From 9ba928b36ae640869b9b5d531e3095712b8c017f Mon Sep 17 00:00:00 2001
From: Enrico Martelli <mrcnrt95e30@gmail.com>
Date: Wed, 13 Aug 2025 19:53:00 +0200
Subject: [PATCH 1/7] Go back to temurin-24

Also add flag to disable --add-module-path for the temurin jlink capability
---
 Dockerfile                                    |  2 +-
 build.gradle                                  |  7 ++++---
 buildSrc/build.gradle                         |  2 +-
 .../stickerifier/stickerify/JlinkTask.java    | 10 ++++++++--
 gradle/gradle-daemon-jvm.properties           | 20 +++++++++----------
 qodana.yaml                                   |  2 +-
 6 files changed, 25 insertions(+), 18 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 79ae4a8d..0615d04f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM azul/zulu-openjdk-alpine:24 AS builder
+FROM eclipse-temurin:24-alpine AS builder
 
 # bump: libwebp /LIBWEBP_VERSION=([\d.]+)/ git:https://chromium.googlesource.com/webm/libwebp.git|^1
 # bump: libwebp after ./hashupdate Dockerfile LIBWEBP $LATEST
diff --git a/build.gradle b/build.gradle
index b0d841b2..8cf07782 100644
--- a/build.gradle
+++ b/build.gradle
@@ -48,17 +48,18 @@ description = 'Telegram bot to convert medias in the format required to be used
 
 java.toolchain {
     languageVersion = JavaLanguageVersion.of(24)
-    vendor = JvmVendorSpec.AZUL
+    vendor = JvmVendorSpec.ADOPTIUM
 }
 
 updateDaemonJvm {
     languageVersion = JavaLanguageVersion.of(24)
-    vendor = JvmVendorSpec.AZUL
+    vendor = JvmVendorSpec.ADOPTIUM
 }
 
 def jlink = tasks.register('jlink', JlinkTask) {
     options = ['--strip-debug', '--no-header-files', '--no-man-pages']
     modules = ['java.desktop', 'java.instrument', 'java.naming', 'java.sql', 'jdk.crypto.ec', 'jdk.unsupported']
+    includeModulePath = false
 
     group = 'build'
     description = 'Generates a minimal JRE for the project.'
@@ -72,7 +73,7 @@ test {
     finalizedBy(jacocoTestReport)
 
     testLogging {
-        events "passed"
+        events 'passed'
     }
 }
 
diff --git a/buildSrc/build.gradle b/buildSrc/build.gradle
index 5c645ad7..0a677a34 100644
--- a/buildSrc/build.gradle
+++ b/buildSrc/build.gradle
@@ -8,5 +8,5 @@ repositories {
 
 java.toolchain {
     languageVersion = JavaLanguageVersion.of(24)
-    vendor = JvmVendorSpec.AZUL
+    vendor = JvmVendorSpec.ADOPTIUM
 }
diff --git a/buildSrc/src/main/java/com/github/stickerifier/stickerify/JlinkTask.java b/buildSrc/src/main/java/com/github/stickerifier/stickerify/JlinkTask.java
index 125dd160..6d3eab0a 100644
--- a/buildSrc/src/main/java/com/github/stickerifier/stickerify/JlinkTask.java
+++ b/buildSrc/src/main/java/com/github/stickerifier/stickerify/JlinkTask.java
@@ -30,6 +30,9 @@ public abstract class JlinkTask extends DefaultTask {
 	@Input
 	public abstract ListProperty<@NotNull String> getModules();
 
+	@Input
+	public abstract Property<@NotNull Boolean> getIncludeModulePath();
+
 	@OutputDirectory
 	public abstract DirectoryProperty getOutputDirectory();
 
