cannamanage/pom.xml

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>

    <parent>
        <groupId>org.springframework.boot</groupId>
        <artifactId>spring-boot-starter-parent</artifactId>
        <version>4.0.7</version>
        <relativePath/>
    </parent>

    <groupId>de.cannamanage</groupId>
    <artifactId>cannamanage-parent</artifactId>
    <version>1.0.0-SNAPSHOT</version>
    <packaging>pom</packaging>
    <name>CannaManage — Parent POM</name>
    <description>Cannabis Social Club SaaS — German CanG Compliance Platform</description>

    <modules>
        <module>cannamanage-domain</module>
        <module>cannamanage-service</module>
        <module>cannamanage-api</module>
    </modules>

    <properties>
        <java.version>21</java.version>
        <maven.compiler.source>21</maven.compiler.source>
        <maven.compiler.target>21</maven.compiler.target>
        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
        <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
        <!-- Testcontainers -->
        <testcontainers.version>1.21.3</testcontainers.version>
        <!-- JaCoCo (Sprint 11: pragmatic 80% bundle target, per-package rules below) -->
        <jacoco.version>0.8.13</jacoco.version>
        <jacoco.minimum.coverage>0.80</jacoco.minimum.coverage>
        <!-- Surefire parallelization (Sprint 11) -->
        <surefire.version>3.5.2</surefire.version>
        <!-- Security overrides (2026-06-12) — fixes 10 HIGH + 18 MEDIUM Snyk SCA findings -->
        <spring-framework.version>7.0.8</spring-framework.version>
        <tomcat.version>11.0.22</tomcat.version>
        <spring-data-bom.version>2025.1.6</spring-data-bom.version>
        <postgresql.version>42.7.11</postgresql.version>
    </properties>

    <dependencyManagement>
        <dependencies>
            <!-- Internal modules -->
            <dependency>
                <groupId>de.cannamanage</groupId>
                <artifactId>cannamanage-domain</artifactId>
                <version>${project.version}</version>
            </dependency>
            <dependency>
                <groupId>de.cannamanage</groupId>
                <artifactId>cannamanage-service</artifactId>
                <version>${project.version}</version>
            </dependency>
            <!-- Testcontainers BOM -->
            <dependency>
                <groupId>org.testcontainers</groupId>
                <artifactId>testcontainers-bom</artifactId>
                <version>${testcontainers.version}</version>
                <type>pom</type>
                <scope>import</scope>
            </dependency>
        </dependencies>
    </dependencyManagement>

    <build>
        <pluginManagement>
            <plugins>
                <plugin>
                    <groupId>org.jacoco</groupId>
                    <artifactId>jacoco-maven-plugin</artifactId>
                    <version>${jacoco.version}</version>
                </plugin>
                <plugin>
                    <groupId>org.apache.maven.plugins</groupId>
                    <artifactId>maven-surefire-plugin</artifactId>
                    <version>${surefire.version}</version>
                </plugin>
            </plugins>
        </pluginManagement>

        <plugins>
            <!--
              Sprint 11 — Resolve Mockito core jar path to a Maven property so we can
              attach it as a -javaagent in Surefire. On JDK 21 Mockito's self-attach
              of the inline mock-maker is deprecated and unreliable when the JaCoCo
              agent is also active — explicit -javaagent is the supported path.
            -->
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-dependency-plugin</artifactId>
                <executions>
                    <execution>
                        <id>get-mockito-agent-path</id>
                        <phase>process-test-classes</phase>
                        <goals>
                            <goal>properties</goal>
                        </goals>
                    </execution>
                </executions>
            </plugin>

            <!--
              Sprint 11 — Maven Surefire parallelization.
              forkCount=2: run two JVM forks in parallel (CI cores permitting).
              reuseForks=true: amortize JVM startup across test classes.
              runOrder=random: surface order-dependent test bugs early.
              argLine:
                @{argLine}                              → JaCoCo agent (line coverage)
                -javaagent:${org.mockito:mockito-core:jar} → Mockito inline mock-maker (JDK 21)
            -->
            <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-surefire-plugin</artifactId>
                <configuration>
                    <forkCount>2</forkCount>
                    <reuseForks>true</reuseForks>
                    <runOrder>random</runOrder>
                    <argLine>@{argLine} -javaagent:${org.mockito:mockito-core:jar} -Xmx1024m -Duser.language=de -Duser.country=DE</argLine>
                </configuration>
            </plugin>

