Merge branch 'eclipse-sw360:main' into feat/rest_edit_obligation

Author: bibhuti230185

.github/workflows/build_and_test.yml

@@ -15,10 +15,6 @@ name: SW360 Build and Test
 on:
   pull_request:
     branches: [main]
-    paths-ignore:
-      - "**.md"
-      - ".github/workflows/docker_deploy.yml"
-      - ".github/workflows/scorecard.yml"
   workflow_dispatch:
 
 env:
@@ -70,7 +66,7 @@ jobs:
 
       - name: Cache Thrift
         id: cache-thrift
-        uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0
+        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
         with:
           path: |
             ${{ github.workspace }}/dist/thrift-${{ env.THRIFT_VERSION }}

.github/workflows/codeql.yml

@@ -68,7 +68,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9
+        uses: github/codeql-action/init@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
         with:
           languages: ${{ matrix.language }}
           build-mode: ${{ matrix.build-mode }}
@@ -96,6 +96,6 @@ jobs:
           exit 1
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9
+        uses: github/codeql-action/analyze@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
         with:
           category: "/language:${{matrix.language}}"

.github/workflows/docker_deploy.yml

@@ -51,10 +51,10 @@ jobs:
       - name: Checkout main repository
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
-      - name: Set up JDK 17
+      - name: Set up JDK 21
         uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
         with:
-          java-version: "17"
+          java-version: "21"
           cache: "maven"
           distribution: "temurin"
 
@@ -82,7 +82,7 @@ jobs:
           cat .versions >> $GITHUB_ENV
 
       - name: Build thrift image
-        uses: heliocastro/docker-build-control@944a0451eadb63cf4f45a8ca66dba07118740faf # v5.1
+        uses: heliocastro/docker-build-control@923d1cff454145d261107495786218d712fb4799 # v6.0
         with:
           name: thrift
           target: localthrift
@@ -121,6 +121,7 @@ jobs:
           token: ${{ secrets.GITHUB_TOKEN }}
           invalidate-cache: ${{ inputs.invalidate-cache }}
           debug: ${{ inputs.debug }}
+          platforms: "linux/amd64,linux/arm64"
           build-args: |
             THRIFT_VERSION=${{ env.THRIFT_VERSION }}
             SW360_VERSION=${{ env.SHORT_SHA }}
@@ -173,7 +174,7 @@ jobs:
             type=ref,event=tag
 
       - name: Build image
-        uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6.13.0
+        uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4 # v6.15.0
         with:
           context: .
           target: sw360

.github/workflows/scorecard.yml

@@ -41,20 +41,20 @@ jobs:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
+        uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1
         with:
           results_file: results.sarif
           results_format: sarif
           publish_results: true
 
       - name: "Upload artifact"
-        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+        uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
         with:
           name: SARIF file
           path: results.sarif
           retention-days: 5
 
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9
+        uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
         with:
           sarif_file: results.sarif

Dockerfile

@@ -124,7 +124,7 @@ COPY --from=sw360build /sw360_tomcat_webapps /sw360_tomcat_webapps
 # Runtime image
 
 # 11-jre21-temurin-noble
-FROM tomcat@sha256:46e15fe7d4656cbfdabda58ea67a5ab22a0be706821fcf8b96d0a5a583b2cd47 AS sw360
+FROM tomcat@sha256:0530899318f06ebb42f4452717d68bb4d87cc9eb971e2e8a4404816f8f6067d9 AS sw360
 
 ARG TOMCAT_DIR=/usr/local/tomcat
 

README.md

@@ -1,3 +1,8 @@
+
+<img width="1280" alt="homeImage" src="https://github.com/user-attachments/assets/3c2e6712-97a7-4637-80b5-915cdd3af1e8" />
+<br></br>
+
+
 [![Eclipse Public License 2.0](https://img.shields.io/badge/license-EPL--2.0-green.svg "Eclipse Public License 2.0")](LICENSE)
 [![SW360 Build and Test](https://github.com/eclipse-sw360/sw360/workflows/SW360%20Build%20and%20Test/badge.svg)](https://github.com/eclipse-sw360/sw360/actions?query=workflow:"SW360+Build+and+Test")
 [![Slack Channel](https://img.shields.io/badge/slack-sw360chat-blue.svg?longCache=true&logo=slack)](https://join.slack.com/t/sw360chat/shared_invite/enQtNzg5NDQxMTQyNjA5LThiMjBlNTRmOWI0ZjJhYjc0OTk3ODM4MjBmOGRhMWRmN2QzOGVmMzQwYzAzN2JkMmVkZTI1ZjRhNmJlNTY4ZGI)
@@ -13,8 +18,7 @@ A software component catalogue application.
 
