diff --git a/.github/workflows/broken_links_checker.yml b/.github/workflows/broken_links_checker.yml
index 39612b7..90488ca 100644
--- a/.github/workflows/broken_links_checker.yml
+++ b/.github/workflows/broken_links_checker.yml
@@ -5,10 +5,6 @@ name: Broken Links Checker
on:
schedule:
- cron: "0 5 * * 0"
- push:
- branches:
- - main
- pull_request:
jobs:
linkChecker:
diff --git a/.github/workflows/ci-build-next-java.yml b/.github/workflows/ci-build-next-java.yml
deleted file mode 100644
index 712a7cb..0000000
--- a/.github/workflows/ci-build-next-java.yml
+++ /dev/null
@@ -1,39 +0,0 @@
-# This file was generated by Project Keeper.
-name: CI Build next Java
-on:
- push:
- branches: [
- main
- ]
-
- pull_request: null
-jobs:
- next-java-compatibility:
- runs-on: ubuntu-latest
- defaults:
- run: {
- shell: bash
- }
- permissions: {
- contents: read
- }
- concurrency: {
- group: '${{ github.workflow }}-${{ github.ref }}',
- cancel-in-progress: true
- }
- steps:
- - name: Checkout the repository
- uses: actions/checkout@v4
- with: {
- fetch-depth: 0
- }
- - name: Set up JDK 17
- uses: actions/setup-java@v4
- with: {
- distribution: temurin,
- java-version: '17',
- cache: maven
- }
- - name: Run tests and build with Maven 17
- run: |
- mvn --batch-mode clean package -DtrimStackTrace=false -Djava.version=17
diff --git a/.github/workflows/ci-build.yml b/.github/workflows/ci-build.yml
index 05a0e2c..062a061 100644
--- a/.github/workflows/ci-build.yml
+++ b/.github/workflows/ci-build.yml
@@ -9,7 +9,7 @@ on:
pull_request: null
jobs:
matrix-build:
- runs-on: ubuntu-20.04
+ runs-on: ubuntu-latest
defaults:
run: {
shell: bash
@@ -25,12 +25,12 @@ jobs:
fail-fast: false
matrix:
exasol_db_version: [
- 8.26.0,
- 7.1.26
+ 8.32.0,
+ 7.1.30
]
env: {
- DEFAULT_EXASOL_DB_VERSION: 8.26.0
+ DEFAULT_EXASOL_DB_VERSION: 8.32.0
}
steps:
- name: Free Disk Space
@@ -67,6 +67,11 @@ jobs:
id: enable-testcontainer-reuse,
run: echo 'testcontainers.reuse.enable=true' > "$HOME/.testcontainers.properties"
}
+ - {
+ name: Fix VM Crash in UDFs,
+ id: fix-vm-crash,
+ run: sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
+ }
- name: Run tests and build with Maven
id: build-pk-verify
run: |
@@ -103,8 +108,61 @@ jobs:
path: '${{ steps.build-pk-verify.outputs.release-artifacts }}',
retention-days: 5
}
+ - name: Configure broken links checker
+ id: configure-link-check
+ run: |
+ mkdir -p ./target
+ echo '{"aliveStatusCodes": [429, 200], "ignorePatterns": [' \
+ '{"pattern": "^https?://(www|dev).mysql.com/"},' \
+ '{"pattern": "^https?://(www.)?opensource.org"}' \
+ '{"pattern": "^https?://(www.)?eclipse.org"}' \
+ '{"pattern": "^https?://projects.eclipse.org"}' \
+ ']}' > ./target/broken_links_checker.json
+ - uses: gaurav-nelson/github-action-markdown-link-check@v1
+ id: run-link-check
+ with: {
+ use-quiet-mode: yes,
+ use-verbose-mode: yes,
+ config-file: ./target/broken_links_checker.json
+ }
+ next-java-compatibility:
+ runs-on: ubuntu-latest
+ defaults:
+ run: {
+ shell: bash
+ }
+ permissions: {
+ contents: read
+ }
+ concurrency: {
