Merge branch 'develop' into maven-upload-fix

Author: KirylKovaliov

.github/workflows/sast.yaml

@@ -0,0 +1,59 @@
+name: Semgrep SAST
+
+on:
+  pull_request:
+    branches:
+      - develop
+      - test
+      - staging
+      - production
+      - stable
+      - main
+      - master
+
+env:
+  # Fail workflow or not if vulnerabilities found
+  FAIL_ON_VULNERABILITIES: true
+  # List of paths (space separated) to ignore
+  # Supports PATTERNS
+  # EXCLUDE_PATHS: 'foo bar/baz file.txt dir/*.yml'
+  EXCLUDE_PATHS: ''
+  # List of rules (space separated) to ignore
+  # EXCLUDE_RULES: 'generic.secrets.security.detected-aws-account-id.detected-aws-account-id'
+  # See https://github.com/semgrep/semgrep-rules for rules registry
+  EXCLUDE_RULES: ''
+
+jobs:
+  semgrep:
+    name: semgrep-oss/scan
+    runs-on: ubuntu-latest
+    container:
+      image: semgrep/semgrep
+    steps:
+      - uses: actions/checkout@v4
+      - name: Scan
+        shell: bash
+        run: |
+          EXCLUDED_PATHS=()
+          if [[ ! -z $EXCLUDE_PATHS ]]; then
+            for path in $EXCLUDE_PATHS; do
+              EXCLUDED_PATHS+=("--exclude $path")
+            done
+          fi
+
+          EXCLUDED_RULES=()
+          if [[ ! -z $EXCLUDE_RULES ]]; then
+            for rule in $EXCLUDE_RULES; do
+              EXCLUDED_RULES+=("--exclude-rule $rule")
+            done
+          fi
+
+          if [[ $FAIL_ON_VULNERABILITIES == "true" ]]; then
+            semgrep scan --config auto ${EXCLUDED_PATHS[@]} ${EXCLUDED_RULES[@]} --error --verbose
+          elif [[ $FAIL_ON_VULNERABILITIES == "false" ]]; then
+            semgrep scan --config auto ${EXCLUDED_PATHS[@]} ${EXCLUDED_RULES[@]} --error --verbose || true
+          else
+            echo "Bad FAIL_ON_VULNERABILITIES env var value"
+            exit 1
+          fi
+

client/build.gradle.kts

@@ -5,8 +5,8 @@ plugins {
 }
 
 java {
-    sourceCompatibility = JavaVersion.VERSION_11
-    targetCompatibility = JavaVersion.VERSION_11
+    sourceCompatibility = JavaVersion.VERSION_1_8
+    targetCompatibility = JavaVersion.VERSION_1_8
     withSourcesJar()
 }
 

client/src/main/generated/com/regula/documentreader/webclient/model/ExtendedRfidTextField.java

@@ -121,7 +121,7 @@ public ExtendedRfidTextField withBufText(String bufText) {
 
   /**
    * Text field data in UTF8 format. Results of reading different lines of a multiline field are
-   * separated by “^”
+   * separated by \"^\"
    *
    * @return bufText
    */

client/src/main/generated/com/regula/documentreader/webclient/model/ExtendedTextField.java

@@ -111,7 +111,7 @@ public ExtendedTextField withBufText(String bufText) {
 
   /**
    * Text field data in UTF8 format. Results of reading different lines of a multiline field are
-   * separated by “^”
+   * separated by \"^\"
    *
    * @return bufText
    */

client/src/main/generated/com/regula/documentreader/webclient/model/ExtendedVisualTextField.java

@@ -116,7 +116,7 @@ public ExtendedVisualTextField withBufText(String bufText) {
 
   /**
    * Text field data in UTF8 format. Results of reading different lines of a multiline field are
-   * separated by “^”
+   * separated by \"^\"
    *
    * @return bufText
    */

client/src/main/generated/com/regula/documentreader/webclient/model/SecurityFeatureType.java

@@ -161,9 +161,9 @@ public class SecurityFeatureType {
   /** Image from barcode vs. photo from camera */
   public static final int PORTRAIT_COMPARISON_BARCODE_VS_CAMERA = 49;
 
-  /** Digital signature сheck */
+  /** Digital signature check */
   public static final int CHECK_DIGITAL_SIGNATURE = 50;
 
-  /** Contact сhip check */
+  /** Contact chip check */
   public static final int CONTACT_CHIP_CLASSIFICATION = 51;
 }