 SW360 is a Backend server with a REST API to maintain your projects / products and the software components within.
 
-It can manage SPDX files for maintaining the license conditions and maintain
-license information.
+It can manage SPDX files for maintaining the license conditions and maintain license information.
 
 ### Introduction
 

backend/users/src/main/java/org/eclipse/sw360/users/db/UserDatabaseHandler.java

@@ -221,6 +221,7 @@ public RequestSummary importFileToDB(String pathFolder)  {
         return requestSummary;
     }
 
+
     public Map<String, List<String>> readFileCsv(String filePath) {
         Map<String, List<String>> listMap = new HashMap<>();
         List<String> emailCsv = new ArrayList<>();

backend/users/src/main/java/org/eclipse/sw360/users/util/ReadFileDepartmentConfig.java

@@ -35,7 +35,7 @@ protected String getPathConfig() throws IOException {
         String pathFile = file.getPath();
         String[] parts = pathFile.split("/");
         for (int i = 0; i < parts.length; i++) {
-            if (!parts[i+1].contains("liferay"))
+            if (!parts[i+1].contains("tomcat"))
                 path.append(parts[i+1]).append("/");
             else {
                 path.append(parts[i+1]).append("/");
@@ -75,9 +75,9 @@ public DepartmentConfigDTO readFileJson() {
     }
 
     public void writePathFolderConfig(String pathFolder) {
-        DepartmentConfigDTO configDTO = readFileJson();
         BufferedWriter writer = null;
         try {
+            DepartmentConfigDTO configDTO = readFileJson();
             writer = Files.newBufferedWriter(Paths.get(getPathConfig()));
             Map<String, Object> config = new HashMap<>();
             Map<String, Object> map = new HashMap<>();
@@ -125,4 +125,4 @@ public void writeLastRunningTimeConfig(String lastRunningTime) {
             }
         }
     }
-}
+}

libraries/datahandler/src/main/java/org/eclipse/sw360/datahandler/common/SW360Constants.java

@@ -134,6 +134,10 @@ public class SW360Constants {
     public static final String PROJECTS = "projects";
     public static final String LICENSES = "licenses";
     public static final String PROJECT_RELEASE_SPREADSHEET_WITH_ECCINFO = "projectReleaseSpreadSheetWithEcc";
+    public static final String IMPORT_DEPARTMENT_MANUALLY = "importdepartmentmanually";
+    public static final String ADD_LIST_EMAIL = "listEmail";
+    public static final String DEPARTMENT_KEY = "departmentKey";
+    public static final String DELETE_LIST_EMAIL = "deleteEmail";
 
     /**
      * Hashmap containing the name field for each type.

