chore: update logback to 1.4.14 (#336)

* chore: update logback to 1.4.14

Update logback to 1.4.14 to address:
https://avd.aquasec.com/nvd/2023/cve-2023-6378/

Add library updating guide and expand existing details in
CONTRIBUTING.md

Fixes #335

* chore: ignore errors on docker hub link

Docker hub is rate limiting GitHub sources causing 429 errors when
running megalinter, resulting in test failures so adding this URL to
.lycheeignore to avoid this failure.

Author: stevenh

.lycheeignore

@@ -1 +1,2 @@
-https://www.linkedin.com/in/steven-hartland-a7435b4/
+https://www.linkedin.com/in/steven-hartland-a7435b4/
+https://hub.docker.com/r/nvuillam/npm-groovy-lint

CHANGELOG.md

@@ -2,12 +2,14 @@
 
 ## UNRELEASED
 
+- Update logback to 1.4.14 to address [cve-2023-6378](https://avd.aquasec.com/nvd/2023/cve-2023-6378/)
+
 ## [13.0.0] 2023-11-26
 
 - **BREAKING CHANGE: Upgrade CodeNarc to v3.4.0-alpha+3346775f**
 
 - Major core architecture refactoring by the great [**Steven Hartland**](https://github.com/stevenh)
-  
+
   - Fix files specified on the command line not linting as expected due to the generated patterns not working as intended if relative path that contains a file and not a directory due to an issue with CodeNarc pattern processing.
 
   - Fix incompatible arguments passed to CodeNarc by:

CONTRIBUTING.md

@@ -1,19 +1,87 @@
 <!-- markdownlint-disable MD013 MD033 MD034 -->
 # Contributing
 
-Contributions are very welcome !
+Contributions are very welcome!
 
-Instructions :
+## Setup
 
-- Fork the repository and clone it on your computer
-- Install dependencies: `npm install`
-- Link npm package bundle: `npm link`
-- Update source code and add mocha tests for any code you create
-- Run `npm run lint:fix` then `npm run test` to check your updates didn't break anything
-- Once your code is ready, documented and tested, please make a [pull request](https://github.com/nvuillam/npm-groovy-lint/pulls) :)
+If you're a new contributor, first you need
+[Fork the repository](https://docs.github.com/en/get-started/quickstart/fork-a-repo)
+and [clone](https://docs.github.com/en/repositories/creating-and-managing-repositories/cloning-a-repository)
+it on your computer.
+
+Next you need to install the npm dependencies and link the bundle:
+
+```shell
+npm install
+npm link
+```
+
+Now you have an local development install of npm-groovy-lint, you can make changes.
+
+## Testing
+
+If you have added new features or fixed an issue please make sure that you add
+tests to validate your changes.
+
+To test your code run:
+
+```shell
+npm run test
+```
+
+Once your code is ready, documented and tested, run following to ensure your
+the code is linted and fully built and then submit a
+[pull request](https://github.com/nvuillam/npm-groovy-lint/pulls).
+
+```shell
+npm run dev:pre-commit
+```
+
+## VsCode Groovy Lint Testing
 
 If you need to test your updates in VsCode Groovy Lint before making your PR
 
 - Fork [VsCode Groovy Lint repo](https://github.com/nvuillam/vscode-groovy-lint) and clone it on your computer (with same root as your clone of npm-groovy-lint fork)
 - Run `npm run dev:lint-install-local-copy-vscode` to deploy your local updates to VsCode Groovy Lint extension development files
 - Launch VsCode Groovy Lint debug configuration `Groovy Lint Debug`
+
+## Updating Libraries
+
+To update libraries download the new jar files into the correct place:
+
+- [Java libraries](lib/java/)
+- [Groovy libraries](lib/java/groovy/lib/)
+
+Once you have the new jars run the following to regenerate the new server jar:
+
+```shell
+npm run dev:pre-commit
+```
+
+## Troubleshooting
+
+If [GitHub Action - Update check](https://github.com/nvuillam/npm-groovy-lint/actions/workflows/lint.yml)
+reports changes for [lib/java/CodeNarcServer.jar](lib/java/CodeNarcServer.jar)
+make sure you have run:
+
+```shell
+npm run dev:pre-commit
+```
+
+If this has been run ensure you're running **exactly** the same version of node
+as the GitHub Action, as different node versions can impact how [zlib](https://www.zlib.net/)
+compresses the data in the jar file.
+
+To do determine the node version look at the output from the
+`Check for changes -> Install node`. For example in the following output node
+`18.18.2` is in use.
+
+```text
+Run actions/setup-node@v3
+Found in cache @ /opt/hostedtoolcache/node/18.18.2/x64
+Environment details
+```
+
+You can use [nvm](https://github.com/nvm-sh/nvm) to switch easily between
+different node versions.

docs/CHANGELOG.md

@@ -2,12 +2,14 @@
 
 ## UNRELEASED
 
+- Update logback to 1.4.14 to address [cve-2023-6378](https://avd.aquasec.com/nvd/2023/cve-2023-6378/)
+
 ## [13.0.0] 2023-11-26
 
 - **BREAKING CHANGE: Upgrade CodeNarc to v3.4.0-alpha+3346775f**
 
 - Major core architecture refactoring by the great [**Steven Hartland**](https://github.com/stevenh)
-  
+
   - Fix files specified on the command line not linting as expected due to the generated patterns not working as intended if relative path that contains a file and not a directory due to an issue with CodeNarc pattern processing.
 
   - Fix incompatible arguments passed to CodeNarc by:

groovy/src/main/MANIFEST.MF

@@ -5,6 +5,6 @@ Class-Path: CodeNarc-3.4.0-alpha+3346775f.jar GMetrics-2.1.0.jar groov
  -3.0.9.jar groovy/lib/groovy-cli-commons-3.0.9.jar groovy/lib/groovy-
  dateutil-3.0.9.jar groovy/lib/groovy-json-3.0.9.jar groovy/lib/groovy
  -templates-3.0.9.jar groovy/lib/groovy-xml-3.0.9.jar logback-classic-
- 1.4.9.jar logback-core-1.4.9.jar slf4j-api-2.0.9.jar
+ 1.4.14.jar logback-core-1.4.14.jar slf4j-api-2.0.9.jar
 Created-By: 1.8.0_144 (Oracle Corporation)
 Main-Class: com.nvuillam.CodeNarcServer