From 01f80b43ae2d6d3ac38a05b71a40fbe9a34a41da Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 20 Aug 2024 12:56:37 +0000 Subject: [PATCH 01/12] Bump org.apache.maven.plugins:maven-source-plugin from 3.2.1 to 3.3.1 Bumps [org.apache.maven.plugins:maven-source-plugin](https://github.com/apache/maven-source-plugin) from 3.2.1 to 3.3.1. - [Release notes](https://github.com/apache/maven-source-plugin/releases) - [Commits](https://github.com/apache/maven-source-plugin/compare/maven-source-plugin-3.2.1...maven-source-plugin-3.3.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-source-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 41de3f4..37f0b86 100644 --- a/pom.xml +++ b/pom.xml @@ -50,7 +50,7 @@ org.apache.maven.plugins maven-source-plugin - 3.2.1 + 3.3.1 attach-source From 1aef731b473a66adef65a3f4abeb76d75f3cfdd2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 20 Aug 2024 12:56:40 +0000 Subject: [PATCH 02/12] Bump org.apache.maven.plugins:maven-gpg-plugin from 3.0.1 to 3.2.5 Bumps [org.apache.maven.plugins:maven-gpg-plugin](https://github.com/apache/maven-gpg-plugin) from 3.0.1 to 3.2.5. - [Release notes](https://github.com/apache/maven-gpg-plugin/releases) - [Commits](https://github.com/apache/maven-gpg-plugin/compare/maven-gpg-plugin-3.0.1...maven-gpg-plugin-3.2.5) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-gpg-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 41de3f4..f10ad39 100644 --- a/pom.xml +++ b/pom.xml @@ -76,7 +76,7 @@ org.apache.maven.plugins maven-gpg-plugin - 3.0.1 + 3.2.5 sign-artifacts From 64dc1c0dd5f9fe426952ead72e0df8235ee19507 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 20 Aug 2024 12:56:41 +0000 Subject: [PATCH 03/12] Bump org.apache.logging.log4j:log4j-core from 2.17.1 to 2.23.1 Bumps org.apache.logging.log4j:log4j-core from 2.17.1 to 2.23.1. --- updated-dependencies: - dependency-name: org.apache.logging.log4j:log4j-core dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 41de3f4..325bbd7 100644 --- a/pom.xml +++ b/pom.xml @@ -131,7 +131,7 @@ org.apache.logging.log4j log4j-core - 2.17.1 + 2.23.1 From 5ecb535dbc30c6791ea491cc97458300a19e0a54 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 20 Aug 2024 12:56:43 +0000 Subject: [PATCH 04/12] Bump com.google.guava:guava from 32.0.0-jre to 33.3.0-jre Bumps [com.google.guava:guava](https://github.com/google/guava) from 32.0.0-jre to 33.3.0-jre. - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) --- updated-dependencies: - dependency-name: com.google.guava:guava dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 41de3f4..3f62503 100644 --- a/pom.xml +++ b/pom.xml @@ -120,7 +120,7 @@ com.google.guava guava - 32.0.0-jre + 33.3.0-jre junit From 51c93fd289979db0a65d884dc1b23500ea854472 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 20 Aug 2024 12:56:45 +0000 Subject: [PATCH 05/12] Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.0 to 3.8.0 Bumps [org.apache.maven.plugins:maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) from 3.6.0 to 3.8.0. - [Release notes](https://github.com/apache/maven-javadoc-plugin/releases) - [Commits](https://github.com/apache/maven-javadoc-plugin/compare/maven-javadoc-plugin-3.6.0...maven-javadoc-plugin-3.8.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-javadoc-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 41de3f4..e4962f4 100644 --- a/pom.xml +++ b/pom.xml @@ -63,7 +63,7 @@ org.apache.maven.plugins maven-javadoc-plugin - 3.6.0 + 3.8.0 attach-javadoc From 0577845d9d17bf4ae6a2cc51c27a348fbc8cb2ce Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 20 Aug 2024 12:56:47 +0000 Subject: [PATCH 06/12] Bump org.apache.maven.plugins:maven-compiler-plugin from 3.3 to 3.13.0 Bumps [org.apache.maven.plugins:maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) from 3.3 to 3.13.0. - [Release notes](https://github.com/apache/maven-compiler-plugin/releases) - [Commits](https://github.com/apache/maven-compiler-plugin/compare/maven-compiler-plugin-3.3...maven-compiler-plugin-3.13.