Merge branch 'spring_boot_332' into refactor_build

Sunbird-RC · Nov 8, 2024 · a9ddd71 · a9ddd71
2 parents cf3b1f1 + 12f6532
commit a9ddd71
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 4 deletions.
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -48,9 +48,10 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
+      uses: github/codeql-action/init@v3
       with:
         languages: ${{ matrix.language }}
+        config-file: .github/workflows/codeql-config.yml
         # If you wish to specify custom queries, you can do so here or in a config file.
         # By default, queries listed here will override any specified in a config file.
         # Prefix the list here with "+" to use these queries and those in the config file.
@@ -59,7 +60,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v2
+      uses: github/codeql-action/autobuild@v3
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -73,4 +74,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      uses: github/codeql-action/analyze@v3
diff --git a/.github/workflows/codeql-config.yml b/.github/workflows/codeql-config.yml
@@ -0,0 +1,6 @@
+queries:
+  - name: "security-extended"
+    from: github/codeql
+    exclude:
+      - java/URL-forward-from-remote-source
+      - java/Disabled-Spring-CSRF-protection
diff --git a/...re/authorization/src/main/java/dev/sunbirdrc/registry/authorization/SchemaAuthFilter.java b/...re/authorization/src/main/java/dev/sunbirdrc/registry/authorization/SchemaAuthFilter.java
@@ -15,7 +15,7 @@
 import java.util.HashSet;
 import java.util.List;
 import java.util.Set;
-
+@SuppressWarnings("java/URL-forward-from-remote-source")
 public class SchemaAuthFilter extends OncePerRequestFilter {
     private static final Logger logger = LoggerFactory.getLogger(SchemaAuthFilter.class);
     private static final String INVITE_URL_PATTERN = "/api/v1/([A-Za-z0-9_])+/invite(/)?";

diff --git a/...ware/authorization/src/main/java/dev/sunbirdrc/registry/authorization/SecurityConfig.java b/...ware/authorization/src/main/java/dev/sunbirdrc/registry/authorization/SecurityConfig.java
@@ -26,6 +26,7 @@
 @Configuration
 @EnableWebSecurity
 @ConditionalOnProperty(name = "authentication.enabled", havingValue = "true", matchIfMissing = false)
+@SuppressWarnings("java/Disabled-Spring-CSRF-protection")
 public class SecurityConfig {
 
     @Autowired