diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md
new file mode 100644
index 0000000..8d96f1a
--- /dev/null
+++ b/.github/CONTRIBUTING.md
@@ -0,0 +1,23 @@
+## How to contribute to Dockstore
+
+#### **Did you find a bug?**
+
+* **Ensure the bug was not already reported** by searching on GitHub under [Issues](https://github.com/dockstore/dockstore/issues).
+
+* If you're unable to find an open issue addressing the problem, [open a new one](https://github.com/dockstore/dockstore/issues/new). Be sure to include a **title and clear description**, as much relevant information as possible, and a **code sample** or an **executable test case** demonstrating the expected behavior that is not occurring.
+
+#### **Did you write a patch that fixes a bug?**
+
+* Open a new GitHub pull request with the patch.
+
+* Ensure the PR description clearly describes the problem and solution. Include the relevant issue number if applicable.
+
+* Before submitting, please read ensure that your code passes the style guide and tests. See the GitHub status checks on your PR for more details. Note that until we resolve [this](https://github.com/dockstore/dockstore/issues/3541) issue, a large number of integration tests will fail.
+
+#### **Do you intend to add a new feature or change an existing one?**
+
+* Suggest your change as a [github issue](https://github.com/dockstore/dockstore/issues) either by creating a new issue or commenting on an existing one and start writing code. The relevant repositories are nested under our [organization](https://github.com/dockstore) including the webservice (dockstore), the user interface (dockstore-ui2), the command-line interface (dockstore-cli), and many more.
+
+#### **Do you want to contribute to the Dockstore documentation?**
+
+* Most of our documentation is generated from [dockstore-documentation](https://github.com/dockstore/dockstore-documentation).
diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md
new file mode 100644
index 0000000..12e4d90
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/bug_report.md
@@ -0,0 +1,40 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: ''
+labels: 'bug'
+assignees: ''
+
+---
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+Steps to reproduce the behavior:
+1. Go to '...'
+2. Click on '....'
+3. Scroll down to '....'
+4. See error
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Screenshots**
+If applicable, add screenshots to help explain your problem.
+
+**Desktop (please complete the following information):**
+ - OS: [e.g. iOS]
+ - Browser [e.g. chrome, safari]
+ - Version [e.g. 22]
+
+**Smartphone (please complete the following information):**
+ - Device: [e.g. iPhone6]
+ - OS: [e.g. iOS8.1]
+ - Browser [e.g. stock browser, safari]
+ - Version [e.g. 22]
+
+**Additional context**
+ - UI version: [e.g. 2.5.0]
+ - Webservice version: [e.g. 1.8.0]
+ - host location: [e.g. staging.dockstore.org]
diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
new file mode 100644
index 0000000..ff78c3c
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -0,0 +1,8 @@
+blank_issues_enabled: false
+contact_links:
+ - name: Dockstore Community Forum
+ url: https://discuss.dockstore.org/c/dockstore-arch/7
+ about: Please ask and answer questions here.
+ - name: Dockstore Security and Internal Issues
+ url: https://ucsc-cgl.atlassian.net/browse/DOCK
+ about: Please report security vulnerabilities here.
diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md
new file mode 100644
index 0000000..36014cd
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/feature_request.md
@@ -0,0 +1,20 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+title: ''
+labels: 'enhancement'
+assignees: ''
+
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.
diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md
new file mode 100644
index 0000000..333f463
--- /dev/null
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -0,0 +1,33 @@
+**Description**
+A description of the PR, should include a decent explanation as to why this change was needed and a decent explanation as to what this change does
+
+**Review Instructions**
+Describe if this ticket needs review and if so, how one may go about it in qa and/or staging environments.
+For example, a ticket based on Security Hub, Snyk, or Dependabot may not need review since those services
+will generate new warnings if the issue has not been resolved properly. On the other hand, an infrastructure
+ticket that results in visible changes to the end-user will definitely require review.
+Many tickets will likely be between these two extremes, so some judgement may be required.
+
+**Issue**
+A link to a github issue or SEAB- ticket (using that as a prefix)
+
+**Security and Privacy**
+
+If there are any concerns that require extra attention from the security team, highlight them here.
+
+e.g. Does this change...
+* Any user data we collect, or data location?
+* Access control, authentication or authorization?
+* Encryption features?
+
+Please make sure that you've checked the following before submitting your pull request. Thanks!
