Set FEATURE_SECURE_PROCESSING for DocumentBuilderFactory #103
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# This file is part of veraPDF PDF/A Validation Library, a module of the veraPDF project. | |
# Copyright (c) 2015-2024, veraPDF Consortium <[email protected]> | |
# All rights reserved. | |
# | |
# veraPDF PDF/A Validation Library is free software: you can redistribute it and/or modify | |
# it under the terms of either: | |
# | |
# The GNU General public license GPLv3+. | |
# You should have received a copy of the GNU General Public License | |
# along with veraPDF PDF/A Validation Library as the LICENSE.GPL file in the root of the source | |
# tree. If not, see http://www.gnu.org/licenses/ or | |
# https://www.gnu.org/licenses/gpl-3.0.en.html. | |
# | |
# The Mozilla Public License MPLv2+. | |
# You should have received a copy of the Mozilla Public License along with | |
# veraPDF PDF/A Validation Library as the LICENSE.MPL file in the root of the source tree. | |
# If a copy of the MPL was not distributed with this file, you can obtain one at | |
# http://mozilla.org/MPL/2.0/. | |
# | |
name: Update arlington branch | |
on: | |
push: | |
branches: | |
- integration | |
paths-ignore: | |
- 'core/src/main/resources/org/verapdf/pdfa/validation/PDFA-1A.xml' | |
- 'core/src/main/resources/org/verapdf/pdfa/validation/PDFA-1B.xml' | |
- 'core/src/main/resources/org/verapdf/pdfa/validation/PDFA-2A.xml' | |
- 'core/src/main/resources/org/verapdf/pdfa/validation/PDFA-2B.xml' | |
- 'core/src/main/resources/org/verapdf/pdfa/validation/PDFA-2U.xml' | |
- 'core/src/main/resources/org/verapdf/pdfa/validation/PDFA-3A.xml' | |
- 'core/src/main/resources/org/verapdf/pdfa/validation/PDFA-3B.xml' | |
- 'core/src/main/resources/org/verapdf/pdfa/validation/PDFA-3U.xml' | |
- 'core/src/main/resources/org/verapdf/pdfa/validation/PDFA-4.xml' | |
- 'core/src/main/resources/org/verapdf/pdfa/validation/PDFA-4E.xml' | |
- 'core/src/main/resources/org/verapdf/pdfa/validation/PDFA-4F.xml' | |
- 'core/src/main/resources/org/verapdf/pdfa/validation/PDFUA-1.xml' | |
- 'core/src/main/resources/org/verapdf/pdfa/validation/PDFUA-2-ISO32005.xml' | |
- 'core/src/main/resources/org/verapdf/pdfa/validation/WTPDF-1-0-Accessibility.xml' | |
- 'core/src/main/resources/org/verapdf/pdfa/validation/WTPDF-1-0-Reuse.xml' | |
jobs: | |
checkout-and-build: | |
if: github.repository == 'veraPDF/veraPDF-library' | |
runs-on: ubuntu-latest | |
strategy: | |
fail-fast: false | |
matrix: | |
java-version: [11, 17, 21] | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
ref: integration | |
- name: JDK setup | |
uses: actions/setup-java@v4 | |
continue-on-error: true | |
with: | |
java-version: ${{ matrix.java-version }} | |
distribution: 'temurin' | |
cache: maven | |
- name: Fetch arlington branch and checkout | |
run: | | |
git fetch origin arlington:arlington | |
git checkout -b test-branch arlington | |
- name: Configure user name | |
run: | | |
git config user.name "Git User" | |
git config user.email "[email protected]" | |
- name: Add commit to the test branch | |
run: git cherry-pick -m 1 ${{ github.event.before }}..${{ github.event.after }} --empty=drop | |
- name: Build project with Maven | |
if: success() | |
run: mvn --batch-mode --update-snapshots verify | |
merge: | |
runs-on: ubuntu-latest | |
needs: checkout-and-build | |
steps: | |
- name: Checkout code | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
ref: integration | |
- name: Generate new branch name | |
id: new-branch-name | |
run: echo "branch_name=new-branch-$(date +%s)" >> "$GITHUB_OUTPUT" | |
- name: Fetch arlington branch and checkout | |
run: | | |
git fetch origin arlington:arlington | |
git checkout -b ${{ steps.new-branch-name.outputs.branch_name }} arlington | |
- name: Configure user name | |
run: | | |
git config user.name "Git User" | |
git config user.email "[email protected]" | |
- name: Add commit to new branch | |
run: git cherry-pick -m 1 ${{ github.event.before }}..${{ github.event.after }} --empty=drop | |
- name: Merge branch into arlington | |
if: success() | |
run: | | |
git push origin ${{ steps.new-branch-name.outputs.branch_name }} | |
git checkout arlington | |
git merge ${{ steps.new-branch-name.outputs.branch_name }} | |
git push origin arlington | |
- name: Delete new branch | |
run: git push origin --delete ${{ steps.new-branch-name.outputs.branch_name }} | |
send-notification: | |
runs-on: ubuntu-latest | |
needs: [checkout-and-build, merge] | |
if: | | |
always() && | |
github.repository == 'veraPDF/veraPDF-library' && | |
(contains(needs.*.result, 'failure') || | |
contains(needs.*.result, 'skipped') || | |
contains(needs.*.result, 'cancelled')) | |
steps: | |
- name: Send notification if build or merge failed | |
env: | |
SLACK_BOT_TOKEN: ${{ secrets.SLACK_NOTIFICATIONS_BOT_TOKEN }} | |
uses: voxmedia/github-action-slack-notify-build@v1 | |
with: | |
channel_id: C03E3JJGLQL | |
status: FAILED | |
color: danger |