pom.xml

@@ -108,7 +108,7 @@
     <commons-lang3.version>3.17.0</commons-lang3.version>
     <commons-text.version>1.13.0</commons-text.version>
     <dom4j.version>2.1.4</dom4j.version>
-    <equalsverifier.version>3.18</equalsverifier.version>
+    <equalsverifier.version>3.19.1</equalsverifier.version>
     <failureaccess.version>1.0.2</failureaccess.version>
     <findbugs-annotations.version>1.3.9-1</findbugs-annotations.version>
     <glassfish-jaxb.version>4.0.5</glassfish-jaxb.version>
@@ -151,16 +151,16 @@
     <spring-restdocs.version>3.0.1</spring-restdocs.version>
     <spring-security-jwt.version>1.1.1.RELEASE</spring-security-jwt.version>
     <spring-security-oauth2-authorization-server.version>1.4.1</spring-security-oauth2-authorization-server.version>
-    <spring-security.version>6.4.2</spring-security.version>
+    <spring-security.version>6.4.3</spring-security.version>
     <springdoc-openapi-stater-common.version>2.8.4</springdoc-openapi-stater-common.version>
-    <springframework.version>6.2.2</springframework.version>
+    <springframework.version>6.2.3</springframework.version>
     <thrift.version>0.20.0</thrift.version>
     <tika.version>1.28.5</tika.version>
     <wiremock.version>3.12.0</wiremock.version>
     <version.hibernate.javax.persistence>1.0.0.Final</version.hibernate.javax.persistence>
     <arquillian-graphene.version>2.5.4</arquillian-graphene.version>
     <version.jee.jaxb.api>2.3.1</version.jee.jaxb.api>
-    <keycloak.version>26.1.1</keycloak.version>
+    <keycloak.version>26.1.3</keycloak.version>
     <spring.security.crypto>6.3.3</spring.security.crypto>
     <org.owasp.encoder.version>1.3.1</org.owasp.encoder.version>
   </properties>

rest/resource-server/src/docs/asciidoc/api-guide.adoc

@@ -312,3 +312,4 @@ include::importExport.adoc[]
 include::attachmentCleanUp.adoc[]
 include::databaseSanitation.adoc[]
 include::importExport.adoc[]
+include::department.adoc[]

rest/resource-server/src/docs/asciidoc/department.adoc

@@ -0,0 +1,60 @@
+//
+// Copyright Siemens AG, 2025. Part of the SW360 Portal Project.
+//
+// This program and the accompanying materials are made
+// available under the terms of the Eclipse Public License 2.0
+// which is available at https://www.eclipse.org/legal/epl-2.0/
+//
+// SPDX-License-Identifier: EPL-2.0
+// SPDX-FileCopyrightText: 2025, Siemens AG. Part of the SW360 Portal Project.
+// SPDX-FileContributor: Nikesh kumar <[email protected]>
+//
+
+[[resources-department]]
+=== Department
+
+The department resource is used to upload a department and its members.
+
+[[manually-active]]
+==== Manually Activating Department Import
+
+A `GET` request is used to import department data.
+
+===== Example Request
+include::{snippets}/should_document_import_department_manually/curl-request.adoc[]
+
+===== Example Response
+include::{snippets}/should_document_import_department_manually/http-response.adoc[]
+
+[[schedule-department]]
+==== Import Schedule Department.
+
+A `POST` request is used to import schedule department.
+
+===== Example Request
+include::{snippets}/should_document_import_schedule_department/curl-request.adoc[]
+
+===== Example Response
+include::{snippets}/should_document_import_schedule_department/http-response.adoc[]
+
+[[cancel-department]]
+==== Cancel Schedule Department.
+
+A `POST` request is used to cancel import schedule department.
+
+===== Example Request
+include::{snippets}/should_document_cancel_import_schedule_department/curl-request.adoc[]
+
+===== Example Response
+include::{snippets}/should_document_cancel_import_schedule_department/http-response.adoc[]
+
+[[update-folder-path]]
+==== Update Folder Path.
+
+A POST request is used to update the folder path in the department.
+
+===== Example Request
+include::{snippets}/should_document_update_folder_path/curl-request.adoc[]
+
+===== Example Response
+include::{snippets}/should_document_update_folder_path/http-response.adoc[]

rest/resource-server/src/docs/asciidoc/vendors.adoc

@@ -118,3 +118,17 @@ include::{snippets}/should_document_get_export_vendor/curl-request.adoc[]
 
 ===== Example response
 include::{snippets}/should_document_get_export_vendor/http-response.adoc[]
+
+[[resources-vendor-merge]]
+==== Merge vendors
+
+A `PATCH` request will merge the source vendor with the target vendor.
+
+===== Request structure
+include::{snippets}/should_document_merge_vendor/request-fields.adoc[]
+
+===== Example request
+include::{snippets}/should_document_merge_vendor/curl-request.adoc[]
+
+===== Example response
+include::{snippets}/should_document_merge_vendor/http-response.adoc[]