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-compiler-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 41de3f4..d8a3b85 100644 --- a/pom.xml +++ b/pom.xml @@ -103,7 +103,7 @@ maven-compiler-plugin - 3.3 + 3.13.0 1.7 1.7 From 14e1e51efbceaf1c8ada56547b2874497e510926 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 20 Aug 2024 12:56:50 +0000 Subject: [PATCH 07/12] Bump org.apache.maven.plugins:maven-release-plugin from 2.5.3 to 3.1.1 Bumps [org.apache.maven.plugins:maven-release-plugin](https://github.com/apache/maven-release) from 2.5.3 to 3.1.1. - [Release notes](https://github.com/apache/maven-release/releases) - [Commits](https://github.com/apache/maven-release/compare/maven-release-2.5.3...maven-release-3.1.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-release-plugin dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 41de3f4..dbf64ca 100644 --- a/pom.xml +++ b/pom.xml @@ -111,7 +111,7 @@ maven-release-plugin - 2.5.3 + 3.1.1 From 0dd8ee6d4f956eb71c86e770dd7298c15fb6bf59 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 20 Aug 2024 12:56:54 +0000 Subject: [PATCH 08/12] Bump junit:junit from 4.13.1 to 4.13.2 Bumps [junit:junit](https://github.com/junit-team/junit4) from 4.13.1 to 4.13.2. - [Release notes](https://github.com/junit-team/junit4/releases) - [Changelog](https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.13.1.md) - [Commits](https://github.com/junit-team/junit4/compare/r4.13.1...r4.13.2) --- updated-dependencies: - dependency-name: junit:junit dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 41de3f4..114ac05 100644 --- a/pom.xml +++ b/pom.xml @@ -125,7 +125,7 @@ junit junit - 4.13.1 + 4.13.2 test From d9b07615db55df6c7b9213fe11e90d9c32d5db37 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 20 Aug 2024 12:56:55 +0000 Subject: [PATCH 09/12] Bump org.sonatype.plugins:nexus-staging-maven-plugin Bumps org.sonatype.plugins:nexus-staging-maven-plugin from 1.6.13 to 1.7.0. --- updated-dependencies: - dependency-name: org.sonatype.plugins:nexus-staging-maven-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 41de3f4..c9a6486 100644 --- a/pom.xml +++ b/pom.xml @@ -39,7 +39,7 @@ org.sonatype.plugins nexus-staging-maven-plugin - 1.6.13 + 1.7.0 true ossrh From 9949e11a25397af9b508caf0fb6064747e46093e Mon Sep 17 00:00:00 2001 From: "M.Schmidt" Date: Wed, 21 Aug 2024 11:52:26 +0200 Subject: [PATCH 10/12] cleanup legacy configs: eclipse, ci check --- .classpath | 26 -------------------------- .project | 23 ----------------------- .whitesource | 15 --------------- shippable.yml | 9 --------- 4 files changed, 73 deletions(-) delete mode 100644 .classpath delete mode 100644 .project delete mode 100644 .whitesource delete mode 100644 shippable.yml diff --git a/.classpath b/.classpath deleted file mode 100644 index 07c2adc..0000000 --- a/.classpath +++ /dev/null @@ -1,26 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/.project b/.project deleted file mode 100644 index 4c2c8e7..0000000 --- a/.project +++ /dev/null @@ -1,23 +0,0 @@ - - - PathExpression - - - - - - org.eclipse.jdt.core.javabuilder - - - - - org.eclipse.m2e.core.maven2Builder - - - - - - org.eclipse.jdt.core.javanature - org.eclipse.m2e.core.maven2Nature - - diff --git a/.whitesource b/.whitesource deleted file mode 100644 index 5029402..0000000 --- a/.whitesource +++ /dev/null @@ -1,15 +0,0 @@ -{ - "scanSettings": { - "configMode": "AUTO", - "configExternalURL": "" - }, - "generalSettings": { - "shouldScanRepo": true - }, - "checkRunSettings": { - "vulnerableCheckRunConclusionLevel": "failure" - }, - "issueSettings": { - "minSeverityLevel": "LOW" - } -} \ No newline at end of file diff --git a/shippable.yml b/shippable.yml deleted file mode 100644 index 255c5b9..0000000 --- a/shippable.yml +++ /dev/null @@ -1,9 +0,0 @@ -language: java - -jdk: - - oraclejdk8 - -build: - ci: - - git checkout - - mvn clean verify surefire:test --fail-at-end \ No newline at end of file From 20d7337914db650a78d47e8f03eca26f2d7ceb05 Mon Sep 17 00:00:00 2001 From: Sven Meyer Date: Wed, 21 Aug 2024 18:18:10 +0200 Subject: [PATCH 11/12] Add version actions and update versions --- .github/workflows/deploy.yml | 11 +--- .github/workflows/maven.yml | 44 ++------------- .github/workflows/version.yml | 102 ++++++++++++++++++++++++++++++++++ .gitignore | 2 + 4 files changed, 112 insertions(+), 47 deletions(-) create mode 100644 .github/workflows/version.yml diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 47b1d93..1bb392d 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -8,24 +8,19 @@ jobs: name: PathExpression