@@ -46,6 +49,7 @@ public abstract class JlinkTask extends DefaultTask {
 	public JlinkTask(ProjectLayout layout, JavaToolchainService javaToolchain) {
 		getOptions().convention(List.of());
 		getModules().convention(List.of("ALL-MODULE-PATH"));
+		getIncludeModulePath().convention(true);
 		getOutputDirectory().convention(layout.getBuildDirectory().dir("jlink"));
 
 		var toolchain = getProject().getExtensions().getByType(JavaPluginExtension.class).getToolchain();
@@ -71,8 +75,10 @@ public void createJre() {
 			var commandLine = new ArrayList<String>();
 			commandLine.add(jlink.toString());
 			commandLine.addAll(getOptions().get());
-			commandLine.add("--module-path");
-			commandLine.add(jmods.toString());
+			if (getIncludeModulePath().get()) {
+				commandLine.add("--module-path");
+				commandLine.add(jmods.toString());
+			}
 			commandLine.add("--add-modules");
 			commandLine.add(String.join(",", getModules().get()));
 			commandLine.add("--output");
diff --git a/gradle/gradle-daemon-jvm.properties b/gradle/gradle-daemon-jvm.properties
index 248e84b1..6b1a33e2 100644
--- a/gradle/gradle-daemon-jvm.properties
+++ b/gradle/gradle-daemon-jvm.properties
@@ -1,12 +1,12 @@
 #This file is generated by updateDaemonJvm
-toolchainUrl.FREE_BSD.AARCH64=https\://api.foojay.io/disco/v3.0/ids/d898567da69cac7b9b75d8d74e577e7a/redirect
-toolchainUrl.FREE_BSD.X86_64=https\://api.foojay.io/disco/v3.0/ids/902ef81bafffcd1670604d74b6c7a6b0/redirect
-toolchainUrl.LINUX.AARCH64=https\://api.foojay.io/disco/v3.0/ids/d898567da69cac7b9b75d8d74e577e7a/redirect
-toolchainUrl.LINUX.X86_64=https\://api.foojay.io/disco/v3.0/ids/902ef81bafffcd1670604d74b6c7a6b0/redirect
-toolchainUrl.MAC_OS.AARCH64=https\://api.foojay.io/disco/v3.0/ids/4175090548a4792cf1cef411becfba0f/redirect
-toolchainUrl.MAC_OS.X86_64=https\://api.foojay.io/disco/v3.0/ids/50df1a9c218487a6519e22a0d29e6215/redirect
-toolchainUrl.UNIX.AARCH64=https\://api.foojay.io/disco/v3.0/ids/d898567da69cac7b9b75d8d74e577e7a/redirect
-toolchainUrl.UNIX.X86_64=https\://api.foojay.io/disco/v3.0/ids/902ef81bafffcd1670604d74b6c7a6b0/redirect
-toolchainUrl.WINDOWS.X86_64=https\://api.foojay.io/disco/v3.0/ids/f55af862790b0c395d3f70e23016df3d/redirect
-toolchainVendor=AZUL
+toolchainUrl.FREE_BSD.AARCH64=https\://api.foojay.io/disco/v3.0/ids/6d0adbce30460017fe61d2993dfa663e/redirect
+toolchainUrl.FREE_BSD.X86_64=https\://api.foojay.io/disco/v3.0/ids/50f16d2dc2bb80a421afc1af38fc92e3/redirect
+toolchainUrl.LINUX.AARCH64=https\://api.foojay.io/disco/v3.0/ids/6d0adbce30460017fe61d2993dfa663e/redirect
+toolchainUrl.LINUX.X86_64=https\://api.foojay.io/disco/v3.0/ids/50f16d2dc2bb80a421afc1af38fc92e3/redirect
+toolchainUrl.MAC_OS.AARCH64=https\://api.foojay.io/disco/v3.0/ids/4f4ebe4f162f6deb29540c4ebe629d79/redirect
+toolchainUrl.MAC_OS.X86_64=https\://api.foojay.io/disco/v3.0/ids/79d5995ef1c3e4df39a3b2f545cada5e/redirect
+toolchainUrl.UNIX.AARCH64=https\://api.foojay.io/disco/v3.0/ids/6d0adbce30460017fe61d2993dfa663e/redirect
+toolchainUrl.UNIX.X86_64=https\://api.foojay.io/disco/v3.0/ids/50f16d2dc2bb80a421afc1af38fc92e3/redirect
+toolchainUrl.WINDOWS.X86_64=https\://api.foojay.io/disco/v3.0/ids/61fdd87038cf8b094dadad8566609a29/redirect
+toolchainVendor=ADOPTIUM
 toolchainVersion=24
diff --git a/qodana.yaml b/qodana.yaml
index 7334fbcd..d8a256e1 100644
--- a/qodana.yaml
+++ b/qodana.yaml
@@ -5,4 +5,4 @@ include:
   - name: VulnerableLibrariesGlobal
 # bump: qodana /qodana-jvm:([\d.]+)/ docker:jetbrains/qodana-jvm|/^[\d]{4}\.\d+$/|sort
 linter: jetbrains/qodana-jvm:2025.1
-projectJDK: zulu-24
+projectJDK: temurin-24