+ group: '${{ github.workflow }}-next-java-${{ github.ref }}',
+ cancel-in-progress: true
+ }
+ steps:
+ - name: Checkout the repository
+ id: checkout
+ uses: actions/checkout@v4
+ with: {
+ fetch-depth: 0
+ }
+ - name: Set up JDK 17
+ id: setup-java
+ uses: actions/setup-java@v4
+ with: {
+ distribution: temurin,
+ java-version: '17',
+ cache: maven
+ }
+ - {
+ name: Run tests and build with Maven 17,
+ id: build-next-java,
+ run: mvn --batch-mode clean package -DtrimStackTrace=false -Djava.version=17
+ }
build:
- needs: matrix-build
+ needs: [
+ matrix-build,
+ next-java-compatibility
+ ]
runs-on: ubuntu-latest
defaults:
run: {
@@ -119,11 +177,13 @@ jobs:
}
steps:
- name: Checkout the repository
+ id: checkout
uses: actions/checkout@v4
with: {
fetch-depth: 0
}
- name: Set up JDKs
+ id: setup-java
uses: actions/setup-java@v4
with:
distribution: temurin
@@ -133,6 +193,7 @@ jobs:
cache: maven
- name: Check if release is needed
id: check-release
+ if: ${{ github.ref == 'refs/heads/main' }}
run: |
if mvn --batch-mode com.exasol:project-keeper-maven-plugin:verify-release --projects .; then
echo "### ✅ Release preconditions met, start release" >> "$GITHUB_STEP_SUMMARY"
diff --git a/.project-keeper.yml b/.project-keeper.yml
index 8531de6..e9264e9 100644
--- a/.project-keeper.yml
+++ b/.project-keeper.yml
@@ -7,9 +7,16 @@ sources:
linkReplacements:
- "https://github.com/hamcrest/JavaHamcrest/hamcrest-all|https://github.com/hamcrest/JavaHamcrest"
build:
- runnerOs: ubuntu-20.04
exasolDbVersions:
- - "8.26.0"
- - "7.1.26"
-excludes:
- - "E-PK-CORE-17: Missing required file: 'release_config.yml'"
+ - "8.32.0"
+ - "7.1.30"
+ workflows:
+ - name: ci-build.yml
+ stepCustomizations:
+ - action: INSERT_AFTER
+ job: matrix-build
+ stepId: enable-testcontainer-reuse
+ content:
+ name: Fix VM Crash in UDFs
+ id: fix-vm-crash
+ run: sudo sysctl -w kernel.apparmor_restrict_unprivileged_userns=0
diff --git a/.settings/org.eclipse.jdt.core.prefs b/.settings/org.eclipse.jdt.core.prefs
index 43365b0..6d0c568 100644
--- a/.settings/org.eclipse.jdt.core.prefs
+++ b/.settings/org.eclipse.jdt.core.prefs
@@ -2,14 +2,14 @@ eclipse.preferences.version=1
org.eclipse.jdt.core.builder.annotationPath.allLocations=disabled
org.eclipse.jdt.core.compiler.annotation.inheritNullAnnotations=disabled
org.eclipse.jdt.core.compiler.annotation.missingNonNullByDefaultAnnotation=ignore
-org.eclipse.jdt.core.compiler.annotation.nonnull=javax.annotation.Nonnull
+org.eclipse.jdt.core.compiler.annotation.nonnull=org.eclipse.jdt.annotation.NonNull
org.eclipse.jdt.core.compiler.annotation.nonnull.secondary=
-org.eclipse.jdt.core.compiler.annotation.nonnullbydefault=javax.annotation.ParametersAreNonnullByDefault
+org.eclipse.jdt.core.compiler.annotation.nonnullbydefault=org.eclipse.jdt.annotation.NonNullByDefault
org.eclipse.jdt.core.compiler.annotation.nonnullbydefault.secondary=
org.eclipse.jdt.core.compiler.annotation.notowning=org.eclipse.jdt.annotation.NotOwning
-org.eclipse.jdt.core.compiler.annotation.nullable=javax.annotation.Nullable
