diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 8144235..6104d7d 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -50,11 +50,6 @@ Build sources and javadoc mvn clean test jacoco:report package ``` -Generate signed artifacts locally -```shell -mvn verify -P release-sign-artifacts -DperformRelease=true -``` - ### Publish to Maven Central Deploy @@ -68,6 +63,12 @@ When first publishing to staging repos, you most close and release from OSS Sona - press the `release` button #### Artifacts upload + +- Generate signed artifacts locally + ```shell + mvn verify -P release-sign-artifacts -DperformRelease=true + ``` + - Upload change log ```shell gh release create v3.0.1 -F CHANGELOG.md @@ -77,6 +78,7 @@ When first publishing to staging repos, you most close and release from OSS Sona ```shell gh release upload target/*.jar.asc --clobber ``` + ### Publish to Github Packages _Note: This step can only be run by maintainers._ @@ -141,6 +143,7 @@ https://docs.github.com/en/packages/using-github-packages-with-your-projects-eco ### OpenSSF Security Scorecard - Get Analysis Result: https://api.securityscorecards.dev/#/results/getResult + - enter platform=github.com, org=cdimascio, repo=dotenv-java - Step Security - Secure Your Repo Analysis + auto PR - https://app.stepsecurity.io/securerepo - Step Security - For Repo - https://app.stepsecurity.io/github/cdimascio/actions/dashboard - +- OpenSSF Badget Analysis https://www.bestpractices.dev/en/projects/9407 diff --git a/README.md b/README.md index 70a0276..795025a 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # 🗝️ dotenv-java -![Build Status](https://github.com/cloudsimplus/cloudsimplus/actions/workflows/build.yml/badge.svg) [![Maven Central](https://img.shields.io/maven-central/v/io.github.cdimascio/dotenv-java.svg?label=Maven%20Central)](https://search.maven.org/artifact/io.github.cdimascio/dotenv-java) [![Codacy Badge](https://api.codacy.com/project/badge/Grade/66b8195f0da544f1ad9ed1352c0ea66f)](https://app.codacy.com/app/cdimascio/dotenv-java?utm_source=github.com&utm_medium=referral&utm_content=cdimascio/dotenv-java&utm_campaign=Badge_Grade_Dashboard) ![](https://img.shields.io/ossf-scorecard/github.com/cdimascio/dotenv-java?label=openssf%20scorecard&style=flat) [![](https://img.shields.io/gitter/room/cdimascio-oss/community?color=%23eb205a)](https://gitter.im/cdimascio-oss/community) [![All Contributors](https://img.shields.io/badge/all_contributors-6-orange.svg?style=flat-square)](#contributors-) [![](https://img.shields.io/badge/doc-javadoc-blue)](https://cdimascio.github.io/dotenv-java/docs/javadoc/index.html) ![](https://img.shields.io/badge/license-Apache%202.0-blue.svg) +![Build Status](https://github.com/cloudsimplus/cloudsimplus/actions/workflows/build.yml/badge.svg) [![Maven Central](https://img.shields.io/maven-central/v/io.github.cdimascio/dotenv-java.svg?label=Maven%20Central)](https://search.maven.org/artifact/io.github.cdimascio/dotenv-java) [![Codacy Badge](https://api.codacy.com/project/badge/Grade/66b8195f0da544f1ad9ed1352c0ea66f)](https://app.codacy.com/app/cdimascio/dotenv-java?utm_source=github.com&utm_medium=referral&utm_content=cdimascio/dotenv-java&utm_campaign=Badge_Grade_Dashboard) ![](https://img.shields.io/ossf-scorecard/github.com/cdimascio/dotenv-java?label=openssf%20scorecard&style=flat) [![OpenSSF Best Practices](https://www.bestpractices.dev/projects/9407/badge)](https://www.bestpractices.dev/projects/9407) [![](https://img.shields.io/gitter/room/cdimascio-oss/community?color=%23eb205a)](https://gitter.im/cdimascio-oss/community) [![All Contributors](https://img.shields.io/badge/all_contributors-6-orange.svg?style=flat-square)](#contributors-) [![](https://img.shields.io/badge/doc-javadoc-blue)](https://cdimascio.github.io/dotenv-java/docs/javadoc/index.html) ![](https://img.shields.io/badge/license-Apache%202.0-blue.svg) A no-dependency, pure Java port of the Ruby dotenv project. Load environment variables from a `.env` file.