From 95261bcac22c6d61b00707892bd1c934849dfe38 Mon Sep 17 00:00:00 2001
From: Enrico Martelli <mrcnrt95e30@gmail.com>
Date: Wed, 13 Aug 2025 22:10:50 +0200
Subject: [PATCH 2/7] Update workflow too

---
 .github/workflows/unit-test.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/unit-test.yml b/.github/workflows/unit-test.yml
index f8428b46..30222b9e 100644
--- a/.github/workflows/unit-test.yml
+++ b/.github/workflows/unit-test.yml
@@ -32,7 +32,7 @@ jobs:
       - name: Setup Java
         uses: actions/setup-java@v4
         with:
-          distribution: zulu
+          distribution: temurin
           java-version: 24
 
       - name: Setup project and upload dependency graph

From d497838e8afab6b3dbd17cd959f467cb68cb075d Mon Sep 17 00:00:00 2001
From: Enrico Martelli <mrcnrt95e30@gmail.com>
Date: Thu, 14 Aug 2025 10:29:07 +0200
Subject: [PATCH 3/7] Added javadoc, more logging to junit, and fixed
 hashupdate

---
 Dockerfile                                                 | 2 +-
 build.gradle                                               | 2 +-
 .../java/com/github/stickerifier/stickerify/JlinkTask.java | 3 +++
 hashupdate                                                 | 7 +++----
 4 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 0615d04f..2959c76e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -4,8 +4,8 @@ FROM eclipse-temurin:24-alpine AS builder
 # bump: libwebp after ./hashupdate Dockerfile LIBWEBP $LATEST
 ARG LIBWEBP_VERSION=1.6.0
 ARG LIBWEBP_SHA256=1c5ffab71efecefa0e3c23516c3a3a1dccb45cc310ae1095c6f14ae268e38067
+ARG LIBWEBP_URL="https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-$LIBWEBP_VERSION-linux-x86-64.tar.gz"
 ARG LIBWEBP_FILE="libwebp-$LIBWEBP_VERSION-linux-x86-64.tar.gz"
-ARG LIBWEBP_URL="https://storage.googleapis.com/downloads.webmproject.org/releases/webp/$LIBWEBP_FILE"
 
