Fix CVE scanning #2561

SimonCockx · 2023-12-01T10:06:30Z

No description provided.

netlify · 2023-12-01T10:06:35Z

✅ Deploy Preview for finos-cdm ready!

Name	Link
🔨 Latest commit	`84ee4cb`
🔍 Latest deploy log	https://app.netlify.com/sites/finos-cdm/deploys/6569b94f55ab140008bc363e
😎 Deploy Preview	https://deploy-preview-2561--finos-cdm.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site configuration.

SimonCockx · 2023-12-01T10:10:58Z

.github/workflows/cve-scanning.yml

@@ -3,6 +3,8 @@ name: CVE Scanning for Maven
 on:
  workflow_dispatch:
  push:
+    branches:
+      - master


Filter push events on master to prevent triggering CVE scanning twice.

The triggers now work as follows:

The pull_request event makes sure that PRs must always succeed CVE scanning.

The push event filtered on master will run CVE scanning on the master branch every time that it changes, as an additional check.

* Fixed CVE scan * Added JAVA_HOME env * Fixed versioning * Fixed versioning * Fixed versioning

* Fixed CVE scan * Added JAVA_HOME env * Fixed versioning * Fixed versioning * Fixed versioning Co-authored-by: SimonCockx <47859223+SimonCockx@users.noreply.github.com>

* Update RELEASE.md * Update RELEASE.md * Update RELEASE.md * Update RELEASE.md * Add PR link * Fix CVE scanning (#2561) * Fixed CVE scan * Added JAVA_HOME env * Fixed versioning * Fixed versioning * Fixed versioning * Prevent GitHub Actions from being triggered twice (#2559) * Corrected action workflows * Test * Test * Fixed * Cleaned * Prevent GitHub Actions from being triggered twice (#2559) * Corrected action workflows * Test * Test * Fixed * Cleaned * Restored release.md * Restored release.md --------- Co-authored-by: JayasriR <124573358+JayasriR@users.noreply.github.com> Co-authored-by: Hugo Hills <39260692+hugohills-regnosys@users.noreply.github.com> Co-authored-by: eacunaISDA <82891014+eacunaISDA@users.noreply.github.com> Co-authored-by: lolabeis <leo.labeis@regnosys.com>

* Fix CVE scanning (#2561) (#2562) * Fixed CVE scan * Added JAVA_HOME env * Fixed versioning * Fixed versioning * Fixed versioning Co-authored-by: SimonCockx <47859223+SimonCockx@users.noreply.github.com> * DSL Update (#2550) * Updated DSL * Updated DSL * Updated DSL * Updated expectations * Cleaned * Updated expectations * Updated expectations * Cleaned * Improved release notes * Improved release notes * Improved release notes --------- Co-authored-by: Hugo Hills <39260692+hugohills-regnosys@users.noreply.github.com> * 5xx Prevent GitHub Actions from being triggered twice (#2559) (#2563) * Update RELEASE.md * Update RELEASE.md * Update RELEASE.md * Update RELEASE.md * Add PR link * Fix CVE scanning (#2561) * Fixed CVE scan * Added JAVA_HOME env * Fixed versioning * Fixed versioning * Fixed versioning * Prevent GitHub Actions from being triggered twice (#2559) * Corrected action workflows * Test * Test * Fixed * Cleaned * Prevent GitHub Actions from being triggered twice (#2559) * Corrected action workflows * Test * Test * Fixed * Cleaned * Restored release.md * Restored release.md --------- Co-authored-by: JayasriR <124573358+JayasriR@users.noreply.github.com> Co-authored-by: Hugo Hills <39260692+hugohills-regnosys@users.noreply.github.com> Co-authored-by: eacunaISDA <82891014+eacunaISDA@users.noreply.github.com> Co-authored-by: lolabeis <leo.labeis@regnosys.com> --------- Co-authored-by: Hugo Hills <39260692+hugohills-regnosys@users.noreply.github.com> Co-authored-by: JayasriR <124573358+JayasriR@users.noreply.github.com> Co-authored-by: eacunaISDA <82891014+eacunaISDA@users.noreply.github.com> Co-authored-by: lolabeis <leo.labeis@regnosys.com>

This reverts commit 42aedde.

