Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: Support for generating CycloneDX sboms #119

Merged
merged 1 commit into from
Oct 6, 2022
Merged

feat: Support for generating CycloneDX sboms #119

merged 1 commit into from
Oct 6, 2022

Conversation

justinabrahms
Copy link
Member

@justinabrahms justinabrahms commented Oct 5, 2022

Ref #83

@codecov-commenter
Copy link

codecov-commenter commented Oct 5, 2022

Codecov Report

Merging #119 (b7694e6) into main (3788a3b) will not change coverage.
The diff coverage is n/a.

@@            Coverage Diff            @@
##               main     #119   +/-   ##
=========================================
  Coverage     91.84%   91.84%           
  Complexity      175      175           
=========================================
  Files            19       19           
  Lines           380      380           
  Branches         23       23           
=========================================
  Hits            349      349           
  Misses           20       20           
  Partials         11       11           
Flag Coverage Δ
unittests 91.84% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

@justinabrahms justinabrahms changed the title Support for generating CycloneDX sboms feat: Support for generating CycloneDX sboms Oct 5, 2022
@justinabrahms justinabrahms enabled auto-merge (squash) October 5, 2022 22:47
@justinabrahms
Copy link
Member Author

Refs #55 (still need to do spdx to close it out, I think)

Comment on lines +176 to +178
<includeProvidedScope>true</includeProvidedScope>
<includeRuntimeScope>true</includeRuntimeScope>
<includeSystemScope>true</includeSystemScope>
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess it doesn't really matter, since more information is better, but I'm trying to imagine why putting dependencies with these scopes in could matter for an SBOM.

Would a consumer care that we use lombok (provided scope), or transitive dependencies coming from lombok at compile time? Maybe? More of a question that a critique.

Signed-off-by: Justin Abrahms <justin@abrah.ms>
@justinabrahms justinabrahms merged commit 9647c3f into main Oct 6, 2022
@justinabrahms justinabrahms deleted the sbom branch October 6, 2022 14:31
@beeme1mr beeme1mr mentioned this pull request Oct 10, 2022
pbhandari9541 pushed a commit to pbhandari9541/java-sdk that referenced this pull request Nov 3, 2022
Signed-off-by: Justin Abrahms <justin@abrah.ms>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>
justinabrahms added a commit that referenced this pull request Nov 4, 2022
* chore: add integration tests (#77)

* chore: add integration tests

Signed-off-by: Todd Baert <toddbaert@gmail.com>

* improve POM spacing

Signed-off-by: Todd Baert <toddbaert@gmail.com>

Signed-off-by: Todd Baert <toddbaert@gmail.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(main): release dev.openfeature.javasdk 0.2.2 (#76)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* feat!: errorCode as enum, reason as string (#80)

* feat!: errorCode as enum, reason as string

- makes errorCode an enum
- makes reason a string
- adds errorMessage to resolution/evaluation details

Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore: add CODEOWNERS (#85)

Create CODEOWNERS

refs #83

Signed-off-by: Justin Abrahms <jabrahms@ebay.com>

Signed-off-by: Justin Abrahms <jabrahms@ebay.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore: Configure Renovate (#86)

chore(deps): add renovate.json

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update dependency com.github.spotbugs:spotbugs to v4.7.2 (#87)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update dependency com.github.spotbugs:spotbugs-maven-plugin to v4.7.2.0 (#88)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update dependency org.apache.maven.plugins:maven-javadoc-plugin to v3.4.1 (#90)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update dependency org.sonatype.plugins:nexus-staging-maven-plugin to v1.6.13 (#91)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* fix(deps): update junit5 monorepo (#92)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update dependency org.apache.maven.plugins:maven-pmd-plugin to v3.19.0 (#97)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* fix(deps): update dependency io.cucumber:cucumber-bom to v7.8.0 (#100)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update dependency org.mockito:mockito-core to v4.8.0 (#99)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update codecov/codecov-action action to v3 (#102)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update dependency org.apache.maven.plugins:maven-gpg-plugin to v1.6 (#96)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Justin Abrahms <jabrahms@ebay.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update dependency org.apache.maven.plugins:maven-source-plugin to v3 (#105)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update dependency org.apache.maven.plugins:maven-compiler-plugin to v3.10.1 (#95)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update dependency org.apache.maven.plugins:maven-gpg-plugin to v3 (#104)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update dependency org.apache.maven.plugins:maven-checkstyle-plugin to v3.2.0 (#94)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update actions/cache action to v3 (#101)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update dependency com.puppycrawl.tools:checkstyle to v8.45.1 (#93)

* chore(deps): update dependency com.puppycrawl.tools:checkstyle to v8.45.1

* scope property went away in the latest version

jshiell/checkstyle-idea#525 (comment)

Signed-off-by: Justin Abrahms <jabrahms@ebay.com>

* scope wasn't deleted on the other one

Signed-off-by: Justin Abrahms <jabrahms@ebay.com>

Signed-off-by: Justin Abrahms <jabrahms@ebay.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Justin Abrahms <jabrahms@ebay.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* refactor!: Change the package name. Everyone knows it's java (or it doesn't matter) (#111)