+
+- [ ] Check that you pass the basic style checks and unit tests by running `mvn clean install`
+- [ ] Ensure that the PR targets the correct branch. Check the milestone or fix version of the ticket.
+- [ ] Follow the existing JPA patterns for queries, using named parameters, to avoid SQL injection
+- [ ] If you are changing dependencies, check the Snyk status check or the dashboard to ensure you are not introducing new high/critical vulnerabilities
+- [ ] Assume that inputs to the API can be malicious, and sanitize and/or check for Denial of Service type values, e.g., massive sizes
+- [ ] Do not serve user-uploaded binary images through the Dockstore API
+- [ ] Ensure that endpoints that only allow privileged access enforce that with the `@RolesAllowed` annotation
+- [ ] Do not create cookies, although this may change in the future
+- [ ] If this PR is for a user-facing feature, create and link a documentation ticket for this feature (usually in the same milestone as the linked issue). Style points if you create a documentation PR directly and link that instead.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..1ab74c5
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,39 @@
+version: 2
+updates:
+
+ # Maintain dependencies for GitHub Actions, path is indeed "/" https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot#enabling-dependabot-version-updates-for-actions
+ - package-ecosystem: "github-actions"
+ directory: "/"
+ schedule:
+ interval: "daily"
+ reviewers:
+ - "dockstore/dockstore"
+
+ # Maintain dependencies for Maven
+ - package-ecosystem: "maven"
+ directory: "/"
+ schedule:
+ interval: "daily"
+ # start with security updates only https://stackoverflow.com/a/68254421
+ open-pull-requests-limit: 0
+ reviewers:
+ - "dockstore/dockstore"
+
+ # Maintain dependencies for Dockerfile
+ - package-ecosystem: "docker"
+ directory: "/"
+ schedule:
+ interval: "daily"
+ # start with security updates only https://stackoverflow.com/a/68254421
+ open-pull-requests-limit: 0
+ reviewers:
+ - "dockstore/dockstore"
+
+ # Maintain dependencies for swagger-ui and cwltool
+ - package-ecosystem: "pip"
+ directory: "/"
+ schedule:
+ interval: "daily"
+ # start with security updates only https://stackoverflow.com/a/68254421
+ reviewers:
+ - "dockstore/dockstore"
diff --git a/.github/workflows/.mvnw.yml.swp b/.github/workflows/.mvnw.yml.swp
new file mode 100644
index 0000000..a9db9f5
Binary files /dev/null and b/.github/workflows/.mvnw.yml.swp differ
diff --git a/.github/workflows/mvnw.yml b/.github/workflows/mvnw.yml
new file mode 100644
index 0000000..f265781
--- /dev/null
+++ b/.github/workflows/mvnw.yml
@@ -0,0 +1,37 @@
+name: Regular dockstore-style build
+
+on: [push]
+
+jobs:
+ build:
+ runs-on: ubuntu-latest
+ strategy:
+ fail-fast: false
+ matrix:
+ java: [ '17.0.4+8' ]
+
+ steps:
+ - uses: actions/checkout@v4
+ - name: Set up JDK
+ uses: actions/setup-java@v3
+ with:
+ java-version: ${{ matrix.java }}
+ distribution: 'adopt'
+
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init@v2
+ with:
+ languages: java
+
+ # Step that does that actual cache save and restore
+ - uses: actions/cache@v3
+ with:
+ path: ~/.m2/repository
+ key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
+ restore-keys: |
+ ${{ runner.os }}-maven-
+ - name: Build with mvnw
+ run: ./mvnw clean install
+
+ - name: Perform CodeQL Analysis
+ uses: github/codeql-action/analyze@v2
diff --git a/pom.xml b/pom.xml
index f4fb954..273517c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -15,7 +15,7 @@
Apache License, Version 2.0
- http://www.apache.org/licenses/LICENSE-2.0
+ https://www.apache.org/licenses/LICENSE-2.0
@@ -28,7 +28,7 @@
UTF-8
UTF-8
- 1.14.0-alpha.9
+ 1.14.3
1.5.9
3.6.2
2.13.5
@@ -55,11 +55,20 @@
HEAD
+
+
+ artifacts.oicr.on.ca
+ artifacts.oicr.on.ca
+ https://artifacts.oicr.on.ca/artifactory/collab-release
+
+
+
+
artifacts.oicr.on.ca
artifacts.oicr.on.ca-releases
- http://artifacts.oicr.on.ca/artifactory/collab-release
+ https://artifacts.oicr.on.ca/artifactory/collab-release
false