diff --git a/.github/workflows/unit-test.yml b/.github/workflows/unit-test.yml
index 4ac7ed23..0d832219 100644
--- a/.github/workflows/unit-test.yml
+++ b/.github/workflows/unit-test.yml
@@ -7,14 +7,14 @@ on:
branches:
- main
-permissions:
- contents: write
- security-events: write
+permissions: read-all
jobs:
tests:
name: Execute unit tests
runs-on: ${{ matrix.os }}
+ permissions:
+ contents: write
strategy:
fail-fast: false
matrix:
@@ -32,7 +32,7 @@ jobs:
- name: Setup Java
uses: actions/setup-java@v4
with:
- distribution: zulu
+ distribution: temurin
java-version: 24
- name: Setup project and upload dependency graph
@@ -44,6 +44,7 @@ jobs:
build-scan-terms-of-use-agree: 'yes'
- name: Execute tests
+ shell: bash
run: ./gradlew test
- name: Upload coverage report
@@ -56,16 +57,17 @@ jobs:
if-no-files-found: error
qodana:
- permissions:
- checks: write
name: Perform Qodana analysis
needs: tests
runs-on: ubuntu-latest
+ permissions:
+ checks: write
+ security-events: write
steps:
- name: Checkout code changes
uses: actions/checkout@v5
with:
- ref: ${{ github.event.pull_request.head.sha }}
+ ref: ${{ github.event.pull_request.head.sha || github.sha }}
fetch-depth: 0
- name: Download coverage report
@@ -75,7 +77,7 @@ jobs:
path: .qodana/code-coverage
- name: Execute analysis
- uses: JetBrains/qodana-action@main
+ uses: JetBrains/qodana-action@v2025.2
env:
QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}
with:
diff --git a/Dockerfile b/Dockerfile
index 79ae4a8d..7515db69 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,19 +1,6 @@
-FROM azul/zulu-openjdk-alpine:24 AS builder
-
-# bump: libwebp /LIBWEBP_VERSION=([\d.]+)/ git:https://chromium.googlesource.com/webm/libwebp.git|^1
-# bump: libwebp after ./hashupdate Dockerfile LIBWEBP $LATEST
-ARG LIBWEBP_VERSION=1.6.0
-ARG LIBWEBP_SHA256=1c5ffab71efecefa0e3c23516c3a3a1dccb45cc310ae1095c6f14ae268e38067
-ARG LIBWEBP_FILE="libwebp-$LIBWEBP_VERSION-linux-x86-64.tar.gz"
-ARG LIBWEBP_URL="https://storage.googleapis.com/downloads.webmproject.org/releases/webp/$LIBWEBP_FILE"
+FROM eclipse-temurin:24-alpine AS builder
WORKDIR /app
-RUN apk --no-cache add binutils curl tar
-RUN curl -L --fail --retry 3 --retry-delay 5 "$LIBWEBP_URL" -O && \
- echo "$LIBWEBP_SHA256 $LIBWEBP_FILE" | sha256sum -c - && \
- tar -xzf "$LIBWEBP_FILE" --one-top-level=libwebp --strip-components=1 && \
- rm "$LIBWEBP_FILE"
-
COPY . .
