From 8b763b18aa7834695723b2f7e29750d81fe9124f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 31 Jan 2024 19:41:44 +0100
Subject: [PATCH] Remove outdated Ubuntu18.04 jobs, Bump actions/checkout from
 1.2.0 to 4.1.1

* Bump actions/checkout from 1.2.0 to 4.1.1

Bumps [actions/checkout](https://github.com/actions/checkout) from 1.2.0 to 4.1.1.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v1.2.0...b4ffde65f46336ab88eb53be808477a3936bae11)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Remove outdated Ubuntu18.04 jobs
Bump map dependency
Switch to clang-format-14

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: berndgassmann <bernd.gassmann@intel.com>
---
 .github/workflows/build_test.yml          | 156 +++++-----------------
 .github/workflows/check_documentation.yml |   7 +-
 .github/workflows/code_format_check.yml   |   8 +-
 .github/workflows/codeql.yml              |   2 +-
 .github/workflows/dependency-review.yml   |   2 +-
 .github/workflows/install_dependencies.sh |  91 ++++++++++---
 .github/workflows/scorecards.yml          |   2 +-
 .github/workflows/wheels.yml              |  47 ++++---
 README.md                                 |  36 +++--
 dependencies/map                          |   2 +-
 doc/BUILDING.md                           |   4 +-
 doc/CHANGELOG.md                          |   3 +
 doc/ad_rss/HLD-Security.md                |   2 +-
 13 files changed, 170 insertions(+), 192 deletions(-)

diff --git a/.github/workflows/build_test.yml b/.github/workflows/build_test.yml
index 8507c75a87..0e68e971d2 100644
--- a/.github/workflows/build_test.yml
+++ b/.github/workflows/build_test.yml
@@ -1,4 +1,4 @@
-name: Build and Test of AD-RSS Library
+name: Test
 
