From ff2c5852c120581bf094f3d678ad2773a74f8176 Mon Sep 17 00:00:00 2001
From: Sven Meyer <s.v.meyer@online.de>
Date: Wed, 24 Jul 2024 15:16:33 +0200
Subject: [PATCH] Add components for deployment to Maven Central

---
 .github/workflows/deploy.yml | 29 ++++++++++++++
 .github/workflows/maven.yml  | 35 ----------------
 README.md                    | 14 +------
 SynchronizedPDS/pom.xml      |  2 +-
 WPDS/pom.xml                 |  2 +-
 boomerangScope-WALA/pom.xml  |  3 +-
 pom.xml                      | 77 +++++++++++++++++++++++++++---------
 7 files changed, 93 insertions(+), 69 deletions(-)
 create mode 100644 .github/workflows/deploy.yml

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
new file mode 100644
index 00000000..4050e6cf
--- /dev/null
+++ b/.github/workflows/deploy.yml
@@ -0,0 +1,29 @@
+name: Deploy Sparse SPDS
+
+on: [workflow_dispatch]
+
+jobs:
+  deployment:
+    runs-on: ubuntu-latest
+    name: Sparse SPDS deployment 
+    steps:
+      - name: Checkout source code
+        uses: actions/checkout@v3
+      # Sets up Java version
+      - name: Set up Java
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'adopt'
+          java-package: 'jdk'
+          java-version: '8'
+          server-id: 'ossrh' # must match the serverId configured for the nexus-staging-maven-plugin
+          server-username: OSSRH_USERNAME # Env var that holds your OSSRH user name
+          server-password: OSSRH_PASSWORD # Env var that holds your OSSRH user pw
+          gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} # Substituted with the value stored in the referenced secret
+          gpg-passphrase: SIGN_KEY_PASS # Env var that holds the key's passphrase
+      - name: Deploy SPDS
+        run: mvn -B -U clean deploy -Pdeployment -DskipTests
+        env:
+          SIGN_KEY_PASS: ${{ secrets.GPG_PRIVATE_KEY_PASSPHRASE }}
+          OSSRH_USERNAME: ${{ secrets.SONATYPE_USER }}
+          OSSRH_PASSWORD: ${{ secrets.SONATYPE_PW }}
diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index 6eb9f194..9571eba9 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -15,38 +15,3 @@ jobs:
         java-version: 1.8
     - name: Build with Maven
       run: mvn -B verify --file pom.xml -P ci
-
-
-  Release:
-    name: Release
-    if: github.ref == 'refs/heads/master'
-    runs-on: ubuntu-latest
-    needs: [BuildAndTest]
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-      - name: Set up JDK 1.8
-        uses: actions/setup-java@v1
-        with:
-          java-version: 1.8
-      - name: Release
-        uses: qcastel/github-actions-maven-release@master
-        env:
-          GPG_TTY: "$(tty)"
-          JAVA_HOME: /usr/lib/jvm/java-1.8-openjdk/
-        with:
-          release-branch-name: "master"
-          
-          gpg-enabled: "true"
-          gpg-key-id: ${{ secrets.GPG_KEY_ID }}
-          gpg-key: ${{ secrets.GPG_KEY }}
-          
-          maven-repo-server-id: github
-          maven-repo-server-username: ${{ secrets.CI_USER }}
-          maven-repo-server-password: ${{ secrets.CI_PACKAGES_TOKEN }}
-
-          git-release-bot-name:  ${{ secrets.CI_USER }}
-          git-release-bot-email: "admin@codeshield.de"
-
-          access-token: ${{ secrets.GITHUB_TOKEN }}
-          maven-args: "-DskipTests -P ci"
diff --git a/README.md b/README.md
index f8f5fcaa..a1b0e6eb 100644
--- a/README.md
+++ b/README.md
@@ -25,7 +25,7 @@ Additionally, it contains an implementation of [Boomerang](boomerangPDS) and [ID
 
 ## Use as Maven dependency
 
-All projects inside this repository are pushed to GitHub's Maven repository for every release.
+The projects are released on [Maven Central](https://central.sonatype.com/artifact/de.fraunhofer.iem/SPDS) and can be included as a dependency in `.pom` files:
 
 To include a dependency from this repository to your poject, you first have to add the repository to your pom file:
 
@@ -34,22 +34,12 @@ To include a dependency from this repository to your poject, you first have to a
 <dependencies>
   <dependency>
     <groupId>de.fraunhofer.iem</groupId>
-    <artifactId>WPDS</artifactId>
+    <artifactId>SPDS</artifactId>
     <version>3.1.2-Sparse</version>
   </dependency>
 </dependencies>
-<repositories>
-  <repository>
-      <id>github</id>
-      <url>https://maven.pkg.github.com/CodeShield-Security/SPDS/</url>
-  </repository>
-</repositories>	
 ```
 
-To access the GitHub packages repository, you also need to set up GitHub credentials in your Maven's `settings.xml` file. Therefore, you need to add a `server` block with the id `github`, your username and an access token that has `package:read` rights to your `setting.xml`.
-An in-depth documentation on how to do this can be found [here](https://docs.github.com/en/packages/using-github-packages-with-your-projects-ecosystem/configuring-apache-maven-for-use-with-github-packages#authenticating-to-github-packages). 
-
-
 ## Checkout, Build and Install
 
 To build and install SPDS into your local repository, run 
diff --git a/SynchronizedPDS/pom.xml b/SynchronizedPDS/pom.xml
index 4368a1d4..d5b0a5fe 100644
--- a/SynchronizedPDS/pom.xml
+++ b/SynchronizedPDS/pom.xml
@@ -30,7 +30,7 @@
         </dependency>
         <dependency>
             <groupId>de.fraunhofer.iem</groupId>
-            <artifactId>PathExpression</artifactId>
+            <artifactId>pathexpression</artifactId>
         </dependency>
         <dependency>
             <groupId>junit</groupId>
diff --git a/WPDS/pom.xml b/WPDS/pom.xml
index e7240ba4..c37a3b57 100644
--- a/WPDS/pom.xml
+++ b/WPDS/pom.xml
@@ -18,7 +18,7 @@
         </dependency>
         <dependency>
             <groupId>de.fraunhofer.iem</groupId>
-            <artifactId>PathExpression</artifactId>
+            <artifactId>pathexpression</artifactId>
         </dependency>
         <dependency>
             <groupId>org.slf4j</groupId>
diff --git a/boomerangScope-WALA/pom.xml b/boomerangScope-WALA/pom.xml
index dc2c1e47..bfe1e616 100644
--- a/boomerangScope-WALA/pom.xml
+++ b/boomerangScope-WALA/pom.xml
@@ -6,7 +6,6 @@
         <relativePath>../pom.xml</relativePath>
     </parent>
     <modelVersion>4.0.0</modelVersion>
-  <groupId>de.codeshield</groupId>
     <artifactId>boomerangScope-WALA</artifactId>
 
     <properties>
@@ -56,4 +55,4 @@
             <version>${wala.version}</version>
         </dependency>
     </dependencies>
-</project>
\ No newline at end of file
+</project>
diff --git a/pom.xml b/pom.xml
index fbe11b65..68970b10 100644
--- a/pom.xml
+++ b/pom.xml
@@ -6,6 +6,8 @@
     <version>3.1.2-Sparse</version>
     <packaging>pom</packaging>
     <name>SPDS</name>
+    <description>Sparsified Synchronized Pushdown Systems for Pointer and Data-Flow Analysis</description>
+    <url>https://github.com/secure-software-engineering/SparseBoomerang</url>
 
     <licenses>
         <license>
@@ -166,8 +168,8 @@
             </dependency>
             <dependency>
                 <groupId>de.fraunhofer.iem</groupId>
-                <artifactId>PathExpression</artifactId>
-                <version>1.0.0</version>
+                <artifactId>pathexpression</artifactId>
+                <version>1.0.2</version>
             </dependency>
             <dependency>
                 <groupId>org.soot-oss</groupId>
@@ -208,27 +210,66 @@
     </dependencyManagement>
 
     <distributionManagement>
+        <snapshotRepository>
+            <id>ossrh</id>
+            <url>https://s01.oss.sonatype.org/content/repositories/snapshots/</url>
+        </snapshotRepository>
         <repository>
-            <id>github</id>
-            <name>GitHub CodeShield-Security Apache Maven Packages</name>
-            <url>https://maven.pkg.github.com/CodeShield-Security/SPDS/</url>
+            <id>ossrh</id>
+            <url>https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/</url>
         </repository>
     </distributionManagement>
 
-    <repositories>
-        <repository>
-            <id>sonatype-snapshots</id>
-            <url>https://oss.sonatype.org/content/repositories/snapshots</url>
-            <releases>
-                <enabled>false</enabled>
-            </releases>
-        </repository>
-        <repository>
-            <id>swt</id>
-            <url>https://soot-build.cs.uni-paderborn.de/nexus/repository/swt-upb/</url>
-        </repository>
-    </repositories>
     <profiles>
+        <!-- This profile is used to avoid running the deployment in non-deployment
+            contexts because they require specific keys from the Github remote. Include
+            this profile by setting the -Pdeployment flag. -->
+        <profile>
+            <id>deployment</id>
+            <build>
+                <plugins>
+                    <plugin>
+                        <groupId>org.apache.maven.plugins</groupId>
+                        <artifactId>maven-gpg-plugin</artifactId>
+                        <version>3.0.1</version>
+                        <executions>
+                            <execution>
+                                <id>sign-artifacts</id>
+                                <phase>verify</phase>
+                                <goals>
+                                    <goal>sign</goal>
+                                </goals>
+                                <configuration>
+                                    <gpgArguments>
+                                        <arg>--pinentry-mode</arg>
+                                        <arg>loopback</arg>
+                                    </gpgArguments>
+                                </configuration>
+                            </execution>
+                        </executions>
+                    </plugin>
+                    <plugin>
+                        <artifactId>maven-release-plugin</artifactId>
+                        <version>3.0.1</version>
+                        <configuration>
+                            <tagNameFormat>@{project.version}</tagNameFormat>
+                        </configuration>
+                    </plugin>
+                    <plugin>
+                        <groupId>org.sonatype.plugins</groupId>
+                        <artifactId>nexus-staging-maven-plugin</artifactId>
+                        <version>1.6.13</version>
+                        <extensions>true</extensions>
+                        <configuration>
+                            <serverId>ossrh</serverId>
+                            <nexusUrl>https://s01.oss.sonatype.org</nexusUrl>
+                            <autoReleaseAfterClose>true</autoReleaseAfterClose>
+                        </configuration>
+                    </plugin>
+                </plugins>
+            </build>
+        </profile>
+        
         <profile>
             <id>ci</id>
             <build>