fix: dont sign build on PR checks (#205)

* fix: dont sign build on PR checks

* fix: try to fix security gate to scan with `--all-projects`

* fix: use --exclude to remove tests folder

Author: bastiandoetsch

.circleci/config.yml

@@ -12,8 +12,8 @@ jobs:
       - checkout
       - prodsec/security_scans:
           mode: auto
-          open-source-scan-all-projects: false
-          open-source-additional-arguments: --maven-aggregate-project -- -pl '!tests'
+          open-source-scan-all-projects: true
+          open-source-additional-arguments: --exclude=tests
           iac-scan: disabled
 
 workflows:

.github/workflows/ci.yml

@@ -26,7 +26,7 @@ jobs:
 
       - name: Decode Keystore
         id: decode_keystore
-        if: ${{ matrix.os == 'ubuntu-latest' }}
+        if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' && matrix.os == 'ubuntu-latest' }}
         env:
           fileName: ./keystore.jks
           encodedString: ${{ secrets.KEYSTORE }}
@@ -37,13 +37,13 @@ jobs:
           sha256sum -c sha256.txt
 
       - name: Build with Maven
-        if: ${{ matrix.os == 'ubuntu-latest' }}
+        if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/main' && matrix.os == 'ubuntu-latest' }}
         run: ./mvnw clean verify -P sign -DtrimStackTrace=false
         env:
           KEYSTORE_PASS: ${{ secrets.KEYSTORE_PASS }}
 
       - name: Build with Maven
-        if: ${{ matrix.os != 'ubuntu-latest' }}
+        if: ${{ github.ref != 'refs/heads/main' }}
         run: |
           ./mvnw clean verify -DtrimStackTrace=false
 

CHANGELOG.md

@@ -2,9 +2,17 @@
 
 ## [2.2.0] - Unreleased
 ### Changes
+- remove keystore decoding from PR checks
+- update jackson dependencies
+- allow to select/deselect code quality findings
+
+
+## [2.2.0] - v20240829.120828
+### Changes
 - update required protocol version to 14
 - integrate latest docs incl. troubleshooting
 - default to oauth2 when authenticating
+- rename token field
 
 ## [2.2.0] - v20240619.131238
 ### Changes

target-platform/target-platform.target

@@ -31,19 +31,19 @@
           <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-annotations</artifactId>
-            <version>2.14.0</version>
+            <version>2.15.0</version>
             <type>jar</type>
           </dependency>
           <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-core</artifactId>
-            <version>2.14.0</version>
+            <version>2.15.0</version>
             <type>jar</type>
           </dependency>
           <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-databind</artifactId>
-            <version>2.14.0</version>
+            <version>2.15.0</version>
             <type>jar</type>
           </dependency>
           <dependency>

tests/pom.xml

@@ -13,19 +13,19 @@
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-annotations</artifactId>
-            <version>2.14.0</version>
+            <version>2.15.0</version>
             <type>jar</type>
         </dependency>
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-core</artifactId>
-          <version>2.14.0</version>
+          <version>2.15.0</version>
             <type>jar</type>
         </dependency>
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-databind</artifactId>
-          <version>2.14.0</version>
+          <version>2.15.0</version>
             <type>jar</type>
         </dependency>
         <dependency>