Merge pull request #426 from xdev-software/develop

Release

Author: AB-xdev

.config/pmd/java/ruleset.xml

@@ -2,7 +2,7 @@
 <ruleset name="Default"
 		 xmlns="http://pmd.sourceforge.net/ruleset/2.0.0"
 		 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-		 xsi:schemaLocation="http://pmd.sourceforge.net/ruleset/2.0.0 https://pmd.sourceforge.io/ruleset_2_0_0.xsd">
+		 xsi:schemaLocation="http://pmd.sourceforge.net/ruleset/2.0.0 https://pmd.github.io/ruleset_2_0_0.xsd">
 
 	<description>
 		This ruleset checks the code for discouraged programming constructs.
@@ -204,7 +204,7 @@
 
 	<rule name="AvoidStringBuilderOrBuffer"
 		language="java"
-		message="StringBuilder/ should not be used"
+		message="StringBuilder/StringBuffer should not be used"
 		class="net.sourceforge.pmd.lang.rule.xpath.XPathRule">
 		<description>
 			Usually all cases where `StringBuilder` (or the outdated `StringBuffer`) is used are either due to confusing (legacy) logic or may be replaced by a simpler string concatenation.

.github/workflows/broken-links.yml

@@ -26,7 +26,7 @@ jobs:
       - name: Find already existing issue
         id: find-issue
         run: |
-          echo "number=$(gh issue list -l 'bug' -l 'automated' -L 1 -S 'in:title \"Link Checker Report\"' -s 'open' --json 'number' --jq '.[].number')" >> $GITHUB_OUTPUT
+          echo "number=$(gh issue list -l 'bug' -l 'automated' -L 1 -S 'in:title "Link Checker Report"' -s 'open' --json 'number' --jq '.[].number')" >> $GITHUB_OUTPUT
         env:
           GH_TOKEN: ${{ github.token }}
 
@@ -38,7 +38,7 @@ jobs:
 
       - name: Create Issue From File
         if: steps.lychee.outputs.exit_code != 0
-        uses: peter-evans/create-issue-from-file@e8ef132d6df98ed982188e460ebb3b5d4ef3a9cd # v5
+        uses: peter-evans/create-issue-from-file@fca9117c27cdc29c6c4db3b86c48e4115a786710 # v6
         with:
           issue-number: ${{ steps.find-issue.outputs.number }}
           title: Link Checker Report

.github/workflows/check-build.yml

@@ -28,7 +28,7 @@ jobs:
     timeout-minutes: 30
     strategy:
       matrix:
-        java: [21]
+        java: [21, 25]
         distribution: [temurin]
     steps:
     - uses: actions/checkout@v5

CHANGELOG.md

@@ -1,3 +1,6 @@
+# 2.8.1
+* Updated dependencies
+
 # 2.8.0
 * ``selenium``
   * Moved warmUp code to correct factory

CONTRIBUTING.md

@@ -19,7 +19,7 @@ We also encourage you to read the [contribution instructions by GitHub](https://
 ### Software Requirements
 You should have the following things installed:
 * Git
-* Java 21 - should be as unmodified as possible (Recommended: [Eclipse Adoptium](https://adoptium.net/temurin/releases/))
+* Java 25 - should be as unmodified as possible (Recommended: [Eclipse Adoptium](https://adoptium.net/temurin/releases/))
 * Maven (Note that the [Maven Wrapper](https://maven.apache.org/wrapper/) is shipped with the repo)
 
 ### Recommended setup

advanced-demo/integration-tests/pom.xml

@@ -67,7 +67,7 @@
 			<dependency>
 				<groupId>org.seleniumhq.selenium</groupId>
 				<artifactId>selenium-dependencies-bom</artifactId>
-				<version>4.35.0</version>
+				<version>4.36.0</version>
 				<type>pom</type>
 				<scope>import</scope>
 			</dependency>
@@ -77,7 +77,7 @@
 			<dependency>
 				<groupId>org.junit</groupId>
 				<artifactId>junit-bom</artifactId>
-				<version>5.13.4</version>
+				<version>6.0.0</version>
 				<type>pom</type>
 				<scope>import</scope>
 			</dependency>

