Skip to content

Commit

Permalink
Merge branch 'release/1.4.1'
Browse files Browse the repository at this point in the history
  • Loading branch information
infeo committed Jan 18, 2024
2 parents f35693c + 6a5b909 commit 81b2ee7
Show file tree
Hide file tree
Showing 6 changed files with 90 additions and 19 deletions.
6 changes: 3 additions & 3 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,11 +17,11 @@ jobs:
if: startsWith(github.ref, 'refs/tags/')
shell: bash
run: |
mvn versions:set --file ./pom.xml -DnewVersion=${GITHUB_REF##*/}
mvn -B versions:set --file ./pom.xml -DnewVersion=${GITHUB_REF##*/}
- name: Build and Test
id: buildAndTest
run: mvn -B clean install -Pdependency-check
- uses: actions/upload-artifact@v3
run: mvn -B clean install
- uses: actions/upload-artifact@v4
with:
name: artifacts
path: target/*.jar
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -25,10 +25,10 @@ jobs:
java-version: 21
cache: 'maven'
- name: Initialize CodeQL
uses: github/codeql-action/init@v2
uses: github/codeql-action/init@v3
with:
languages: java
- name: Build
run: mvn -B compile
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2
uses: github/codeql-action/analyze@v3
63 changes: 63 additions & 0 deletions .github/workflows/dependency-check.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,63 @@
name: OWASP Maven Dependency Check
on:
schedule:
- cron: '0 11 * * 0'
push:
branches:
- 'release/**'
workflow_dispatch:


jobs:
check-dependencies:
name: Check dependencies
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
show-progress: false
- name: Setup Java
uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: 21
cache: 'maven'
- name: Cache NVD DB
uses: actions/cache@v3
with:
path: ~/.m2/repository/org/owasp/dependency-check-data/
key: dependency-check-${{ github.run_id }}
restore-keys: |
dependency-check
env:
SEGMENT_DOWNLOAD_TIMEOUT_MINS: 5
- name: Run org.owasp:dependency-check plugin
id: dependency-check
continue-on-error: true
run: mvn -B validate -Pdependency-check
env:
NVD_API_KEY: ${{ secrets.NVD_API_KEY }}
- name: Upload report on failure
if: steps.dependency-check.outcome == 'failure'
uses: actions/upload-artifact@v4
with:
name: dependency-check-report
path: target/dependency-check-report.html
if-no-files-found: error
- name: Slack Notification on regular check
if: github.event_name == 'schedule' && steps.dependency-check.outcome == 'failure'
uses: rtCamp/action-slack-notify@v2
env:
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK_URL }}
SLACK_USERNAME: 'Cryptobot'
SLACK_ICON: false
SLACK_ICON_EMOJI: ':bot:'
SLACK_CHANNEL: 'cryptomator-desktop'
SLACK_TITLE: "Vulnerabilities in ${{ github.event.repository.name }} detected."
SLACK_MESSAGE: "Download the <https://github.com/${{ github.repository }}/actions/run/${{ github.run_id }}|report> for more details."
SLACK_FOOTER: false
MSG_MINIMAL: true
- name: Failing workflow on release branch
if: github.event_name == 'push' && steps.dependency-check.outcome == 'failure'
shell: bash
run: exit 1
16 changes: 9 additions & 7 deletions pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>org.cryptomator</groupId>
<artifactId>integrations-linux</artifactId>
<version>1.4.0</version>
<version>1.4.1</version>

<name>integrations-linux</name>
<description>Provides optional Linux services used by Cryptomator</description>
Expand Down Expand Up @@ -44,13 +44,13 @@
<secret-service.version>2.0.0-alpha</secret-service.version>
<kdewallet.version>1.3.3</kdewallet.version>
<appindicator.version>1.3.6</appindicator.version>
<slf4j.version>2.0.9</slf4j.version>
<slf4j.version>2.0.11</slf4j.version>

<!-- test dependencies -->
<junit.version>5.10.1</junit.version>

<!-- build plugin dependencies -->
<dependency-check.version>8.4.2</dependency-check.version>
<dependency-check.version>9.0.7</dependency-check.version>
<nexus-staging.version>1.6.8</nexus-staging.version>
</properties>

Expand Down Expand Up @@ -94,7 +94,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>3.11.0</version>
<version>3.12.1</version>
<configuration>
<release>${project.jdk.version}</release>
<compilerArgs>
Expand All @@ -105,7 +105,7 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-surefire-plugin</artifactId>
<version>3.2.1</version>
<version>3.2.3</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
Expand Down Expand Up @@ -143,7 +143,7 @@
</plugin>
<plugin>
<artifactId>maven-javadoc-plugin</artifactId>
<version>3.6.0</version>
<version>3.6.3</version>
<executions>
<execution>
<id>attach-javadocs</id>
Expand Down Expand Up @@ -211,17 +211,19 @@
<artifactId>dependency-check-maven</artifactId>
<version>${dependency-check.version}</version>
<configuration>
<cveValidForHours>24</cveValidForHours>
<nvdValidForHours>24</nvdValidForHours>
<failBuildOnCVSS>0</failBuildOnCVSS>
<skipTestScope>true</skipTestScope>
<detail>true</detail>
<suppressionFile>suppression.xml</suppressionFile>
<nvdApiKey>${env.NVD_API_KEY}</nvdApiKey>
</configuration>
<executions>
<execution>
<goals>
<goal>check</goal>
</goals>
<phase>validate</phase>
</execution>
</executions>
</plugin>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,8 @@
import org.cryptomator.integrations.common.Priority;
import org.cryptomator.integrations.keychain.KeychainAccessException;
import org.cryptomator.integrations.keychain.KeychainAccessProvider;
import org.freedesktop.dbus.exceptions.DBusExecutionException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.io.IOException;
import java.util.List;
Expand All @@ -15,6 +16,8 @@
@OperatingSystem(OperatingSystem.Value.LINUX)
public class SecretServiceKeychainAccess implements KeychainAccessProvider {

private static Logger LOG = LoggerFactory.getLogger(SecretServiceKeychainAccess.class);

private final String LABEL_FOR_SECRET_IN_KEYRING = "Cryptomator";

@Override
Expand All @@ -27,12 +30,8 @@ public boolean isSupported() {
try {
return SimpleCollection.isAvailable();
} catch (ExceptionInInitializerError e) {
//TODO: remove try-catch once secret-service lib is fixed
if(e.getException() instanceof DBusExecutionException) {
return false;
} else {
throw e;
}
LOG.warn("Initializing secret service keychain access failed", e.getException());
return false;
}
}

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeAll;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.condition.EnabledIf;
import org.junit.jupiter.api.condition.EnabledOnOs;
import org.junit.jupiter.api.condition.OS;

Expand All @@ -14,6 +15,7 @@
* Unit tests for KWallet access via DBUS.
*/
@EnabledOnOs(OS.LINUX)
@EnabledIf("osEnvironmentSuitable")
public class KDEWalletKeychainAccessTest {

private static boolean isInstalled;
Expand All @@ -40,4 +42,9 @@ public void testIsSupported() {
KDEWalletKeychainAccess keychainAccess = new KDEWalletKeychainAccess();
Assertions.assertEquals(isInstalled, keychainAccess.isSupported());
}


private static boolean osEnvironmentSuitable() {
return System.getenv().containsKey("DISPLAY");
}
}

0 comments on commit 81b2ee7

Please sign in to comment.