: "CRITICAL,HIGH"
+          vuln-type: "os,library"
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()

CHANGELOG.md

@@ -1,5 +1,55 @@
 # Changelog
 
+## 1.7.0-RC4
+
+### Change
+
+- Admin Credential Management Board
+  - support the load element for "decline" and "approve" button
+  - document icons updated to support hover to show that the document can get clicked
+
+### Feature
+
+- App Change Process
+  - Document change (delete and add) added and backend integrated
+
+### Technical Support
+
+- Trivy scan: changed to no failure on high findings, as it should only fail if there is an error/misconfiguration
+
+### Bugfix
+
+- Service Release Process
+  - fixed consent check removal issue on save
+- App Release Process
+  - fixed error message deletion upon deleting of csv file in technical integration
+  - fixed consent check removal issue on save
+- Invite Business Partner - fixed auto page refresh/update when inviting via the invite overlay a new company
+- App Subscription
+  - business logic and backend api response connection updated to be able to handle the service setup status for each subscription instead of the offer level itself
+- Service Subscription
+  - activation Overlay field names updated
+  - field value mapping to backend api response properties updated/changed
+  - copy feature/icon added for the technical user secret
+  - header description updated
+  - business logic and backend api response connection updated to be able to handle the service setup status for each subscription instead of the offer level itself
+- Technical User Creation
+  - Overlay Type SubHeading Typo fix
+- Technical User Details
+  - fixed white screen for technical users with connector null object
+- Vulnerability from dependency
+  - upgrade axios dependency to v1.6.1
+
+### Known Knowns
+
+- App Release Process
+  - help link hyperlink incorrectly set
+  - mutated vowel/umlaut of uploaded app roles are incorrectly displayed
+- Semantic Models
+  - semantic model overlay diagram can not get displayed due to semantic model backend external dependency error. Interim deactivated the function.
+- Service Subscription Management
+  - detail overlay incorrectly displays an "Edit" icon for the technical user name
+
 ## 1.7.0-RC3
 
