From 04ebd4e99701cc747ba6c66f0ce83b1b65b3e15c Mon Sep 17 00:00:00 2001 From: Ben Manes Date: Sat, 28 Sep 2024 10:36:54 -0700 Subject: [PATCH] simplify the gha jdk selection and enable the build cache for graalvm --- .github/actions/run-gradle/action.yml | 52 +++++++------------ .github/workflows/actionlint.yml | 2 +- .github/workflows/analysis.yml | 6 +-- .github/workflows/benchmarks.yml | 2 +- .github/workflows/build.yml | 14 ++--- .github/workflows/codacy.yml | 4 +- .github/workflows/codeql.yml | 8 +-- .github/workflows/dependency-check.yml | 4 +- .github/workflows/dependency-review.yml | 2 +- .../dependency-submission-pr-submit.yml | 4 +- .github/workflows/dependency-submission.yml | 4 +- .github/workflows/devskim.yml | 4 +- .github/workflows/examples.yml | 4 +- .github/workflows/gitleaks.yml | 2 +- .../workflows/gradle-wrapper-validation.yml | 2 +- .github/workflows/qodana.yml | 4 +- .github/workflows/release.yml | 2 +- .github/workflows/scorecards-analysis.yml | 4 +- .github/workflows/semgrep.yml | 4 +- .github/workflows/snyk.yml | 4 +- .github/workflows/spelling.yml | 4 +- .github/workflows/trivy.yml | 4 +- .../github/benmanes/caffeine/cache/Reset.java | 2 + .../gradle/libs.versions.toml | 2 +- .../gradle/wrapper/gradle-wrapper.properties | 2 +- .../graal-native/gradle/libs.versions.toml | 4 +- .../gradle/wrapper/gradle-wrapper.properties | 2 +- examples/hibernate/gradle/libs.versions.toml | 2 +- .../gradle/wrapper/gradle-wrapper.properties | 2 +- examples/indexable/gradle/libs.versions.toml | 4 +- .../gradle/wrapper/gradle-wrapper.properties | 2 +- .../gradle/libs.versions.toml | 2 +- .../gradle/wrapper/gradle-wrapper.properties | 2 +- .../gradle/libs.versions.toml | 2 +- .../gradle/wrapper/gradle-wrapper.properties | 2 +- gradle/libs.versions.toml | 16 +++--- .../java-library.caffeine.gradle.kts | 9 +++- .../lifecycle/testing.caffeine.gradle.kts | 2 + gradle/wrapper/gradle-wrapper.properties | 2 +- 39 files changed, 93 insertions(+), 106 deletions(-) diff --git a/.github/actions/run-gradle/action.yml b/.github/actions/run-gradle/action.yml index fa4cbc3354..cb0299d54d 100644 --- a/.github/actions/run-gradle/action.yml +++ b/.github/actions/run-gradle/action.yml @@ -29,59 +29,44 @@ inputs: runs: using: composite steps: - - name: Prepare OpenJDK - if: inputs.java != 'GraalVM' - shell: bash - run: echo "JAVA_VERSION=${{ inputs.java }}" >> $GITHUB_ENV - - name: Prepare GraalVM - if: inputs.java == 'GraalVM' + - name: Prepare JDK toolchain shell: bash run: | - echo "GRAALVM=true" >> $GITHUB_ENV - echo "JAVA_VERSION=${{ inputs.graal }}" >> $GITHUB_ENV - - name: Set up JDK ${{ inputs.java }} - uses: actions/setup-java@2dfa2011c5b2a0f1489bf9e433881c92c1631f88 # v4.3.0 - if: (inputs.early-access != inputs.java) && (inputs.java != 'GraalVM') - with: - java-version: ${{ inputs.java }} - distribution: temurin - - name: Set up JDK ${{ inputs.java }} - uses: oracle-actions/setup-java@2e744f723b003fdd759727d0ff654c8717024845 # v1.4.0 - if: (inputs.early-access == inputs.java) && (inputs.java != 'GraalVM') - with: - release: ${{ inputs.java }} - website: jdk.java.net - version: latest - - name: Set up GraalVM - uses: graalvm/setup-graalvm@22cc13fe88ef133134b3798e128fb208df55e1f5 # v1.2.3 - if: inputs.java == 'GraalVM' + if [[ "${{ inputs.java }}" == "GraalVM" ]]; then + echo "JAVA_VENDOR=GraalVM Community" >> $GITHUB_ENV + echo "JAVA_VERSION=${{ inputs.graal }}" >> $GITHUB_ENV + else + echo "JAVA_VENDOR=Adoptium" >> $GITHUB_ENV + echo "JAVA_VERSION=${{ inputs.java }}" >> $GITHUB_ENV + fi + - name: Set up JDK + uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0 with: - distribution: 