 WORKDIR /app
 RUN apk --no-cache add binutils curl tar
diff --git a/build.gradle b/build.gradle
index 8cf07782..1179f408 100644
--- a/build.gradle
+++ b/build.gradle
@@ -73,7 +73,7 @@ test {
     finalizedBy(jacocoTestReport)
 
     testLogging {
-        events 'passed'
+        events 'passed', 'failed', 'skipped'
     }
 }
 
diff --git a/buildSrc/src/main/java/com/github/stickerifier/stickerify/JlinkTask.java b/buildSrc/src/main/java/com/github/stickerifier/stickerify/JlinkTask.java
index 6d3eab0a..653837d2 100644
--- a/buildSrc/src/main/java/com/github/stickerifier/stickerify/JlinkTask.java
+++ b/buildSrc/src/main/java/com/github/stickerifier/stickerify/JlinkTask.java
@@ -30,6 +30,9 @@ public abstract class JlinkTask extends DefaultTask {
 	@Input
 	public abstract ListProperty<@NotNull String> getModules();
 
+	/**
+	 * If the selected JVM is <a href="https://openjdk.org/jeps/493">JEP 493</a> compatible, then this should be set to false.
+	 */
 	@Input
 	public abstract Property<@NotNull Boolean> getIncludeModulePath();
 
diff --git a/hashupdate b/hashupdate
index 090e023d..0dacddf9 100755
--- a/hashupdate
+++ b/hashupdate
@@ -1,8 +1,7 @@
-#!/bin/sh
-set -euo
+#!/usr/bin/env bash
+set -euo pipefail
 
 # Usage: hashupdate <FILE> <NAME> <VERSION>
-URL_TEMPLATE=$(grep "$2_URL=" "$1" | sed -E 's/.*="(.*)"/\1/')
-URL=$(echo "$URL_TEMPLATE" | sed "s/\$$2_VERSION/$3/g")
+URL=$(grep "$2_URL=" "$1" | sed -E 's/.*="([^"]*)".*/\1/' | sed "s/\$$2_VERSION/$3/g")
 SHA256=$(curl -sL "$URL" | sha256sum | sed -e 's/  -//g')
 sed -i -E "s/$2_SHA256=.*/$2_SHA256=$SHA256/" "$1"

From 92a107badaa738ae585729aafdccb70d7fa7f25a Mon Sep 17 00:00:00 2001
From: Enrico Martelli <mrcnrt95e30@gmail.com>
Date: Thu, 14 Aug 2025 10:40:28 +0200
Subject: [PATCH 4/7] Fix qodana action permissions

---
 .github/workflows/unit-test.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/.github/workflows/unit-test.yml b/.github/workflows/unit-test.yml
index 34839cab..f487601c 100644
--- a/.github/workflows/unit-test.yml
+++ b/.github/workflows/unit-test.yml
@@ -8,6 +8,7 @@ on:
       - main
 
 permissions:
+  checks: write
   contents: write
   security-events: write
 
@@ -56,8 +57,6 @@ jobs:
           if-no-files-found: error
 
   qodana:
-    permissions:
-      checks: write
     name: Perform Qodana analysis
     needs: tests
     runs-on: ubuntu-latest

From e325f11eee52e0a986ad16a262a638f812e52fb3 Mon Sep 17 00:00:00 2001
From: Enrico Martelli <mrcnrt95e30@gmail.com>
Date: Thu, 14 Aug 2025 12:20:01 +0200
Subject: [PATCH 5/7] Some nits

---
 .github/workflows/unit-test.yml | 13 ++++++++-----
 Dockerfile                      |  9 ++++-----
 2 files changed, 12 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/unit-test.yml b/.github/workflows/unit-test.yml
index f487601c..2bc44796 100644
--- a/.github/workflows/unit-test.yml
+++ b/.github/workflows/unit-test.yml
@@ -7,15 +7,14 @@ on:
     branches:
       - main
 
-permissions:
-  checks: write
-  contents: write
-  security-events: write
+permissions: read-all
 
 jobs:
   tests:
     name: Execute unit tests
     runs-on: ${{ matrix.os }}
+    permissions:
+      contents: write
     strategy:
       fail-fast: false
       matrix:
@@ -45,6 +44,7 @@ jobs:
           build-scan-terms-of-use-agree: 'yes'
 
       - name: Execute tests
+        shell: bash
         run: ./gradlew test
 
       - name: Upload coverage report
@@ -60,6 +60,9 @@ jobs:
     name: Perform Qodana analysis
     needs: tests
     runs-on: ubuntu-latest
+    permissions:
+      checks: write
+      security-events: write
     steps:
       - name: Checkout code changes
         uses: actions/checkout@v5
@@ -74,7 +77,7 @@ jobs:
           path: .qodana/code-coverage
 
       - name: Execute analysis
-        uses: JetBrains/qodana-action@main
+        uses: JetBrains/qodana-action@v2024.2
         env:
           QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}
         with:
diff --git a/Dockerfile b/Dockerfile
index 2959c76e..283281df 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -5,14 +5,13 @@ FROM eclipse-temurin:24-alpine AS builder
 ARG LIBWEBP_VERSION=1.6.0
 ARG LIBWEBP_SHA256=1c5ffab71efecefa0e3c23516c3a3a1dccb45cc310ae1095c6f14ae268e38067
 ARG LIBWEBP_URL="https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-$LIBWEBP_VERSION-linux-x86-64.tar.gz"
-ARG LIBWEBP_FILE="libwebp-$LIBWEBP_VERSION-linux-x86-64.tar.gz"
 
 WORKDIR /app
 RUN apk --no-cache add binutils curl tar
-RUN curl -L --fail --retry 3 --retry-delay 5 "$LIBWEBP_URL" -O && \
-    echo "$LIBWEBP_SHA256 $LIBWEBP_FILE" | sha256sum -c - && \
-    tar -xzf "$LIBWEBP_FILE" --one-top-level=libwebp --strip-components=1 && \
-    rm "$LIBWEBP_FILE"
+RUN curl -L --fail --retry 3 --retry-delay 5 "$LIBWEBP_URL" -o /tmp/libwebp.tar.gz && \
+    echo "$LIBWEBP_SHA256  /tmp/libwebp.tar.gz" | sha256sum -c - && \
+    tar -xzf /tmp/libwebp.tar.gz --one-top-level=libwebp --strip-components=1 && \
+    rm /tmp/libwebp.tar.gz
 
 COPY . .
 RUN --mount=type=cache,target=/root/.gradle ./gradlew jlink shadowJar

From 28185ee5d75baa6b011c104a99667f01b08e8906 Mon Sep 17 00:00:00 2001
From: Enrico Martelli <mrcnrt95e30@gmail.com>
Date: Thu, 14 Aug 2025 12:43:47 +0200
Subject: [PATCH 6/7] Just download the webp tools

---
 Dockerfile | 23 +++++------------------
 1 file changed, 5 insertions(+), 18 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 283281df..1f1461b5 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,18 +1,6 @@
 FROM eclipse-temurin:24-alpine AS builder
 
-# bump: libwebp /LIBWEBP_VERSION=([\d.]+)/ git:https://chromium.googlesource.com/webm/libwebp.git|^1
-# bump: libwebp after ./hashupdate Dockerfile LIBWEBP $LATEST
-ARG LIBWEBP_VERSION=1.6.0
-ARG LIBWEBP_SHA256=1c5ffab71efecefa0e3c23516c3a3a1dccb45cc310ae1095c6f14ae268e38067
-ARG LIBWEBP_URL="https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-$LIBWEBP_VERSION-linux-x86-64.tar.gz"
-
 WORKDIR /app
-RUN apk --no-cache add binutils curl tar
-RUN curl -L --fail --retry 3 --retry-delay 5 "$LIBWEBP_URL" -o /tmp/libwebp.tar.gz && \
-    echo "$LIBWEBP_SHA256  /tmp/libwebp.tar.gz" | sha256sum -c - && \
-    tar -xzf /tmp/libwebp.tar.gz --one-top-level=libwebp --strip-components=1 && \
-    rm /tmp/libwebp.tar.gz
-
 COPY . .
 RUN --mount=type=cache,target=/root/.gradle ./gradlew jlink shadowJar
 