* Change the package name. Everyone knows it's java (or it doesn't matter)

Fixes #82

Signed-off-by: Justin Abrahms <justin@abrah.ms>

* Missed 2 strings

Signed-off-by: Justin Abrahms <justin@abrah.ms>

* remove broken flagd import until changes absorbed

Signed-off-by: Todd Baert <toddbaert@gmail.com>

Signed-off-by: Justin Abrahms <justin@abrah.ms>
Signed-off-by: Todd Baert <toddbaert@gmail.com>
Co-authored-by: Todd Baert <toddbaert@gmail.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore: Write perms should be as tightly scoped as possible. (#107)

* Add a dependabot file to keep deps up to date

Signed-off-by: Justin Abrahms <justin@abrah.ms>

* Move write permissions to the specific job, rather than globally

Signed-off-by: Justin Abrahms <justin@abrah.ms>

* Run code scanning (slow auto-build) weekly

Signed-off-by: Justin Abrahms <justin@abrah.ms>

Signed-off-by: Justin Abrahms <justin@abrah.ms>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore: fix dependabot pr titles (#118)

Signed-off-by: Todd Baert <toddbaert@gmail.com>

Signed-off-by: Todd Baert <toddbaert@gmail.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore: Bump cucumber-bom from 7.8.0 to 7.8.1 (#115)

Bump cucumber-bom from 7.8.0 to 7.8.1

Bumps [cucumber-bom](https://github.com/cucumber/cucumber-jvm) from 7.8.0 to 7.8.1.
- [Release notes](https://github.com/cucumber/cucumber-jvm/releases)
- [Changelog](https://github.com/cucumber/cucumber-jvm/blob/main/CHANGELOG.md)
- [Commits](cucumber/cucumber-jvm@v7.8.0...v7.8.1)

---
updated-dependencies:
- dependency-name: io.cucumber:cucumber-bom
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore: add SAST scanning (#108)

* add SAST scanning

Refs #84

Signed-off-by: Justin Abrahms <justin@abrah.ms>

* Java scanning only

Signed-off-by: Justin Abrahms <justin@abrah.ms>

* Try codeql on the normal build to see how much longer it is.

Signed-off-by: Justin Abrahms <justin@abrah.ms>

Signed-off-by: Justin Abrahms <justin@abrah.ms>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* feat!: use evaluation context interface (#112)

* POC - use evaluation context interface

Signed-off-by: Todd Baert <toddbaert@gmail.com>

* make .merge non-static

Signed-off-by: Todd Baert <toddbaert@gmail.com>

* improve naming

Signed-off-by: Todd Baert <toddbaert@gmail.com>

* add @OverRide

Signed-off-by: Todd Baert <toddbaert@gmail.com>

* Update src/main/java/dev/openfeature/sdk/EvaluationContext.java

Co-authored-by: Justin Abrahms <jabrahms@ebay.com>
Signed-off-by: Todd Baert <toddbaert@gmail.com>

* Update src/main/java/dev/openfeature/sdk/MutableContext.java

Co-authored-by: Justin Abrahms <jabrahms@ebay.com>
Signed-off-by: Todd Baert <toddbaert@gmail.com>

* address PR feedback

Signed-off-by: Todd Baert <toddbaert@gmail.com>

Signed-off-by: Todd Baert <toddbaert@gmail.com>
Co-authored-by: Justin Abrahms <jabrahms@ebay.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* feat: Support for generating CycloneDX sboms (#119)

Signed-off-by: Justin Abrahms <justin@abrah.ms>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore: [StepSecurity] ci: Harden GitHub Actions (#120)

* [StepSecurity] ci: Harden GitHub Actions in release.yml

* [StepSecurity] ci: Harden GitHub Actions in static-code-scanning.yaml

* [StepSecurity] ci: Harden GitHub Actions in lint-pr.yml

* [StepSecurity] ci: Harden GitHub Actions in merge.yml

* [StepSecurity] ci: Harden GitHub Actions in pullrequest.yml

Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore: I don't think we use that permission? (#123)

I don't think we use that permission?

Signed-off-by: Justin Abrahms <jabrahms@ebay.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore: Document where to find our SBOMs (#124)

Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update actions/cache digest to a3f5edc (#121)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update actions/setup-java digest to e150063 (#125)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore: Remove more perms (#130)

Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update dependency org.cyclonedx:cyclonedx-maven-plugin to v2.7.1 (#128)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update github/codeql-action digest to 3d39294 (#127)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update codecov/codecov-action digest to e0fbd59 (#126)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore: Bump actions/checkout from 3.0.2 to 3.1.0 (#139)