 on:
   push:
@@ -14,83 +14,40 @@ permissions:
   contents: read
 
 jobs:
-  ubuntu18job:
-    name: Ubuntu 18.04
-    runs-on: ubuntu-latest
-
-    strategy:
-      matrix:
-       include:
-         - compiler: gcc7
-           EXTRA_PACKAGES: ""
-           CC: ""
-           CXX: ""
-           PYTHON_BINDING_VERSION: "2.7"
-         - compiler: gcc8
-           EXTRA_PACKAGES: g++-8
-           CC: /usr/bin/gcc-8
-           CXX: /usr/bin/g++-8
-           PYTHON_BINDING_VERSION: "3.6 -DPYTHON_EXECUTABLE:FILEPATH=/usr/bin/python3.6"
-         - compiler: clang7
-           EXTRA_PACKAGES: clang-7
-           CC: /usr/bin/clang-7
-           CXX: /usr/bin/clang++-7
-           PYTHON_BINDING_VERSION: "3.6 -DPYTHON_EXECUTABLE:FILEPATH=/usr/bin/python3.6"
-         - compiler: clang8
-           EXTRA_PACKAGES: clang-8
-           CC: /usr/bin/clang-8
-           CXX: /usr/bin/clang++-8
-           PYTHON_BINDING_VERSION: "3.6 -DPYTHON_EXECUTABLE:FILEPATH=/usr/bin/python3.6"
-
-    container:
-      image: ubuntu:18.04
-
-    steps:
-    - name: Harden Runner
-      uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
-      with:
-        egress-policy: audit
-
-    - name: Install base packages
-      run: apt update && apt install -y git sudo
-
-    - uses: actions/checkout@50fbc622fc4ef5163becd7fab6573eac35f8462e # v1.2.0
-      with:
-          depth: 
-          submodules: recursive
-
-    - name: Install Dependencies
-      run: bash .github/workflows/install_dependencies.sh
-
-    - name: Build and Test
-      env:
-          CC: ${{ matrix.CC }}
-          CXX: ${{ matrix.CXX }}
-          EXTRA_PACKAGES: ${{ matrix.EXTRA_PACKAGES }}
-          PYTHON_BINDING_VERSION: ${{ matrix.PYTHON_BINDING_VERSION }}
-      run: |
-        sudo apt-get install -y ${EXTRA_PACKAGES}
-        rm -rf log build install
-        eval CC=${CC} CXX=${CXX} ${BUILDCMD}
-
-
-  ubuntu20job:
-    name: Ubuntu 20.04
-    runs-on: ubuntu-20.04
-
+  build-test:
     strategy:
       matrix:
-       include:
-         - compiler: gcc9
-           EXTRA_PACKAGES: ""
-           CC: ""
-           CXX: ""
-           PYTHON_BINDING_VERSION: "3.8"
-         - compiler: clang10
-           EXTRA_PACKAGES: clang-10
-           CC: /usr/bin/clang-10
-           CXX: /usr/bin/clang++-10
-           PYTHON_BINDING_VERSION: "3.8"
+        include:
+          - os: ubuntu-20.04
+            compiler: gcc9
+            EXTRA_PACKAGES: ""
+            CC: ""
+            CXX: ""
+            PYTHON_BINDING_VERSION: "3.8"
+          - os: ubuntu-20.04
+            compiler: clang10
+            EXTRA_PACKAGES: clang-10
+            CC: /usr/bin/clang-10
+            CXX: /usr/bin/clang++-10
+            PYTHON_BINDING_VERSION: "3.10"
+          - os: ubuntu-22.04
+            compiler: gcc11
+            EXTRA_PACKAGES: ""
+            CC: ""
+            CXX: ""
+            PYTHON_BINDING_VERSION: "3.10"
+          - os: ubuntu-22.04
+            compiler: clang14
+            EXTRA_PACKAGES: clang-14
+            CC: /usr/bin/clang-14
+            CXX: /usr/bin/clang++-14
+            PYTHON_BINDING_VERSION: "3.10"
+
+    name: ${{ matrix.os }}, ${{ matrix.compiler }}, python-${{ matrix.PYTHON_BINDING_VERSION }}
+    runs-on: ${{ matrix.os }}
+    env:
+      PYTHON_BINDING_VERSION: ${{ matrix.PYTHON_BINDING_VERSION }}
+      EXTRA_PACKAGES: ${{ matrix.EXTRA_PACKAGES }}
 
     steps:
     - name: Harden Runner
@@ -98,7 +55,7 @@ jobs:
       with:
         egress-policy: audit
 
-    - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
+    - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       with:
           submodules: recursive
 
@@ -109,52 +66,7 @@ jobs:
       env:
           CC: ${{ matrix.CC }}
           CXX: ${{ matrix.CXX }}
-          EXTRA_PACKAGES: ${{ matrix.EXTRA_PACKAGES }}
-          PYTHON_BINDING_VERSION: ${{ matrix.PYTHON_BINDING_VERSION }}
       run: |
         sudo apt-get install ${EXTRA_PACKAGES}
         rm -rf log build install
         eval CC=${CC} CXX=${CXX} ${BUILDCMD}
-
-  ubuntu22job:
-    name: Ubuntu 22.04
-    runs-on: ubuntu-22.04
-
-    strategy:
-      matrix:
-       include:
-         - compiler: gcc11
-           EXTRA_PACKAGES: ""
-           CC: ""
-           CXX: ""
-           PYTHON_BINDING_VERSION: "3.10"
-         - compiler: clang14
-           EXTRA_PACKAGES: clang-14
-           CC: /usr/bin/clang-14
-           CXX: /usr/bin/clang++-14
-           PYTHON_BINDING_VERSION: "3.10"
-
-    steps:
-    - name: Harden Runner
-      uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
-      with:
-        egress-policy: audit
-
-    - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
-      with:
-          submodules: recursive
-
-    - name: Install Dependencies
-      run: bash .github/workflows/install_dependencies.sh
-
-    - name: Build and Test
-      env:
-          CC: ${{ matrix.CC }}
-          CXX: ${{ matrix.CXX }}
-          EXTRA_PACKAGES: ${{ matrix.EXTRA_PACKAGES }}
-          PYTHON_BINDING_VERSION: ${{ matrix.PYTHON_BINDING_VERSION }}
-      run: |
-        sudo apt-get install ${EXTRA_PACKAGES}
-        rm -rf log build install
-        eval CC=${CC} CXX=${CXX} ${BUILDCMD}
-
diff --git a/.github/workflows/check_documentation.yml b/.github/workflows/check_documentation.yml
index 05c2e30aba..81d3e5f656 100644
--- a/.github/workflows/check_documentation.yml
+++ b/.github/workflows/check_documentation.yml
@@ -1,4 +1,4 @@
-name: Build and Test Documentation
+name: Documentation
 