* Update RELEASE.md * Update RELEASE.md * Update RELEASE.md * Update RELEASE.md * Add PR link * Updated Qualifying functions for Known Amount ZC Updated the qualifying functions and synonym mappings for Known Amount ZC Swaps. * Fix CVE scanning (#2561) * Fixed CVE scan * Added JAVA_HOME env * Fixed versioning * Fixed versioning * Fixed versioning * Prevent GitHub Actions from being triggered twice (#2559) * Corrected action workflows * Test * Test * Fixed * Cleaned * Updated Qualifying functions for Known Amount ZC 2 Updated the Qualifying functions for Known Amount Zero Coupon Swaps. * Revert "Prevent GitHub Actions from being triggered twice (#2559)" This reverts commit b297b46. * Revert "Fix CVE scanning (#2561)" This reverts commit 42aedde. * Fix release notes * Add release note * Fix syntax validation error and update docs code snippet * Update PR --------- Co-authored-by: JayasriR <124573358+JayasriR@users.noreply.github.com> Co-authored-by: eacunaISDA <82891014+eacunaISDA@users.noreply.github.com> Co-authored-by: lolabeis <leo.labeis@regnosys.com> Co-authored-by: Marc Gratacos <mgratacos@tradeheader.com> Co-authored-by: SimonCockx <47859223+SimonCockx@users.noreply.github.com>

* TH_Valuation_Instruction Native representation and qualification of an update of the valuation. * ValuationInstruction now contains the replace flag. Create_Valuation only contains the instruction + tradeState as input arguments similar to other primitives * Fix CVE scanning (#2561) (#2562) * Fixed CVE scan * Added JAVA_HOME env * Fixed versioning * Fixed versioning * Fixed versioning Co-authored-by: SimonCockx <47859223+SimonCockx@users.noreply.github.com> * Added Valuation update release notes into RELEASE.md * DSL Update (#2550) * Updated DSL * Updated DSL * Updated DSL * Updated expectations * Cleaned * Updated expectations * Updated expectations * Cleaned * Improved release notes * Improved release notes * Improved release notes --------- Co-authored-by: Hugo Hills <39260692+hugohills-regnosys@users.noreply.github.com> * 5xx Prevent GitHub Actions from being triggered twice (#2559) (#2563) * Update RELEASE.md * Update RELEASE.md * Update RELEASE.md * Update RELEASE.md * Add PR link * Fix CVE scanning (#2561) * Fixed CVE scan * Added JAVA_HOME env * Fixed versioning * Fixed versioning * Fixed versioning * Prevent GitHub Actions from being triggered twice (#2559) * Corrected action workflows * Test * Test * Fixed * Cleaned * Prevent GitHub Actions from being triggered twice (#2559) * Corrected action workflows * Test * Test * Fixed * Cleaned * Restored release.md * Restored release.md --------- Co-authored-by: JayasriR <124573358+JayasriR@users.noreply.github.com> Co-authored-by: Hugo Hills <39260692+hugohills-regnosys@users.noreply.github.com> Co-authored-by: eacunaISDA <82891014+eacunaISDA@users.noreply.github.com> Co-authored-by: lolabeis <leo.labeis@regnosys.com> * Remove already released release note * Update RELEASE.md * Update RELEASE.md * Update RELEASE.md * Marc Gratacos Updated Qualifying functions for Known Amount ZC (#2571) * Update RELEASE.md * Update RELEASE.md * Update RELEASE.md * Update RELEASE.md * Add PR link * Updated Qualifying functions for Known Amount ZC Updated the qualifying functions and synonym mappings for Known Amount ZC Swaps. * Fix CVE scanning (#2561) * Fixed CVE scan * Added JAVA_HOME env * Fixed versioning * Fixed versioning * Fixed versioning * Prevent GitHub Actions from being triggered twice (#2559) * Corrected action workflows * Test * Test * Fixed * Cleaned * Updated Qualifying functions for Known Amount ZC 2 Updated the Qualifying functions for Known Amount Zero Coupon Swaps. * Revert "Prevent GitHub Actions from being triggered twice (#2559)" This reverts commit b297b46. * Revert "Fix CVE scanning (#2561)" This reverts commit 42aedde. * Fix release notes * Add release note * Fix syntax validation error and update docs code snippet * Update PR --------- Co-authored-by: JayasriR <124573358+JayasriR@users.noreply.github.com> Co-authored-by: eacunaISDA <82891014+eacunaISDA@users.noreply.github.com> Co-authored-by: lolabeis <leo.labeis@regnosys.com> Co-authored-by: Marc Gratacos <mgratacos@tradeheader.com> Co-authored-by: SimonCockx <47859223+SimonCockx@users.noreply.github.com> * Bataller García Eric Deprecated use of personRole in NaturalPerson type (#2576) * Deprecated use of personRole in NaturalPerson type The NaturalPerson type contains the attribute personRole of type NaturalPersonRole, which references back to the containing type of NaturalPerson, causing a circular reference in the model. Its use has been deprecated. * Update RELEASE.md * Update RELEASE.md * Update RELEASE.md --------- Co-authored-by: Bataller García Eric <ebataller@tradeheader.com> Co-authored-by: ebataller <128476578+ebataller@users.noreply.github.com> Co-authored-by: Payal Khanna <107400406+PayalKhanna@users.noreply.github.com> * Update ISO country code to keep in sync with latest ISO list (#2605) * [5.x.x] Update CDM to use DSL version 9.3.0 (#2606) * Update ISO country code to keep in sync with latest ISO list * Update DSL version to 9.3.0 and bundle version to 9.4.0 * [5.x.x] BUG-560: Bond forwards do not qualify (#2603) * Fix bond fwd qualification and add bond fwd samples and mappings * Merge release note * Update ISO country code to keep in sync with latest ISO list * Update RELEASE.md * Update RELEASE.md --------- Co-authored-by: eacunaISDA <82891014+eacunaISDA@users.noreply.github.com> * update bundle version 5 x x (#2615) * update bundle version * update RELEASE.md * updated ingestion.Json * format 5xx (#2619) format 5xx * Update DSL version to 9.3.1 (#2626) * FRO_Mappings_Update_prod FRO_Mappings_Update_prod * PTRR_Mappings_prod PTRR_Mappings_prod * added Release Note * FRO_Mappings_Update_prod * Update RELEASE.md * added Release Note and updated expectations * Update RELEASE.md * DSL update * Release notes correction --------- Co-authored-by: Georgina Tarres <gtarres@tradeheader.com> Co-authored-by: m_martos <mmartos@tradeheader.com> Co-authored-by: Hugo Hills <39260692+hugohills-regnosys@users.noreply.github.com> Co-authored-by: JayasriR <124573358+JayasriR@users.noreply.github.com> Co-authored-by: eacunaISDA <82891014+eacunaISDA@users.noreply.github.com> Co-authored-by: lolabeis <leo.labeis@regnosys.com> Co-authored-by: hugohills-regnosys <hugo.hills@regnosys.com> Co-authored-by: Marc Gratacos <mgratacos@tradeheader.com> Co-authored-by: regnosys-prod-user <67386743+regnosys-prod-user@users.noreply.github.com> Co-authored-by: Bataller García Eric <ebataller@tradeheader.com> Co-authored-by: ebataller <128476578+ebataller@users.noreply.github.com> Co-authored-by: Payal Khanna <107400406+PayalKhanna@users.noreply.github.com> Co-authored-by: Jan Baserba <jbaserba@tradeheader.com> Co-authored-by: PayalKhanna <payal.khanna@regnosys.com>

