build(deps): bump the github-actions-all group across 1 directory wit…

…h 4 updates (#680) * build(deps): bump the github-actions-all group across 1 directory with 4 updates Bumps the github-actions-all group with 4 updates in the / directory: [schubergphilis/mcvs-docker-action](https://github.com/schubergphilis/mcvs-docker-action), [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action), [codecov/codecov-action](https://github.com/codecov/codecov-action) and [schubergphilis/mcvs-golang-action](https://github.com/schubergphilis/mcvs-golang-action). Updates `schubergphilis/mcvs-docker-action` from 0.6.0 to 0.6.1 - [Release notes](https://github.com/schubergphilis/mcvs-docker-action/releases) - [Commits](schubergphilis/mcvs-docker-action@v0.6.0...v0.6.1) Updates `docker/setup-buildx-action` from 3.7.1 to 3.8.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@v3.7.1...v3.8.0) Updates `codecov/codecov-action` from 5.1.1 to 5.1.2 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@v5.1.1...v5.1.2) Updates `schubergphilis/mcvs-golang-action` from 0.15.3 to 0.15.4 - [Release notes](https://github.com/schubergphilis/mcvs-golang-action/releases) - [Commits](schubergphilis/mcvs-golang-action@v0.15.3...v0.15.4) --- updated-dependencies: - dependency-name: schubergphilis/mcvs-docker-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-all - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-all - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-all - dependency-name: schubergphilis/mcvs-golang-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-all ... Signed-off-by: dependabot[bot] <[email protected]> * fix: high vulnerability in golang.org/x/net by updating it from v0.25.0 to 0.33.0 * fix: GCI in upload.go * fix: Lint maintidx and gocognit in upload.go --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: 030 <[email protected]>
030 · Dec 28, 2024 · ea4ffef · ea4ffef
1 parent 7397978
commit ea4ffef
Show file tree

Hide file tree

Showing 8 changed files with 22 additions and 14 deletions.
diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-20.04
     steps:
       - uses: actions/[email protected]
-      - uses: schubergphilis/[email protected].0
+      - uses: schubergphilis/[email protected].1
         with:
           dockle-accept-key: libcrypto3,libssl3
           token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/dockerhub.yml b/.github/workflows/dockerhub.yml
@@ -11,7 +11,7 @@ jobs:
       - name: Set up QEMU
         uses: docker/[email protected]
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3.7.1
+        uses: docker/setup-buildx-action@v3.8.0
       - name: Login to DockerHub
         uses: docker/[email protected]
         with:

diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
@@ -31,7 +31,7 @@ jobs:
             grep -v internal/app/n3dr/n3drtest |\
             grep -v cmd/n3dr)
         if: ${{ startsWith(matrix.os, 'ubuntu') }}
-      - uses: codecov/[email protected].1
+      - uses: codecov/[email protected].2
         with:
           files: ./coverage.txt
           flags: unittests

diff --git a/.github/workflows/golang.yml b/.github/workflows/golang.yml
@@ -27,9 +27,9 @@ jobs:
       TASK_X_REMOTE_TASKFILES: 1
     steps:
       - uses: actions/[email protected]
-      - uses: schubergphilis/[email protected].3
+      - uses: schubergphilis/[email protected].4
         with:
-          code-coverage-expected: 38.4
+          code-coverage-expected: 37.5
           golang-unit-tests-exclusions: |-
             \(cmd\/n3dr\|internal\/app\/n3dr\/\(goswagger\|n3drtest\)\)
           testing-type: ${{ matrix.testing-type }}

diff --git a/.golangci.yml b/.golangci.yml
@@ -40,15 +40,21 @@ issues:
     - linters:
         - gocognit
       path: internal/app/n3dr/artifactsv2/upload/upload.go
-      text: "cognitive complexity 71"
+      text: >-
+        cognitive complexity 91 of func `\(\*Nexus3\).UploadSingleArtifact` is
+        high
     - linters:
         - gocognit
       path: internal/app/n3dr/artifactsv2/upload/upload.go
-      text: cognitive complexity 55 of func `UploadSingleArtifact` is high
+      text: >-
+        cognitive complexity 38 of func
+        `\(artifactFiles\).mavenJarAndOtherExtensions` is high
     - linters:
         - gocyclo
       path: internal/app/n3dr/artifactsv2/upload/upload.go
-      text: "cyclomatic complexity 38"
+      text: >-
+        cyclomatic complexity 46 of func `\(\*Nexus3\).UploadSingleArtifact`
+        is high
     - linters:
         - funlen
       path: internal/app/n3dr/artifactsv2/upload/upload.go
@@ -60,7 +66,9 @@ issues:
     - linters:
         - maintidx
       path: internal/app/n3dr/artifactsv2/upload/upload.go
-      text: "Cyclomatic Complexity: 38"
+      text: >-
+        Function name: UploadSingleArtifact, Cyclomatic Complexity: 46,
+        Halstead Volume: 7485.94, Maintainability Index: 14
 linters:
   enable-all: true
   disable:

diff --git a/go.mod b/go.mod
@@ -111,7 +111,7 @@ require (
 	go.uber.org/multierr v1.9.0 // indirect
 	go4.org v0.0.0-20230225012048-214862532bf5 // indirect
 	golang.org/x/crypto v0.31.0 // indirect
-	golang.org/x/net v0.25.0 // indirect
+	golang.org/x/net v0.33.0 // indirect
 	golang.org/x/sync v0.10.0 // indirect
 	golang.org/x/sys v0.28.0 // indirect
 	golang.org/x/text v0.21.0 // indirect

diff --git a/go.sum b/go.sum
@@ -395,8 +395,8 @@ golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwY
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
 golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
-golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac=
-golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
+golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
+golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=

diff --git a/internal/app/n3dr/artifactsv2/upload/upload.go b/internal/app/n3dr/artifactsv2/upload/upload.go
@@ -358,8 +358,8 @@ func (af artifactFiles) mavenJarAndOtherExtensions(c *components.UploadComponent
 		c.Maven2Asset11Extension = &ext11
 
 		log.WithFields(log.Fields{
-			"file":       c.Maven2Asset11.Name(),
-			"extension":  *c.Maven2Asset11Extension,
+			"file":      c.Maven2Asset11.Name(),
+			"extension": *c.Maven2Asset11Extension,
 		}).Trace("Maven2 asset11")
 	}