diff --git a/.config/checkstyle/checkstyle.xml b/.config/checkstyle/checkstyle.xml index a0d7f17..43b5290 100644 --- a/.config/checkstyle/checkstyle.xml +++ b/.config/checkstyle/checkstyle.xml @@ -52,6 +52,7 @@ + @@ -68,6 +69,11 @@ + + + + + @@ -93,7 +99,6 @@ - @@ -122,7 +127,13 @@ + + + + + + diff --git a/.config/pmd/ruleset.xml b/.config/pmd/ruleset.xml index 667f74e..88a7b5a 100644 --- a/.config/pmd/ruleset.xml +++ b/.config/pmd/ruleset.xml @@ -10,16 +10,38 @@ + + + + + + + + + + + + + + + + + + + + + + @@ -76,9 +98,6 @@ - - - @@ -114,17 +133,33 @@ + + + + + + + + + + + + + + + + - + @@ -151,5 +186,12 @@ + + + + + + + diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml index 3e513ac..966459b 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.yml +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -1,6 +1,7 @@ name: 🐞 Bug description: Create a bug report for something that is broken labels: [bug] +type: bug body: - type: markdown attributes: diff --git a/.github/ISSUE_TEMPLATE/enhancement.yml b/.github/ISSUE_TEMPLATE/enhancement.yml index ff3255f..f03a50a 100644 --- a/.github/ISSUE_TEMPLATE/enhancement.yml +++ b/.github/ISSUE_TEMPLATE/enhancement.yml @@ -1,6 +1,7 @@ name: ✨ Feature/Enhancement description: Suggest a new feature or enhancement labels: [enhancement] +type: feature body: - type: markdown attributes: diff --git a/.github/workflows/broken-links.yml b/.github/workflows/broken-links.yml index c17c397..16a3f37 100644 --- a/.github/workflows/broken-links.yml +++ b/.github/workflows/broken-links.yml @@ -11,6 +11,7 @@ permissions: jobs: link-checker: runs-on: ubuntu-latest + timeout-minutes: 15 steps: - uses: actions/checkout@v4 @@ -18,7 +19,9 @@ jobs: - name: Link Checker id: lychee - uses: lycheeverse/lychee-action@v2 + uses: lycheeverse/lychee-action@82202e5e9c2f4ef1a55a3d02563e1cb6041e5332 # v2 + with: + fail: false # Don't fail on broken links, create an issue instead - name: Find already existing issue id: find-issue @@ -35,7 +38,7 @@ jobs: - name: Create Issue From File if: env.lychee_exit_code != 0 - uses: peter-evans/create-issue-from-file@v5 + uses: peter-evans/create-issue-from-file@e8ef132d6df98ed982188e460ebb3b5d4ef3a9cd # v5 with: issue-number: ${{ steps.find-issue.outputs.number }} title: Link Checker Report diff --git a/.github/workflows/check-build.yml b/.github/workflows/check-build.yml index c6f7c7d..81908f0 100644 --- a/.github/workflows/check-build.yml +++ b/.github/workflows/check-build.yml @@ -26,6 +26,7 @@ env: jobs: build: runs-on: ubuntu-latest + timeout-minutes: 30 strategy: matrix: @@ -66,6 +67,7 @@ jobs: checkstyle: runs-on: ubuntu-latest if: ${{ github.event_name != 'pull_request' || !startsWith(github.head_ref, 'renovate/') }} + timeout-minutes: 15 strategy: matrix: @@ -88,6 +90,7 @@ jobs: pmd: runs-on: ubuntu-latest if: ${{ github.event_name != 'pull_request' || !startsWith(github.head_ref, 'renovate/') }} + timeout-minutes: 15 strategy: matrix: @@ -117,7 +120,4 @@ jobs: name: pmd-report if-no-files-found: ignore path: | - target/site/*.html - target/site/css/** - target/site/images/logos/maven-feather.png - target/site/images/external.png + target/reports/** diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0bf3805..8bd0f3c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -14,6 +14,7 @@ permissions: jobs: check-code: runs-on: ubuntu-latest + timeout-minutes: 30 steps: - uses: actions/checkout@v4 @@ -25,7 +26,7 @@ jobs: cache: 'maven' - name: Build with Maven - run: ./mvnw -B clean package + run: ./mvnw -B clean package -T2C - name: Check for uncommited changes run: | @@ -48,6 +49,7 @@ jobs: prepare-release: runs-on: ubuntu-latest needs: [check-code] + timeout-minutes: 10 outputs: upload_url: ${{ steps.create_release.outputs.upload_url }} steps: @@ -62,7 +64,7 @@ jobs: run: | mvnwPath=$(readlink -f ./mvnw) modules=("") # root - modules+=($(grep -ozP '(?<=module>)[^<]+' 'pom.xml' | tr -d '\0')) + modules+=($(grep -oP '(?<=)[^<]+' 'pom.xml')) for i in "${modules[@]}" do echo "Processing $i/pom.xml" @@ -87,7 +89,7 @@ jobs: - name: Create Release id: create_release - uses: shogo82148/actions-create-release@v1 + uses: shogo82148/actions-create-release@e5f206451d4ace2da9916d01f1aef279997f8659 # v1 with: tag_name: v${{ steps.version.outputs.release }} release_name: v${{ steps.version.outputs.release }} @@ -109,6 +111,7 @@ jobs: publish-maven: runs-on: ubuntu-latest needs: [prepare-release] + timeout-minutes: 60 steps: - uses: actions/checkout@v4 @@ -118,7 +121,7 @@ jobs: git config --global user.name "GitHub Actions" git pull - - name: Set up JDK Apache Maven Central + - name: Set up JDK OSSRH uses: actions/setup-java@v4 with: # running setup-java again overwrites the settings.xml java-version: '17' @@ -129,7 +132,7 @@ jobs: gpg-passphrase: MAVEN_GPG_PASSPHRASE gpg-private-key: ${{ secrets.MAVEN_GPG_PRIVATE_KEY }} - - name: Publish to Apache Maven Central + - name: Publish to OSSRH run: ../mvnw -B deploy -Possrh -DskipTests env: MAVEN_CENTRAL_USERNAME: ${{ secrets.S01_OSS_SONATYPE_MAVEN_USERNAME }} @@ -140,6 +143,7 @@ jobs: publish-pages: runs-on: ubuntu-latest needs: [prepare-release] + timeout-minutes: 15 steps: - uses: actions/checkout@v4 @@ -161,14 +165,16 @@ jobs: working-directory: ${{ env.PRIMARY_MAVEN_MODULE }} - name: Deploy to Github pages - uses: peaceiris/actions-gh-pages@v4 + uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4 with: github_token: ${{ secrets.GITHUB_TOKEN }} publish_dir: ./${{ env.PRIMARY_MAVEN_MODULE }}/target/site + force_orphan: true after-release: runs-on: ubuntu-latest needs: [publish-maven] + timeout-minutes: 10 steps: - uses: actions/checkout@v4 @@ -182,7 +188,7 @@ jobs: run: | mvnwPath=$(readlink -f ./mvnw) modules=("") # root - modules+=($(grep -ozP '(?<=module>)[^<]+' 'pom.xml' | tr -d '\0')) + modules+=($(grep -oP '(?<=)[^<]+' 'pom.xml')) for i in "${modules[@]}" do echo "Processing $i/pom.xml" diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml index b38f0d8..df6dbb7 100644 --- a/.github/workflows/sonar.yml +++ b/.github/workflows/sonar.yml @@ -27,6 +27,7 @@ jobs: token-check: runs-on: ubuntu-latest if: ${{ !