advanced-demo/pom.xml

@@ -70,7 +70,7 @@
 			<dependency>
 				<groupId>org.junit</groupId>
 				<artifactId>junit-bom</artifactId>
-				<version>5.13.4</version>
+				<version>6.0.0</version>
 				<type>pom</type>
 				<scope>import</scope>
 			</dependency>
@@ -109,7 +109,7 @@
 			<dependency>
 				<groupId>software.xdev.sse</groupId>
 				<artifactId>bom</artifactId>
-				<version>1.4.0</version>
+				<version>1.5.2</version>
 				<type>pom</type>
 				<scope>import</scope>
 			</dependency>
@@ -196,7 +196,7 @@
 							<dependency>
 								<groupId>com.puppycrawl.tools</groupId>
 								<artifactId>checkstyle</artifactId>
-								<version>11.0.1</version>
+								<version>11.1.0</version>
 							</dependency>
 						</dependencies>
 						<configuration>

advanced-demo/webapp/src/main/java/software/xdev/tci/demo/security/MainWebSecurity.java

@@ -15,21 +15,23 @@
 import software.xdev.spring.security.web.authentication.ui.advanced.AdvancedLoginPageAdapter;
 import software.xdev.spring.security.web.authentication.ui.advanced.config.AdditionalOAuth2ClientProperties;
 import software.xdev.sse.csp.CSPGenerator;
+import software.xdev.sse.web.hsts.HstsApplier;
 
 
 @EnableWebSecurity
 @Configuration
 @EnableConfigurationProperties(AdditionalOAuth2ClientProperties.class)
 public class MainWebSecurity
 {
-	@SuppressWarnings("java:S4502") // See below
-	@Bean(name = "mainSecurityFilterChainBean")
-	public SecurityFilterChain configure(
+	@Bean
+	public SecurityFilterChain mainSecurityFilterChain(
 		final HttpSecurity http,
 		final CSPGenerator cspGenerator,
-		final AdditionalOAuth2ClientProperties additionalOAuth2ClientProperties) throws Exception
+		final AdditionalOAuth2ClientProperties additionalOAuth2ClientProperties,
+		final HstsApplier hstsApplier)
+		throws Exception
 	{
-		http.with(
+		return http.with(
 				new AdvancedLoginPageAdapter<>(http),
 				c -> c
 					.customizePages(p -> p.setHeaderElements(List.of(
@@ -46,7 +48,7 @@ public SecurityFilterChain configure(
 							+ "</div>"
 							+ "<h2 class='h2 mb-3 text-center'>Demo</h2>")
 					))
-			.headers(h -> h
+			.headers(h -> hstsApplier.apply(h)
 				.referrerPolicy(r -> r.policy(ReferrerPolicyHeaderWriter.ReferrerPolicy.SAME_ORIGIN))
 				// https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options
 				.contentTypeOptions(Customizer.withDefaults())
@@ -57,9 +59,8 @@ public SecurityFilterChain configure(
 			.authorizeHttpRequests(urlRegistry -> urlRegistry.anyRequest().authenticated())
 			.logout(Customizer.withDefaults())
 			// nothing needs to be saved
-			.requestCache(r -> r.requestCache(new NullRequestCache()));
-		
-		return http.build();
+			.requestCache(r -> r.requestCache(new NullRequestCache()))
+			.build();
 	}
 
 }

base-demo/pom.xml

@@ -38,14 +38,14 @@
 		<dependency>
 			<groupId>org.junit.jupiter</groupId>
 			<artifactId>junit-jupiter</artifactId>
-			<version>5.13.4</version>
+			<version>6.0.0</version>
 			<scope>test</scope>
 		</dependency>
 
 		<dependency>
 			<groupId>ch.qos.logback</groupId>
 			<artifactId>logback-classic</artifactId>
-			<version>1.5.18</version>
+			<version>1.5.19</version>
 			<scope>test</scope>
 		</dependency>
 	</dependencies>

base/pom.xml

@@ -81,14 +81,14 @@
 			<groupId>org.junit.platform</groupId>
 			<artifactId>junit-platform-launcher</artifactId>
 			<scope>compile</scope>
-			<version>1.13.4</version>
+			<version>6.0.0</version>
 		</dependency>
 
 		<!-- Tests -->
 		<dependency>
 			<groupId>org.junit.jupiter</groupId>
 			<artifactId>junit-jupiter</artifactId>
-			<version>5.13.4</version>
+			<version>6.0.0</version>
 			<scope>test</scope>
 		</dependency>
 		<dependency>
@@ -318,7 +318,7 @@
 							<dependency>
 								<groupId>com.puppycrawl.tools</groupId>
 								<artifactId>checkstyle</artifactId>
-								<version>11.0.1</version>
+								<version>11.1.0</version>
 							</dependency>
 						</dependencies>
 						<configuration>