+org.eclipse.jdt.core.compiler.annotation.nullable=org.eclipse.jdt.annotation.Nullable
org.eclipse.jdt.core.compiler.annotation.nullable.secondary=
-org.eclipse.jdt.core.compiler.annotation.nullanalysis=enabled
+org.eclipse.jdt.core.compiler.annotation.nullanalysis=disabled
org.eclipse.jdt.core.compiler.annotation.owning=org.eclipse.jdt.annotation.Owning
org.eclipse.jdt.core.compiler.annotation.resourceanalysis=disabled
org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
diff --git a/dependencies.md b/dependencies.md
index af7d03f..db51a8a 100644
--- a/dependencies.md
+++ b/dependencies.md
@@ -35,33 +35,33 @@
## Plugin Dependencies
-| Dependency | License |
-| ------------------------------------------------------- | ---------------------------------------------- |
-| [Apache Maven Clean Plugin][30] | [Apache-2.0][12] |
-| [Apache Maven Install Plugin][31] | [Apache-2.0][12] |
-| [Apache Maven Resources Plugin][32] | [Apache-2.0][12] |
-| [Apache Maven Site Plugin][33] | [Apache License, Version 2.0][12] |
-| [SonarQube Scanner for Maven][34] | [GNU LGPL 3][35] |
-| [Apache Maven Toolchains Plugin][36] | [Apache-2.0][12] |
-| [Maven Dependency Plugin][37] | [The Apache Software License, Version 2.0][38] |
-| [Project Keeper Maven plugin][39] | [The MIT License][40] |
-| [Apache Maven Compiler Plugin][41] | [Apache-2.0][12] |
-| [Apache Maven Enforcer Plugin][42] | [Apache-2.0][12] |
-| [Maven Flatten Plugin][43] | [Apache Software Licenese][12] |
-| [org.sonatype.ossindex.maven:ossindex-maven-plugin][44] | [ASL2][38] |
-| [Maven Surefire Plugin][45] | [Apache-2.0][12] |
-| [Versions Maven Plugin][46] | [Apache License, Version 2.0][12] |
-| [duplicate-finder-maven-plugin Maven Mojo][47] | [Apache License 2.0][48] |
-| [Apache Maven Deploy Plugin][49] | [Apache-2.0][12] |
-| [Apache Maven GPG Plugin][50] | [Apache-2.0][12] |
-| [Apache Maven Source Plugin][51] | [Apache License, Version 2.0][12] |
-| [Apache Maven Javadoc Plugin][52] | [Apache-2.0][12] |
-| [Nexus Staging Maven Plugin][53] | [Eclipse Public License][54] |
-| [Maven Failsafe Plugin][55] | [Apache-2.0][12] |
-| [JaCoCo :: Maven Plugin][56] | [EPL-2.0][6] |
-| [Quality Summarizer Maven Plugin][57] | [MIT License][58] |
-| [error-code-crawler-maven-plugin][59] | [MIT License][60] |
-| [Reproducible Build Maven Plugin][61] | [Apache 2.0][38] |
+| Dependency | License |
+| ------------------------------------------------------- | --------------------------------- |
+| [Apache Maven Clean Plugin][30] | [Apache-2.0][12] |
+| [Apache Maven Install Plugin][31] | [Apache-2.0][12] |
+| [Apache Maven Resources Plugin][32] | [Apache-2.0][12] |
+| [Apache Maven Site Plugin][33] | [Apache-2.0][12] |
+| [SonarQube Scanner for Maven][34] | [GNU LGPL 3][35] |
+| [Apache Maven Toolchains Plugin][36] | [Apache-2.0][12] |
+| [Apache Maven Dependency Plugin][37] | [Apache-2.0][12] |
+| [Project Keeper Maven plugin][38] | [The MIT License][39] |
+| [Apache Maven Compiler Plugin][40] | [Apache-2.0][12] |
+| [Apache Maven Enforcer Plugin][41] | [Apache-2.0][12] |
+| [Maven Flatten Plugin][42] | [Apache Software Licenese][12] |
