[pull] main from actions:main#9
Open
pull[bot] wants to merge 309 commits into
Open
Conversation
atomist
Bot
added
auto-branch-delete:on-close
pull
Bot
added
⤵️ pull
and removed
auto-branch-delete:on-close
…-after-dependency-update
Azul API stopped to support arm64 architecture, the only supported option for ARM cpus is now 'arm'. This requires to set up hw_bitness properly to get 64 bits version. 32 bits version can be obtained by using 'arm' as an architecture.
Add Microsoft Java 11.0.15
msft: bump jdk17 to 17.0.3 and add aarch64 support to jdk11
Fix support for Zulu arm64 architecture
sbt-cache: don't cache some files.
sbt is a valid cache option value
Graceful handling of error (non-validation one)
* Bump @vercel/ncc from 0.38.1 to 0.44.0 Bumps [@vercel/ncc](https://github.com/vercel/ncc) from 0.38.1 to 0.44.0. - [Release notes](https://github.com/vercel/ncc/releases) - [Commits](vercel/ncc@0.38.1...0.44.0) --- updated-dependencies: - dependency-name: "@vercel/ncc" dependency-version: 0.44.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * recompile dist --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: George Adams <[email protected]>
* Bump @typescript-eslint/parser from 8.48.0 to 8.61.1 Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 8.48.0 to 8.61.1. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.61.1/packages/parser) --- updated-dependencies: - dependency-name: "@typescript-eslint/parser" dependency-version: 8.61.0 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * run licensed and update dist --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: George Adams <[email protected]>
Signed-off-by: Josh Soref <[email protected]>
Distributions like JetBrains Runtime publish 4-segment versions such as '17.0.8.1+1080.1' that the semver package rejects. Both compareBuild and satisfies throw on these, which surfaced to users as "Error: Invalid Version: 17.0.8.1+1080.1" and aborted the whole install when any available version was non-semver. Guard with an early semver.valid check so unparseable versions are treated as a non-match. Co-authored-by: Claude Opus 4.7 (1M context) <[email protected]>
* add Maven Wrapper distribution caching * update test case --------- Co-authored-by: Bruno Borges <[email protected]>
* spelling: aarch Signed-off-by: Josh Soref <[email protected]> * spelling: cannot Signed-off-by: Josh Soref <[email protected]> * spelling: guaranteed Signed-off-by: Josh Soref <[email protected]> * spelling: its Signed-off-by: Josh Soref <[email protected]> * spelling: macos Signed-off-by: Josh Soref <[email protected]> * spelling: on the fly Signed-off-by: Josh Soref <[email protected]> * spelling: warn/fail Signed-off-by: Josh Soref <[email protected]> * link: more information about ADRs Signed-off-by: Josh Soref <[email protected]> * link: Distribution / Official site Signed-off-by: Josh Soref <[email protected]> * link: License Signed-off-by: Josh Soref <[email protected]> --------- Signed-off-by: Josh Soref <[email protected]> Co-authored-by: Bruno Borges <[email protected]>
- Add required: false to java-version, java-version-file, job-status, and token, which had defaults or were optional but lacked the explicit flag - Add default: '' to gpg-private-key to match its stated description - Fix java-version-file description: the input accepts .java-version, .tool-versions, and .sdkmanrc, not only .java-version - Fix gpg-passphrase description: GPG_PASSPHRASE is only defaulted when gpg-private-key is provided, not unconditionally Co-authored-by: Kranthi Poturaju <[email protected]> Co-authored-by: Panuganti Saketh <[email protected]> Co-authored-by: Bruno Borges <[email protected]>
* feat: add microsoft openjdk 17.0.18 * fix: correct url microsoft-jdk-17.0.10-macos-x64
Bumps [undici](https://github.com/nodejs/undici) from 6.24.1 to 6.27.0. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](nodejs/undici@v6.24.1...v6.27.0) --- updated-dependencies: - dependency-name: undici dependency-version: 6.27.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Bruno Borges <[email protected]>