 on:
   push:
@@ -12,7 +12,6 @@ permissions:
 jobs:
   documentationjob:
 
-    name: Build and Test Documentation
     runs-on: ubuntu-20.04
 
     steps:
@@ -21,7 +20,7 @@ jobs:
       with:
         egress-policy: audit
 
-    - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
+    - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       with:
         fetch-depth: 0
         submodules: recursive
@@ -43,7 +42,7 @@ jobs:
         colcon build --event-handlers console_direct+ --executor sequential --packages-up-to ad_rss ad_rss_map_integration --cmake-args -DCMAKE_BUILD_TYPE=Debug -DBUILD_TESTING=ON -DBUILD_COVERAGE=ON -DBUILD_APIDOC=ON
         colcon test --event-handlers console_direct+ --packages-select ad_rss ad_rss_map_integration
         colcon test-result
-        
+
     - name: Code Coverage and CodeCov
       run: |
         bash .github/workflows/code_coverage.sh
diff --git a/.github/workflows/code_format_check.yml b/.github/workflows/code_format_check.yml
index 5c331c2802..ef7daacb4a 100644
--- a/.github/workflows/code_format_check.yml
+++ b/.github/workflows/code_format_check.yml
@@ -14,7 +14,7 @@ jobs:
 
     name: Check Code Formatting
 
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
 
     steps:
     - name: Harden Runner
@@ -22,12 +22,12 @@ jobs:
       with:
         egress-policy: audit
 
-    - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
+    - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       with:
           submodules: true
 
     - name: Install Dependencies
-      run: sudo apt-get update && sudo apt-get install clang-format-10
+      run: sudo apt-get update && sudo apt-get install clang-format-14
 
     - name: Check Formatting
-      run: failed=0; for file in `find . -path ./dependencies -prune -false -o -iname *.cpp -o -iname *.hpp`; do if [ `clang-format-10 $file -output-replacements-xml | grep -c "<replacement "` -ne 0 ]; then echo "$file does not match codeing style. Please run clang-format-10"; failed=1; fi; if [ $failed -ne 0 ]; then exit 1; fi; done
+      run: failed=0; for file in `find . -path ./dependencies -prune -false -o -iname *.cpp -o -iname *.hpp`; do if [ `clang-format-14 $file -output-replacements-xml | grep -c "<replacement "` -ne 0 ]; then echo "$file does not match codeing style. Please run clang-format-14"; failed=1; fi; if [ $failed -ne 0 ]; then exit 1; fi; done
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 73095edde7..929ed89520 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -62,7 +62,7 @@ jobs:
           egress-policy: audit
 
       - name: Checkout repository
-        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           depth: 
           submodules: recursive
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
index 59a0d6a965..3fa8b859bb 100644
--- a/.github/workflows/dependency-review.yml
+++ b/.github/workflows/dependency-review.yml
@@ -22,6 +22,6 @@ jobs:
           egress-policy: audit
 
       - name: 'Checkout Repository'
-        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - name: 'Dependency Review'
         uses: actions/dependency-review-action@4901385134134e04cec5fbe5ddfe3b2c5bd5d976 # v4.0.0
diff --git a/.github/workflows/install_dependencies.sh b/.github/workflows/install_dependencies.sh
index fbe511b613..88f37ab380 100644
--- a/.github/workflows/install_dependencies.sh
+++ b/.github/workflows/install_dependencies.sh
@@ -1,27 +1,86 @@
 #!/bin/bash
 
