{"id":18318542,"url":"https://github.com/maxmind/minfraud-api-java","last_synced_at":"2025-04-05T21:32:58.271Z","repository":{"id":33902195,"uuid":"37617447","full_name":"maxmind/minfraud-api-java","owner":"maxmind","description":"Java API for minFraud Score, Insights, and Factors","archived":false,"fork":false,"pushed_at":"2024-10-29T14:29:25.000Z","size":5563,"stargazers_count":19,"open_issues_count":0,"forks_count":8,"subscribers_count":16,"default_branch":"main","last_synced_at":"2024-10-29T17:24:46.760Z","etag":null,"topics":["maxmind","minfraud"],"latest_commit_sha":null,"homepage":"https://maxmind.github.io/minfraud-api-java","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":"mduvall/go-quip","license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/maxmind.png","metadata":{"files":{"readme":"README.dev.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2015-06-17T19:54:08.000Z","updated_at":"2024-10-29T14:29:28.000Z","dependencies_parsed_at":"2023-12-15T19:56:14.561Z","dependency_job_id":"e0bbe11d-0f69-4f4c-b5e7-b6b7e725acbe","html_url":"https://github.com/maxmind/minfraud-api-java","commit_stats":null,"previous_names":[],"tags_count":37,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maxmind%2Fminfraud-api-java","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maxmind%2Fminfraud-api-java/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maxmind%2Fminfraud-api-java/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/maxmind%2Fminfraud-api-java/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/maxmind","download_url":"https://codeload.github.com/maxmind/minfraud-api-java/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":223221259,"owners_count":17108514,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["maxmind","minfraud"],"created_at":"2024-11-05T18:09:57.952Z","updated_at":"2024-11-05T18:09:58.656Z","avatar_url":"https://github.com/maxmind.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Preparing your environment for a release\n\n- Ensure you have access to publish to the repository on\n [Sonatype](https://oss.sonatype.org).\n - See the section about Sonatype access.\n- You need a GPG secret key. You need to publish it as well.\n - See the section about setting up GPG.\n- Ensure the SSH key you use on GitHub.com is available.\n - e.g., `~/.ssh/id_rsa`.\n- Ensure an appropriate `~/.gitconfig` is set up.\n - The release process generates commits.\n- Ensure you have the necessary dependencies available:\n - e.g., `apt-get install maven openjdk-8-jdk git-core gpg`\n- Ensure [gh](https://github.com/cli/cli) is set up and in your\n `PATH`.\n - An easy way to do this is get a release tarball and run `./install`.\n\n## Setting up Sonatype access\n\nTo get this access, make an account on the [Sonatype JIRA issue\ntracker](https://issues.sonatype.org/) and make an issue asking for access\n[like so](https://issues.sonatype.org/browse/OSSRH-34414).\n\nEnsure you inform MaxMind operations about your new access.\n\nPut this information into `~/.m2/settings.xml` (Maven settings). Your\n`settings.xml` should look something like (replace USERNAME and SECRET):\n\n \u003csettings\u003e\n \u003cservers\u003e\n \u003cserver\u003e\n \u003cid\u003eossrh\u003c/id\u003e\n \u003cusername\u003eUSERNAME\u003c/username\u003e\n \u003cpassword\u003eSECRET\u003c/password\u003e\n \u003c/server\u003e\n \u003cserver\u003e\n \u003cid\u003esonatype-nexus-snapshots\u003c/id\u003e\n \u003cusername\u003eUSERNAME\u003c/username\u003e\n \u003cpassword\u003eSECRET\u003c/password\u003e\n \u003c/server\u003e\n \u003cserver\u003e\n \u003cid\u003esonatype-nexus-staging\u003c/id\u003e\n \u003cusername\u003eUSERNAME\u003c/username\u003e\n \u003cpassword\u003eSECRET\u003c/password\u003e\n \u003c/server\u003e\n \u003cserver\u003e\n \u003cid\u003egithub-project-site\u003c/id\u003e\n \u003cusername\u003egit\u003c/username\u003e\n \u003c/server\u003e\n \u003c/servers\u003e\n \u003cprofiles\u003e\n \u003cprofile\u003e\n \u003cid\u003emy_profile_id\u003c/id\u003e\n \u003cactivation\u003e\n \u003cactiveByDefault\u003etrue\u003c/activeByDefault\u003e\n \u003c/activation\u003e\n \u003cproperties\u003e\n \u003cgpg.keyname\u003e\u003c!-- The GPG ID of your publishing key --\u003e\u003c/gpg.keyname\u003e\n \u003c/properties\u003e\n \u003c/profile\u003e\n \u003c/profiles\u003e\n \u003c/settings\u003e\n\nSome links about Sonatype:\n\n* http://central.sonatype.org/pages/ossrh-guide.html\n* http://central.sonatype.org/pages/releasing-the-deployment.html\n* http://central.sonatype.org/pages/apache-maven.html\n\nSee the following documentation for details on specifying which gpg to use for\npublishing in your local settings.xml:\n\n* https://central.sonatype.org/publish/requirements/gpg/\n* https://maven.apache.org/plugins/maven-gpg-plugin/usage.html\n\n## Setting up GPG\n\nYou need a key. It is fine to create/use your own, but you'll probably want\none with your MaxMind email address.\n\nIf you need to generate a key: `gpg --gen-key`.\n\nIf you have one and need to export/import it:\n\n gpg --export-secret-keys --armor \u003e secretkey.gpg\n gpg --import secretkey.gpg\n gpg --edit-key \u003ckey ID\u003e\n\nand enter `trust` and choose ultimate.\n\nMake sure the key shows up in `gpg --list-secret-keys`.\n\nMake sure you publish it to a keyserver. See\n[here](http://central.sonatype.org/pages/working-with-pgp-signatures.html)\nfor more info about that and the process in general.\n\n### gpg \"inappropriate ioctl\" errors\n\nYou only really need to do this if you see \"inappropriate ioctl\" errors,\nbut it shouldn't hurt to proactively do this.\n\nAdd this to ~/.gnupg/gpg.conf:\n\n use-agent\n pinentry-mode loopback\n\nAdd this to ~/.gnupg/gpg-agent.conf:\n\n allow-loopback-pinentry\n\n# Releasing\n\n## Steps\n\n- Ensure you can run `mvn test` and `mvn package` successfully. Run\n `mvn clean` after.\n- Create a release branch off `main`. Ensure you have a clean checkout and that\n the subdirectory `.gh-pages` either does not exist or is a clean checkout.\n - We'll be generating commits.\n - When the release is complete, you should deliver the release PR for review.\n- Review open issues and PRs to see if any can easily be fixed, closed, or\n merged.\n- Review `CHANGELOG.md` for completeness and correctness.\n- Set a version and a date in `CHANGELOG.md` and commit that.\n - It gets used in the release process.\n- Bump copyright year in `README.md` if appropriate.\n - You don't need to update the version. `./dev-bin/release.sh` does this.\n- Run `./dev-bin/release.sh`\n - This will package the release, update the gh-pages branch, bump the\n version to the next development release, upload the release to GitHub\n and tag it, and upload to Sonatype.\n- This will prompt you several times. Generally you need to say `y` or `n`.\n- You'll be prompted for your ssh key password, GPG key password, and\n GitHub.com username and password several times depending on your\n workspace.\n- You may be prompted about \"what is the next development version?\". Hit\n enter to use the default which should be fine.\n- You may be prompted about \"The following dependencies in Dependencies\n have newer versions\". See the section about updating dependencies if so.\n- If you get HTTP 401 errors from Sonatype, you probably don't have a\n correct `settings.xml`. Refer to the Sonatype section.\n - If this happened, there are most likely pushed commits on GitHub.com.\n You can potentially rebase and drop the commits and force push and\n start over (you might want to talk about this before doing it). Note\n you'll need to delete the release tag too:\n `git push origin :refs/tags/vx.y.z \u0026\u0026 git tag -d vx.y.z`.\n- If you get to this point, then a release is on GitHub.com and in the\n staging repository on [Sonatype](https://oss.sonatype.org). The\n nexus-staging-maven-plugin plugin should automatically close the staging\n release as well as actually release it after.\n- You're done!\n- If you want to check things over, look at the commits on GitHub.com,\n including to the `gh-pages` branch and release tags, and do an artifact\n search on [Sonatype](https://oss.sonatype.org) to see the version is as\n you expect.\n\n## Updating dependencies\n\nReview the versions and look at what changed in their changelogs. If you\nthink it is appropriate to update the dependencies, stop the release\nprocess (say `n` or ctrl-c out).\n\nTo update them:\n\n- Make a branch\n- Update `pom.xml` to have the new versions you want\n- Run `mvn test` and fix any errors\n- Push and ensure Travis completes successfully\n- Merge\n\nIf you did this in the middle of releasing, you'll have to start that\nprocess over.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmaxmind%2Fminfraud-api-java","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmaxmind%2Fminfraud-api-java","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmaxmind%2Fminfraud-api-java/lists"}