RUN --mount=type=cache,target=/root/.gradle ./gradlew jlink shadowJar
@@ -21,14 +8,13 @@ RUN --mount=type=cache,target=/root/.gradle ./gradlew jlink shadowJar
# bump: alpine link "Release notes" https://alpinelinux.org/posts/Alpine-$LATEST-released.html
FROM alpine:3.22.1 AS bot
-# bump: ffmpeg /static-ffmpeg:([\d.]+)/ docker:mwader/static-ffmpeg|~7.0
-COPY --from=mwader/static-ffmpeg:7.0.2 /ffmpeg /usr/local/bin/
-ENV FFMPEG_PATH=/usr/local/bin/ffmpeg
+RUN apk --no-cache add libwebp-tools
-COPY --from=builder /app/libwebp/bin/cwebp /usr/local/bin/
-COPY --from=builder /app/libwebp/bin/dwebp /usr/local/bin/
+# bump: ffmpeg /static-ffmpeg:([\d.]+)/ docker:mwader/static-ffmpeg|~7.0
+COPY --from=mwader/static-ffmpeg:7.0.2 /ffmpeg /usr/bin/
+ENV FFMPEG_PATH=/usr/bin/ffmpeg
COPY --from=builder /app/build/jlink/jre jre
-COPY --from=builder /app/build/libs/Stickerify-1.0-all.jar Stickerify.jar
+COPY --from=builder /app/build/libs/*-all.jar Stickerify.jar
-CMD ["jre/bin/java", "-Dcom.sksamuel.scrimage.webp.binary.dir=/usr/local/bin/", "-jar", "Stickerify.jar"]
+CMD ["jre/bin/java", "-Dcom.sksamuel.scrimage.webp.binary.dir=/usr/bin", "-jar", "Stickerify.jar"]
diff --git a/build.gradle b/build.gradle
index b0d841b2..1179f408 100644
--- a/build.gradle
+++ b/build.gradle
@@ -48,17 +48,18 @@ description = 'Telegram bot to convert medias in the format required to be used
java.toolchain {
languageVersion = JavaLanguageVersion.of(24)
- vendor = JvmVendorSpec.AZUL
+ vendor = JvmVendorSpec.ADOPTIUM
}
updateDaemonJvm {
languageVersion = JavaLanguageVersion.of(24)
- vendor = JvmVendorSpec.AZUL
+ vendor = JvmVendorSpec.ADOPTIUM
}
def jlink = tasks.register('jlink', JlinkTask) {
options = ['--strip-debug', '--no-header-files', '--no-man-pages']
modules = ['java.desktop', 'java.instrument', 'java.naming', 'java.sql', 'jdk.crypto.ec', 'jdk.unsupported']
+ includeModulePath = false
group = 'build'
description = 'Generates a minimal JRE for the project.'
@@ -72,7 +73,7 @@ test {
finalizedBy(jacocoTestReport)
testLogging {
- events "passed"
+ events 'passed', 'failed', 'skipped'
}
}
diff --git a/buildSrc/build.gradle b/buildSrc/build.gradle
index 5c645ad7..0a677a34 100644
--- a/buildSrc/build.gradle
+++ b/buildSrc/build.gradle
@@ -8,5 +8,5 @@ repositories {
java.toolchain {
languageVersion = JavaLanguageVersion.of(24)
- vendor = JvmVendorSpec.AZUL
+ vendor = JvmVendorSpec.ADOPTIUM
}
diff --git a/buildSrc/src/main/java/com/github/stickerifier/stickerify/JlinkTask.java b/buildSrc/src/main/java/com/github/stickerifier/stickerify/JlinkTask.java
index 125dd160..653837d2 100644
--- a/buildSrc/src/main/java/com/github/stickerifier/stickerify/JlinkTask.java
+++ b/buildSrc/src/main/java/com/github/stickerifier/stickerify/JlinkTask.java
@@ -30,6 +30,12 @@ public abstract class JlinkTask extends DefaultTask {
@Input
public abstract ListProperty<@NotNull String> getModules();
+ /**
+ * If the selected JVM is JEP 493 compatible, then this should be set to false.
+ */
+ @Input
+ public abstract Property<@NotNull Boolean> getIncludeModulePath();
+
@OutputDirectory
public abstract DirectoryProperty getOutputDirectory();
@@ -46,6 +52,7 @@ public abstract class JlinkTask extends DefaultTask {
public JlinkTask(ProjectLayout layout, JavaToolchainService javaToolchain) {
getOptions().convention(List.of());
getModules().convention(List.of("ALL-MODULE-PATH"));
+ getIncludeModulePath().convention(true);
getOutputDirectory().convention(layout.getBuildDirectory().dir("jlink"));
var toolchain = getProject().getExtensions().getByType(JavaPluginExtension.class).getToolchain();