'graalvm' - github-token: ${{ inputs.token }} - java-version: ${{ env.JAVA_VERSION }} + java-version: ${{ + inputs.java == 'GraalVM' && inputs.graal || + (inputs.early-access == inputs.java && format('{0}-ea', inputs.java) || inputs.java) }} + distribution: ${{ inputs.java == 'GraalVM' && 'graalvm' || 'temurin' }} - name: Prepare JDK ${{ inputs.java }} shell: bash run: | + if [[ "${{ inputs.java }}" == "GraalVM" ]]; then + echo "GRAALVM_HOME=$JAVA_HOME" >> $GITHUB_ENV + fi echo "JDK_CI=$JAVA_HOME" >> $GITHUB_ENV echo "JDK_EA=${{ inputs.early-access == inputs.java }}" >> $GITHUB_ENV - name: Read Gradle JDK toolchain version - id: read-jdk-version shell: bash run: | toolchainVersion=$(grep -oP '(?<=^toolchainVersion=).*' gradle/gradle-daemon-jvm.properties) echo "toolchainVersion=${toolchainVersion}" >> $GITHUB_ENV - name: Set up JDK ${{ env.toolchainVersion }} - id: setup-gradle-jdk - uses: actions/setup-java@2dfa2011c5b2a0f1489bf9e433881c92c1631f88 # v4.3.0 - if: inputs.java != 'GraalVM' + uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0 with: java-version: ${{ env.toolchainVersion }} distribution: temurin - name: Setup Gradle - id: setup-gradle uses: gradle/actions/setup-gradle@d156388eb19639ec20ade50009f3d199ce1e2808 # v4.1.0 env: - JAVA_HOME: ${{ steps.setup-gradle-jdk.outputs.path }} ORG_GRADLE_PROJECT_org.gradle.java.installations.auto-download: 'false' with: add-job-summary: never @@ -90,7 +75,6 @@ runs: - name: Run ${{ inputs.arguments }} if: ${{ inputs.arguments != '' }} env: - JAVA_HOME: ${{ steps.setup-gradle-jdk.outputs.path }} ORG_GRADLE_PROJECT_org.gradle.java.installations.auto-download: 'false' shell: bash run: | diff --git a/.github/workflows/actionlint.yml b/.github/workflows/actionlint.yml index 4cf4d84fa3..7c107ebf0a 100644 --- a/.github/workflows/actionlint.yml +++ b/.github/workflows/actionlint.yml @@ -14,7 +14,7 @@ jobs: allowed-endpoints: > api.github.com:443 github.com:443 - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: actionlint uses: reviewdog/action-actionlint@12f7cb8c93ab327c99dec3a1d502c0f314978afd # v1.55.0 env: diff --git a/.github/workflows/analysis.yml b/.github/workflows/analysis.yml index 71e560838b..eb065302e2 100644 --- a/.github/workflows/analysis.yml +++ b/.github/workflows/analysis.yml @@ -31,7 +31,7 @@ jobs: disable-sudo: true egress-policy: block allowed-endpoints: ${{ env.ALLOWED_ENDPOINTS }} - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Forbidden Apis uses: ./.github/actions/run-gradle with: @@ -49,7 +49,7 @@ jobs: disable-sudo: true egress-policy: block allowed-endpoints: ${{ env.ALLOWED_ENDPOINTS }} - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Pmd uses: ./.github/actions/run-gradle with: @@ -67,7 +67,7 @@ jobs: disable-sudo: true egress-policy: block allowed-endpoints: ${{ env.ALLOWED_ENDPOINTS }} - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Spotbugs uses: ./.github/actions/run-gradle with: diff --git a/.github/workflows/benchmarks.yml b/.github/workflows/benchmarks.yml index 18bd31a682..00c9207b9c 100644 --- a/.github/workflows/benchmarks.yml +++ b/.github/workflows/benchmarks.yml @@ -39,7 +39,7 @@ jobs: raw.githubusercontent.com:443 services.gradle.org:443 www.graalvm.org:443 - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Compute JMH Benchmark uses: ./.github/actions/run-gradle with: diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 7e28c4b67d..94338ed89e 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -39,7 +39,6 @@ env: schemastore.org:443 www.graalvm.org:443 PUBLISH_JDK: 11 - EA_JDK: 24 jobs: compile: @@ -59,16 +58,11 @@ jobs: egress-policy: block allowed-endpoints: ${{ env.ALLOWED_ENDPOINTS }} - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - name: Prepare GraalVM - if: env.JAVA_VERSION == 'GraalVM' - shell: bash - run: echo "GRADLE_ARGS=--no-build-cache" >> $GITHUB_ENV + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Compile uses: ./.github/actions/run-gradle with: java: ${{ env.JAVA_VERSION }} - early-access: ${{ env.EA_JDK }} token: ${{ secrets.GITHUB_TOKEN }} arguments: check -x test ${{ env.GRADLE_ARGS }} - name: Cancel if failed @@ -176,7 +170,7 @@ jobs: egress-policy: block allowed-endpoints: ${{ env.ALLOWED_ENDPOINTS }} - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Run tests (${{ env.JAVA_VERSION }}) uses: ./.github/actions/run-gradle with: @@ -233,7 +227,7 @@ jobs: storage.googleapis.com:443 uploader.codecov.io:443 - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 with: fetch-depth: 0 - name: Download Tests Results @@ -351,7 +345,7 @@ jobs: errorprone.info:443 lightbend.github.io:443 guava.dev:443 - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Publish Snapshot uses: ./.github/actions/run-gradle env: diff --git a/.github/workflows/codacy.yml b/.github/workflows/codacy.yml index aed0389695..d88345c211 100644 --- a/.github/workflows/codacy.yml +++ b/.github/workflows/codacy.yml @@ -29,7 +29,7 @@ jobs: registry-1.docker.io:443 *.blob.core.windows.net:443 - name: Checkout code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Run Codacy Analysis uses: codacy/codacy-analysis-cli-action@97bf5df3c09e75f5bcd72695998f96ebd701846e # v4.4.5 continue-on-error: true @@ -47,7 +47,7 @@ jobs: if: steps.check_files.outputs.files_exists == 'true' run: jq -c '.runs |= unique_by({tool, invocations, results})' < results.sarif > codacy.sarif - name: Upload result to GitHub Code Scanning - uses: github/codeql-action/upload-sarif@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8 + uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 if: steps.check_files.outputs.files_exists == 'true' continue-on-error: true with: diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f2e8deabef..e4efe0fad0 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -50,17 +50,17 @@ jobs: uploads.github.com:443 services.gradle.org:443 - name: Checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Setup Gradle uses: ./.github/actions/run-gradle with: java: ${{ env.JAVA_VERSION }} token: ${{ secrets.GITHUB_TOKEN }} - name: Initialize CodeQL - uses: github/codeql-action/init@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8 + uses: github/codeql-action/init@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 with: languages: java - name: Autobuild - uses: github/codeql-action/autobuild@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8 + uses: github/codeql-action/autobuild@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8 + uses: github/codeql-action/analyze@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 diff --git a/.github/workflows/dependency-check.yml b/.github/workflows/dependency-check.yml index 0e8f9d2291..6e83100b02 100644 --- a/.github/workflows/dependency-check.yml +++ b/.github/workflows/dependency-check.yml @@ -45,7 +45,7 @@ jobs: raw.githubusercontent.com:443 services.gradle.org:443 www.cisa.gov:443 - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Run dependency-check uses: ./.github/actions/run-gradle continue-on-error: true @@ -60,7 +60,7 @@ jobs: with: files: build/reports/dependency-check-report.sarif - name: Upload result to GitHub Code Scanning - uses: github/codeql-action/upload-sarif@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8 + uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 if: steps.check_files.outputs.files_exists == 'true' with: sarif_file: build/reports/dependency-check-report.sarif diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 6eff859f88..fec6438191 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -19,7 +19,7 @@ jobs: api.github.com:443 github.com:443 - name: Checkout Repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Dependency Review uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4 with: diff --git a/.github/workflows/dependency-submission-pr-submit.yml b/.github/workflows/dependency-submission-pr-submit.yml index 38c83ca6f4..63813a8e74 100644 --- a/.github/workflows/dependency-submission-pr-submit.yml +++ b/.github/workflows/dependency-submission-pr-submit.yml @@ -31,9 +31,9 @@ jobs: repo.maven.apache.org:443 repo1.maven.org:443 services.gradle.org:443 - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Set up JDK ${{ env.JAVA_VERSION }} - uses: actions/setup-java@2dfa2011c5b2a0f1489bf9e433881c92c1631f88 # v4.3.0 + uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0 with: java-version: ${{ env.JAVA_VERSION }} distribution: temurin diff --git a/.github/workflows/dependency-submission.yml b/.github/workflows/dependency-submission.yml index aa680e5802..ebb0688e25 100644 --- a/.github/workflows/dependency-submission.yml +++ b/.github/workflows/dependency-submission.yml @@ -31,9 +31,9 @@ jobs: repo.maven.apache.org:443 repo1.maven.org:443 services.gradle.org:443 - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Set up JDK ${{ env.JAVA_VERSION }} - uses: actions/setup-java@2dfa2011c5b2a0f1489bf9e433881c92c1631f88 # v4.3.0 + uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0 with: java-version: ${{ env.JAVA_VERSION }} distribution: temurin diff --git a/.github/workflows/devskim.yml b/.github/workflows/devskim.yml index 2754fa9d33..d70d969b3e 100644 --- a/.github/workflows/devskim.yml +++ b/.github/workflows/devskim.yml @@ -27,10 +27,10 @@ jobs: api.github.com:443 github.com:443 - name: Checkout code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Run DevSkim scanner uses: microsoft/DevSkim-Action@914fa647b406c387000300b2f09bb28691be2b6d # v1.0.14 - name: Upload DevSkim scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8 + uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 with: sarif_file: devskim-results.sarif diff --git a/.github/workflows/examples.yml b/.github/workflows/examples.yml index 16c788a024..22c68d001d 100644 --- a/.github/workflows/examples.yml +++ b/.github/workflows/examples.yml @@ -32,9 +32,9 @@ jobs: repo1.maven.org:443 services.gradle.org:443 www.graalvm.org:443 - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Set up JDK ${{ env.JAVA_VERSION }} - uses: actions/setup-java@2dfa2011c5b2a0f1489bf9e433881c92c1631f88 # v4.3.0 + uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0 with: java-version: ${{ env.JAVA_VERSION }} distribution: temurin diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml index d99328a0a6..8359b8a832 100644 --- a/.github/workflows/gitleaks.yml +++ b/.github/workflows/gitleaks.yml @@ -23,7 +23,7 @@ jobs: egress-policy: block allowed-endpoints: ${{ env.ALLOWED_ENDPOINTS }} - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 with: fetch-depth: 0 - name: Run gitleaks diff --git a/.github/workflows/gradle-wrapper-validation.yml b/.github/workflows/gradle-wrapper-validation.yml index 44f055c95c..c416f743ec 100644 --- a/.github/workflows/gradle-wrapper-validation.yml +++ b/.github/workflows/gradle-wrapper-validation.yml @@ -17,5 +17,5 @@ jobs: downloads.gradle-dn.com:443 github.com:443 services.gradle.org:443 - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - uses: gradle/actions/wrapper-validation@d156388eb19639ec20ade50009f3d199ce1e2808 # v4.1.0 diff --git a/.github/workflows/qodana.yml b/.github/workflows/qodana.yml index 1e0f374a96..a997260830 100644 --- a/.github/workflows/qodana.yml +++ b/.github/workflows/qodana.yml @@ -55,7 +55,7 @@ jobs: resources.jetbrains.com:443 services.gradle.org:443 - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Build uses: ./.github/actions/run-gradle with: @@ -68,6 +68,6 @@ jobs: with: upload-result: true - name: Upload SARIF file for GitHub Advanced Security Dashboard - uses: github/codeql-action/upload-sarif@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8 + uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 with: sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index bc95d9f501..d7faf17206 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -18,7 +18,7 @@ jobs: with: disable-sudo: true egress-policy: audit - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Releasing uses: ./.github/actions/run-gradle env: diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml index 30aa7d86d7..163739b7ea 100644 --- a/.github/workflows/scorecards-analysis.yml +++ b/.github/workflows/scorecards-analysis.yml @@ -41,7 +41,7 @@ jobs: tuf-repo-cdn.sigstore.dev:443 www.bestpractices.dev:443 - name: Checkout code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 with: persist-credentials: false - name: Run analysis @@ -58,6 +58,6 @@ jobs: path: results.sarif retention-days: 5 - name: Upload to code-scanning - uses: github/codeql-action/upload-sarif@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8 + uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 with: sarif_file: results.sarif diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index c9f09367c3..eac22e6620 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -17,7 +17,7 @@ jobs: # Incompatible with Harden Runner image: returntocorp/semgrep steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - run: semgrep scan --sarif --output=results.sarif env: SEMGREP_RULES: >- @@ -34,7 +34,7 @@ jobs: if: steps.check_files.outputs.files_exists == 'true' run: jq -c '.runs[0].tool.driver.rules |= unique_by(.id)' < results.sarif > semgrep.sarif - name: Upload SARIF file for GitHub Advanced Security Dashboard - uses: github/codeql-action/upload-sarif@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8 + uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 if: steps.check_files.outputs.files_exists == 'true' continue-on-error: true with: diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml index 7fd9bba606..8f50dbc7d8 100644 --- a/.github/workflows/snyk.yml +++ b/.github/workflows/snyk.yml @@ -25,7 +25,7 @@ jobs: if: github.event.repository.fork == false steps: - name: Checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Setup Gradle uses: ./.github/actions/run-gradle with: @@ -42,7 +42,7 @@ jobs: with: files: snyk.sarif - name: Upload result to GitHub Code Scanning - uses: github/codeql-action/upload-sarif@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8 + uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 if: steps.check_files.outputs.files_exists == 'true' with: sarif_file: snyk.sarif diff --git a/.github/workflows/spelling.yml b/.github/workflows/spelling.yml index 6709a8c08c..55163d0aa7 100644 --- a/.github/workflows/spelling.yml +++ b/.github/workflows/spelling.yml @@ -14,7 +14,7 @@ jobs: allowed-endpoints: > api.github.com:443 github.com:443 - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Misspell uses: reviewdog/action-misspell@ef8b22c1cca06c8d306fc6be302c3dab0f6ca12f # v1.23.0 with: @@ -32,6 +32,6 @@ jobs: allowed-endpoints: > github.com:443 objects.githubusercontent.com:443 - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Typos uses: crate-ci/typos@8e6a4285bcbde632c5d79900a7779746e8b7ea3f # v1.24.6 diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index a12433183f..25d22e822f 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -21,7 +21,7 @@ jobs: ghcr.io:443 github.com:443 pkg-containers.githubusercontent.com:443 - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0 with: @@ -29,6 +29,6 @@ jobs: format: sarif output: trivy-results.sarif - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8 + uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 with: sarif_file: trivy-results.sarif diff --git a/caffeine/src/test/java/com/github/benmanes/caffeine/cache/Reset.java b/caffeine/src/test/java/com/github/benmanes/caffeine/cache/Reset.java index 68f284b727..10f96afc53 100644 --- a/caffeine/src/test/java/com/github/benmanes/caffeine/cache/Reset.java +++ b/caffeine/src/test/java/com/github/benmanes/caffeine/cache/Reset.java @@ -63,6 +63,8 @@ public static void destroy(Cache cache) { destroyTimerWheel(bounded); } bounded.data.clear(); + bounded.writeBuffer.clear(); + bounded.readBuffer.drainTo(e -> {}); } finally { bounded.evictionLock.unlock(); } diff --git a/examples/coalescing-bulkloader-reactor/gradle/libs.versions.toml b/examples/coalescing-bulkloader-reactor/gradle/libs.versions.toml index c6043dc889..809277ef2a 100644 --- a/examples/coalescing-bulkloader-reactor/gradle/libs.versions.toml +++ b/examples/coalescing-bulkloader-reactor/gradle/libs.versions.toml @@ -1,6 +1,6 @@ [versions] caffeine = "3.1.8" -junit = "5.11.0" +junit = "5.11.1" reactor = "3.6.10" truth = "1.4.4" versions = "0.51.0" diff --git a/examples/coalescing-bulkloader-reactor/gradle/wrapper/gradle-wrapper.properties b/examples/coalescing-bulkloader-reactor/gradle/wrapper/gradle-wrapper.properties index f037e24c87..f17c972096 100644 --- a/examples/coalescing-bulkloader-reactor/gradle/wrapper/gradle-wrapper.properties +++ b/examples/coalescing-bulkloader-reactor/gradle/wrapper/gradle-wrapper.properties @@ -1,4 +1,4 @@ -distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.1-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.2-bin.zip distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists zipStoreBase=GRADLE_USER_HOME diff --git a/examples/graal-native/gradle/libs.versions.toml b/examples/graal-native/gradle/libs.versions.toml index c2fe793a94..4a6e3a6ffa 100644 --- a/examples/graal-native/gradle/libs.versions.toml +++ b/examples/graal-native/gradle/libs.versions.toml @@ -1,7 +1,7 @@ [versions] caffeine = "3.1.8" -graal = "0.10.2" -junit = "5.11.0" +graal = "0.10.3" +junit = "5.11.1" truth = "1.4.4" versions = "0.51.0" diff --git a/examples/graal-native/gradle/wrapper/gradle-wrapper.properties b/examples/graal-native/gradle/wrapper/gradle-wrapper.properties index f037e24c87..f17c972096 100644 --- a/examples/graal-native/gradle/wrapper/gradle-wrapper.properties +++ b/examples/graal-native/gradle/wrapper/gradle-wrapper.properties @@ -1,4 +1,4 @@ -distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.1-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.2-bin.zip distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists zipStoreBase=GRADLE_USER_HOME diff --git a/examples/hibernate/gradle/libs.versions.toml b/examples/hibernate/gradle/libs.versions.toml index ff37340020..422731d2e7 100644 --- a/examples/hibernate/gradle/libs.versions.toml +++ b/examples/hibernate/gradle/libs.versions.toml @@ -2,7 +2,7 @@ caffeine = "3.1.8" h2 = "2.3.232" hibernate = "7.0.0.Beta1" -junit = "5.11.0" +junit = "5.11.1" log4j2 = "3.0.0-beta2" truth = "1.4.4" versions = "0.51.0" diff --git a/examples/hibernate/gradle/wrapper/gradle-wrapper.properties b/examples/hibernate/gradle/wrapper/gradle-wrapper.properties index f037e24c87..f17c972096 100644 --- a/examples/hibernate/gradle/wrapper/gradle-wrapper.properties +++ b/examples/hibernate/gradle/wrapper/gradle-wrapper.properties @@ -1,4 +1,4 @@ -distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.1-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.2-bin.zip distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists zipStoreBase=GRADLE_USER_HOME diff --git a/examples/indexable/gradle/libs.versions.toml b/examples/indexable/gradle/libs.versions.toml index baba3f29aa..62f948c22b 100644 --- a/examples/indexable/gradle/libs.versions.toml +++ b/examples/indexable/gradle/libs.versions.toml @@ -1,7 +1,7 @@ [versions] caffeine = "3.1.8" -guava = "33.3.0-jre" -junit-jupiter = "5.11.0" +guava = "33.3.1-jre" +junit-jupiter = "5.11.1" truth = "1.4.4" versions = "0.51.0" diff --git a/examples/indexable/gradle/wrapper/gradle-wrapper.properties b/examples/indexable/gradle/wrapper/gradle-wrapper.properties index f037e24c87..f17c972096 100644 --- a/examples/indexable/gradle/wrapper/gradle-wrapper.properties +++ b/examples/indexable/gradle/wrapper/gradle-wrapper.properties @@ -1,4 +1,4 @@ -distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.1-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.2-bin.zip distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists zipStoreBase=GRADLE_USER_HOME diff --git a/examples/resilience-failsafe/gradle/libs.versions.toml b/examples/resilience-failsafe/gradle/libs.versions.toml index 1c64d3ce49..8f9ae030fa 100644 --- a/examples/resilience-failsafe/gradle/libs.versions.toml +++ b/examples/resilience-failsafe/gradle/libs.versions.toml @@ -1,7 +1,7 @@ [versions] caffeine = "3.1.8" failsafe = "3.3.2" -junit = "5.11.0" +junit = "5.11.1" truth = "1.4.4" versions = "0.51.0" diff --git a/examples/resilience-failsafe/gradle/wrapper/gradle-wrapper.properties b/examples/resilience-failsafe/gradle/wrapper/gradle-wrapper.properties index f037e24c87..f17c972096 100644 --- a/examples/resilience-failsafe/gradle/wrapper/gradle-wrapper.properties +++ b/examples/resilience-failsafe/gradle/wrapper/gradle-wrapper.properties @@ -1,4 +1,4 @@ -distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.1-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.2-bin.zip distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists zipStoreBase=GRADLE_USER_HOME diff --git a/examples/write-behind-rxjava/gradle/libs.versions.toml b/examples/write-behind-rxjava/gradle/libs.versions.toml index 3cf48d697f..ebb51c9f38 100644 --- a/examples/write-behind-rxjava/gradle/libs.versions.toml +++ b/examples/write-behind-rxjava/gradle/libs.versions.toml @@ -1,7 +1,7 @@ [versions] awaitility = "4.2.2" caffeine = "3.1.8" -junit = "5.11.0" +junit = "5.11.1" rxjava = "3.1.9" versions = "0.51.0" diff --git a/examples/write-behind-rxjava/gradle/wrapper/gradle-wrapper.properties b/examples/write-behind-rxjava/gradle/wrapper/gradle-wrapper.properties index f037e24c87..f17c972096 100644 --- a/examples/write-behind-rxjava/gradle/wrapper/gradle-wrapper.properties +++ b/examples/write-behind-rxjava/gradle/wrapper/gradle-wrapper.properties @@ -1,4 +1,4 @@ -distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.1-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.2-bin.zip distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists zipStoreBase=GRADLE_USER_HOME diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 2d575350b9..89e4e2bb56 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -34,15 +34,15 @@ findsecbugs = "1.13.0" flip-tables = "1.1.1" forbidden-apis = "3.7" google-java-format = "1.23.0" -guava = "33.3.0-jre" +guava = "33.3.1-jre" guice = "6.0.0" h2 = "2.3.232" hamcrest = "3.0" hazelcast = "5.3.7" httpclient = "4.5.14" -idea = "1.1.8" +idea = "1.1.9" jackrabbit = "1.68.0" -jackson = "2.17.2" +jackson = "2.18.0" jacoco = "0.8.12" jakarta-inject = "2.0.1" jamm = "0.4.0" @@ -62,11 +62,11 @@ json-bind = "1.0" jsoup = "1.18.1" junit-testng = "1.0.5" junit4 = "4.13.2" -junit5 = "5.11.0" +junit5 = "5.11.1" jvm-dependency-conflict-resolution = "2.1.2" kotlin = "2.0.20" lincheck = "2.34" -mockito = "5.13.0" +mockito = "5.14.0" nexus-publish = "2.0.0" nullaway = "0.11.3" nullaway-plugin = "2.0.0" @@ -78,7 +78,7 @@ osgi-promise = "1.3.0" pax-exam = "4.13.5" pax-url = "2.6.14" picocli = "4.7.6" -pmd = "7.5.0" +pmd = "7.6.0" protobuf = "4.28.2" slf4j = "2.0.16" slf4j-test = "3.0.1" @@ -86,7 +86,7 @@ snakeyaml = "2.3" sonarqube = "5.1.0.4882" spotbugs = "4.8.6" spotbugs-contrib = "7.6.4" -spotbugs-plugin = "6.0.22" +spotbugs-plugin = "6.0.23" stream = "2.9.8" tcache = "2.0.1" testng = "7.10.2" @@ -96,7 +96,7 @@ versions = "0.51.0" xz = "1.10" ycsb = "0.17.0" zero-allocation-hashing = "0.26ea0" -zstd = "1.5.6-5" +zstd = "1.5.6-6" [libraries] asm-bom = { module = "org.ow2.asm:asm-bom", version.ref = "asm" } diff --git a/gradle/plugins/src/main/kotlin/lifecycle/java-library.caffeine.gradle.kts b/gradle/plugins/src/main/kotlin/lifecycle/java-library.caffeine.gradle.kts index 667f0a4f6b..c3bb36a467 100644 --- a/gradle/plugins/src/main/kotlin/lifecycle/java-library.caffeine.gradle.kts +++ b/gradle/plugins/src/main/kotlin/lifecycle/java-library.caffeine.gradle.kts @@ -19,16 +19,21 @@ dependencies { } val javaVersion = JavaLanguageVersion.of(System.getenv("JAVA_VERSION")?.toIntOrNull() ?: 11) -java.toolchain.languageVersion = javaVersion +val javaVendor = System.getenv("JAVA_VENDOR")?.let { JvmVendorSpec.matching(it) } +java.toolchain { + languageVersion = javaVersion + vendor = javaVendor +} tasks.withType().configureEach { + inputs.property("javaVendor", javaVendor.toString()) sourceCompatibility = javaVersion.toString() targetCompatibility = javaVersion.toString() options.release = javaVersion.asInt() javaCompiler = javaToolchains.compilerFor { // jdk 17+ is required by compiler plugins, e.g. error-prone - languageVersion = maxOf(javaVersion, JavaLanguageVersion.of(17)) + languageVersion = maxOf(javaVersion, JavaLanguageVersion.of(21)) } options.compilerArgs.addAll(listOf("-Xlint:all", "-Xlint:-auxiliaryclass", "-Xlint:-classfile", diff --git a/gradle/plugins/src/main/kotlin/lifecycle/testing.caffeine.gradle.kts b/gradle/plugins/src/main/kotlin/lifecycle/testing.caffeine.gradle.kts index 23f26299c2..4aeac33486 100644 --- a/gradle/plugins/src/main/kotlin/lifecycle/testing.caffeine.gradle.kts +++ b/gradle/plugins/src/main/kotlin/lifecycle/testing.caffeine.gradle.kts @@ -28,6 +28,8 @@ dependencies { } tasks.withType().configureEach { + inputs.property("javaVendor", java.toolchain.vendor.get().toString()) + jvmArgs("-XX:SoftRefLRUPolicyMSPerMB=0", "-XX:+EnableDynamicAgentLoading", "-Xshare:off") if ("debug" in systemProperties) { jvmArgs("-Xdebug", "-Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=5005") diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index f037e24c87..f17c972096 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,4 +1,4 @@ -distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.1-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.10.2-bin.zip distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists zipStoreBase=GRADLE_USER_HOME