* add javac problemMatcher * fix spaces Co-authored-by: Copilot Autofix powered by AI <[email protected]> --------- Co-authored-by: Bruno Borges <[email protected]> Co-authored-by: Copilot Autofix powered by AI <[email protected]>
* Initial plan * Clarify README version guidance --------- Co-authored-by: copilot-swe-agent[bot] <[email protected]>
* Update undici license cache to 6.27.0 The Licensed check failed because the cached license record for undici was pinned to 6.24.1 while the installed dependency is 6.27.0, causing "license: mit, allowed: false" / source enumeration errors. Regenerate the cached record with `licensed cache` so it matches the installed version. `licensed status` now reports 0 errors. Co-authored-by: Copilot <[email protected]> * Rebuild dist with undici 6.27.0 The committed dist/ bundle was built with undici 6.24.1, but the lockfile resolves undici 6.27.0. The check-dist workflow rebuilds the bundle and detected this drift (uncommitted changes after build). Rebuild dist/setup and dist/cleanup with `npm run build` so the committed bundle matches the installed undici 6.27.0, aligning with the license cache update in this PR. Co-authored-by: Copilot <[email protected]> --------- Co-authored-by: Copilot <[email protected]>
* docs: enhance custom jdk file installation * Update jdkFile note for case sensitivity Clarify that 'distribution' must be set to 'jdkfile' in lowercase when using jdkFile input. --------- Co-authored-by: Bruno Borges <[email protected]> Co-authored-by: Bruno Borges <[email protected]>
* Add templates for new Java distributions * Update new pull request template * Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <[email protected]> * Address PR #429 review suggestions Co-authored-by: Copilot <[email protected]> --------- Co-authored-by: Bruno Borges <[email protected]> Co-authored-by: Copilot Autofix powered by AI <[email protected]> Co-authored-by: Bruno Borges <[email protected]> Co-authored-by: Copilot <[email protected]>
Bumps [actions/checkout](https://github.com/actions/checkout) from 6 to 7. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v6...v7) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Bruno Borges <[email protected]>
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 25.9.3 to 26.0.0. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 26.0.0 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Bruno Borges <[email protected]> Co-authored-by: Bruno Borges <[email protected]>
…on (#1043) * Initial plan * docs: replace HelloWorldApp references with java --version in README and advanced-usage --------- Co-authored-by: copilot-swe-agent[bot] <[email protected]>
* Initial plan * docs: add JavaFX Maven project configuration instructions --------- Co-authored-by: copilot-swe-agent[bot] <[email protected]> Co-authored-by: Bruno Borges <[email protected]>
…Hub Enterprise (#1050) Adds an advanced-usage section explaining the 'self signed certificate in certificate chain' error seen on GitHub Enterprise Server and behind TLS-inspecting proxies. Recommends the secure fix of trusting the internal CA via NODE_EXTRA_CA_CERTS (or the OS trust store on self-hosted runners), with a GitHub Enterprise callout, and warns against disabling TLS verification since the JDK download has no checksum fallback. Refs #640 Co-authored-by: Copilot <[email protected]>
…#1051) Document how to make the installed JDK trust an internal CA at application runtime by importing it into $JAVA_HOME/lib/security/cacerts with keytool after setup-java runs. Clarifies this is the runtime trust layer, distinct from the download/transport layer (NODE_EXTRA_CA_CERTS), and notes hosted vs self-hosted persistence caveats. Refs #640 #1035 Co-authored-by: Copilot <[email protected]>