Fixed CVE scan

e2d33f5

SimonCockx requested a review from a team as a code owner December 1, 2023 10:06

SimonCockx commented Dec 1, 2023

View reviewed changes

Added JAVA_HOME env

cd8e43b

hugohills-regnosys added Complexity: Small/Bug/Mapping Something isn't working - Requires one TA approval Category: Technical/Patch Criticality: High Target: Production labels Dec 1, 2023

SimonCockx added 3 commits December 1, 2023 11:39

Fixed versioning

f8e70be

Fixed versioning

6cdb343

Fixed versioning

84ee4cb

hugohills-regnosys approved these changes Dec 1, 2023

View reviewed changes

hugohills-regnosys merged commit 42aedde into finos:master Dec 1, 2023

hugohills-regnosys deleted the cve-scan-fix branch December 1, 2023 12:14

hugohills-regnosys pushed a commit to rosetta-models/common-domain-model that referenced this pull request Dec 1, 2023

Fix CVE scanning (finos#2561)

e8a7239

* Fixed CVE scan * Added JAVA_HOME env * Fixed versioning * Fixed versioning * Fixed versioning

hugohills-regnosys added a commit that referenced this pull request Dec 1, 2023

Fix CVE scanning (#2561) (#2562)

b797ab2

* Fixed CVE scan * Added JAVA_HOME env * Fixed versioning * Fixed versioning * Fixed versioning Co-authored-by: SimonCockx <47859223+SimonCockx@users.noreply.github.com>

hugohills-regnosys added Target: Development and removed Target: Production labels Dec 1, 2023

hugohills-regnosys added a commit to rosetta-models/common-domain-model that referenced this pull request Dec 1, 2023

Revert "Fix CVE scanning (finos#2561)"

f520060

This reverts commit 42aedde.

minesh-s-patel mentioned this pull request Sep 25, 2024

jpm full contribution #3144

Closed

lolabeis added the Category: Technical/Dependency Pull requests that update a dependency file - Individual Maintainers May Approve label Feb 13, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix CVE scanning #2561

Fix CVE scanning #2561

SimonCockx commented Dec 1, 2023

netlify bot commented Dec 1, 2023 •

edited

Loading

SimonCockx Dec 1, 2023

Fix CVE scanning #2561

Fix CVE scanning #2561

Conversation

SimonCockx commented Dec 1, 2023

netlify bot commented Dec 1, 2023 • edited Loading

✅ Deploy Preview for finos-cdm ready!

SimonCockx Dec 1, 2023

Choose a reason for hiding this comment

netlify bot commented Dec 1, 2023 •

edited

Loading