Bumps [actions/checkout](https://github.com/actions/checkout) from 3.0.2 to 3.1.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@2541b12...93ea575)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore: Bump actions/setup-java from e150063ee446b60ce2e35b040e81846da9001576 to a82e6d00200608b0b4c131bc9a89f7349786bd33 (#140)

chore: Bump actions/setup-java

Bumps [actions/setup-java](https://github.com/actions/setup-java) from e150063ee446b60ce2e35b040e81846da9001576 to a82e6d00200608b0b4c131bc9a89f7349786bd33.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](actions/setup-java@e150063...a82e6d0)

---
updated-dependencies:
- dependency-name: actions/setup-java
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore: bump spotbugs-maven-plugin from 4.7.2.0 to 4.7.2.1 (#136)

Bumps [spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) from 4.7.2.0 to 4.7.2.1.
- [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases)
- [Commits](spotbugs/spotbugs-maven-plugin@spotbugs-maven-plugin-4.7.2.0...spotbugs-maven-plugin-4.7.2.1)

---
updated-dependencies:
- dependency-name: com.github.spotbugs:spotbugs-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Justin Abrahms <jabrahms@ebay.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore: exclude component in git tag (#143)

Signed-off-by: Michael Beemer <beeme1mr@users.noreply.github.com>

Signed-off-by: Michael Beemer <beeme1mr@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update dependency org.cyclonedx:cyclonedx-maven-plugin to v2.7.2 (#141)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* feat!: add rw locks to client/api, hook accessor name (#131)

* fix: add read/write locks to client/api

Signed-off-by: Todd Baert <toddbaert@gmail.com>

* dont lock entire evaluation

Signed-off-by: Todd Baert <toddbaert@gmail.com>

* add tests

Signed-off-by: Todd Baert <toddbaert@gmail.com>

* fixup comment

Signed-off-by: Todd Baert <toddbaert@gmail.com>

* fixup pom comment

Signed-off-by: Todd Baert <toddbaert@gmail.com>

* increase lock granularity, imporove tests

Signed-off-by: Todd Baert <toddbaert@gmail.com>

* fix spotbugs

Signed-off-by: Todd Baert <toddbaert@gmail.com>

* remove commented test

Signed-off-by: Todd Baert <toddbaert@gmail.com>

Signed-off-by: Todd Baert <toddbaert@gmail.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update actions/setup-java digest to 3617c43 (#132)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update amannn/action-semantic-pull-request digest to b314c1b (#135)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Justin Abrahms <jabrahms@ebay.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore: Remove dependabot. I like renovate better (#142)

Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update amannn/action-semantic-pull-request digest to 7c194c2 (#144)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update github/codeql-action digest to 44edb7c (#133)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update actions/checkout digest to 8230315 (#122)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(main): release 0.3.0 (#114)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Justin Abrahms <jabrahms@ebay.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore: re-enable integration tests (#146)

Update test harness and re-enable integration test profile

Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update actions/cache digest to 9b0c1fc (#145)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Justin Abrahms <jabrahms@ebay.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* fix: merge eval context (#149)

fix merge eval context

Signed-off-by: Robert Grassian <robert.grassian@split.io>

Signed-off-by: Robert Grassian <robert.grassian@split.io>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(main): release 0.3.1 (#150)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update github/codeql-action digest to 297ec80 (#147)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore: update test/spec association numbers, badge (#156)

* chore: update test/spec association numbers

Signed-off-by: Todd Baert <toddbaert@gmail.com>

* chore: update spec tag

Signed-off-by: Todd Baert <toddbaert@gmail.com>

Signed-off-by: Todd Baert <toddbaert@gmail.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update actions/cache digest to 2b04a41 (#158)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(security): [Snyk] Security upgrade com.github.spotbugs:spotbugs from 4.7.2 to 4.7.3 (#157)

fix: pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHECOMMONS-3043138

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore: Add docs link (#165)

Signed-off-by: Todd Baert <toddbaert@gmail.com>

Signed-off-by: Todd Baert <toddbaert@gmail.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore: Mark project as active. (#167)

Mark project as active.

Signed-off-by: Justin Abrahms <jabrahms@ebay.com>

Signed-off-by: Justin Abrahms <jabrahms@ebay.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(main): release 1.0.0 (#168)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* chore(deps): update actions/cache digest to 8bec1e4 (#159)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

* changes spotbug scope to provided.

Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>

Signed-off-by: Todd Baert <toddbaert@gmail.com>
Signed-off-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>
Signed-off-by: Justin Abrahms <jabrahms@ebay.com>
Signed-off-by: Justin Abrahms <justin@abrah.ms>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Michael Beemer <beeme1mr@users.noreply.github.com>
Signed-off-by: Robert Grassian <robert.grassian@split.io>
Signed-off-by: Pramesh <p_bhandari@hotmail.com>
Co-authored-by: Todd Baert <toddbaert@gmail.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: Justin Abrahms <jabrahms@ebay.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Step Security Bot <bot@stepsecurity.io>
Co-authored-by: Michael Beemer <beeme1mr@users.noreply.github.com>
Co-authored-by: Robert Grassian <89157164+rgrassian-split@users.noreply.github.com>
Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: Bhandari, Pramesh(AWF) <pabhandari@ebay.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants