Fix tornado vulnerability (#48) #22

	name: release-assets

	on:
	push:
	branches:
	- main
	tags:
	- "..*"

	jobs:
	release:
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Set up JDK
	if: startsWith(github.ref, 'refs/tags/')
	uses: actions/setup-java@v3
	with:
	java-version: '11'
	distribution: 'adopt'

	- name: Set up Python
	if: startsWith(github.ref, 'refs/tags/')
	uses: actions/setup-python@v5
	with:
	python-version: '3.11'

	- name: Set up Poetry
	if: startsWith(github.ref, 'refs/tags/')
	uses: snok/install-poetry@v1

	- name: Build server with Maven
	if: startsWith(github.ref, 'refs/tags/')
	# Inspired by https://stackoverflow.com/a/51559900
	run: mvn -Drevision=${{ github.ref_name }} -DskipTests --no-transfer-progress clean package
	working-directory: tsumugi-server

	- name: Build client with poetry
	if: startsWith(github.ref, 'refs/tags/')
	run: \|
	poetry version ${{ github.ref_name }}
	poetry build --format sdist
	working-directory: tsumugi-python

	- name: Upload assets
	if: startsWith(github.ref, 'refs/tags/')
	uses: softprops/action-gh-release@v2
	with:
	draft: false
	prerelease: false
	files: \|
	tsumugi-server/target/tsumugi-server-*.jar
	tsumugi-python/dist/tsumugi-*.tar.gz
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Provide feedback