+| [org.sonatype.ossindex.maven:ossindex-maven-plugin][43] | [ASL2][44] |
+| [Maven Surefire Plugin][45] | [Apache-2.0][12] |
+| [Versions Maven Plugin][46] | [Apache License, Version 2.0][12] |
+| [duplicate-finder-maven-plugin Maven Mojo][47] | [Apache License 2.0][48] |
+| [Apache Maven Deploy Plugin][49] | [Apache-2.0][12] |
+| [Apache Maven GPG Plugin][50] | [Apache-2.0][12] |
+| [Apache Maven Source Plugin][51] | [Apache License, Version 2.0][12] |
+| [Apache Maven Javadoc Plugin][52] | [Apache-2.0][12] |
+| [Nexus Staging Maven Plugin][53] | [Eclipse Public License][54] |
+| [Maven Failsafe Plugin][55] | [Apache-2.0][12] |
+| [JaCoCo :: Maven Plugin][56] | [EPL-2.0][6] |
+| [Quality Summarizer Maven Plugin][57] | [MIT License][58] |
+| [error-code-crawler-maven-plugin][59] | [MIT License][60] |
+| [Reproducible Build Maven Plugin][61] | [Apache 2.0][44] |
[0]: https://github.com/eclipse-ee4j/jsonp
[1]: https://projects.eclipse.org/license/epl-2.0
@@ -97,17 +97,17 @@
[31]: https://maven.apache.org/plugins/maven-install-plugin/
[32]: https://maven.apache.org/plugins/maven-resources-plugin/
[33]: https://maven.apache.org/plugins/maven-site-plugin/
-[34]: http://sonarsource.github.io/sonar-scanner-maven/
+[34]: http://docs.sonarqube.org/display/PLUG/Plugin+Library/sonar-maven-plugin
[35]: http://www.gnu.org/licenses/lgpl.txt
[36]: https://maven.apache.org/plugins/maven-toolchains-plugin/
-[37]: http://maven.apache.org/plugins/maven-dependency-plugin/
-[38]: http://www.apache.org/licenses/LICENSE-2.0.txt
-[39]: https://github.com/exasol/project-keeper/
-[40]: https://github.com/exasol/project-keeper/blob/main/LICENSE
-[41]: https://maven.apache.org/plugins/maven-compiler-plugin/
-[42]: https://maven.apache.org/enforcer/maven-enforcer-plugin/
-[43]: https://www.mojohaus.org/flatten-maven-plugin/
-[44]: https://sonatype.github.io/ossindex-maven/maven-plugin/
+[37]: https://maven.apache.org/plugins/maven-dependency-plugin/
+[38]: https://github.com/exasol/project-keeper/
+[39]: https://github.com/exasol/project-keeper/blob/main/LICENSE
+[40]: https://maven.apache.org/plugins/maven-compiler-plugin/
+[41]: https://maven.apache.org/enforcer/maven-enforcer-plugin/
+[42]: https://www.mojohaus.org/flatten-maven-plugin/
+[43]: https://sonatype.github.io/ossindex-maven/maven-plugin/
+[44]: http://www.apache.org/licenses/LICENSE-2.0.txt
[45]: https://maven.apache.org/surefire/maven-surefire-plugin/
[46]: https://www.mojohaus.org/versions/versions-maven-plugin/
[47]: https://basepom.github.io/duplicate-finder-maven-plugin
diff --git a/doc/changes/changelog.md b/doc/changes/changelog.md
index 616e9f0..c34054b 100644
--- a/doc/changes/changelog.md
+++ b/doc/changes/changelog.md
@@ -1,5 +1,6 @@
# Changes
+* [0.6.15](changes_0.6.15.md)
* [0.6.14](changes_0.6.14.md)
* [0.6.13](changes_0.6.13.md)
* [0.6.12](changes_0.6.12.md)
diff --git a/doc/changes/changes_0.6.15.md b/doc/changes/changes_0.6.15.md
new file mode 100644
index 0000000..6123997
--- /dev/null
+++ b/doc/changes/changes_0.6.15.md