 ### Change

DEPENDENCIES

@@ -50,7 +50,6 @@ npm/npmjs/-/autoprefixer/10.4.16, MIT, approved, #7494
 npm/npmjs/-/autosuggest-highlight/3.3.4, MIT, approved, clearlydefined
 npm/npmjs/-/available-typed-arrays/1.0.5, MIT, approved, clearlydefined
 npm/npmjs/-/axe-core/4.8.2, MPL-2.0 AND MIT AND (Apache-2.0 AND OFL-1.1), approved, #10969
-npm/npmjs/-/axios/1.5.1, MIT, approved, #10504
 npm/npmjs/-/axios/1.6.1, MIT, approved, #11338
 npm/npmjs/-/axobject-query/3.2.1, Apache-2.0, approved, #9144
 npm/npmjs/-/babel-jest/27.5.1, MIT, approved, clearlydefined
@@ -676,7 +675,7 @@ npm/npmjs/-/postcss-import/15.1.0, MIT, approved, clearlydefined
 npm/npmjs/-/postcss-initial/4.0.1, MIT, approved, clearlydefined
 npm/npmjs/-/postcss-js/4.0.1, MIT, approved, clearlydefined
 npm/npmjs/-/postcss-lab-function/4.2.1, CC0-1.0 AND (MIT AND W3C-20150513) AND W3C-20150513 AND MIT, approved, #3020
-npm/npmjs/-/postcss-load-config/4.0.1, MIT, approved, clearlydefined
+npm/npmjs/-/postcss-load-config/4.0.1, MIT, approved, #11674
 npm/npmjs/-/postcss-loader/6.2.1, MIT, approved, clearlydefined
 npm/npmjs/-/postcss-logical/5.0.4, CC0-1.0, approved, clearlydefined
 npm/npmjs/-/postcss-media-minmax/5.0.0, MIT, approved, clearlydefined
@@ -1025,7 +1024,7 @@ npm/npmjs/@ampproject/remapping/2.2.1, Apache-2.0, approved, clearlydefined
 npm/npmjs/@apideck/better-ajv-errors/0.3.6, MIT, approved, clearlydefined
 npm/npmjs/@babel/code-frame/7.22.13, MIT, approved, #8946
 npm/npmjs/@babel/compat-data/7.22.20, MIT, approved, #9062
-npm/npmjs/@babel/core/7.23.0, MIT, approved, clearlydefined
+npm/npmjs/@babel/core/7.23.0, MIT AND (BSD-2-Clause AND ISC AND MIT) AND BSD-2-Clause AND BSD-3-Clause, approved, #11570
 npm/npmjs/@babel/eslint-parser/7.22.15, MIT, approved, #9138
 npm/npmjs/@babel/generator/7.23.0, MIT AND (BSD-2-Clause AND ISC AND MIT) AND BSD-2-Clause AND BSD-3-Clause, approved, #11522
 npm/npmjs/@babel/generator/7.23.3, MIT AND (BSD-2-Clause AND ISC AND MIT) AND BSD-2-Clause AND BSD-3-Clause, approved, #11522
@@ -1040,7 +1039,7 @@ npm/npmjs/@babel/helper-function-name/7.23.0, MIT, approved, clearlydefined
 npm/npmjs/@babel/helper-hoist-variables/7.22.5, MIT, approved, #8957
 npm/npmjs/@babel/helper-member-expression-to-functions/7.23.0, MIT AND (BSD-2-Clause AND ISC AND MIT) AND BSD-2-Clause AND BSD-3-Clause, approved, #10960
 npm/npmjs/@babel/helper-module-imports/7.22.15, MIT, approved, #8944
-npm/npmjs/@babel/helper-module-transforms/7.23.0, MIT, approved, clearlydefined
+npm/npmjs/@babel/helper-module-transforms/7.23.0, MIT AND (BSD-2-Clause AND ISC AND MIT) AND BSD-2-Clause AND BSD-3-Clause, approved, #11537
 npm/npmjs/@babel/helper-optimise-call-expression/7.22.5, MIT, approved, #9011
 npm/npmjs/@babel/helper-plugin-utils/7.22.5, MIT, approved, #9012
 npm/npmjs/@babel/helper-remap-async-to-generator/7.22.20, MIT, approved, #8981
@@ -1052,7 +1051,7 @@ npm/npmjs/@babel/helper-string-parser/7.22.5, MIT, approved, #8962
 npm/npmjs/@babel/helper-validator-identifier/7.22.20, MIT, approved, #8955
 npm/npmjs/@babel/helper-validator-option/7.22.15, MIT, approved, #8961
 npm/npmjs/@babel/helper-wrap-function/7.22.20, MIT, approved, #8951
-npm/npmjs/@babel/helpers/7.23.1, MIT, approved, clearlydefined
+npm/npmjs/@babel/helpers/7.23.1, MIT AND (BSD-2-Clause AND ISC AND MIT) AND BSD-2-Clause AND BSD-3-Clause, approved, #11662
 npm/npmjs/@babel/highlight/7.22.20, MIT, approved, #9073
 npm/npmjs/@babel/parser/7.23.0, MIT AND (BSD-2-Clause AND ISC AND MIT) AND BSD-2-Clause AND BSD-3-Clause, approved, #10663
 npm/npmjs/@babel/parser/7.23.3, MIT AND (BSD-2-Clause AND ISC AND MIT) AND BSD-2-Clause AND BSD-3-Clause, approved, #10663
@@ -1321,7 +1320,7 @@ npm/npmjs/@types/qs/6.9.8, MIT, approved, clearlydefined
 npm/npmjs/@types/range-parser/1.2.5, MIT, approved, #10795
 npm/npmjs/@types/react-dom/18.2.11, MIT, approved, #8256
 npm/npmjs/@types/react-redux/7.1.27, MIT, approved, #10970
-npm/npmjs/@types/react-slick/0.23.10, MIT, approved, clearlydefined
+npm/npmjs/@types/react-slick/0.23.10, MIT, approved, #11666
 npm/npmjs/@types/react-transition-group/4.4.7, MIT, approved, #8416
 npm/npmjs/@types/react/18.2.25, MIT, approved, #8234
 npm/npmjs/@types/resolve/1.17.1, MIT, approved, clearlydefined

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@catena-x/portal-frontend",
-  "version": "v1.7.0-RC3",
+  "version": "v1.7.0-RC4",
   "description": "Catena-X Portal Frontend",
   "author": "Catena-X Contributors",
   "license": "Apache-2.0",
@@ -35,7 +35,7 @@
     "@react-hook/cache": "^1.1.1",
     "@reduxjs/toolkit": "^1.9.5",
     "@types/papaparse": "^5.3.7",
-    "axios": "^1.4.0",
+    "axios": "^1.6.1",
     "buffer": "^6.0.3",
     "dayjs": "^1.11.8",
     "i18next": "^22.5.1",
@@ -92,8 +92,7 @@
   },
   "resolutions": {
     "**/nth-check": "^2.1.1",
-    "**/@babel/traverse": "^7.23.2",
-    "**/axios": "^1.6.1"
+    "**/@babel/traverse": "^7.23.2"
   },
   "scripts": {
     "prepare": "husky install",