-python3_pkgs="libpython3-dev python3 python3-pip python3-setuptools python3-wheel"
-python2_pkgs="libpython-dev python python-pip python-wheel python-setuptools"
-other_pkgs="build-essential castxml cmake libboost-all-dev libgtest-dev liblapacke-dev libopenblas-dev libpugixml-dev sqlite3"
-
 sudo apt-get update
 sudo apt-get install -y lsb-core
+sudo apt-get install -y --no-install-recommends build-essential castxml cmake libgtest-dev liblapacke-dev libopenblas-dev libpugixml-dev sqlite3
 
-if [ `lsb_release -a | grep Release | grep 18.04 | wc -l` == 1 ]; then
-  sudo add-apt-repository ppa:ubuntu-toolchain-r/test
+IS_PYTHON_3_10=0
+echo "!!!!!!! Python version: ${PYTHON_BINDING_VERSION} !!!!!!!"
+if [ "${PYTHON_BINDING_VERSION}" == "3.10" ]; then
+  echo "!!!!!!! Python version is 3.10 detected !!!!!!!"
+  IS_PYTHON_3_10=1
 fi
 
-sudo apt-get update
-sudo apt-get install -y --no-install-recommends ${other_pkgs} ${python3_pkgs}
-
-sudo pip3 install --upgrade setuptools==51.1.2
-sudo pip3 install colcon-common-extensions xmlrunner pygccxml pyplusplus
+IS_UBUNTU_20_04=0
+if [ `lsb_release -a | grep Release | grep "20.04" | wc -l` == 1 ]; then
+  echo "!!!!!!! Ubuntu 20.04: remove python2 !!!!!!!"
+  sudo apt autoremove python2 python2-dev -y
+  IS_UBUNTU_20_04=1
+  if [ "${PYTHON_BINDING_VERSION}" == "" ]; then
+    echo "!!!!!!! Setting default python version for Ubuntu20.04 !!!!!!!"
+    IS_PYTHON_3_10=0
+    PYTHON_BINDING_VERSION="3.8"
+  fi
+elif [ `lsb_release -a | grep Release | grep "22.04" | wc -l` == 1 ]; then
+  if [ "${PYTHON_BINDING_VERSION}" == "" ]; then
+    echo "!!!!!!! Setting default python version for Ubuntu22.04 !!!!!!!"
+    IS_PYTHON_3_10=1
+    PYTHON_BINDING_VERSION="3.10"
+  fi
+fi
 
-if [ `lsb_release -a | grep Release | grep 18.04 | wc -l` == 1 ]; then
-  sudo apt-get install -y --no-install-recommends ${python2_pkgs}
-  sudo pip2 install --upgrade setuptools==41.1.0
-  sudo pip2 install pygccxml==2.2.1 pyplusplus==1.8.4 xmlrunner
+if (( IS_UBUNTU_20_04 && IS_PYTHON_3_10 )); then
+  echo "!!!!!!! Ubunut 20.04 and python 3.10: install python 3.10 and remove boost !!!!!!!"
+  sudo add-apt-repository ppa:deadsnakes/ppa -y
+  sudo apt-get update
+  sudo apt-get install -y --no-install-recommends python${PYTHON_BINDING_VERSION}-full
+  sudo update-alternatives --install /usr/bin/python python /usr/bin/python3.10 10
+  sudo apt autoremove libboost-all-dev -y
 else
-  sudo apt-get install -y --no-install-recommends "python-is-python3"
+  echo "!!!!!!! Not Ubuntu 20.04 or not python 3.10: install python${PYTHON_BINDING_VERSION} and boost !!!!!!!"
+  sudo apt-get install -y --no-install-recommends python${PYTHON_BINDING_VERSION}
+  sudo apt-get install -y --no-install-recommends libboost-all-dev
 fi
 
