8000 cwlavro update by denis-yuen · Pull Request #5564 · dockstore/dockstore · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

cwlavro update #5564

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jun 21, 2023
Merged

cwlavro update #5564

merged 1 commit into from
Jun 21, 2023

Conversation

denis-yuen
Copy link
Member
@denis-yuen denis-yuen commented Jun 16, 2023
edited
Loading

Description
Gets us close to turning on transitive dependency ban to enforce old dependencies even from transitive dependencies.
The last dependency is just the swagger-core 1.6.8 dependency
i.e. once we turn off swagger 2.0 and fully transition to openapi 3.0, we may be able to turn on the check assuming no other transitives are brought in

Review Instructions
n/a should build and function as before, just with a more consistent classpath

Issue
n/a

Security
If there are any concerns that require extra attention from the security team, highlight them here.

Please make sure that you've checked the following before submitting your pull request. Thanks!

  • Check that you pass the basic style checks and unit tests by running mvn clean install
  • Ensure that the PR targets the correct branch. Check the milestone or fix version of the ticket.
  • Follow the existing JPA patterns for queries, using named parameters, to avoid SQL injection
  • If you are changing dependencies, check the Snyk status check or the dashboard to ensure you are not introducing new high/critical vulnerabilities
  • Assume that inputs to the API can be malicious, and sanitize and/or check for Denial of Service type values, e.g., massive sizes
  • Do not serve user-uploaded binary images through the Dockstore API
  • Ensure that endpoints that only allow privileged access enforce that with the @RolesAllowed annotation
  • Do not create cookies, although this may change in the future
  • If this PR is for a user-facing feature, create and link a documentation ticket for this feature (usually in the same milestone as the linked issue). Style points if you create a documentation PR directly and link that instead.

@denis-yuen denis-yuen self-assigned this Jun 16, 2023
@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@codecov
Copy link
codecov bot commented Jun 16, 2023
edited
Loading

Codecov Report

Patch coverage has no change and project coverage change: -1.89 ⚠️

Comparison is base (504701d) 73.98% compared to head (6a2181a) 72.09%.

Additional details and impacted files 
@@              Coverage Diff              @@
##             develop    #5564      +/-   ##
=============================================
- Coverage      73.98%   72.09%   -1.89%     
+ Complexity      4979     4868     -111     
=============================================
  Files            342      342              
  Lines          18329    18329              
  Branches        1970     1970              
=============================================
- Hits           13560    13214     -346     
- Misses          3832     4152     +320     
- Partials         937      963      +26
Flag Coverage Δ
bitbuckettests 27.63% <ø> (ø)
integrationtests 58.02% <ø> (ø)
languageparsingtests 11.00% <ø> (ø)
localstacktests 20.75% <ø> (ø)
toolintegrationtests 29.41% <ø> (ø)
unit-tests_and_non-confidential-tests 29.35% <ø> (-0.01%) ⬇️
workflowintegrationtests 25.76% <ø> (-13.45%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
...in/java/io/dockstore/webservice/jdbi/EntryDAO.java 88.82% <ø> (-1.18%) ⬇️

... and 38 files with indirect coverage changes

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

@denis-yuen denis-yuen marked this pull request as ready for review June 19, 2023 15:13
@denis-yuen denis-yuen requested review from a team, david4096, hyunnaye, y-ng and svonworl and removed request for a team June 19, 2023 15:15
@denis-yuen denis-yuen merged commit b2d821f into develop Jun 21, 2023
@denis-yuen denis-yuen deleted the feature/more_dependency_update branch June 21, 2023 19:12
@denis-yuen denis-yuen mentioned this pull request Jun 22, 2023
Merged
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@david4096 david4096 david4096 approved these changes

@svonworl svonworl svonworl approved these changes

@hyunnaye hyunnaye Awaiting requested review from hyunnaye hyunnaye was automatically assigned from dockstore/dockstore

@y-ng y-ng Awaiting requested review from y-ng y-ng was automatically assigned from dockstore/dockstore

Assignees

@denis-yuen denis-yuen

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@denis-yuen @david4096 @svonworl
0