Merge pull request #1149 from eclipse-tractusx/merge/v2.3.0-RC2

build(2.3.0-rc2): bump version and update docs

.github/workflows/trivy-main.yml

@@ -63,6 +63,9 @@ jobs:
           vuln-type: "os,library"
           skip-files: "/src/portalbackend/PortalBackend.Migrations/Seeder/Data/documents.consortia.json"
           timeout: "3600s"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1
@@ -95,6 +98,10 @@ jobs:
           format: "sarif"
           output: "trivy-results3.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -127,6 +134,10 @@ jobs:
           format: "sarif"
           output: "trivy-results4.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -159,6 +170,10 @@ jobs:
           format: "sarif"
           output: "trivy-results5.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -191,6 +206,10 @@ jobs:
           format: "sarif"
           output: "trivy-results6.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -223,6 +242,10 @@ jobs:
           format: "sarif"
           output: "trivy-results7.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -255,6 +278,10 @@ jobs:
           format: "sarif"
           output: "trivy-results8.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -287,6 +314,10 @@ jobs:
           format: "sarif"
           output: "trivy-results9.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -319,6 +350,10 @@ jobs:
           format: "sarif"
           output: "trivy-results10.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -351,7 +386,10 @@ jobs:
           format: "sarif"
           output: "trivy-results11.sarif"
           vuln-type: "os,library"
-
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
         uses: github/codeql-action/upload-sarif@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1
@@ -383,6 +421,10 @@ jobs:
           format: "sarif"
           output: "trivy-results12.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()

.github/workflows/trivy.yml

@@ -63,6 +63,9 @@ jobs:
           vuln-type: "os,library"
           skip-files: "/src/portalbackend/PortalBackend.Migrations/Seeder/Data/documents.consortia.json"
           timeout: "3600s"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1
@@ -95,6 +98,10 @@ jobs:
           format: "sarif"
           output: "trivy-results3.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -127,6 +134,10 @@ jobs:
           format: "sarif"
           output: "trivy-results4.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -159,6 +170,10 @@ jobs:
           format: "sarif"
           output: "trivy-results5.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -191,6 +206,10 @@ jobs:
           format: "sarif"
           output: "trivy-results6.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -223,6 +242,10 @@ jobs:
           format: "sarif"
           output: "trivy-results7.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -255,6 +278,10 @@ jobs:
           format: "sarif"
           output: "trivy-results8.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -287,6 +314,10 @@ jobs:
           format: "sarif"
           output: "trivy-results9.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -319,6 +350,10 @@ jobs:
           format: "sarif"
           output: "trivy-results10.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -351,6 +386,10 @@ jobs:
           format: "sarif"
           output: "trivy-results11.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
@@ -383,6 +422,10 @@ jobs:
           format: "sarif"
           output: "trivy-results12.sarif"
           vuln-type: "os,library"
+          severity: "CRITICAL,HIGH" # While vulnerabilities of all severities are reported in the SARIF output, the exit code and workflow failure are triggered only by these specified severities (CRITICAL or HIGH).
+          hide-progress: false
+          exit-code: "1" # Trivy exits with code 1 if vulnerabilities are found, causing the workflow step to fail.
+          limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()

.tractusx

@@ -19,8 +19,8 @@
 
 leadingRepository: "https://github.com/eclipse-tractusx/portal"
 openApiSpecs:
-- "https://raw.githubusercontent.com/eclipse-tractusx/portal-backend/refs/tags/v2.3.0-RC1/docs/api/administration-service.yaml"
-- "https://raw.githubusercontent.com/eclipse-tractusx/portal-backend/refs/tags/v2.3.0-RC1/docs/api/apps-service.yaml"
-- "https://raw.githubusercontent.com/eclipse-tractusx/portal-backend/refs/tags/v2.3.0-RC1/docs/api/notifications-service.yaml"
-- "https://raw.githubusercontent.com/eclipse-tractusx/portal-backend/refs/tags/v2.3.0-RC1/docs/api/registration-service.yaml"
-- "https://raw.githubusercontent.com/eclipse-tractusx/portal-backend/refs/tags/v2.3.0-RC1/docs/api/services-service.yaml"
+- "https://raw.githubusercontent.com/eclipse-tractusx/portal-backend/refs/tags/v2.3.0-RC2/docs/api/administration-service.yaml"
+- "https://raw.githubusercontent.com/eclipse-tractusx/portal-backend/refs/tags/v2.3.0-RC2/docs/api/apps-service.yaml"
+- "https://raw.githubusercontent.com/eclipse-tractusx/portal-backend/refs/tags/v2.3.0-RC2/docs/api/notifications-service.yaml"
+- "https://raw.githubusercontent.com/eclipse-tractusx/portal-backend/refs/tags/v2.3.0-RC2/docs/api/registration-service.yaml"
+- "https://raw.githubusercontent.com/eclipse-tractusx/portal-backend/refs/tags/v2.3.0-RC2/docs/api/services-service.yaml"

CHANGELOG.md

@@ -4,6 +4,19 @@ New features, fixed bugs, known defects and other noteworthy changes to each rel
 