+sudo apt-get install -y --no-install-recommends python${PYTHON_BINDING_VERSION}-dev libpython${PYTHON_BINDING_VERSION}-dev
+curl -sS https://bootstrap.pypa.io/get-pip.py | sudo python${PYTHON_BINDING_VERSION}
+
+# to handle some error on missing pip dependencies
+sudo pip${PYTHON_BINDING_VERSION} install testresources
+sudo pip${PYTHON_BINDING_VERSION} install --upgrade setuptools==59.6.0
+sudo pip${PYTHON_BINDING_VERSION} install colcon-common-extensions xmlrunner pygccxml pyplusplus
+
+if (( IS_UBUNTU_20_04 && IS_PYTHON_3_10 )); then
+  echo "!!!!!!! Ubunut 20.04 and python 3.10: compile boost 1.80 !!!!!!!"
+  pushd dependencies
+
+  BOOST_VERSION=1.78.0
+  BOOST_PACKAGE_BASENAME=boost_${BOOST_VERSION//./_}
+  wget "https://boostorg.jfrog.io/artifactory/main/release/${BOOST_VERSION}/source/${BOOST_PACKAGE_BASENAME}.tar.gz"
+  
+  tar -xzf ${BOOST_PACKAGE_BASENAME}.tar.gz
+  pushd ${BOOST_PACKAGE_BASENAME}
+
+  py3=`which python3.10`
+  py3_root=`${py3} -c "import sys; print(sys.prefix)"`
+  pyv=`$py3 -c "import sys;x='{v[0]}.{v[1]}'.format(v=list(sys.version_info[:2]));sys.stdout.write(x)";`
+
+  ./bootstrap.sh \
+    --prefix="/usr" \
+    --with-libraries=python,filesystem,system,program_options \
+    --with-python=${py3} --with-python-version=${pyv} --with-python-root=${py3_root}
+  if (( $? )); then
+    echo "!!!!!!! boost bootstrap failed !!!!!!!"
+    cat bootstrap.log
+  fi
+  
+  ./b2 --prefix="/usr" cxxflags="-fPIC" -j 10 stage release
+  sudo ./b2 --prefix="/usr" cxxflags="-fPIC" -j 10 install
+
+  # ensure our colcon build process ignores boost sources
+  touch COLCON_IGNORE
+
+  popd
+  popd
+
+fi
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index 4f63080a57..f3d91a8115 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -36,7 +36,7 @@ jobs:
           egress-policy: audit
 
       - name: "Checkout code"
-        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           persist-credentials: false
 
diff --git a/.github/workflows/wheels.yml b/.github/workflows/wheels.yml
index a3e89731cd..ee2dcb3b0e 100644
--- a/.github/workflows/wheels.yml
+++ b/.github/workflows/wheels.yml
@@ -1,4 +1,4 @@
-name: Build and Publish wheels for ad-rss-lib Library
+name: Wheels
 
 on:
   release:
@@ -13,33 +13,43 @@ permissions:
 
 jobs:
   wheels:
-    runs-on: ubuntu-20.04
     strategy:
       matrix:
-        python_binding_version: [2.7, 3.6, 3.7, 3.8]
-    container:
-      image: joelmb/map:${{ matrix.python_binding_version }}
+        include:
+          - os: ubuntu-20.04
+            PYTHON_BINDING_VERSION: "3.10"
+          - os: ubuntu-20.04
+            PYTHON_BINDING_VERSION: "3.8"
+
+    name: ${{ matrix.os }}, python-${{ matrix.PYTHON_BINDING_VERSION }}
+    runs-on: ${{ matrix.os }}
     env:
-      WHEEL_PLATFORM: manylinux_2_27_x86_64
-      PYTHON_BINDING_VERSION: ${{ matrix.python_binding_version }}
+      WHEEL_PLATFORM: manylinux_2_31_x86_64
+      PYTHON_BINDING_VERSION: ${{ matrix.PYTHON_BINDING_VERSION }}
     steps:
-      # We currently cannot use checkout@v2 because git version on the docker images is below 2.18
       - name: Harden Runner
         uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@50fbc622fc4ef5163becd7fab6573eac35f8462e # v1.2.0
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           fetch-depth: 1
           submodules: recursive
+
+      - name: Install Dependencies
+        run: |
+          bash .github/workflows/install_dependencies.sh
+          sudo pip${PYTHON_BINDING_VERSION} install auditwheel
+          sudo pip${PYTHON_BINDING_VERSION} install --upgrade patchelf>=0.14
+
       - name: Build wheels
         shell: bash
         run: |
-          apt-get update && apt-get install sqlite3 -y
           colcon build --packages-select PROJ4 --event-handlers console_direct+ --cmake-args -DCMAKE_POSITION_INDEPENDENT_CODE=ON
           source install/setup.bash
-          colcon build --packages-up-to ad_rss_map_integration --meta colcon_python.meta --event-handlers console_direct+ --cmake-args -DPYTHON_BINDING_VERSION=${PYTHON_BINDING_VERSION}
+          colcon build --packages-up-to ad_rss_map_integration --event-handlers console_direct+ --cmake-args -DPYTHON_BINDING_VERSION=${PYTHON_BINDING_VERSION}  --metas colcon_python.meta
+
       - name: Repair wheels
         shell: bash
         run: |
@@ -50,10 +60,11 @@ jobs:
           for whl in install/ad_rss_map_integration/dist/*.whl; do
             auditwheel repair $whl --plat ${WHEEL_PLATFORM} --wheel-dir wheelhouse
           done
-#      - name: Publish wheels to PyPI
-#        uses: pypa/gh-action-pypi-publish@release/v1
-#        if: ${{ github.event_name == 'release'}}
-#        with:
-#          user: __token__
-#          password: ${{ secrets.PYPI_API_TOKEN }}
-#          packages_dir: wheelhouse/
+
+      - name: Publish wheels to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
+        if: ${{ github.event_name == 'release'}}
+        with:
+          user: __token__
+          password: ${{ secrets.PYPI_API_TOKEN }}
+          packages_dir: wheelhouse/
diff --git a/README.md b/README.md
index 8c0e6b779d..636d4bf0be 100644
--- a/README.md
+++ b/README.md
@@ -116,8 +116,8 @@ Note: The RSS module in this library does not initiate evasive manuevers. At the
 ## Getting started <a name="started"></a>
 
 #### Installation of dependencies
-Currently, the focused operating systems are Ubuntu 18.04, Ubuntu 20.04 and Ubuntu 22.04. Nevertheless, the library should work in a similar way for any other Linux OS.
-To install the basic dependencies for Ubuntu 18.04/20.04/22.04 execute the following command:
+Currently, the focused operating systems are Ubuntu 20.04 and Ubuntu 22.04. Nevertheless, the library should work in a similar way for any other Linux OS.
+To install the basic dependencies for Ubuntu 20.04/22.04 execute the following command:
 ```bash
  user$> sudo apt-get install git build-essential cmake libboost-dev libpugixml-dev libgtest-dev libpython-dev libproj-dev
 ```
@@ -135,23 +135,17 @@ To download the library, you may run:
 ```
 
 #### Supported systems <a name="systems"></a>
-Development systems are Ubuntu 18.04, Ubuntu 20.04 and Ubuntu 22.04
-Following compiler and Python combinations are [tested continously](https://github.com/intel/ad-rss-lib/blob/master/.travis.yml):
-
-|                 | Ubuntu 18.04 | Ubuntu 20.04 | Ubuntu 22.04 |
-|:---------------:|:------------:|:------------:|:------------:|
-|  Clang 7        |       x      |              |              |
-|  Clang 8        |       x      |              |              |
-|   GCC 7         |       x      |              |              |
-|   GCC 8         |       x      |              |              |
-|   GCC 9         |              |       x      |              |
-|  Clang 10       |              |       x      |              |
-|   GCC 11        |              |              |       x      |
-|  Clang 14       |              |              |       x      |
-|  Python 2.7     |       x      |              |              |
-|  Python 3.6     |       x      |              |              |
-|  Python 3.8     |              |       x      |              |
-|  Python 3.10    |              |              |       x      |
+Development systems are Ubuntu 20.04 and Ubuntu 22.04
+Following compiler and Python combinations are [tested continously](https://github.com/intel/ad-rss-lib/blob/master/.github/workflows/build_test.yml):
+
+|                 | Ubuntu 20.04 | Ubuntu 22.04 |
+|:---------------:|:------------:|:------------:|
+|   GCC 9         |       x      |              |
+|  Clang 10       |       x      |              |
+|   GCC 11        |              |       x      |
+|  Clang 14       |              |       x      |
+|  Python 3.8     |       x      |              |
+|  Python 3.10    |       x      |       x      |
 
 Important: cmake is required to be at least version 3.5!
 
@@ -164,8 +158,8 @@ Contibutions are very welcome!
 Before submitting a pull request, please ensure that your code compiles successfully and that the tests run successfully.
 Please also check that your code formatting complies to the provided clang style. To do so, you can run:
 ```bash
-ad-rss-lib$> sudo apt-get install clang-format-10
-ad-rss-lib$> find -iname *.cpp -o -iname *.hpp | xargs clang-format-10 -style=file -i
+ad-rss-lib$> sudo apt-get install clang-format-14
+ad-rss-lib$> find -iname *.cpp -o -iname *.hpp | xargs clang-format-14 -style=file -i
 ```
 This command will automatically update the code formatting to be compliant with our style.
 
diff --git a/dependencies/map b/dependencies/map
index d329dfa8b1..bfa3d197d9 160000
--- a/dependencies/map
+++ b/dependencies/map
@@ -1 +1 @@
-Subproject commit d329dfa8b15dcd91628da9adf45a607d6f3980a5
+Subproject commit bfa3d197d94a86b3e1f42bfaaf532cf68e945294
diff --git a/doc/BUILDING.md b/doc/BUILDING.md
index 8b3b8b5058..45c9c6d7ef 100644
--- a/doc/BUILDING.md
+++ b/doc/BUILDING.md
@@ -80,9 +80,9 @@ __colcon_python.meta__ enables python build (-DBUILD_PYTHON_BINDING=ON). To spec
  ad-rss-lib$> colcon build --metas colcon_python.meta --cmake-args -DPYTHON_BINDING_VERSION=3.8
 ```
 
-If cmake isn't able to find the requested python version you can try to specify the python executable explicitly (e.g. under Ubuntu18.04):
+If cmake isn't able to find the requested python version you can try to specify the python executable explicitly (e.g. under Ubuntu22.04):
 ```bash
- ad-rss-lib$> colcon build --metas colcon_python.meta --cmake-args -DPYTHON_BINDING_VERSION=3.6 -DPYTHON_EXECUTABLE:FILEPATH=/usr/bin/python3.6
+ ad-rss-lib$> colcon build --metas colcon_python.meta --cmake-args -DPYTHON_BINDING_VERSION=3.10 -DPYTHON_EXECUTABLE:FILEPATH=/usr/bin/python3.10
 ```
 
 ## Build options
diff --git a/doc/CHANGELOG.md b/doc/CHANGELOG.md
index a850761eca..fb16f62a3b 100644
--- a/doc/CHANGELOG.md
+++ b/doc/CHANGELOG.md
@@ -1,4 +1,7 @@
 ## Latest changes
+#### :ghost: Maintenance
+* Improve security of github actions
+* Disable Ubuntu 18.04 builds
 
 ## Release 4.5.3
 #### :ghost: Maintenance
diff --git a/doc/ad_rss/HLD-Security.md b/doc/ad_rss/HLD-Security.md
index 4a43ae8dab..a427f6bbc9 100644
--- a/doc/ad_rss/HLD-Security.md
+++ b/doc/ad_rss/HLD-Security.md
@@ -172,7 +172,7 @@ Unit testing achieved code coverage can be retrieved via [github deployment](htt
 
 #### Compiler and compiler security flags
 
-The development platforms are Ubuntu Linux 18.04 Bionic and 20.04 Focal Fossa.
+The development platforms are Ubuntu Linux 20.04 Focal Fossa and 22.04 Jammy Jellyfish.
 
 A standard cmake toolchain has been used to compile the library. Other supported compilers are listed at the [main page](../../#systems)