diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
new file mode 100644
index 00000000..f340a1bb
--- /dev/null
+++ b/.github/workflows/security.yml
@@ -0,0 +1,52 @@
+name: Scan
+
+on:
+ workflow_dispatch:
+
+concurrency:
+ group: ${{ github.ref }}-scan
+ cancel-in-progress: true
+
+jobs:
+ publish:
+ name: Scan
+ runs-on: ubuntu-latest
+ steps:
+ - name: Checkout
+ uses: actions/checkout@v3
+ - name: Set up JDK
+ uses: actions/setup-java@v3
+ with:
+ distribution: 'microsoft'
+ java-version: 17
+ - name: Use Node.js 16
+ uses: actions/setup-node@v3
+ with:
+ node-version: 16
+ cache-dependency-path: qendpoint-frontend/package-lock.json
+ - name: Install frontend dependencies
+ run: npm ci --legacy-peer-deps
+ working-directory: qendpoint-frontend
+ - name: Compiling frontend
+ run: npm run build --if-present
+ working-directory: qendpoint-frontend
+ - name: Put frontend in backend
+ run: |
+ mkdir -p qendpoint-backend/src/main/resources/static/
+ cp -r qendpoint-frontend/build/* qendpoint-backend/src/main/resources/static/
+ - name: Compile qendpoint
+ run: mvn install -DskipTests
+ - name: move endpoint
+ run: mv qendpoint-backend/target/qendpoint-*-exec.jar qendpoint.jar
+ - name: Build an image from Dockerfile
+ run: 'docker build -t docker.io/the-qa-company/qendpoint:${{ github.sha }} -f scripts/Dockerfile .'
+ - name: Run Trivy vulnerability scanner
+ uses: aquasecurity/trivy-action@0.28.0
+ with:
+ image-ref: 'docker.io/the-qa-company/qendpoint:${{ github.sha }}'
+ format: 'table'
+ exit-code: '0'
+ ignore-unfixed: true
+ vuln-type: 'os,library'
+ severity: 'CRITICAL,HIGH'
+
diff --git a/pom.xml b/pom.xml
index 911690d5..e4845c97 100644
--- a/pom.xml
+++ b/pom.xml
@@ -9,7 +9,7 @@
com.the-qa-company
qendpoint-parent
- 2.2.0
+ 2.3.0
pom
diff --git a/qendpoint-backend/pom.xml b/qendpoint-backend/pom.xml
index 156c3185..2723e311 100644
--- a/qendpoint-backend/pom.xml
+++ b/qendpoint-backend/pom.xml
@@ -4,7 +4,7 @@
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
4.0.0
qendpoint-backend
- 2.2.0
+ 2.3.0
jar
@@ -15,7 +15,7 @@
com.the-qa-company
qendpoint-parent
- 2.2.0
+ 2.3.0
diff --git a/qendpoint-cli/pom.xml b/qendpoint-cli/pom.xml
index f37f6121..ce9067db 100644
--- a/qendpoint-cli/pom.xml
+++ b/qendpoint-cli/pom.xml
@@ -2,7 +2,7 @@
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
4.0.0
qendpoint-cli
- 2.2.0
+ 2.3.0
qendpoint package
Package of the qendpoint.
@@ -11,7 +11,7 @@
com.the-qa-company
qendpoint-parent
- 2.2.0
+ 2.3.0
diff --git a/qendpoint-core/pom.xml b/qendpoint-core/pom.xml
index d0522ca2..5a8cac4a 100644
--- a/qendpoint-core/pom.xml
+++ b/qendpoint-core/pom.xml
@@ -4,7 +4,7 @@
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
4.0.0
qendpoint-core
- 2.2.0
+ 2.3.0
jar
@@ -27,7 +27,7 @@
com.the-qa-company
qendpoint-parent
- 2.2.0
+ 2.3.0
@@ -47,6 +47,7 @@
2.7.5
1.5.6
0.9.44
+ 1.26.0
4.3.2
1.7.30
@@ -75,7 +76,7 @@
org.apache.commons
commons-compress
- 1.21
+ ${commons-compress.version}
org.apache.jena
@@ -91,6 +92,12 @@
org.apache.jena
jena-arq
${jena.version}
+
+
+ com.google.protobuf
+ protobuf-java
+
+
pl.pragmatists
diff --git a/qendpoint-store/pom.xml b/qendpoint-store/pom.xml
index 308b1c1f..62bcdf64 100644
--- a/qendpoint-store/pom.xml
+++ b/qendpoint-store/pom.xml
@@ -3,7 +3,7 @@
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
4.0.0
qendpoint
- 2.2.0
+ 2.3.0
jar
@@ -13,7 +13,7 @@
com.the-qa-company
qendpoint-parent
- 2.2.0
+ 2.3.0
diff --git a/release/RELEASE.md b/release/RELEASE.md
index 7159f359..99c7593a 100644
--- a/release/RELEASE.md
+++ b/release/RELEASE.md
@@ -1,5 +1,3 @@
-- update rdf4j to 5.1.0
-- add lucene option to set thresholds (#485)
-- fix issue with bitmap not enabled (#506)
-- add reload dl (#499)
-- add bounds to errors (#498)
+- cache constants in query optimiser (#527)
+- update spring to 3.4.0 (#518)
+- remove rdf4j solr from the backend dependencies (#518)
diff --git a/release/RELEASE.md_old b/release/RELEASE.md_old
index 71c4f905..73155377 100644
--- a/release/RELEASE.md_old
+++ b/release/RELEASE.md_old
@@ -1,3 +1,10 @@
+## Version 2.2.0
+
+- update rdf4j to 5.1.0
+- add lucene option to set thresholds (#485)
+- fix issue with bitmap not enabled (#506)
+- add reload dl (#499)
+- add bounds to errors (#498)
## Version 2.1.2
- fix HDT loading issues (#494)