@@ -0,0 +1,40 @@
+# Udf Debugging Java 0.6.15, released 2025-02-12
+
+Code name: Fix vulnerabilities CVE-2025-25193 and CVE-2025-24970 in test dependencies
+
+## Summary
+
+This release fixes the following vulnerabilities in test dependencies:
+
+* `io.netty:netty-common:jar:4.1.115.Final:test`: CVE-2025-25193
+* `io.netty:netty-handler:jar:4.1.115.Final:test`: CVE-2025-24970
+
+## Security
+
+* #69: Fixed CVE-2025-25193 in `io.netty:netty-common:jar:4.1.115.Final:test`
+* #70: Fixed CVE-2025-24970 in `io.netty:netty-handler:jar:4.1.115.Final:test`
+
+## Dependency Updates
+
+### Compile Dependency Updates
+
+* Updated `com.exasol:bucketfs-java:3.2.0` to `3.2.1`
+
+### Test Dependency Updates
+
+* Updated `com.exasol:exasol-testcontainers:7.1.1` to `7.1.3`
+* Updated `org.junit.jupiter:junit-jupiter-engine:5.11.3` to `5.11.4`
+* Updated `org.junit.jupiter:junit-jupiter-params:5.11.3` to `5.11.4`
+* Updated `org.mockito:mockito-junit-jupiter:5.14.2` to `5.15.2`
+* Updated `org.testcontainers:junit-jupiter:1.20.3` to `1.20.4`
+
+### Plugin Dependency Updates
+
+* Updated `com.exasol:project-keeper-maven-plugin:4.4.0` to `4.5.0`
+* Updated `org.apache.maven.plugins:maven-deploy-plugin:3.1.2` to `3.1.3`
+* Updated `org.apache.maven.plugins:maven-failsafe-plugin:3.5.1` to `3.5.2`
+* Updated `org.apache.maven.plugins:maven-javadoc-plugin:3.10.1` to `3.11.1`
+* Updated `org.apache.maven.plugins:maven-site-plugin:3.9.1` to `3.21.0`
+* Updated `org.apache.maven.plugins:maven-surefire-plugin:3.5.1` to `3.5.2`
+* Updated `org.codehaus.mojo:versions-maven-plugin:2.17.1` to `2.18.0`
+* Updated `org.sonarsource.scanner.maven:sonar-maven-plugin:4.0.0.4121` to `5.0.0.4389`
diff --git a/pk_generated_parent.pom b/pk_generated_parent.pom
index 32c5a9f..b7e005e 100644
--- a/pk_generated_parent.pom
+++ b/pk_generated_parent.pom
@@ -3,7 +3,7 @@
4.0.0
com.exasol
udf-debugging-java-generated-parent
- 0.6.14
+ 0.6.15
pom
UTF-8
@@ -65,12 +65,12 @@
org.apache.maven.plugins
maven-site-plugin
- 3.9.1
+ 3.21.0
org.sonarsource.scanner.maven
sonar-maven-plugin
- 4.0.0.4121
+ 5.0.0.4389
org.apache.maven.plugins
@@ -170,7 +170,7 @@
org.apache.maven.plugins
maven-surefire-plugin
- 3.5.1
+ 3.5.2
@@ -181,7 +181,7 @@
org.codehaus.mojo
versions-maven-plugin
- 2.17.1
+ 2.18.0
display-updates
@@ -235,7 +235,7 @@
org.apache.maven.plugins
maven-deploy-plugin
- 3.1.2
+ 3.1.3
true
@@ -279,7 +279,7 @@
org.apache.maven.plugins
maven-javadoc-plugin
- 3.10.1
+ 3.11.1
attach-javadocs
@@ -322,7 +322,7 @@
org.apache.maven.plugins
maven-failsafe-plugin
- 3.5.1
+ 3.5.2
-Djava.util.logging.config.file=src/test/resources/logging.properties ${argLine}
diff --git a/pom.xml b/pom.xml
index 40a8ca8..7c43be6 100644
--- a/pom.xml
+++ b/pom.xml
@@ -2,12 +2,12 @@
4.0.0
udf-debugging-java
- 0.6.14
+ 0.6.15
udf-debugging-java
Utilities for debugging, profiling and code coverage measure for UDFs.
https://github.com/exasol/udf-debugging-java/
- 5.11.3
+ 5.11.4
0.8.12
@@ -42,12 +42,12 @@
com.exasol
bucketfs-java
- 3.2.0
+ 3.2.1
com.exasol
exasol-test-setup-abstraction-java
- 2.1.6
+ 2.1.7