src/assets/locales/de/main.json

@@ -442,10 +442,13 @@
     "changeDocuments": {
       "headerTitle": "Update Contract Documents",
       "description": "Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard .Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard .",
-      "saveTooltipMsg": "The save button will be active after a document was changed",
-      "successMsg": "Documents changed successfully",
+      "successMsg": "Document uploaded successfully",
       "errorMsg": "Error! Something went wrong",
-      "uploadNewDocument": "Neues Dokument hochladen"
+      "uploadNewDocument": "Upload new document",
+      "uploadNewDocumentDescription": "Hinweis: Es ist nur eine Datei zum Hochladen zulässig",
+      "documentDeleteSuccess": "Document deleted successfully",
+      "deleteIconTooltip": "Mindestens ein Dokument ist obligatorisch. Laden Sie ein neues Dokument hoch, bevor Sie das Bild entfernen können.",
+      "uploadButtonTooltip": "Maximale Anzahl zulässiger Dokumente erreicht. Bitte löschen Sie ein Dokument, bevor Sie ein neues hochladen."
     },
     "appreleaseprocess": {
       "message": "App Release Process Message"
@@ -860,7 +863,7 @@
       "technicalUser": {
         "addOverlay": {
           "service": "Technical User Role",
-          "serviceSubHeading": "Select one service roles:",
+          "serviceSubHeading": "Select one of the following service roles:",
           "username": "Username",
           "description": "Beschreibung",
           "spocHeadline": "Single Point of Contact (SPoC)",
@@ -1568,6 +1571,7 @@
       "noteDetail": "Please note - use case participation revocation is currently not enabled. Please contact the platform owner for support.",
       "version": "Version: {{version}}",
       "framework": "Framework",
+      "nodocument": "Kein Dokument vorhanden",
       "expiry": "Expiry: {{expiry}}",
       "editUsecase": {
         "title": "Trigger the use case participation by signing and uploading the use case frame agreement for {{usecaseName}}",

src/assets/locales/de/servicerelease.json

@@ -187,12 +187,12 @@
       "title": "Service Subscription Activated",
       "subtitle": "for ",
       "successDescription": "The service is now activated and is now located in your active contract management",
-      "successDescriptionWithTechUser": "The service is not activated and technical user got successfully created.<br /> Please find the necessary user detials below.",
+      "successDescriptionWithTechUser": "The service is now activated and technical user was successfully created.<br /> Please find the necessary user details below.",
       "tableheader": "Technical User Details:",
-      "userId": "User Id:",
+      "userId": "Client ID Tech User:",
       "sercret": "Secret:",
       "url": "URL:",
-      "technicaluserType": "Technical User Type:",
+      "technicaluserType": "Assigned Permissions:",
       "close": "Close"
     }
   },

src/assets/locales/en/main.json

@@ -443,10 +443,13 @@
     "changeDocuments": {
       "headerTitle": "Update Contract Documents",
       "description": "Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard .Lorem Ipsum is simply dummy text of the printing and typesetting industry. Lorem Ipsum has been the industry's standard .",
-      "saveTooltipMsg": "The save button will be active after a document was changed",
-      "successMsg": "Documents changed successfully",
+      "successMsg": "Document uploaded successfully",
       "errorMsg": "Error! Something went wrong",
-      "uploadNewDocument": "Upload new Document"
+      "uploadNewDocument": "Upload new document",
+      "uploadNewDocumentDescription": "Note: only one file for upload allowed",
+      "documentDeleteSuccess": "Document deleted successfully",
+      "deleteIconTooltip": "At least one document is mandatory. Upload a new document before being able to remove the image.",
+      "uploadButtonTooltip": "Maximum number of allowed documents reached. Please delete one document before uploading a new one."
     },
     "appreleaseprocess": {
       "message": "App Release Process Message"
@@ -860,7 +863,7 @@
       "technicalUser": {
         "addOverlay": {
           "service": "Technical User Role",
-          "serviceSubHeading": "Select one service roles:",
+          "serviceSubHeading": "Select one of the following service roles:",
           "username": "Username",
           "description": "Description",
           "spocHeadline": "Single Point of Contact (SPoC)",
@@ -1532,6 +1535,7 @@
       "noteDetail": "Please note - use case participation revocation is currently not enabled. Please contact the platform owner for support.",
       "version": "Version: {{version}}",
       "framework": "Framework",
+      "nodocument": "No document available",
       "expiry": "Expiry: {{expiry}}",
       "editUsecase": {
         "title": "Trigger the use case participation by signing and uploading the use case frame agreement for {{usecaseName}}",

src/assets/locales/en/servicerelease.json

@@ -187,12 +187,12 @@
       "title": "Service Subscription Activated",
       "subtitle": "for ",
       "successDescription": "The service is now activated and is now located in your active contract management",
-      "successDescriptionWithTechUser": "The service is not activated and technical user got successfully created.<br /> Please find the necessary user detials below.",
+      "successDescriptionWithTechUser": "The service is now activated and technical user was successfully created.<br /> Please find the necessary user details below.",
       "tableheader": "Technical User Details:",
-      "userId": "User Id:",
+      "userId": "Client ID Tech User:",
       "sercret": "Secret:",
       "url": "URL:",
-      "technicaluserType": "Technical User Type:",
+      "technicaluserType": "Assigned Permissions:",
       "close": "Close"
     }
   },