deployment steps: - name: Checkout source code - uses: actions/checkout@v3 + uses: actions/checkout@v4 # Sets up Java version - name: Set up Java - uses: actions/setup-java@v3 + uses: actions/setup-java@v4 with: distribution: 'adopt' java-package: 'jdk' - java-version: '11' + java-version: '1.8' server-id: 'ossrh' # must match the serverId configured for the nexus-staging-maven-plugin server-username: OSSRH_USERNAME # Env var that holds your OSSRH user name server-password: OSSRH_PASSWORD # Env var that holds your OSSRH user pw gpg-private-key: ${{ secrets.GPG_PRIVATE_KEY }} # Substituted with the value stored in the referenced secret gpg-passphrase: SIGN_KEY_PASS # Env var that holds the key's passphrase - # Sets up Maven version - - name: Set up Maven - uses: stCarolas/setup-maven@v4.5 - with: - maven-version: 3.6.3 - name: Build & Deploy PathExpression run: mvn -B -U clean deploy -Pdeployment env: diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml index 815d735..150931a 100644 --- a/.github/workflows/maven.yml +++ b/.github/workflows/maven.yml @@ -8,46 +8,12 @@ jobs: BuildAndTest: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Set up JDK 1.8 - uses: actions/setup-java@v1 + uses: actions/setup-java@v4 with: - java-version: 1.8 + distribution: 'adopt' + java-package: jdk + java-version: '1.8' - name: Build with Maven run: mvn -B verify --file pom.xml - - Release: - name: Release - if: github.ref == 'refs/heads/master' - runs-on: ubuntu-latest - permissions: - contents: read - packages: write - needs: [BuildAndTest] - steps: - - name: Checkout - uses: actions/checkout@v2 - - name: Set up JDK 1.8 - uses: actions/setup-java@v1 - with: - java-version: 1.8 - - name: Release - uses: qcastel/github-actions-maven-release@master - env: - JAVA_HOME: /usr/lib/jvm/java-1.8-openjdk/ - with: - release-branch-name: "master" - - gpg-enabled: "true" - gpg-key-id: ${{ secrets.GPG_KEY_ID }} - gpg-key: ${{ secrets.GPG_KEY }} - - maven-repo-server-id: github - maven-repo-server-username: ${{ secrets.CI_USER }} - maven-repo-server-password: ${{ secrets.CI_PACKAGES_TOKEN }} - - git-release-bot-name: ${{ secrets.CI_USER }} - git-release-bot-email: "admin@codeshield.de" - - access-token: ${{ secrets.GITHUB_TOKEN }} - maven-args: "-DskipTests" diff --git a/.github/workflows/version.yml b/.github/workflows/version.yml new file mode 100644 index 0000000..f833146 --- /dev/null +++ b/.github/workflows/version.yml @@ -0,0 +1,102 @@ +name: Version handling + +on: + pull_request: + types: + - closed + branches: + - master + +jobs: + version-update: + # This version does not run on self-opened PRs + if: ${{ github.event.pull_request.merged == true && github.event.pull_request.user.login != 'github-actions[bot]' }} + runs-on: ubuntu-latest + steps: + - name: Checkout source code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + # Sets up Java version + - name: Set up Java + uses: actions/setup-java@v4 + with: + distribution: 'adopt' + java-package: jdk + java-version: '1.8' + # Semantic versioning + - name: Semantic versioning + id: versioning + uses: paulhatch/semantic-version@v5.4.0 + with: + tag_prefix: "" + # A string which, if present in a git commit, indicates that a change represents a + # major (breaking) change, supports regular expressions wrapped with '/' + major_pattern: "(MAJOR)" + # Same as above except indicating a minor change, supports regular expressions wrapped with '/' + minor_pattern: "(MINOR)" + # A string to determine the format of the version output + version_format: "${major}.${minor}.${patch}" + # Check, whether there is an existing branch "version_" or an open PR "version_" -> "master" + # and store the results as environment variables + - name: Check if branch and PR exist + # The second command was copied from https://stackoverflow.com/questions/73812503/github-action-stop-the-action-if-pr-already-exists + run: | + echo VERSION_BRANCH_EXISTS=$(git ls-remote --heads origin refs/heads/version_${{ steps.versioning.outputs.version }} | wc -l) >> $GITHUB_ENV + echo PR_EXISTS=$(gh pr list \ + --repo "$GITHUB_REPOSITORY" \ + --json baseRefName,headRefName \ + --jq ' + map(select(.baseRefName == "master" and .headRefName == "version_${{ steps.versioning.outputs.version }}")) + | length + ') >> $GITHUB_ENV + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + # If the branch "version_" does not exist, create the branch and update the version in all files + - name: Create branch and update PathExpression version + if: ${{ env.VERSION_BRANCH_EXISTS == '0' }} + run: | + git config --global user.email "github-actions[bot]@users.noreply.github.com" + git config --global user.name "github-actions[bot]" + git checkout -b version_${{ steps.versioning.outputs.version }} + mvn build-helper:parse-version versions:set -DnewVersion=\${{ steps.versioning.outputs.version }} versions:commit + git ls-files | grep 'pom.xml$' | xargs git add + git commit --allow-empty -am "Update PathExpression version to ${{ steps.versioning.outputs.version }}" + git push origin version_${{ steps.versioning.outputs.version }} + # If a PR "version_" -> "master" does not exist, create the PR + - name: Open pull request for version update + if: ${{ env.PR_EXISTS == '0' }} + run: | + gh pr create -B master -H version_${{ steps.versioning.outputs.version }} -t "Update PathExpression version to ${{ steps.versioning.outputs.version }}" -b "This PR was created by the version-update workflow. Please make sure to delete the branch after merging, otherwise future workflows might fail." + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + version-release: + # This job runs only on merged PRs, which were opened by the version-update job + if: ${{ github.event.pull_request.merged == true && github.event.pull_request.user.login == 'github-actions[bot]' }} + runs-on: ubuntu-latest + steps: + - name: Checkout source code + uses: actions/checkout@v4 + with: + fetch-depth: 0 + # Semantic versioning + - name: Semantic versioning + id: versioning + uses: paulhatch/semantic-version@v5.4.0 + with: + tag_prefix: "" + # A string which, if present in a git commit, indicates that a change represents a + # major (breaking) change, supports regular expressions wrapped with '/' + major_pattern: "(MAJOR)" + # Same as above except indicating a minor change, supports regular expressions wrapped with '/' + minor_pattern: "(MINOR)" + # A string to determine the format of the version output + version_format: "${major}.${minor}.${patch}" + # Create a tag with the newest version to prepare a release + - name: Create tag for new version + run: | + git config --global user.email "${{ github.actor }}@users.noreply.github.com" + git config --global user.name "${{ github.actor }}" + git tag -a ${{ steps.versioning.outputs.version }} -m "PathExpression version ${{ steps.versioning.outputs.version }}" + git push origin ${{ steps.versioning.outputs.version }} \ No newline at end of file diff --git a/.gitignore b/.gitignore index a4743bf..93ec392 100644 --- a/.gitignore +++ b/.gitignore @@ -101,6 +101,8 @@ local.properties .settings/ .loadpath .recommenders +.project +.classpath # External tool builders .externalToolBuilders/ From 4331d52d550c48dcedc16420417b80a729f6cbd5 Mon Sep 17 00:00:00 2001 From: Sven Meyer Date: Wed, 21 Aug 2024 18:21:22 +0200 Subject: [PATCH 12/12] Set correct Java version --- .github/workflows/deploy.yml | 2 +- .github/workflows/maven.yml | 2 +- .github/workflows/version.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 1bb392d..cc0500e 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -15,7 +15,7 @@ jobs: with: distribution: 'adopt' java-package: 'jdk' - java-version: '1.8' + java-version: '8' server-id: 'ossrh' # must match the serverId configured for the nexus-staging-maven-plugin server-username: OSSRH_USERNAME # Env var that holds your OSSRH user name server-password: OSSRH_PASSWORD # Env var that holds your OSSRH user pw diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml index 150931a..c36b231 100644 --- a/.github/workflows/maven.yml +++ b/.github/workflows/maven.yml @@ -14,6 +14,6 @@ jobs: with: distribution: 'adopt' java-package: jdk - java-version: '1.8' + java-version: '8' - name: Build with Maven run: mvn -B verify --file pom.xml diff --git a/.github/workflows/version.yml b/.github/workflows/version.yml index f833146..d4df3d3 100644 --- a/.github/workflows/version.yml +++ b/.github/workflows/version.yml @@ -23,7 +23,7 @@ jobs: with: distribution: 'adopt' java-package: jdk - java-version: '1.8' + java-version: '8' # Semantic versioning - name: Semantic versioning id: versioning