@@ -71,8 +78,10 @@ public void createJre() {
var commandLine = new ArrayList();
commandLine.add(jlink.toString());
commandLine.addAll(getOptions().get());
- commandLine.add("--module-path");
- commandLine.add(jmods.toString());
+ if (getIncludeModulePath().get()) {
+ commandLine.add("--module-path");
+ commandLine.add(jmods.toString());
+ }
commandLine.add("--add-modules");
commandLine.add(String.join(",", getModules().get()));
commandLine.add("--output");
diff --git a/gradle/gradle-daemon-jvm.properties b/gradle/gradle-daemon-jvm.properties
index 248e84b1..6b1a33e2 100644
--- a/gradle/gradle-daemon-jvm.properties
+++ b/gradle/gradle-daemon-jvm.properties
@@ -1,12 +1,12 @@
#This file is generated by updateDaemonJvm
-toolchainUrl.FREE_BSD.AARCH64=https\://api.foojay.io/disco/v3.0/ids/d898567da69cac7b9b75d8d74e577e7a/redirect
-toolchainUrl.FREE_BSD.X86_64=https\://api.foojay.io/disco/v3.0/ids/902ef81bafffcd1670604d74b6c7a6b0/redirect
-toolchainUrl.LINUX.AARCH64=https\://api.foojay.io/disco/v3.0/ids/d898567da69cac7b9b75d8d74e577e7a/redirect
-toolchainUrl.LINUX.X86_64=https\://api.foojay.io/disco/v3.0/ids/902ef81bafffcd1670604d74b6c7a6b0/redirect
-toolchainUrl.MAC_OS.AARCH64=https\://api.foojay.io/disco/v3.0/ids/4175090548a4792cf1cef411becfba0f/redirect
-toolchainUrl.MAC_OS.X86_64=https\://api.foojay.io/disco/v3.0/ids/50df1a9c218487a6519e22a0d29e6215/redirect
-toolchainUrl.UNIX.AARCH64=https\://api.foojay.io/disco/v3.0/ids/d898567da69cac7b9b75d8d74e577e7a/redirect
-toolchainUrl.UNIX.X86_64=https\://api.foojay.io/disco/v3.0/ids/902ef81bafffcd1670604d74b6c7a6b0/redirect
-toolchainUrl.WINDOWS.X86_64=https\://api.foojay.io/disco/v3.0/ids/f55af862790b0c395d3f70e23016df3d/redirect
-toolchainVendor=AZUL
+toolchainUrl.FREE_BSD.AARCH64=https\://api.foojay.io/disco/v3.0/ids/6d0adbce30460017fe61d2993dfa663e/redirect
+toolchainUrl.FREE_BSD.X86_64=https\://api.foojay.io/disco/v3.0/ids/50f16d2dc2bb80a421afc1af38fc92e3/redirect
+toolchainUrl.LINUX.AARCH64=https\://api.foojay.io/disco/v3.0/ids/6d0adbce30460017fe61d2993dfa663e/redirect
+toolchainUrl.LINUX.X86_64=https\://api.foojay.io/disco/v3.0/ids/50f16d2dc2bb80a421afc1af38fc92e3/redirect
+toolchainUrl.MAC_OS.AARCH64=https\://api.foojay.io/disco/v3.0/ids/4f4ebe4f162f6deb29540c4ebe629d79/redirect
+toolchainUrl.MAC_OS.X86_64=https\://api.foojay.io/disco/v3.0/ids/79d5995ef1c3e4df39a3b2f545cada5e/redirect
+toolchainUrl.UNIX.AARCH64=https\://api.foojay.io/disco/v3.0/ids/6d0adbce30460017fe61d2993dfa663e/redirect
+toolchainUrl.UNIX.X86_64=https\://api.foojay.io/disco/v3.0/ids/50f16d2dc2bb80a421afc1af38fc92e3/redirect
+toolchainUrl.WINDOWS.X86_64=https\://api.foojay.io/disco/v3.0/ids/61fdd87038cf8b094dadad8566609a29/redirect
+toolchainVendor=ADOPTIUM
toolchainVersion=24
diff --git a/hashupdate b/hashupdate
index 090e023d..0dacddf9 100755
--- a/hashupdate
+++ b/hashupdate
@@ -1,8 +1,7 @@
-#!/bin/sh
-set -euo
+#!/usr/bin/env bash
+set -euo pipefail
# Usage: hashupdate
-URL_TEMPLATE=$(grep "$2_URL=" "$1" | sed -E 's/.*="(.*)"/\1/')
-URL=$(echo "$URL_TEMPLATE" | sed "s/\$$2_VERSION/$3/g")
+URL=$(grep "$2_URL=" "$1" | sed -E 's/.*="([^"]*)".*/\1/' | sed "s/\$$2_VERSION/$3/g")
SHA256=$(curl -sL "$URL" | sha256sum | sed -e 's/ -//g')
sed -i -E "s/$2_SHA256=.*/$2_SHA256=$SHA256/" "$1"
diff --git a/qodana.yaml b/qodana.yaml
index a4296385..3da57a69 100644
--- a/qodana.yaml
+++ b/qodana.yaml
@@ -5,4 +5,4 @@ include:
- name: VulnerableLibrariesGlobal
# bump: qodana /qodana-jvm:([\d.]+)/ docker:jetbrains/qodana-jvm|/^[\d]{4}\.\d+$/|sort
linter: jetbrains/qodana-jvm:2025.2
-projectJDK: zulu-24
+projectJDK: temurin-24