@@ -20,14 +8,13 @@ RUN --mount=type=cache,target=/root/.gradle ./gradlew jlink shadowJar
 # bump: alpine link "Release notes" https://alpinelinux.org/posts/Alpine-$LATEST-released.html
 FROM alpine:3.22.1 AS bot
 
-# bump: ffmpeg /static-ffmpeg:([\d.]+)/ docker:mwader/static-ffmpeg|~7.0
-COPY --from=mwader/static-ffmpeg:7.0.2 /ffmpeg /usr/local/bin/
-ENV FFMPEG_PATH=/usr/local/bin/ffmpeg
+RUN apk --no-cache add libwebp-tools
 
-COPY --from=builder /app/libwebp/bin/cwebp /usr/local/bin/
-COPY --from=builder /app/libwebp/bin/dwebp /usr/local/bin/
+# bump: ffmpeg /static-ffmpeg:([\d.]+)/ docker:mwader/static-ffmpeg|~7.0
+COPY --from=mwader/static-ffmpeg:7.0.2 /ffmpeg /usr/bin/
+ENV FFMPEG_PATH=/usr/bin/ffmpeg
 
 COPY --from=builder /app/build/jlink/jre jre
 COPY --from=builder /app/build/libs/Stickerify-1.0-all.jar Stickerify.jar
 
-CMD ["jre/bin/java", "-Dcom.sksamuel.scrimage.webp.binary.dir=/usr/local/bin/", "-jar", "Stickerify.jar"]
+CMD ["jre/bin/java", "-Dcom.sksamuel.scrimage.webp.binary.dir=/usr/bin/", "-jar", "Stickerify.jar"]

From aac70f560c2a9520d30737832d054a9084977647 Mon Sep 17 00:00:00 2001
From: Enrico Martelli <mrcnrt95e30@gmail.com>
Date: Tue, 19 Aug 2025 11:55:17 +0200
Subject: [PATCH 7/7] Update Dockerfile and unit-test.yml for improved jar
 handling and qodana version

---
 .github/workflows/unit-test.yml | 4 ++--
 Dockerfile                      | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/unit-test.yml b/.github/workflows/unit-test.yml
index 2bc44796..0d832219 100644
--- a/.github/workflows/unit-test.yml
+++ b/.github/workflows/unit-test.yml
@@ -67,7 +67,7 @@ jobs:
       - name: Checkout code changes
         uses: actions/checkout@v5
         with:
-          ref: ${{ github.event.pull_request.head.sha }}
+          ref: ${{ github.event.pull_request.head.sha || github.sha }}
           fetch-depth: 0
 
       - name: Download coverage report
@@ -77,7 +77,7 @@ jobs:
           path: .qodana/code-coverage
 
       - name: Execute analysis
-        uses: JetBrains/qodana-action@v2024.2
+        uses: JetBrains/qodana-action@v2025.2
         env:
           QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}
         with:
diff --git a/Dockerfile b/Dockerfile
index 1f1461b5..7515db69 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -15,6 +15,6 @@ COPY --from=mwader/static-ffmpeg:7.0.2 /ffmpeg /usr/bin/
 ENV FFMPEG_PATH=/usr/bin/ffmpeg
 
 COPY --from=builder /app/build/jlink/jre jre
-COPY --from=builder /app/build/libs/Stickerify-1.0-all.jar Stickerify.jar
+COPY --from=builder /app/build/libs/*-all.jar Stickerify.jar
 
-CMD ["jre/bin/java", "-Dcom.sksamuel.scrimage.webp.binary.dir=/usr/bin/", "-jar", "Stickerify.jar"]
+CMD ["jre/bin/java", "-Dcom.sksamuel.scrimage.webp.binary.dir=/usr/bin", "-jar", "Stickerify.jar"]