Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merge upstream #21

Open
wants to merge 142 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
142 commits
Select commit Hold shift + click to select a range
8b09614
chore: prepare next version (#5139)
monperrus Apr 4, 2023
80b378a
chore(deps): update dependency org.apache.maven.plugins:maven-surefir…
renovate[bot] Apr 4, 2023
a18359c
chore(deps): update dependency gradle to v8 (#5108)
renovate[bot] Apr 4, 2023
40a7502
chore(deps): update github/codeql-action digest to 8c8d71d (#5152)
renovate[bot] Apr 6, 2023
0677063
chore(deps): update dependency org.apache.maven.plugins:maven-deploy-…
renovate[bot] Apr 6, 2023
70162f2
chore(deps): update actions/checkout action to v3.5.0 (#5145)
renovate[bot] Apr 6, 2023
0f6d020
chore(deps): update dependency jquery to v3.6.4 (#5134)
renovate[bot] Apr 6, 2023
fa62788
fix(deps): update dependency org.jetbrains:annotations to v24.0.1 (#5…
renovate[bot] Apr 6, 2023
8d5f42d
fix: Remove escaping of ' in a CtLiteral<String> (#5070)
MartinWitt Apr 6, 2023
23391be
chore(deps): update dependency org.apache.maven.plugins:maven-release…
renovate[bot] Apr 6, 2023
c6a0ae3
chore(deps): update dependency ch.qos.logback:logback-classic to v1.4…
renovate[bot] Apr 6, 2023
bf63110
chore(deps): update dependency org.apache.maven.plugins:maven-install…
renovate[bot] Apr 6, 2023
d1f6e1a
doc: update license year and text (#5146)
pombredanne Apr 6, 2023
fb11e11
chore(deps): update actions/setup-java action to v3.11.0 (#5161)
renovate[bot] Apr 6, 2023
e1cc7de
chore(deps): update dependency org.jacoco:jacoco-maven-plugin to vers…
I-Al-Istannen Apr 6, 2023
da17d89
chore(deps): update dependency org.apache.maven.plugins:maven-resourc…
renovate[bot] Apr 10, 2023
c22db46
chore(deps): update dependency com.mycila:license-maven-plugin to v4.…
renovate[bot] Apr 10, 2023
5e9e313
fix(deps): update dependency org.apache.commons:commons-compress to v…
renovate[bot] Apr 10, 2023
83945f4
fix(deps): update dependency fr.inria.gforge.spoon:spoon-core to v10.…
renovate[bot] Apr 10, 2023
f988431
fix(deps): update dependency org.eclipse.jdt:org.eclipse.jdt.core to …
renovate[bot] Apr 10, 2023
fe049a5
fix: Use a better heuristic for guessing type/field references in no …
I-Al-Istannen Apr 13, 2023
75039b8
chore: Allow any input for jvm versions in bug report template (#5176)
SirYwell Apr 13, 2023
78c3118
fix: Support back-to-back properties and file.separator in SpoonPom (…
I-Al-Istannen Apr 13, 2023
b41c13c
chore(deps): update github/codeql-action digest to 7df0ce3 (#5167)
renovate[bot] Apr 13, 2023
a2665ab
review: chore(actions): add pom quality checker to github actions (#5…
MartinWitt Apr 18, 2023
6ef5a14
chore(deps): update actions/checkout action to v3.5.2 (#5174)
renovate[bot] Apr 19, 2023
4599b42
chore(deps): update mockito monorepo to v5.3.0 (#5173)
renovate[bot] Apr 19, 2023
189025e
chore: Enable renovate automerge for non-major updates (#5182)
MartinWitt Apr 21, 2023
a21c075
chore(deps): update dependency gradle to v8.1 (#5175)
renovate[bot] Apr 21, 2023
cd90d7a
sec: replace expired key with new one (#5185)
monperrus Apr 21, 2023
2f6ff0b
test: Add tests for comment association (#5169)
Zuplyx Apr 21, 2023
1d9760a
chore(deps): update actions/setup-python action to v4.6.0 (#5184)
renovate[bot] Apr 25, 2023
90f1f2b
chore(deps): update dependency org.apache.maven.plugins:maven-project…
renovate[bot] Apr 25, 2023
3fa5efc
chore: Use native transport configuration for Maven in CI (#5190)
MartinWitt Apr 26, 2023
37c4ecf
chore(deps): update dependency ch.qos.logback:logback-classic to v1.4…
renovate[bot] Apr 26, 2023
1830203
chore(deps): update github/codeql-action digest to 8662eab (#5187)
renovate[bot] Apr 27, 2023
0b793ae
chore(deps): update dependency gradle to v8.1.1 (#5188)
renovate[bot] Apr 27, 2023
5110106
chore(deps): update dependency org.apache.maven.plugins:maven-checkst…
renovate[bot] Apr 27, 2023
28cdc85
chore(deps): update dependency org.jacoco:jacoco-maven-plugin to v0.8…
renovate[bot] Apr 27, 2023
f7f2dfa
chore(deps): update junit5 monorepo (#5192)
renovate[bot] Apr 28, 2023
9b3f2c6
chore(deps): update github/codeql-action digest to f3feb00 (#5196)
renovate[bot] Apr 28, 2023
589339c
chore(deps): update mockito monorepo to v5.3.1 (#5193)
renovate[bot] Apr 28, 2023
31cda67
fix(deps): update dependency com.fasterxml.jackson.core:jackson-datab…
renovate[bot] Apr 28, 2023
194f91a
chore(CI): bump java ea version to 21 (#5143)
MartinWitt May 1, 2023
44403c8
chore: automerge pinDigest action from renovate (#5197)
MartinWitt May 3, 2023
f22c066
chore(deps): pin dependencies (#5180)
renovate[bot] May 3, 2023
9debcbd
chore(deps): remove outdated dependency that cannot be resolved anymo…
monperrus May 4, 2023
1d8f45b
chore(deps): update github/codeql-action digest to 29b1f65 (#5201)
renovate[bot] May 5, 2023
f17eff0
chore(deps): update dependency org.apache.maven.plugins:maven-gpg-plu…
renovate[bot] May 6, 2023
5cf36ed
fix: fix renovate.json (#5203)
monperrus May 7, 2023
2b84495
chore(deps): update dependency org.apache.maven.plugins:maven-surefir…
renovate[bot] May 7, 2023
1f69380
chore(deps): update dependency jquery to v3.7.0 (#5207)
renovate[bot] May 12, 2023
e14e6b5
chore(deps): update jetbrains/qodana-action action to v2023 (#5195)
renovate[bot] May 12, 2023
018b100
Create FUNDING.yml (#5205)
monperrus May 13, 2023
f60d3ee
fix: set declaring type for array field accesses (#5206)
SirYwell May 13, 2023
e279812
chore(deps): update dependency org.apache.maven.plugins:maven-assembl…
renovate[bot] May 15, 2023
eda13b3
fix(deps): update dependency commons-io:commons-io to v2.12.0 (#5214)
renovate[bot] May 17, 2023
76c3d7d
fix(deps): update dependency com.fasterxml.jackson.core:jackson-datab…
renovate[bot] May 17, 2023
2feeaac
chore: Add CD release workflow (#5209)
MartinWitt May 18, 2023
63dd71a
chore(deps): pin maximeheckel/github-action-merge-fast-forward action…
renovate[bot] May 18, 2023
e03ada2
chore(deps): update actions/setup-go digest to fac708d (#5220)
renovate[bot] May 18, 2023
c8fa5e1
chore(deps): update maximeheckel/github-action-merge-fast-forward act…
renovate[bot] May 18, 2023
65d17f5
chore(deps): update dependency org.apache.maven.plugins:maven-source-…
renovate[bot] May 21, 2023
1d126f4
chore(deps): update dependency org.apache.maven.plugins:maven-checkst…
renovate[bot] May 22, 2023
3125753
chore(deps): update dependency org.apache.maven.plugins:maven-depende…
renovate[bot] May 22, 2023
04a65bc
chore(deps): update actions/setup-python action to v4.6.1 (#5230)
renovate[bot] May 24, 2023
87b1d71
chore(deps): update github/codeql-action digest to f0e3dfb (#5231)
renovate[bot] May 25, 2023
a4681da
fix: set correct executable reference type for signature polymorphic …
SirYwell May 25, 2023
ed9f632
fix: Correctly adapt type parameters inherited from enclosing classes…
I-Al-Istannen May 25, 2023
5ee3402
chore(deps): update github/codeql-action digest to 0225834 (#5232)
renovate[bot] May 26, 2023
67208c1
test: Move GitHub issue to correct package and fix problem with multi…
