From 5d0ef114280ca34c9fc73e98fdc63754bb094342 Mon Sep 17 00:00:00 2001 From: Aravind Kumar Date: Mon, 8 Sep 2025 22:13:43 +0530 Subject: [PATCH 1/6] Delete secrets-scan.yml --- .github/workflows/secrets-scan.yml | 29 ----------------------------- 1 file changed, 29 deletions(-) delete mode 100644 .github/workflows/secrets-scan.yml diff --git a/.github/workflows/secrets-scan.yml b/.github/workflows/secrets-scan.yml deleted file mode 100644 index 049c02f..0000000 --- a/.github/workflows/secrets-scan.yml +++ /dev/null @@ -1,29 +0,0 @@ -name: Secrets Scan -on: - pull_request: - types: [opened, synchronize, reopened] -jobs: - security-secrets: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - with: - fetch-depth: '2' - ref: '${{ github.event.pull_request.head.ref }}' - - run: | - git reset --soft HEAD~1 - - name: Install Talisman - run: | - # Download Talisman - wget https://github.com/thoughtworks/talisman/releases/download/v1.37.0/talisman_linux_amd64 -O talisman - - # Checksum verification - checksum=$(sha256sum ./talisman | awk '{print $1}') - if [ "$checksum" != "8e0ae8bb7b160bf10c4fa1448beb04a32a35e63505b3dddff74a092bccaaa7e4" ]; then exit 1; fi - - # Make it executable - chmod +x talisman - - name: Run talisman - run: | - # Run Talisman with the pre-commit hook - ./talisman --githook pre-commit \ No newline at end of file From b9a87e22e463766b36b62438d3d1767e96515787 Mon Sep 17 00:00:00 2001 From: Aravind Kumar Date: Mon, 8 Sep 2025 22:13:47 +0530 Subject: [PATCH 2/6] Updated codeowners --- CODEOWNERS | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/CODEOWNERS b/CODEOWNERS index 1be7e0d..0496bc6 100644 --- a/CODEOWNERS +++ b/CODEOWNERS @@ -1 +1,11 @@ -* @contentstack/security-admin +* @contentstack/devex-pr-reviewers + +.github/workflows/sca-scan.yml @contentstack/security-admin + +.github/workflows/codeql-anaylsis.yml @contentstack/security-admin + +**/.snyk @contentstack/security-admin + +.github/workflows/policy-scan.yml @contentstack/security-admin + +.github/workflows/issues-jira.yml @contentstack/security-admin From 78bc9f9c8ffd836ab8d93eda0814bd6b25a6ccb8 Mon Sep 17 00:00:00 2001 From: reeshika-h Date: Tue, 23 Sep 2025 16:41:39 +0530 Subject: [PATCH 3/6] Update Maven workflow and versioning for publishing to Maven Central --- .github/workflows/maven--package-publish.yml | 7 +++- pom.xml | 39 ++++++++------------ 2 files changed, 21 insertions(+), 25 deletions(-) diff --git a/.github/workflows/maven--package-publish.yml b/.github/workflows/maven--package-publish.yml index ed2ad1d..469a054 100644 --- a/.github/workflows/maven--package-publish.yml +++ b/.github/workflows/maven--package-publish.yml @@ -1,6 +1,9 @@ name: Publishing to Maven Packages #on: [ push ] # Trigger the workflow when a push (commit) event occurs on: + push: + branches: + - fix/workflow-release release: types: [ created ] jobs: @@ -24,8 +27,8 @@ jobs: - name: Publish to Maven Central Repository run: mvn --batch-mode -Dgpg.passphrase=${{ secrets.GPG_PASSPHRASE }} deploy env: - MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }} - MAVEN_PASSWORD: ${{ secrets.OSSRH_TOKEN }} + MAVEN_USERNAME: ${{ secrets.MAVEN_USERNAME }} + MAVEN_PASSWORD: ${{ secrets.MAVEN_PASSWORD }} GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }} # run: mvn --batch-mode deploy \ No newline at end of file diff --git a/pom.xml b/pom.xml index 1917c51..f8d9eac 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ 4.0.0 com.contentstack.sdk java - 2.2.0 + 2.2.1-beta jar contentstack-java Java SDK for Contentstack Content Delivery API @@ -85,26 +85,24 @@ - + + Maven Snapshot Repository ossrh https://oss.sonatype.org/content/repositories/snapshots - - - - - - - + + github + https://maven.pkg.github.com/contentstack/contentstack-java + + Maven Release Repository ossrh https://oss.sonatype.org/service/local/staging/deploy/maven2/ - + --> @@ -278,7 +276,7 @@ maven-surefire-plugin 2.22.2 - true + @@ -328,19 +326,14 @@ - org.sonatype.plugins - nexus-staging-maven-plugin - ${nexus-staging-maven-plugin.version} + org.sonatype.central + central-publishing-maven-plugin + 0.8.0 true - - - - - - ossrh - https://oss.sonatype.org/ - true + central + true + published + true From d3fa3248585cc1ceb916c179f28b6f30f8be1d68 Mon Sep 17 00:00:00 2001 From: reeshika-h Date: Tue, 23 Sep 2025 16:47:42 +0530 Subject: [PATCH 5/6] Fix Maven server ID and revert version to 2.2.0-beta in POM file --- .github/workflows/maven--package-publish.yml | 2 +- pom.xml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/maven--package-publish.yml b/.github/workflows/maven--package-publish.yml index 469a054..1789f69 100644 --- a/.github/workflows/maven--package-publish.yml +++ b/.github/workflows/maven--package-publish.yml @@ -19,7 +19,7 @@ jobs: with: java-version: '11' distribution: 'adopt' - server-id: ossrh + server-id: central server-username: MAVEN_USERNAME server-password: MAVEN_PASSWORD gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} diff --git a/pom.xml b/pom.xml index 0b3c011..e125c4d 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ 4.0.0 com.contentstack.sdk java - 2.2.1-beta + 2.2.0-beta jar contentstack-java Java SDK for Contentstack Content Delivery API From d34dfb3e0aaa07940992ed0357a85e2215c326a3 Mon Sep 17 00:00:00 2001 From: reeshika-h Date: Tue, 23 Sep 2025 16:58:24 +0530 Subject: [PATCH 6/6] Update Maven workflow to trigger on release events and revert version to 2.2.0 in POM file --- .github/workflows/maven--package-publish.yml | 3 --- pom.xml | 2 +- 2 files changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/maven--package-publish.yml b/.github/workflows/maven--package-publish.yml index 1789f69..ef515b1 100644 --- a/.github/workflows/maven--package-publish.yml +++ b/.github/workflows/maven--package-publish.yml @@ -1,9 +1,6 @@ name: Publishing to Maven Packages #on: [ push ] # Trigger the workflow when a push (commit) event occurs on: - push: - branches: - - fix/workflow-release release: types: [ created ] jobs: diff --git a/pom.xml b/pom.xml index e125c4d..a26af36 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ 4.0.0 com.contentstack.sdk java - 2.2.0-beta + 2.2.0 jar contentstack-java Java SDK for Contentstack Content Delivery API