(github.event_name == 'pull_request' && startsWith(github.head_ref, 'renovate/')) }} + timeout-minutes: 5 outputs: hasToken: ${{ steps.check-token.outputs.has }} steps: @@ -40,6 +41,7 @@ jobs: runs-on: ubuntu-latest needs: token-check if: ${{ needs.token-check.outputs.hasToken }} + timeout-minutes: 30 steps: - uses: actions/checkout@v4 with: diff --git a/.github/workflows/sync-labels.yml b/.github/workflows/sync-labels.yml index ff880f0..dc67287 100644 --- a/.github/workflows/sync-labels.yml +++ b/.github/workflows/sync-labels.yml @@ -14,11 +14,12 @@ permissions: jobs: labels: runs-on: ubuntu-latest + timeout-minutes: 10 steps: - uses: actions/checkout@v4 with: sparse-checkout: .github/labels.yml - - uses: EndBug/label-sync@v2 + - uses: EndBug/label-sync@52074158190acb45f3077f9099fea818aa43f97a # v2 with: config-file: .github/labels.yml diff --git a/.github/workflows/test-deploy.yml b/.github/workflows/test-deploy.yml index e3ed038..03f5339 100644 --- a/.github/workflows/test-deploy.yml +++ b/.github/workflows/test-deploy.yml @@ -9,6 +9,7 @@ env: jobs: publish-maven: runs-on: ubuntu-latest + timeout-minutes: 60 steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/update-from-template.yml b/.github/workflows/update-from-template.yml index aa33de4..65f56b0 100644 --- a/.github/workflows/update-from-template.yml +++ b/.github/workflows/update-from-template.yml @@ -31,6 +31,7 @@ permissions: jobs: update: runs-on: ubuntu-latest + timeout-minutes: 60 outputs: update_branch_merged_commit: ${{ steps.manage-branches.outputs.update_branch_merged_commit }} create_update_branch_merged_pr: ${{ steps.manage-branches.outputs.create_update_branch_merged_pr }} @@ -180,6 +181,7 @@ jobs: needs: [update] if: needs.update.outputs.create_update_branch_merged_pr == 1 runs-on: ubuntu-latest + timeout-minutes: 60 steps: - uses: actions/checkout@v4 with: @@ -200,7 +202,7 @@ jobs: GH_TOKEN: ${{ secrets.UPDATE_FROM_TEMPLATE_PAT }} run: | not_failed_conclusion="skipped|neutral|success" - not_relevant_app_slug="dependabot|github-pages|sonarcloud" + not_relevant_app_slug="dependabot|github-pages|sonarqubecloud" echo "Waiting for checks to start..." sleep 40s @@ -210,7 +212,7 @@ jobs: echo "Checking if update-branch-merged exists" git fetch - if [[ $(git rev-parse origin/${{ env.UPDATE_BRANCH_MERGED }}) ]]; then + if [[ $(git ls-remote --heads origin refs/heads/${{ env.UPDATE_BRANCH_MERGED }}) ]]; then echo "Branch still exists; Continuing..." else echo "Branch origin/${{ env.UPDATE_BRANCH_MERGED }} is missing" diff --git a/.idea/checkstyle-idea.xml b/.idea/checkstyle-idea.xml index eb3fcd8..b52c3e2 100644 --- a/.idea/checkstyle-idea.xml +++ b/.idea/checkstyle-idea.xml @@ -1,7 +1,7 @@ - 10.15.0 + 10.21.0 JavaOnlyWithTests true true diff --git a/.idea/externalDependencies.xml b/.idea/externalDependencies.xml new file mode 100644 index 0000000..78be5b8 --- /dev/null +++ b/.idea/externalDependencies.xml @@ -0,0 +1,7 @@ + + + + + + + \ No newline at end of file diff --git a/.idea/saveactions_settings.xml b/.idea/saveactions_settings.xml index 506f17e..848c311 100644 --- a/.idea/saveactions_settings.xml +++ b/.idea/saveactions_settings.xml @@ -9,7 +9,6 @@