            <!--
              Sprint 11 — JaCoCo coverage with risk-tiered per-package rules.
                Bundle (overall):  ≥ 80% line coverage
                Per-package rules:
                  bankimport         ≥ 90% (financial precision, MT940/CAMT053 parsers)
                  finance            ≥ 90% (payments, ledger, fee schedules)
                  api.security       ≥ 85% (JWT, auth, tenant isolation, rate limiter)
                  service (business) ≥ 75% (assemblies, events, forum, info-board)
                  scheduler/infra    ≥ 70% (cron jobs, notification dispatch)
              Excluded: entities, enums, DTOs, config, generated code.
            -->
            <plugin>
                <groupId>org.jacoco</groupId>
                <artifactId>jacoco-maven-plugin</artifactId>
                <executions>
                    <execution>
                        <id>prepare-agent</id>
                        <goals>
                            <goal>prepare-agent</goal>
                        </goals>
                    </execution>
                    <execution>
                        <id>report</id>
                        <phase>verify</phase>
                        <goals>
                            <goal>report</goal>
                        </goals>
                    </execution>
                    <execution>
                        <id>check</id>
                        <phase>verify</phase>
                        <goals>
                            <goal>check</goal>
                        </goals>
                        <configuration>
                            <haltOnFailure>false</haltOnFailure>
                            <rules>
                                <!-- Overall bundle rule -->
                                <rule>
                                    <element>BUNDLE</element>
                                    <limits>
                                        <limit>
                                            <counter>LINE</counter>
                                            <value>COVEREDRATIO</value>
                                            <minimum>${jacoco.minimum.coverage}</minimum>
                                        </limit>
                                    </limits>
                                </rule>
                                <!-- Financial / bank import: highest precision required -->
                                <rule>
                                    <element>PACKAGE</element>
                                    <includes>
                                        <include>de.cannamanage.service.bankimport*</include>
                                    </includes>
                                    <limits>
                                        <limit>
                                            <counter>LINE</counter>
                                            <value>COVEREDRATIO</value>
                                            <minimum>0.90</minimum>
                                        </limit>
                                    </limits>
                                </rule>
                                <rule>
                                    <element>PACKAGE</element>
                                    <includes>
                                        <include>de.cannamanage.service.finance*</include>
                                    </includes>
                                    <limits>
                                        <limit>
                                            <counter>LINE</counter>
                                            <value>COVEREDRATIO</value>
                                            <minimum>0.90</minimum>
                                        </limit>
                                    </limits>
                                </rule>
                                <!-- Security: JWT, auth, tenant isolation -->
                                <rule>
                                    <element>PACKAGE</element>
                                    <includes>
                                        <include>de.cannamanage.api.security*</include>
                                    </includes>
                                    <limits>
                                        <limit>
                                            <counter>LINE</counter>
                                            <value>COVEREDRATIO</value>
                                            <minimum>0.85</minimum>
                                        </limit>
                                    </limits>
                                </rule>
                                <!-- Scheduler / infra: cron jobs, notification dispatch -->
                                <rule>
                                    <element>PACKAGE</element>
                                    <includes>
                                        <include>de.cannamanage.service.scheduler*</include>
                                        <include>de.cannamanage.service.notification*</include>
                                    </includes>
                                    <limits>
                                        <limit>
                                            <counter>LINE</counter>
                                            <value>COVEREDRATIO</value>
                                            <minimum>0.70</minimum>
                                        </limit>
                                    </limits>
                                </rule>
                            </rules>
                        </configuration>
                    </execution>
                </executions>
                <configuration>
                    <excludes>
                        <!-- Generated / framework code with no logic worth covering -->
                        <exclude>**/entity/**</exclude>
                        <exclude>**/enums/**</exclude>
                        <exclude>**/dto/**</exclude>
                        <exclude>**/config/**</exclude>
                        <exclude>**/CannaManageApplication.*</exclude>
                        <exclude>**/*Application.*</exclude>
                    </excludes>
                </configuration>
            </plugin>
        </plugins>
    </build>
</project>