MartinWitt May 29, 2023
093b497
fix: special-case getModifiers for array.length accesses (#5236)
SirYwell May 29, 2023
374ebfc
chore(deps): update dependency org.apache.maven.plugins:maven-project…
renovate[bot] May 29, 2023
ef347ef
fix: make getActualField respect static fields in annotations (#5238)
SirYwell May 30, 2023
25ce559
refactor: remove cast by replacing wildcard with concrete type (#5239)
MartinWitt May 30, 2023
0f765c1
fix(deps): update dependency com.fasterxml.jackson.core:jackson-datab…
renovate[bot] May 31, 2023
010ee5b
refactor: replace direct access to ContextBuilder#stack with methods …
SirYwell Jun 1, 2023
f4a7182
chore(deps): update github/codeql-action digest to 83f0fe6 (#5249)
renovate[bot] Jun 1, 2023
afa5f57
chore(deps): update dependency org.apache.maven.plugins:maven-release…
renovate[bot] Jun 3, 2023
b645b94
fix: Include static imports of nested types in AST (#5213)
algomaster99 Jun 4, 2023
85ce702
fix: do not replace types when looking up fields from supertypes (#5248)
SirYwell Jun 5, 2023
a02ecad
chore(deps): update dependency org.apache.maven.plugins:maven-project…
renovate[bot] Jun 6, 2023
07ad30b
chore(deps): update dependency org.apache.maven.plugins:maven-surefir…
renovate[bot] Jun 6, 2023
3f9629c
fix(deps): update dependency commons-io:commons-io to v2.13.0 (#5256)
renovate[bot] Jun 8, 2023
5938727
chore: add temp file to gitignore, skip jacoco for releases (#5258)
MartinWitt Jun 9, 2023
f0c8c2a
chore(deps): update plugin com.github.ben-manes.versions to v0.47.0 (…
renovate[bot] Jun 9, 2023
a0642bd
chore(deps): update actions/checkout digest to c85c95e (#5261)
renovate[bot] Jun 9, 2023
6750d61
chore(deps): update actions/checkout action to v3.5.3 (#5262)
renovate[bot] Jun 9, 2023
cce82f1
refactor: reduce complexity of setInputClassLoader (#5242)
MartinWitt Jun 11, 2023
bc333f9
fix: Allow CtType.INNERTTYPE_SEPARATOR ($) in package names (#5237)
MartinWitt Jun 11, 2023
779438a
refactor: refactor visitCtForEach method (#5244)
MartinWitt Jun 11, 2023
869471a
chore: Added GPG private key & passphrase secrets to JReleaser workfl…
MartinWitt Jun 12, 2023
17af808
release: Skip GPG plugin and remove js git actions (#5267)
MartinWitt Jun 13, 2023
0263571
chore: use coveralls' svg badge (#5259)
MartinWitt Jun 13, 2023
43b5207
chore(deps): update dependency ch.qos.logback:logback-classic to v1.4…
renovate[bot] Jun 13, 2023
0136954
chore(deps): update jetbrains/qodana-action action to v2023.1.4 (#5270)
renovate[bot] Jun 13, 2023
bd9d601
chore(deps): update github/codeql-action digest to 6c089f5 (#5271)
renovate[bot] Jun 13, 2023
2344fca
[StepSecurity] Apply security best practices (#5254)
step-security-bot Jun 14, 2023
f21aef2
chore(deps): update github/codeql-action action to v2.20.0 (#5276)
renovate[bot] Jun 14, 2023
df538b0
chore(deps): update ossf/scorecard-action action to v2.1.3 (#5278)
renovate[bot] Jun 14, 2023
cc266e4
chore(deps): update dependency com.google.guava:guava to v32 (#5235)
renovate[bot] Jun 15, 2023
138aa06
chore: disable Qodana PR comment (#5277)
SirYwell Jun 15, 2023
5aad685
chore(deps): update dependency com.google.guava:guava to v32.0.1-jre …
renovate[bot] Jun 15, 2023
0295925
chore: Add configuration for git user on GitHub Actions. (#5279)
MartinWitt Jun 15, 2023
49ee8e1
chore: Add JProfiler acknowledgement for Spoon development support (#…
MartinWitt Jun 17, 2023
a6b3d45
chore(deps): update mockito monorepo to v5.4.0 (#5286)
renovate[bot] Jun 18, 2023
d9d7824
Fix pom.xml for JReleaser Maven release. (#5283)
MartinWitt Jun 19, 2023
883c3be
feat: Add Javadoc parser submodule (#4748)
I-Al-Istannen Jun 19, 2023
e3886d3
chore(deps): update actions/checkout action to v3.5.3 (#5275)
renovate[bot] Jun 19, 2023
c553410
chore(deps): update plugin com.github.johnrengelman.shadow to v8 (#5127)
renovate[bot] Jun 19, 2023
55573f4
doc: Document that CtRecordComponent returns unmodifiable views (#5287)
MartinWitt Jun 19, 2023
5fcb8d2
chore(deps): update step-security/harden-runner action to v2.4.1 (#5296)
renovate[bot] Jun 20, 2023
80077ab
chore(deps): update dependency org.apache.maven.plugins:maven-clean-p…
renovate[bot] Jun 20, 2023
f8853a1
fix: Synchronize reflection tree builder entrypoint method on factory…
I-Al-Istannen Jun 21, 2023
f93226c
chore: fix releasing of spoon-core, parent and javadoc module (#5292)
MartinWitt Jun 21, 2023
9fe9c9f
chore(deps): update github/codeql-action digest to f6e388e (#5303)
renovate[bot] Jun 21, 2023
6785382
chore(deps): update github/codeql-action action to v2.20.1 (#5304)
renovate[bot] Jun 21, 2023
abc6255
chore(deps): update jetbrains/qodana-action action to v2023.1.5 (#5305)
renovate[bot] Jun 21, 2023
ec3e273
fix: replace version range with exact version(#5300)
hboutemy Jun 22, 2023
8a45e5f
chore(deps): update ossf/scorecard-action action to v2.2.0 (#5308)
renovate[bot] Jun 24, 2023
78b499e
chore(deps): update dependency org.kohsuke.metainf-services:metainf-s…
renovate[bot] Jun 27, 2023
3b19716
chore: Use legacy sonatype url in JReleaser workflow (#5306)
MartinWitt Jun 27, 2023
23e8f53
chore(deps): Revert org.apache.maven:maven-model to 3.6.0 (#5311)
MartinWitt Jun 27, 2023
4b16c0f
chore(deps): update dependency com.google.guava:guava to v32.1.0-jre …
renovate[bot] Jun 30, 2023
9cba51c
chore(deps): update dependency com.google.guava:guava to v32.1.1-jre …
renovate[bot] Jun 30, 2023
c497d71
chore(deps): update dependency gradle to v8.2 (#5319)
renovate[bot] Jul 1, 2023
863c9a3
fix: Handle UnresolvedReferenceBinding in ReferenceBuilder (#5294)
MartinWitt Jul 3, 2023
aa0911e
chore(deps): update github/codeql-action digest to 004c5de (#5322)
renovate[bot] Jul 3, 2023
462c654
chore(deps): update github/codeql-action action to v2.20.2 (#5323)
renovate[bot] Jul 3, 2023
1ef06ef
fix: Fix bugs in `VisitorPartialEvaluator`, namely with support for `…
Luro02 Jul 6, 2023
1884f1b
chore(deps): update github/codeql-action digest to 46ed16d (#5327)
renovate[bot] Jul 6, 2023
aea4501
chore: Use correct groupId for release staging repo (#5315)
MartinWitt Jul 6, 2023
43037d1
chore(deps): update github/codeql-action action to v2.20.3 (#5328)
renovate[bot] Jul 6, 2023
c41c407
release: Releasing version 10.4.0
Jul 6, 2023
5d6a2d3
release: Setting SNAPSHOT version 10.4.1-SNAPSHOT
MartinWitt Jul 6, 2023
537faa9
chore: convert extra checks to github action (#5333)
MartinWitt Jul 11, 2023
b0e5cae
Merge branch 'master' into merge-upstream
raghav-deepsource Jul 14, 2023
23a466d
fix: npe with positionBuilder
raghav-deepsource Jul 14, 2023
1affbb0
test: remove templateTest; it doesn't work.
raghav-deepsource Jul 14, 2023
cee57c8
Delete CompilationUnit.java
raghav-deepsource Jul 14, 2023
b8568af
Merge branch 'master' into merge-upstream
raghav-deepsource Jul 28, 2023
7989d04
Update tests.yml
raghav-deepsource Aug 1, 2023
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
  •  
  •  
  •  
4 changes: 4 additions & 0 deletions .github/FUNDING.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
# file such that Spoon is considered as sponsorable by Github

# https://opencollective.com/spoon-java
open_collective: spoon-java
12 changes: 2 additions & 10 deletions .github/ISSUE_TEMPLATE/bug_report.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -59,20 +59,12 @@ body:
placeholder: X.Y.Z
validations:
required: true
- type: dropdown
- type: input
id: jvm-version
attributes:
label: JVM Version
description: Which JVM version are you running Spoon with? Note that Spoon is built for Java 11+, and we cannot maintain support for older versions.
options:
- "11"
- "12"
- "13"
- "14"
- "15"
- "16"
- "17"
- "18"
placeholder: You can run 'java -version' to get this information.
validations:
required: true
- type: textarea
Expand Down
130 changes: 130 additions & 0 deletions .github/workflows/jreleaser.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,130 @@
name: Release

on:
workflow_dispatch:
inputs:
version:
description: 'Next release version'
required: true
default: 'patch'
type: choice
options:
- major
- minor
- patch

jobs:

build:
runs-on: ubuntu-latest
steps:
# Setups the environment
- name: Checkout
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3
with:
fetch-depth: 0
token: ${{ secrets.JRELEASER_GITHUB_TOKEN }}
- name: Set git user
run: |
git config --global user.name "GitHub Actions Bot"
git config --global user.email "<>"
- name: Set up JDK 11
uses: actions/setup-java@5ffc13f4174014e2d4d4572b3d74c3fa61aeb2c2 # v3
with:
java-version: '11'
distribution: 'temurin'
cache: maven

- name: install go
uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4
- name: install semversion
run: go install github.com/ffurrer2/semver/cmd/semver@latest
# Get current version from pom and remove snapshot if present.
- name: Get current version from pom and remove snapshot if present.
run: echo "CURRENT_VERSION=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout | sed 's/-SNAPSHOT//')" >> $GITHUB_ENV
- name: Get version with snapshot
run: echo "CURRENT_VERSION_WITH_SNAPSHOT=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout)" >> $GITHUB_ENV
# Calculate release version:
# - if `version` is patch, we just increment drop the `-SNAPSHOT` suffix
# (e.g. 10.0.1-SNAPSHOT -> 10.0.1)
# - if `version` is minor or major, we increment the minor or major version and
# set the patch version to `0` (e.g. 10.0.1-SNAPSHOT -> 11.0.0 or 10.1.0)
#
# As we are using a snapshot version, the first call to `semver next` slices
# off only the `-SNAPSHOT` suffix. We therefore run `semver next` on the
# version *without* the `-SNAPSHOT` prefix for major and minor bumps.
#
# After release, we run `semver next` once again and append the `-SNAPSHOT`
# suffix. This results in our patch version from above becoming
# `10.0.2-SNAPSHOT`. The major/minor just get the patch set to `1` and
# `-SNAPSHOT` appended.
- name: Set next version for patch
if: ${{ github.event.inputs.version == 'patch' }}
run: echo "NEXT_VERSION=$(semver next ${{ github.event.inputs.version }} $CURRENT_VERSION_WITH_SNAPSHOT)" >> $GITHUB_ENV
- name: Set next version for major/minor
if: ${{ github.event.inputs.version == 'major' || github.event.inputs.version == 'minor' }}
run: echo "NEXT_VERSION=$(semver next ${{ github.event.inputs.version }} $CURRENT_VERSION)" >> $GITHUB_ENV
- name: set branchname to next version
run: echo "BRANCH_NAME=release/$NEXT_VERSION" >> $GITHUB_ENV
- name: Set release version
run: |
mvn -f spoon-pom --no-transfer-progress --batch-mode versions:set -DnewVersion=$NEXT_VERSION -DprocessAllModules
mvn --no-transfer-progress --batch-mode versions:set -DnewVersion=$NEXT_VERSION -DprocessAllModules
mvn -f spoon-javadoc --no-transfer-progress --batch-mode versions:set -DnewVersion=$NEXT_VERSION -DprocessAllModules
- name: Commit & Push changes
run: |
git checkout -b ${{env.BRANCH_NAME}}
git commit -am "release: Releasing version ${{ env.NEXT_VERSION }}"
git push --set-upstream origin ${{ env.BRANCH_NAME }}



# Now we can run the release
- name: Stage release
run: mvn -f spoon-pom --no-transfer-progress --batch-mode -Pjreleaser clean deploy -DaltDeploymentRepository=local::default::file:./target/staging-deploy
- name: Print next version
run: mvn help:evaluate -Dexpression=project.version -q -DforceStdout | sed 's/-SNAPSHOT//'
- name: Run JReleaser
uses: jreleaser/release-action@0b198089c53ad2aef0d2bff6b5e6061ead2bbb90 # v2
with:
setup-java: false
version: 1.4.0
arguments: full-release
env:
JRELEASER_PROJECT_VERSION: ${{ env.NEXT_VERSION }}
JRELEASER_GITHUB_TOKEN: ${{ secrets.JRELEASER_GITHUB_TOKEN }}
JRELEASER_GPG_PASSPHRASE: ${{ secrets.JRELEASER_GPG_PASSPHRASE }}
JRELEASER_GPG_PUBLIC_KEY: ${{ secrets.JRELEASER_GPG_PUBLIC_KEY }}
JRELEASER_GPG_SECRET_KEY: ${{ secrets.JRELEASER_GPG_SECRET_KEY }}
JRELEASER_NEXUS2_MAVEN_CENTRAL_USERNAME: ${{ secrets.JRELEASER_NEXUS2_MAVEN_CENTRAL_USERNAME }}
JRELEASER_NEXUS2_MAVEN_CENTRAL_PASSWORD: ${{ secrets.JRELEASER_NEXUS2_MAVEN_CENTRAL_PASSWORD }}
# Time to set the next version: The next version of any Release is a snapshot version of the next patch version
- name : Set next version (patch of release version) with -SNAPSHOT suffix
run: |
echo "NEXT_RELEASE_VERSION=$(semver next patch $NEXT_VERSION)-SNAPSHOT" >> $GITHUB_ENV
echo "NEXT_RELEASE_VERSION_WITHOUT_SNAPSHOT=$(semver next patch $NEXT_VERSION)" >> $GITHUB_ENV
- name: Set release version
run: |
mvn -f spoon-pom --no-transfer-progress --batch-mode versions:set -DnewVersion=$NEXT_RELEASE_VERSION -DprocessAllModules
mvn --no-transfer-progress --batch-mode versions:set -DnewVersion=$NEXT_RELEASE_VERSION -DprocessAllModules
mvn -f spoon-javadoc --no-transfer-progress --batch-mode versions:set -DnewVersion=$NEXT_RELEASE_VERSION -DprocessAllModules
# Commit and push changes
- name: Commit & Push changes
run: |
git commit -am "release: Setting SNAPSHOT version $NEXT_RELEASE_VERSION"
git push --set-upstream origin ${{ env.BRANCH_NAME }}
- name: Merge Fast Forward
run: |
git checkout master
git merge --ff-only ${{ env.BRANCH_NAME }}
git push origin master

# Log failure:
- name: JReleaser release output
if: always()
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3
with:
name: jreleaser-release
path: |
out/jreleaser/trace.log
out/jreleaser/output.properties
22 changes: 19 additions & 3 deletions .github/workflows/qodana.yml
Original file line number Diff line number Diff line change
Expand Up @@ -14,13 +14,29 @@ jobs:
runs-on: ubuntu-latest
name: code-quality qodana
steps:
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
with:
fetch-depth: 0
- name: 'Qodana Scan'
uses: JetBrains/qodana-action@7afb26c0c2f325c0d5c21ea1f617c79c7f899337 # v2022.3.4
uses: JetBrains/qodana-action@54d3fc653c515607d6b1599201a383e9e07649b1 # v2023.1.5
with:
args: --source-directory,./src/main/java , --fail-threshold, 0
- uses: github/codeql-action/upload-sarif@168b99b3c22180941ae7dbdd5f5c9678ede476ba # v2
post-pr-comment: "false"
- uses: github/codeql-action/upload-sarif@46ed16ded91731b2df79a2893d3aea8e9f03b5c4 # v2
with:
sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json
code-quality-spoon-javadoc:
runs-on: ubuntu-latest
name: code-quality spoon-javadoc qodana
steps:
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
with:
fetch-depth: 0
- name: 'Qodana Scan (spoon-javadoc)'
uses: JetBrains/qodana-action@54d3fc653c515607d6b1599201a383e9e07649b1 # v2023.1.5
with:
args: --source-directory,./spoon-javadoc/src/main/java , --fail-threshold, 0
post-pr-comment: "false"
- uses: github/codeql-action/upload-sarif@46ed16ded91731b2df79a2893d3aea8e9f03b5c4 # v2
with:
sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json
4 changes: 2 additions & 2 deletions .github/workflows/sbom.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,10 +22,10 @@ jobs:
SSH_AUTH_SOCK: /tmp/ssh_agent.sock
name: Generate and store SBOM
steps:
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
with:
fetch-depth: 0
- uses: actions/setup-java@3f07048e3d294f56e9b90ac5ea2c6f74e9ad0f98 # v3.10.0
- uses: actions/setup-java@5ffc13f4174014e2d4d4572b3d74c3fa61aeb2c2 # v3.11.0
with:
java-version: 17
distribution: ${{ env.JAVA_DISTRIBUTION }}
Expand Down
76 changes: 76 additions & 0 deletions .github/workflows/scorecards.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,76 @@
# This workflow uses actions that are not certified by GitHub. They are provided
# by a third-party and are governed by separate terms of service, privacy
# policy, and support documentation.

name: Scorecard supply-chain security
on:
# For Branch-Protection check. Only the default branch is supported. See
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#branch-protection
branch_protection_rule:
# To guarantee Maintained check is occasionally updated. See
# https://github.com/ossf/scorecard/blob/main/docs/checks.md#maintained
schedule:
- cron: '20 7 * * 2'
push:
branches: ["master"]

# Declare default permissions as read only.
permissions: read-all

jobs:
analysis:
name: Scorecard analysis
runs-on: ubuntu-latest
permissions:
# Needed to upload the results to code-scanning dashboard.
security-events: write
# Needed to publish results and get a badge (see publish_results below).
id-token: write
contents: read
actions: read

steps:
- name: Harden Runner
uses: step-security/harden-runner@55d479fb1c5bcad5a4f9099a5d9f37c8857b2845 # v2.4.1
with:
egress-policy: audit

- name: "Checkout code"
uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3
with:
persist-credentials: false

- name: "Run analysis"
uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v2.2.0
with:
results_file: results.sarif
results_format: sarif
# (Optional) "write" PAT token. Uncomment the `repo_token` line below if:
# - you want to enable the Branch-Protection check on a *public* repository, or
# - you are installing Scorecards on a *private* repository
# To create the PAT, follow the steps in https://github.com/ossf/scorecard-action#authentication-with-pat.
# repo_token: ${{ secrets.SCORECARD_TOKEN }}

# Public repositories:
# - Publish results to OpenSSF REST API for easy access by consumers
# - Allows the repository to include the Scorecard badge.
# - See https://github.com/ossf/scorecard-action#publishing-results.
# For private repositories:
# - `publish_results` will always be set to `false`, regardless
# of the value entered here.
publish_results: true

# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
with:
name: SARIF file
path: results.sarif
retention-days: 5

# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@46ed16ded91731b2df79a2893d3aea8e9f03b5c4 # v2.20.3
with:
sarif_file: results.sarif
Loading