 ## Unreleased
 
+## 2.3.0-RC2
+
+### Change
+
+* **Connectors**: enhanced PUT api/administration/Connectors/{connectorId}/connectorUrl endpoint logic [#1094](https://github.com/eclipse-tractusx/portal-backend/pull/1094)
+
+### Bugfixes
+
+* **Application Activation**
+  * fixed initial roles not being added to invited users [#1135](https://github.com/eclipse-tractusx/portal-backend/pull/1135)
+* **Registration**
+  * fixed company name change not reflecting consistently [#1010](https://github.com/eclipse-tractusx/portal-backend/pull/1010), [#1145](https://github.com/eclipse-tractusx/portal-backend/pull/1145), [#1147](https://github.com/eclipse-tractusx/portal-backend/pull/1147)
+
 ## 2.3.0-RC1
 
 ### Bugfixes

docs/api/administration-service.yaml

@@ -1,7 +1,7 @@
 openapi: 3.0.1
 info:
   title: Org.Eclipse.TractusX.Portal.Backend.Administration.Service
-  version: v2.3.0-RC1
+  version: v2.3.0-RC2
 paths:
   /api/administration/companydata/ownCompanyDetails:
     get:

docs/api/apps-service.yaml

@@ -1,7 +1,7 @@
 openapi: 3.0.1
 info:
   title: Org.Eclipse.TractusX.Portal.Backend.Apps.Service
-  version: v2.3.0-RC1
+  version: v2.3.0-RC2
 paths:
   '/api/apps/AppChange/{appId}/role/activeapp':
     post:

docs/api/notifications-service.yaml

@@ -1,7 +1,7 @@
 openapi: 3.0.1
 info:
   title: Org.Eclipse.TractusX.Portal.Backend.Notifications.Service
-  version: v2.3.0-RC1
+  version: v2.3.0-RC2
 paths:
   /api/notification/errormessage:
     get:

docs/api/registration-service.yaml

@@ -1,7 +1,7 @@
 openapi: 3.0.1
 info:
   title: Org.Eclipse.TractusX.Portal.Backend.Registration.Service
-  version: v2.3.0-RC1
+  version: v2.3.0-RC2
 paths:
   /api/registration/errormessage:
     get:

docs/api/services-service.yaml

@@ -1,7 +1,7 @@
 openapi: 3.0.1
 info:
   title: Org.Eclipse.TractusX.Portal.Backend.Services.Service
-  version: v2.3.0-RC1
+  version: v2.3.0-RC2
 paths:
   /api/services/errormessage:
     get:

src/Directory.Build.props

@@ -20,6 +20,6 @@
 <Project>
   <PropertyGroup>
     <VersionPrefix>2.3.0</VersionPrefix>
-    <VersionSuffix>RC1</VersionSuffix>
+    <VersionSuffix>RC2</VersionSuffix>
   </PropertyGroup>
 </Project>

src/Portal.Backend.sln

@@ -1678,6 +1678,8 @@ Global
 		{07BDC20D-23DD-4C0E-9C3D-B1D232AF17E3}.Release|x86.Build.0 = Release|Any CPU
 		{D666EADA-770A-42FF-B891-5745F7A6BC2F}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
 		{D666EADA-770A-42FF-B891-5745F7A6BC2F}.Debug|Any CPU.Build.0 = Debug|Any CPU
+		{D666EADA-770A-42FF-B891-5745F7A6BC2F}.Release|x86.ActiveCfg = Release|Any CPU
+		{D666EADA-770A-42FF-B891-5745F7A6BC2F}.Release|x86.Build.0 = Release|Any CPU
 		{D666EADA-770A-42FF-B891-5745F7A6BC2F}.Debug|x64.ActiveCfg = Debug|Any CPU
 		{D666EADA-770A-42FF-B891-5745F7A6BC2F}.Debug|x64.Build.0 = Debug|Any CPU
 		{D666EADA-770A-42FF-B891-5745F7A6BC2F}.Debug|x86.ActiveCfg = Debug|Any CPU
@@ -1686,8 +1688,6 @@ Global
 		{D666EADA-770A-42FF-B891-5745F7A6BC2F}.Release|Any CPU.Build.0 = Release|Any CPU
 		{D666EADA-770A-42FF-B891-5745F7A6BC2F}.Release|x64.ActiveCfg = Release|Any CPU
 		{D666EADA-770A-42FF-B891-5745F7A6BC2F}.Release|x64.Build.0 = Release|Any CPU
-		{D666EADA-770A-42FF-B891-5745F7A6BC2F}.Release|x86.ActiveCfg = Release|Any CPU
-		{D666EADA-770A-42FF-B891-5745F7A6BC2F}.Release|x86.Build.0 = Release|Any CPU
 		{59E4B63B-BEA2-4CDA-98F0-13962146AEA5}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
 		{59E4B63B-BEA2-4CDA-98F0-13962146AEA5}.Debug|Any CPU.Build.0 = Debug|Any CPU
 		{59E4B63B-BEA2-4CDA-98F0-13962146AEA5}.Debug|x64.ActiveCfg = Debug|Any CPU