…tion (#1039) * Harden workflows with least-privilege permissions and zizmor Apply GitHub Actions security best practices to the action's own workflows and integrate zizmor to catch regressions. - Add explicit least-privilege `permissions:` to every workflow (contents: read for read-only workflows; default-deny `{}` with job-scoped grants for codeql, publish-immutable-actions and update-config-files). - Set `persist-credentials: false` on all checkout steps that don't need the GITHUB_TOKEN afterwards. - Move `${{ ... }}` expansions out of `run:` blocks into `env:` vars to avoid template injection. - Pin the alpine container image (alpine:latest -> alpine:3.21). - Add a zizmor CI workflow that uploads SARIF to code scanning, plus a `.github/zizmor.yml` pinning policy (ref-pin for actions/* and github/*, hash-pin for third-party actions). zizmor now reports no findings (offline and online). Co-authored-by: Copilot <[email protected]> * Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <[email protected]> * Fix indentation of if: in zizmor SARIF upload step The `if:` key on the "Upload SARIF results to code scanning" step had no indentation, producing invalid YAML ("Nested mappings are not allowed in compact mappings"). This broke `npm run format-check` (prettier) in Basic validation. Indent `if:` to 8 spaces so it nests under the step alongside uses/with. Co-authored-by: Copilot <[email protected]> --------- Co-authored-by: Copilot <[email protected]> Co-authored-by: Copilot Autofix powered by AI <[email protected]>
* Initial plan * feat: add graalvm community distribution support * build: update bundled dist for graalvm community support * chore: address GraalVM community review feedback * fix: tidy graalvm community validation follow-ups * refactor: simplify GraalVM Community release resolution * refactor: address review feedback on Community resolver * refactor: rename pagination index for clarity * test: fix graalvm installer test formatting --------- Co-authored-by: copilot-swe-agent[bot] <[email protected]> Co-authored-by: Bruno Borges <[email protected]>
…1058) * docs: note jdkfile approach for Early Access / unreleased JDK builds Clarify in advanced-usage that the existing 'jdkfile' distribution can be used to install Early Access (EA) or other unreleased JDK builds not provided directly by setup-java, by downloading the archive in a prior step and pointing jdkFile at it. Adds a concrete EA example. Addresses #612. Co-authored-by: Copilot <[email protected]> * Potential fix for pull request finding Co-authored-by: Copilot Autofix powered by AI <[email protected]> * Apply suggestions from code review Co-authored-by: Copilot Autofix powered by AI <[email protected]> --------- Co-authored-by: Copilot <[email protected]> Co-authored-by: Copilot Autofix powered by AI <[email protected]>
…nity) (#1059) - installer: surface a clear error when the GraalVM Community releases listing is not a JSON array, instead of silently treating an error payload (rate limit, auth failure, etc.) as "no releases" which later surfaced as a misleading "version not found" error. - docs: fix the GraalVM Community advanced-usage example to check the installed binary versions (java/native-image --version) rather than running a non-existent HelloWorldApp classpath that fails when copied. - tests: cover the new non-array release listing error path. Rebuilt dist bundle. Co-authored-by: Copilot <[email protected]>
…ecklist) (#1061) * chore: enforce pre-PR validation with aggregate scripts, git hooks, and PR checklist Add tooling to help contributors run the same checks as CI before submitting a pull request, reducing avoidable format/lint/build failures. - Add aggregate npm scripts: - `npm run check` runs format-check + lint + build + test (mirrors CI) - `npm run fix` runs format + lint:fix + build - Add husky + lint-staged git hooks (installed via `npm install`): - pre-commit formats and lints staged files - pre-push rebuilds dist/ and runs the test suite - Add a checklist item to the PR template prompting contributors to run `npm run check` locally - Document the aggregate scripts and hooks in docs/contributors.md dist/ is intentionally not auto-committed by CI to avoid pwn-request security risks; the existing `Check dist/` workflow continues to verify it. Co-authored-by: Copilot <[email protected]> * Apply suggestions from code review Co-authored-by: Copilot Autofix powered by AI <[email protected]> --------- Co-authored-by: Copilot <[email protected]> Co-authored-by: Copilot Autofix powered by AI <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
19 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )