Update generated dist for Maven args log change

Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>

.eslintignore

@@ -0,0 +1,6 @@
+# Ignore list
+/*
+
+# Do not ignore these folders:
+!__tests__/
+!src/

.eslintrc.js

@@ -0,0 +1,51 @@
+// This is a reusable configuration file copied from https://github.com/actions/reusable-workflows/tree/main/reusable-configurations. Please don't make changes to this file as it's the subject of an automatic update.
+module.exports = {
+  extends: [
+    'eslint:recommended',
+    'plugin:@typescript-eslint/recommended',
+    'plugin:eslint-plugin-jest/recommended',
+    'eslint-config-prettier'
+  ],
+  parser: '@typescript-eslint/parser',
+  plugins: ['@typescript-eslint', 'eslint-plugin-node', 'eslint-plugin-jest'],
+  rules: {
+    '@typescript-eslint/no-require-imports': 'error',
+    '@typescript-eslint/no-non-null-assertion': 'off',
+    '@typescript-eslint/no-explicit-any': 'off',
+    '@typescript-eslint/no-empty-function': 'off',
+    '@typescript-eslint/ban-ts-comment': [
+      'error',
+      {
+        'ts-ignore': 'allow-with-description'
+      }
+    ],
+    'no-console': 'error',
+    'yoda': 'error',
+    'prefer-const': [
+      'error',
+      {
+        destructuring: 'all'
+      }
+    ],
+    'no-control-regex': 'off',
+    'no-constant-condition': ['error', {checkLoops: false}],
+    'node/no-extraneous-import': 'error'
+  },
+  overrides: [
+    {
+      files: ['**/*{test,spec}.ts'],
+      rules: {
+        '@typescript-eslint/no-unused-vars': 'off',
+        'jest/no-standalone-expect': 'off',
+        'jest/no-conditional-expect': 'off',
+        'no-console': 'off',
+
+      }
+    }
+  ],
+  env: {
+    node: true,
+    es6: true,
+    'jest/globals': true
+  }
+};

README.md

@@ -76,7 +76,7 @@ steps:
   with:
     distribution: 'temurin' # See 'Supported distributions' for available options
     java-version: '25'
-- run: java HelloWorldApp.java
+- run: java --version
 ```
 
 #### Azul Zulu OpenJDK
@@ -87,7 +87,7 @@ steps:
   with:
     distribution: 'zulu' # See 'Supported distributions' for available options
     java-version: '25'
-- run: java HelloWorldApp.java
+- run: java --version
 ```
 
 #### Supported version syntax
@@ -221,7 +221,7 @@ steps:
     distribution: 'temurin'
     java-version: '25'
     check-latest: true
-- run: java HelloWorldApp.java
+- run: java --version
 ```
 
 ### Testing against different Java versions
@@ -240,7 +240,7 @@ jobs:
         with:
           distribution: '<distribution>'
           java-version: ${{ matrix.java }}
-      - run: java HelloWorldApp.java
+      - run: java --version
 ```
 
 ### Install multiple JDKs

__tests__/maven-args.test.ts

@@ -0,0 +1,104 @@
+import * as core from '@actions/core';
+
+import {configureMavenArgs} from '../src/maven-args';
+import {
+  INPUT_SHOW_DOWNLOAD_PROGRESS,
+  MAVEN_ARGS_ENV,
+  MAVEN_NO_TRANSFER_PROGRESS_FLAG
+} from '../src/constants';
+
+describe('configureMavenArgs', () => {
+  let inputs: Record<string, string>;
+  let spyGetInput: jest.SpyInstance;
+  let spyExportVariable: jest.SpyInstance;
+  let spyInfo: jest.SpyInstance;
+  let spyDebug: jest.SpyInstance;
+  const originalMavenArgs = process.env[MAVEN_ARGS_ENV];
+
+  beforeEach(() => {
+    inputs = {};
+
+    spyGetInput = jest.spyOn(core, 'getInput');
+    spyGetInput.mockImplementation((name: string) => inputs[name] ?? '');
+
+    spyExportVariable = jest.spyOn(core, 'exportVariable');
+    spyExportVariable.mockImplementation((name: string, value: string) => {
+      process.env[name] = value;
+    });
+
+    spyInfo = jest.spyOn(core, 'info');
+    spyInfo.mockImplementation(() => undefined);
+
+    spyDebug = jest.spyOn(core, 'debug');
+    spyDebug.mockImplementation(() => undefined);
+
+    delete process.env[MAVEN_ARGS_ENV];
+  });
+
+  afterEach(() => {
+    jest.restoreAllMocks();
+    if (originalMavenArgs === undefined) {
+      delete process.env[MAVEN_ARGS_ENV];
+    } else {
+      process.env[MAVEN_ARGS_ENV] = originalMavenArgs;
+    }
+  });
+
+  it('sets MAVEN_ARGS with -ntp by default', () => {
+    configureMavenArgs();
+
+    expect(spyExportVariable).toHaveBeenCalledWith(
+      MAVEN_ARGS_ENV,
+      MAVEN_NO_TRANSFER_PROGRESS_FLAG
+    );
+    expect(process.env[MAVEN_ARGS_ENV]).toBe(MAVEN_NO_TRANSFER_PROGRESS_FLAG);
+  });
+
+  it('does not modify MAVEN_ARGS when show-download-progress is true', () => {
+    inputs[INPUT_SHOW_DOWNLOAD_PROGRESS] = 'true';
+
+    configureMavenArgs();
+
+    expect(spyExportVariable).not.toHaveBeenCalled();
+    expect(process.env[MAVEN_ARGS_ENV]).toBeUndefined();
+  });
+
+  it('preserves an existing MAVEN_ARGS value and appends -ntp', () => {
+    process.env[MAVEN_ARGS_ENV] = '-B -Dstyle.color=always';
+
+    configureMavenArgs();
+
+    expect(spyExportVariable).toHaveBeenCalledWith(
+      MAVEN_ARGS_ENV,
+      `-B -Dstyle.color=always ${MAVEN_NO_TRANSFER_PROGRESS_FLAG}`
+    );
+  });
+
+  it('does not duplicate the flag when -ntp is already present', () => {
+    process.env[MAVEN_ARGS_ENV] = '-B -ntp';
+
+    configureMavenArgs();
+
+    expect(spyExportVariable).not.toHaveBeenCalled();
+    expect(process.env[MAVEN_ARGS_ENV]).toBe('-B -ntp');
+  });
+
+  it('does not duplicate the flag when --no-transfer-progress is already present', () => {
+    process.env[MAVEN_ARGS_ENV] = '--no-transfer-progress -B';
+
+    configureMavenArgs();
+
+    expect(spyExportVariable).not.toHaveBeenCalled();
+    expect(process.env[MAVEN_ARGS_ENV]).toBe('--no-transfer-progress -B');
+  });
+
+  it('keeps the existing MAVEN_ARGS when show-download-progress is true', () => {
+    inputs[INPUT_SHOW_DOWNLOAD_PROGRESS] = 'true';
+    process.env[MAVEN_ARGS_ENV] = '-B';
+
+    configureMavenArgs();
+
+    expect(spyExportVariable).not.toHaveBeenCalled();
+    expect(process.env[MAVEN_ARGS_ENV]).toBe('-B');
+  });
+});

action.yml

@@ -75,6 +75,10 @@ inputs:
   mvn-toolchain-vendor:
     description: 'Name of Maven Toolchain Vendor if the default name of "${distribution}" is not wanted. See examples of supported syntax in Advanced Usage file'
     required: false
+  show-download-progress:
+    description: 'Whether Maven should print artifact download/transfer progress to the build log. When "false" (default) the action sets "-ntp" (--no-transfer-progress) in MAVEN_ARGS to produce cleaner logs. Set to "true" to keep the progress output. Has no effect on non-Maven builds.'
+    required: false
+    default: false
 outputs:
   distribution:
     description: 'Distribution of Java that has been installed'

dist/cleanup/index.js

@@ -52241,7 +52241,7 @@ else {
 "use strict";
 
 Object.defineProperty(exports, "__esModule", ({ value: true }));
-exports.DISTRIBUTIONS_ONLY_MAJOR_VERSION = exports.INPUT_MVN_TOOLCHAIN_VENDOR = exports.INPUT_MVN_TOOLCHAIN_ID = exports.MVN_TOOLCHAINS_FILE = exports.MVN_SETTINGS_FILE = exports.M2_DIR = exports.STATE_GPG_PRIVATE_KEY_FINGERPRINT = exports.INPUT_JOB_STATUS = exports.INPUT_CACHE_DEPENDENCY_PATH = exports.INPUT_CACHE = exports.INPUT_DEFAULT_GPG_PASSPHRASE = exports.INPUT_DEFAULT_GPG_PRIVATE_KEY = exports.INPUT_GPG_PASSPHRASE = exports.INPUT_GPG_PRIVATE_KEY = exports.INPUT_OVERWRITE_SETTINGS = exports.INPUT_SETTINGS_PATH = exports.INPUT_SERVER_PASSWORD = exports.INPUT_SERVER_USERNAME = exports.INPUT_SERVER_ID = exports.INPUT_CHECK_LATEST = exports.INPUT_JDK_FILE = exports.INPUT_DISTRIBUTION = exports.INPUT_JAVA_PACKAGE = exports.INPUT_ARCHITECTURE = exports.INPUT_JAVA_VERSION_FILE = exports.INPUT_JAVA_VERSION = exports.MACOS_JAVA_CONTENT_POSTFIX = void 0;
+exports.DISTRIBUTIONS_ONLY_MAJOR_VERSION = exports.MAVEN_NO_TRANSFER_PROGRESS_LONG_FLAG = exports.MAVEN_NO_TRANSFER_PROGRESS_FLAG = exports.MAVEN_ARGS_ENV = exports.INPUT_SHOW_DOWNLOAD_PROGRESS = exports.INPUT_MVN_TOOLCHAIN_VENDOR = exports.INPUT_MVN_TOOLCHAIN_ID = exports.MVN_TOOLCHAINS_FILE = exports.MVN_SETTINGS_FILE = exports.M2_DIR = exports.STATE_GPG_PRIVATE_KEY_FINGERPRINT = exports.INPUT_JOB_STATUS = exports.INPUT_CACHE_DEPENDENCY_PATH = exports.INPUT_CACHE = exports.INPUT_DEFAULT_GPG_PASSPHRASE = exports.INPUT_DEFAULT_GPG_PRIVATE_KEY = exports.INPUT_GPG_PASSPHRASE = exports.INPUT_GPG_PRIVATE_KEY = exports.INPUT_OVERWRITE_SETTINGS = exports.INPUT_SETTINGS_PATH = exports.INPUT_SERVER_PASSWORD = exports.INPUT_SERVER_USERNAME = exports.INPUT_SERVER_ID = exports.INPUT_CHECK_LATEST = exports.INPUT_JDK_FILE = exports.INPUT_DISTRIBUTION = exports.INPUT_JAVA_PACKAGE = exports.INPUT_ARCHITECTURE = exports.INPUT_JAVA_VERSION_FILE = exports.INPUT_JAVA_VERSION = exports.MACOS_JAVA_CONTENT_POSTFIX = void 0;
 exports.MACOS_JAVA_CONTENT_POSTFIX = 'Contents/Home';
 exports.INPUT_JAVA_VERSION = 'java-version';
 exports.INPUT_JAVA_VERSION_FILE = 'java-version-file';
@@ -52268,6 +52268,10 @@ exports.MVN_SETTINGS_FILE = 'settings.xml';
 exports.MVN_TOOLCHAINS_FILE = 'toolchains.xml';
 exports.INPUT_MVN_TOOLCHAIN_ID = 'mvn-toolchain-id';
 exports.INPUT_MVN_TOOLCHAIN_VENDOR = 'mvn-toolchain-vendor';
+exports.INPUT_SHOW_DOWNLOAD_PROGRESS = 'show-download-progress';
+exports.MAVEN_ARGS_ENV = 'MAVEN_ARGS';
+exports.MAVEN_NO_TRANSFER_PROGRESS_FLAG = '-ntp';
+exports.MAVEN_NO_TRANSFER_PROGRESS_LONG_FLAG = '--no-transfer-progress';
 exports.DISTRIBUTIONS_ONLY_MAJOR_VERSION = ['corretto'];
 
 

dist/setup/index.js

@@ -78000,7 +78000,7 @@ function isProbablyGradleDaemonProblem(packageManager, error) {
 "use strict";
 
 Object.defineProperty(exports, "__esModule", ({ value: true }));
-exports.DISTRIBUTIONS_ONLY_MAJOR_VERSION = exports.INPUT_MVN_TOOLCHAIN_VENDOR = exports.INPUT_MVN_TOOLCHAIN_ID = exports.MVN_TOOLCHAINS_FILE = exports.MVN_SETTINGS_FILE = exports.M2_DIR = exports.STATE_GPG_PRIVATE_KEY_FINGERPRINT = exports.INPUT_JOB_STATUS = exports.INPUT_CACHE_DEPENDENCY_PATH = exports.INPUT_CACHE = exports.INPUT_DEFAULT_GPG_PASSPHRASE = exports.INPUT_DEFAULT_GPG_PRIVATE_KEY = exports.INPUT_GPG_PASSPHRASE = exports.INPUT_GPG_PRIVATE_KEY = exports.INPUT_OVERWRITE_SETTINGS = exports.INPUT_SETTINGS_PATH = exports.INPUT_SERVER_PASSWORD = exports.INPUT_SERVER_USERNAME = exports.INPUT_SERVER_ID = exports.INPUT_CHECK_LATEST = exports.INPUT_JDK_FILE = exports.INPUT_DISTRIBUTION = exports.INPUT_JAVA_PACKAGE = exports.INPUT_ARCHITECTURE = exports.INPUT_JAVA_VERSION_FILE = exports.INPUT_JAVA_VERSION = exports.MACOS_JAVA_CONTENT_POSTFIX = void 0;
+exports.DISTRIBUTIONS_ONLY_MAJOR_VERSION = exports.MAVEN_NO_TRANSFER_PROGRESS_LONG_FLAG = exports.MAVEN_NO_TRANSFER_PROGRESS_FLAG = exports.MAVEN_ARGS_ENV = exports.INPUT_SHOW_DOWNLOAD_PROGRESS = exports.INPUT_MVN_TOOLCHAIN_VENDOR = exports.INPUT_MVN_TOOLCHAIN_ID = exports.MVN_TOOLCHAINS_FILE = exports.MVN_SETTINGS_FILE = exports.M2_DIR = exports.STATE_GPG_PRIVATE_KEY_FINGERPRINT = exports.INPUT_JOB_STATUS = exports.INPUT_CACHE_DEPENDENCY_PATH = exports.INPUT_CACHE = exports.INPUT_DEFAULT_GPG_PASSPHRASE = exports.INPUT_DEFAULT_GPG_PRIVATE_KEY = exports.INPUT_GPG_PASSPHRASE = exports.INPUT_GPG_PRIVATE_KEY = exports.INPUT_OVERWRITE_SETTINGS = exports.INPUT_SETTINGS_PATH = exports.INPUT_SERVER_PASSWORD = exports.INPUT_SERVER_USERNAME = exports.INPUT_SERVER_ID = exports.INPUT_CHECK_LATEST = exports.INPUT_JDK_FILE = exports.INPUT_DISTRIBUTION = exports.INPUT_JAVA_PACKAGE = exports.INPUT_ARCHITECTURE = exports.INPUT_JAVA_VERSION_FILE = exports.INPUT_JAVA_VERSION = exports.MACOS_JAVA_CONTENT_POSTFIX = void 0;
 exports.MACOS_JAVA_CONTENT_POSTFIX = 'Contents/Home';
 exports.INPUT_JAVA_VERSION = 'java-version';
 exports.INPUT_JAVA_VERSION_FILE = 'java-version-file';
@@ -78027,6 +78027,10 @@ exports.MVN_SETTINGS_FILE = 'settings.xml';
 exports.MVN_TOOLCHAINS_FILE = 'toolchains.xml';
 exports.INPUT_MVN_TOOLCHAIN_ID = 'mvn-toolchain-id';
 exports.INPUT_MVN_TOOLCHAIN_VENDOR = 'mvn-toolchain-vendor';
+exports.INPUT_SHOW_DOWNLOAD_PROGRESS = 'show-download-progress';
+exports.MAVEN_ARGS_ENV = 'MAVEN_ARGS';
+exports.MAVEN_NO_TRANSFER_PROGRESS_FLAG = '-ntp';
+exports.MAVEN_NO_TRANSFER_PROGRESS_LONG_FLAG = '--no-transfer-progress';
 exports.DISTRIBUTIONS_ONLY_MAJOR_VERSION = ['corretto'];
 
 
@@ -80889,6 +80893,87 @@ function deleteKey(keyFingerprint) {
 exports.deleteKey = deleteKey;
 
 
+/***/ }),
+
+/***/ 38172:
+/***/ (function(__unused_webpack_module, exports, __nccwpck_require__) {
+
+"use strict";
+
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || function (mod) {
+    if (mod && mod.__esModule) return mod;
+    var result = {};
+    if (mod != null) for (var k in mod) if (k !== "default" && Object.prototype.hasOwnProperty.call(mod, k)) __createBinding(result, mod, k);
+    __setModuleDefault(result, mod);
+    return result;
+};
+Object.defineProperty(exports, "__esModule", ({ value: true }));
+exports.configureMavenArgs = void 0;
+const core = __importStar(__nccwpck_require__(37484));
+const util_1 = __nccwpck_require__(54527);
+const constants_1 = __nccwpck_require__(27242);
+/**
+ * Configures the MAVEN_ARGS environment variable so that Maven suppresses
+ * artifact transfer/download progress output by default, producing cleaner
+ * CI logs.
+ *
+ * Behavior:
+ * - When `show-download-progress` is `false` (the default), `-ntp`
+ *   (`--no-transfer-progress`) is appended to any existing MAVEN_ARGS value.
+ * - When `show-download-progress` is `true`, MAVEN_ARGS is left untouched so
+ *   the user's own configuration (and Maven's default progress output) is
+ *   preserved.
+ *
+ * The change is idempotent: if MAVEN_ARGS already disables transfer progress
+ * (via `-ntp` or `--no-transfer-progress`) nothing is added. Any pre-existing
+ * MAVEN_ARGS value is preserved.
+ *
+ * MAVEN_ARGS is honored by Maven 3.9.0+ and the Maven Wrapper; older Maven
+ * versions ignore it, so this is a no-op there. It has no effect on non-Maven
+ * builds such as Gradle or sbt.
+ */
+function configureMavenArgs() {
+    var _a;
+    const showDownloadProgress = (0, util_1.getBooleanInput)(constants_1.INPUT_SHOW_DOWNLOAD_PROGRESS, false);
+    if (showDownloadProgress) {
+        core.debug(`${constants_1.INPUT_SHOW_DOWNLOAD_PROGRESS} is true; leaving ${constants_1.MAVEN_ARGS_ENV} unchanged`);
+        return;
+    }
+    const existingArgs = ((_a = process.env[constants_1.MAVEN_ARGS_ENV]) !== null && _a !== void 0 ? _a : '').trim();
+    const alreadyDisabled = existingArgs
+        .split(/\s+/)
+        .some(arg => arg === constants_1.MAVEN_NO_TRANSFER_PROGRESS_FLAG ||
+        arg === constants_1.MAVEN_NO_TRANSFER_PROGRESS_LONG_FLAG);
+    if (alreadyDisabled) {
+        core.debug(`${constants_1.MAVEN_ARGS_ENV} already disables transfer progress; leaving it unchanged`);
+        return;
+    }
+    const updatedArgs = existingArgs
+        ? `${existingArgs} ${constants_1.MAVEN_NO_TRANSFER_PROGRESS_FLAG}`
+        : constants_1.MAVEN_NO_TRANSFER_PROGRESS_FLAG;
+    core.exportVariable(constants_1.MAVEN_ARGS_ENV, updatedArgs);
+    core.info(`Configured ${constants_1.MAVEN_ARGS_ENV} to include ${constants_1.MAVEN_NO_TRANSFER_PROGRESS_FLAG} to suppress Maven transfer progress logs. ` +
+        `Set '${constants_1.INPUT_SHOW_DOWNLOAD_PROGRESS}: true' to keep the download progress output.`);
+}
+exports.configureMavenArgs = configureMavenArgs;
+
+
 /***/ }),
 
 /***/ 90471:
@@ -80941,6 +81026,7 @@ const constants = __importStar(__nccwpck_require__(27242));
 const cache_1 = __nccwpck_require__(97377);
 const path = __importStar(__nccwpck_require__(16928));
 const distribution_factory_1 = __nccwpck_require__(2970);
+const maven_args_1 = __nccwpck_require__(38172);
 function run() {
     return __awaiter(this, void 0, void 0, function* () {
         try {
@@ -80988,6 +81074,7 @@ function run() {
             const matchersPath = path.join(__dirname, '..', '..', '.github');
             core.info(`##[add-matcher]${path.join(matchersPath, 'java.json')}`);
             yield auth.configureAuthentication();
+            (0, maven_args_1.configureMavenArgs)();
             if (cache && (0, util_1.isCacheFeatureAvailable)()) {
                 yield (0, cache_1.restore)(cache, cacheDependencyPath);
             }

docs/advanced-usage.md

@@ -12,15 +12,18 @@
   - [GraalVM](#GraalVM)
   - [JetBrains](#JetBrains)
 - [Installing custom Java package type](#Installing-custom-Java-package-type)
+  - [JavaFX Maven project](#JavaFX-Maven-project)
 - [Installing custom Java architecture](#Installing-custom-Java-architecture)
 - [Installing custom Java distribution from local file](#Installing-Java-from-local-file)
 - [Testing against different Java distributions](#Testing-against-different-Java-distributions)
 - [Testing against different platforms](#Testing-against-different-platforms)
 - [Publishing using Apache Maven](#Publishing-using-Apache-Maven)
+- [Maven transfer progress (download logs)](#Maven-transfer-progress-download-logs)
 - [Publishing using Gradle](#Publishing-using-Gradle)
 - [Hosted Tool Cache](#Hosted-Tool-Cache)
 - [Modifying Maven Toolchains](#Modifying-Maven-Toolchains)
 - [Java-version file](#Java-version-file)
+- [Self-signed certificates and internal CAs (GitHub Enterprise)](#Self-signed-certificates-and-internal-CAs-GitHub-Enterprise)
 
 See [action.yml](../action.yml) for more details on task inputs.
 
@@ -36,7 +39,7 @@ steps:
   with:
     distribution: 'temurin'
     java-version: '21'
-- run: java -cp java HelloWorldApp
+- run: java --version
 ```
 
 ### Adopt
@@ -49,7 +52,7 @@ steps:
   with:
     distribution: 'adopt-hotspot'
     java-version: '11'
-- run: java -cp java HelloWorldApp
+- run: java --version
 ```
 
 ### Zulu
@@ -62,7 +65,7 @@ steps:
     distribution: 'zulu'
     java-version: '21'
     java-package: jdk # optional (jdk, jre, jdk+fx or jre+fx) - defaults to jdk
-- run: java -cp java HelloWorldApp
+- run: java --version
 ```
 
 ### Liberica
@@ -75,7 +78,7 @@ steps:
     distribution: 'liberica'
     java-version: '21'
     java-package: jdk # optional (jdk, jre, jdk+fx or jre+fx) - defaults to jdk
-- run: java -cp java HelloWorldApp
+- run: java --version
 ```
 
 ### Microsoft
@@ -87,7 +90,7 @@ steps:
   with:
     distribution: 'microsoft'
     java-version: '21'
-- run: java -cp java HelloWorldApp
+- run: java --version
 ```
 
 ### Using Microsoft distribution on GHES
@@ -116,7 +119,7 @@ steps:
   with:
     distribution: 'corretto'
     java-version: '21'
-- run: java -cp java HelloWorldApp
+- run: java --version
 ```
 
 ### Oracle
@@ -129,7 +132,7 @@ steps:
   with:
     distribution: 'oracle'
     java-version: '21'
-- run: java -cp java HelloWorldApp
+- run: java --version
 ```
 
 ### Alibaba Dragonwell
@@ -142,7 +145,7 @@ steps:
   with:
     distribution: 'dragonwell'
     java-version: '8'
-- run: java -cp java HelloWorldApp
+- run: java --version
 ```
 
 ### SapMachine
@@ -154,7 +157,7 @@ steps:
   with:
     distribution: 'sapmachine'
     java-version: '21'
-- run: java -cp java HelloWorldApp
+- run: java --version
 ```
 
 ### GraalVM
@@ -168,8 +171,8 @@ steps:
     distribution: 'graalvm'
     java-version: '21'
 - run: |
-    java -cp java HelloWorldApp
+    java --version
-    native-image -cp java HelloWorldApp
+    native-image --version
 ```
 
 ### JetBrains
@@ -186,7 +189,7 @@ steps:
   with:
     distribution: 'jetbrains'
     java-version: '11'
-- run: java -cp java HelloWorldApp
+- run: java --version
 ```
 
 The JetBrains installer uses the GitHub API to fetch the latest version. If you believe your project is going to be running into rate limits, you can provide a
@@ -202,7 +205,7 @@ steps:
     java-package: 'jdk' # optional (jdk, jre, jdk+jcef, jre+jcef, jdk+ft, or jre+ft) - defaults to jdk
   env:
     GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-- run: java -cp java HelloWorldApp
+- run: java --version
 ```
 
 You can specify your package type (as shown in the [releases page](https://github.com/JetBrains/JetBrainsRuntime/releases/)) in the `java-package` parameter. 
@@ -225,7 +228,31 @@ steps:
     distribution: '<distribution>'
     java-version: '11'
     java-package: jdk # optional (jdk or jre) - defaults to jdk
-- run: java -cp java HelloWorldApp
+- run: java --version
+```
+
+### JavaFX Maven project
+
+For JavaFX projects that use Maven, use `jdk+fx` (or `jre+fx`) as the `java-package` value together with a distribution that supports it (e.g. `zulu` or `liberica`). Then include the [`javafx-maven-plugin`](https://openjfx.io/openjfx-docs/#maven) in your `pom.xml` as described in the [Getting Started with JavaFX](https://openjfx.io/openjfx-docs/#maven) guide.
+
+```yaml
+steps:
+- uses: actions/checkout@v6
+- uses: actions/setup-java@v5
+  with:
+    distribution: 'zulu'
+    java-version: '21'
+    java-package: jdk+fx
+    cache: maven
+- name: Build with Maven
+  run: mvn --no-transfer-progress compile
+```
+
+To run the JavaFX application in CI:
+
+```yaml
+- name: Run with Maven
+  run: mvn --no-transfer-progress javafx:run
 ```
 
 ## Installing custom Java architecture
@@ -238,7 +265,7 @@ steps:
     distribution: '<distribution>'
     java-version: '11'
     architecture: x86 # optional - default value derived from the runner machine
-- run: java -cp java HelloWorldApp
+- run: java --version
 ```
 
 ## Installing Java from local file
@@ -256,7 +283,7 @@ steps:
     java-version: '11.0.0'
     architecture: x64
     
-- run: java -cp java HelloWorldApp
+- run: java --version
 ```
 
 If your use-case requires a custom distribution (in the example, alpine-linux is used) or a version that is not provided by setup-java and you want to always install the latest version during runtime, then you can use the following code to auto-download the latest JDK, determine the semver needed for setup-java, and setup-java will take care of the installation and caching on the VM:
@@ -281,7 +308,7 @@ If your use-case requires a custom distribution (in the example, alpine-linux is
           jdkFile: ${{ runner.temp }}/java_package.tar.gz
           java-version: {{ steps.fetch_latest_jdk.outputs.java_version }}
           architecture: x64
-       - run: java -cp java HelloWorldApp
+       - run: java --version
 ```
 
 ## Testing against different Java distributions
@@ -302,7 +329,7 @@ jobs:
         with:
           distribution: ${{ matrix.distribution }}
           java-version: ${{ matrix.java }}
-      - run: java -cp java HelloWorldApp
+      - run: java --version
 ```
 
 #### Testing against different platforms
@@ -322,7 +349,7 @@ jobs:
         with:
           distribution: 'temurin'
           java-version: ${{ matrix.java }}
-      - run: java -cp java HelloWorldApp
+      - run: java --version
 ```
 
 ## Publishing using Apache Maven
@@ -464,6 +491,36 @@ jobs:
         GITHUB_TOKEN: ${{ github.token }}
 ```
 
+## Maven transfer progress (download logs)
+
+By default, Maven prints a line for every artifact it downloads, which can add hundreds of noisy lines to CI logs. To keep logs clean, `setup-java` sets the [`MAVEN_ARGS`](https://maven.apache.org/configure.html#maven_args-environment-variable) environment variable to include `-ntp` (`--no-transfer-progress`) so that subsequent Maven invocations in the job suppress this transfer progress output.
+
+This is enabled by default. Any existing `MAVEN_ARGS` value is preserved (the flag is appended, not overwritten), and the flag is not added twice if you already set it yourself.
+
+If you want to keep the download/transfer progress in your logs, set `show-download-progress: true`:
+
+```yaml
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+    - uses: actions/checkout@v6
+    - uses: actions/setup-java@v5
+      with:
+        distribution: '<distribution>'
+        java-version: '21'
+        show-download-progress: true # keep Maven download/transfer progress in the logs
+
+    - name: Build with Maven
+      run: mvn -B package --file pom.xml
+```
+
+***NOTES***:
+- `MAVEN_ARGS` is honored by Maven 3.9.0+ and the Maven Wrapper (`mvnw`). Older Maven versions ignore it, so on those you can pass `--no-transfer-progress` on the command line instead.
+- This setting only affects Maven. It has no effect on Gradle, sbt, or other build tools.
+- `-ntp` only controls transfer/progress output; it does not change whether Maven runs in batch mode. Use `-B`/`--batch-mode` (or `<interactiveMode>false</interactiveMode>` in `settings.xml`) if you also want non-interactive runs.
+
 ## Publishing using Gradle
 ```yaml
 jobs:
@@ -580,7 +637,7 @@ steps:
     distribution: 'temurin'
     java-version: '11'
     mvn-toolchain-id: 'some_other_id'
-- run: java -cp java HelloWorldApp
+- run: java --version
 ```
 
 In case you install multiple versions of Java at once you can use the same syntax as used in `java-versions`. Please note that you have to declare an ID for all Java versions that will be installed or the `mvn-toolchain-id` instruction will be skipped wholesale due to mapping ambiguities.
@@ -635,3 +692,94 @@ If the file contains multiple versions, only the first one will be recognized.
 
 ***NOTE***:
 For the tool-version file, ensure that you use standard semantic versioning (semver) formats, as non-standard formats (such as jetbrains-21b212.1) may not be parsed correctly. Additionally, for complex version strings containing multiple version-like segments (for example, java semeru-openj9-11.0.15+10_openj9-0.32.0), the extraction logic may incorrectly capture the last segment (0.32.0) instead of the main version (11.0.15+10).
+
+## Self-signed certificates and internal CAs (GitHub Enterprise)
+
+When `setup-java` dynamically downloads a JDK, it makes HTTPS requests both to fetch the available version metadata and to download the JDK archive. If your runners sit behind a **TLS-inspecting corporate proxy**, or you are on **GitHub Enterprise Server (GHES)** with an internal certificate authority, those requests can fail with an error such as:
+
+```
+Error: self signed certificate in certificate chain
+```
+
+This happens because the certificate presented to the runner is signed by an **internal or self-signed CA** that is not part of the runner's default trust store. The download itself is fine — the runner simply cannot verify the certificate chain.
+
+### Recommended fix: trust your internal CA
+
+The secure way to resolve this is to make the runner trust your organization's CA, which keeps TLS verification fully enabled. `setup-java` runs on Node.js, which honors the [`NODE_EXTRA_CA_CERTS`](https://nodejs.org/api/cli.html#node_extra_ca_certsfile) environment variable. Point it at your CA bundle (in PEM format) **before** the `actions/setup-java` step:
+
+```yaml
+steps:
+  # The CA bundle is already present on the runner image in this example.
+  # Alternatively, write it from a secret in a previous step.
+  - name: Trust the internal CA
+    run: echo "NODE_EXTRA_CA_CERTS=/etc/ssl/certs/internal-ca.pem" >> "$GITHUB_ENV"
+
+  - uses: actions/setup-java@v5
+    with:
+      distribution: 'temurin'
+      java-version: '21'
+```
+
+If you keep the certificate in a secret rather than on the runner image, write it to disk first:
+
+```yaml
+steps:
+  - name: Write and trust the internal CA
+    run: |
+      echo "${{ secrets.INTERNAL_CA_PEM }}" > "${RUNNER_TEMP}/internal-ca.pem"
+      echo "NODE_EXTRA_CA_CERTS=${RUNNER_TEMP}/internal-ca.pem" >> "$GITHUB_ENV"
+
+  - uses: actions/setup-java@v5
+    with:
+      distribution: 'temurin'
+      java-version: '21'
+```
+
+For **self-hosted runners**, you can instead install your CA into the operating system's trust store (for example, `update-ca-certificates` on Debian/Ubuntu or `update-ca-trust` on RHEL). This makes the certificate trusted for all tooling on the runner, not just `setup-java`.
+
+### GitHub Enterprise customers
+
+On **GitHub Enterprise Server**, traffic from your runners frequently passes through an organization-managed proxy or terminates TLS at an appliance using a certificate from an internal CA. If your workflows hit the error above, set `NODE_EXTRA_CA_CERTS` to your enterprise CA bundle (or bake the CA into your self-hosted runner image) as shown above. Coordinate with your platform team to obtain the correct PEM bundle for your appliance and proxy chain.
+
+### Security warning: do not disable certificate verification
+
+Do **not** work around this error by disabling TLS verification (for example, by setting `NODE_TLS_REJECT_UNAUTHORIZED=0`). `setup-java` does not verify a pinned checksum or signature of the downloaded archive, so **TLS is effectively the only integrity guarantee** on the JDK download. Disabling verification would expose your workflow to a man-in-the-middle attacker who could serve a tampered JDK — which then becomes the `java` used by the rest of your pipeline, with access to your secrets and credentials. Always extend trust to your CA instead of turning verification off.
+
+### Trusting an internal CA inside the installed JDK
+
+The guidance above makes the **runner** trust your CA so that the JDK can be *downloaded*. That is a separate layer from making the **installed JDK** trust your CA at *application runtime*. If your build steps (Maven/Gradle dependency resolution, integration tests, HTTPS calls from your app, etc.) connect to internal services that present a certificate from your internal CA, the JDK will reject them with errors such as:
+
+```
+PKIX path building failed: unable to find valid certification path to requested target
+```
+
+The JDK keeps its own trust store — a keystore named `cacerts` under `$JAVA_HOME/lib/security/cacerts` — which is independent of the operating system and Node trust stores. After `setup-java` has run (so that `JAVA_HOME` points at the freshly installed JDK), import your CA into that keystore with `keytool`:
+
+```yaml
+steps:
+  - uses: actions/setup-java@v5
+    with:
+      distribution: 'temurin'
+      java-version: '21'
+
+  - name: Import internal CA into the JDK trust store
+    shell: bash
+    run: |
+      # Write the CA from a secret (or reference a file already on the runner)
+      echo "${{ secrets.INTERNAL_CA_PEM }}" > "${RUNNER_TEMP}/internal-ca.pem"
+      keytool -importcert -noprompt \
+        -alias internal-ca \
+        -file "${RUNNER_TEMP}/internal-ca.pem" \
+        -keystore "${JAVA_HOME}/lib/security/cacerts" \
+        -storepass changeit
+```
+
+Notes and caveats:
+
+- The default keystore password for `cacerts` is `changeit` unless your distribution overrides it.
+- On **hosted runners** the change applies only to the current job's JDK and is discarded when the job ends, so include the import step in every job that needs it.
+- On **self-hosted runners**, importing into a tool-cache JDK persists for as long as that cached version remains on the runner; if you want it to survive JDK reinstalls, pre-seed the CA into your runner image or re-run the import step each time.
+- Prefer giving the certificate a stable, descriptive `-alias` so re-runs are idempotent (re-importing the same alias will fail; add `keytool -delete -alias internal-ca ...` first if you re-run within a long-lived runner).
+
+This documents the post-install workflow; there is no dedicated action input for supplying a custom `cacerts` file.
+

eslint.config.mjs

@@ -1,83 +0,0 @@
-import js from '@eslint/js';
-import tseslint from 'typescript-eslint';
-import jestPlugin from 'eslint-plugin-jest';
-import nodePlugin from 'eslint-plugin-n';
-import eslintConfigPrettier from 'eslint-config-prettier';
-import globals from 'globals';
-
-export default tseslint.config(
-  {
-    ignores: [
-      'dist/',
-      'lib/',
-      'node_modules/',
-      'coverage/',
-      '**/*.js',
-      '**/*.cjs',
-      '**/*.mjs',
-      '**/*.d.ts'
-    ]
-  },
-  {
-    files: ['src/**/*.ts', '__tests__/**/*.ts'],
-    extends: [
-      js.configs.recommended,
-      ...tseslint.configs.recommended,
-      jestPlugin.configs['flat/recommended'],
-      eslintConfigPrettier
-    ],
-    plugins: {
-      n: nodePlugin
-    },
-    languageOptions: {
-      ecmaVersion: 2021,
-      sourceType: 'module',
-      globals: {
-        ...globals.node,
-        ...globals.es2021
-      }
-    },
-    rules: {
-      '@typescript-eslint/no-require-imports': 'error',
-      '@typescript-eslint/no-non-null-assertion': 'off',
-      '@typescript-eslint/no-explicit-any': 'off',
-      '@typescript-eslint/no-empty-function': 'off',
-      '@typescript-eslint/ban-ts-comment': [
-        'error',
-        {
-          'ts-ignore': 'allow-with-description'
-        }
-      ],
-      'no-console': 'error',
-      yoda: 'error',
-      'prefer-const': [
-        'error',
-        {
-          destructuring: 'all'
-        }
-      ],
-      'no-control-regex': 'off',
-      'no-constant-condition': ['error', {checkLoops: false}],
-      // ESLint 10's recommended set adds `preserve-caught-error`, which the
-      // previous ESLint 8 recommended config did not enable. Keep it off to
-      // preserve the prior lint behavior; adopting it would require attaching
-      // an Error `cause` (ES2022) and is out of scope for this upgrade.
-      'preserve-caught-error': 'off',
-      'n/no-extraneous-import': 'error'
-    }
-  },
-  {
-    files: ['**/*{test,spec}.ts'],
-    languageOptions: {
-      globals: {
-        ...globals.jest
-      }
-    },
-    rules: {
-      '@typescript-eslint/no-unused-vars': 'off',
-      'jest/no-standalone-expect': 'off',
-      'jest/no-conditional-expect': 'off',
-      'no-console': 'off'
-    }
-  }
-);

package.json

@@ -11,8 +11,8 @@
     "build": "ncc build -o dist/setup src/setup-java.ts && ncc build -o dist/cleanup src/cleanup-java.ts",
     "format": "prettier --no-error-on-unmatched-pattern --config ./.prettierrc.js --write \"**/*.{ts,yml,yaml}\"",
     "format-check": "prettier --no-error-on-unmatched-pattern --config ./.prettierrc.js --check \"**/*.{ts,yml,yaml}\"",
-    "lint": "eslint \"src/**/*.ts\" \"__tests__/**/*.ts\"",
+    "lint": "eslint --config ./.eslintrc.js \"**/*.ts\"",
-    "lint:fix": "eslint \"src/**/*.ts\" \"__tests__/**/*.ts\" --fix",
+    "lint:fix": "eslint --config ./.eslintrc.js \"**/*.ts\" --fix",
     "prerelease": "npm run-script build",
     "release": "git add -f dist/setup/index.js dist/cleanup/index.js",
     "test": "jest"
@@ -40,22 +40,21 @@
     "xmlbuilder2": "^4.0.3"
   },
   "devDependencies": {
-    "@eslint/js": "^10.0.1",
     "@types/jest": "^30.0.0",
     "@types/node": "^26.0.0",
     "@types/semver": "^7.5.8",
+    "@typescript-eslint/eslint-plugin": "^8.48.0",
+    "@typescript-eslint/parser": "^8.61.1",
     "@vercel/ncc": "^0.44.0",
-    "eslint": "^10.5.0",
+    "eslint": "^8.57.0",
     "eslint-config-prettier": "^10.1.8",
-    "eslint-plugin-jest": "^29.15.2",
+    "eslint-plugin-jest": "^29.0.1",
-    "eslint-plugin-n": "^18.1.0",
+    "eslint-plugin-node": "^11.1.0",
-    "globals": "^17.7.0",
     "jest": "^30.4.2",
     "jest-circus": "^30.4.2",
     "prettier": "^3.6.2",
     "ts-jest": "^29.4.11",
-    "typescript": "^5.3.3",
+    "typescript": "^5.3.3"
-    "typescript-eslint": "^8.62.0"
   },
   "bugs": {
     "url": "https://github.com/actions/setup-java/issues"

src/constants.ts

@@ -28,5 +28,10 @@ export const MVN_SETTINGS_FILE = 'settings.xml';
 export const MVN_TOOLCHAINS_FILE = 'toolchains.xml';
 export const INPUT_MVN_TOOLCHAIN_ID = 'mvn-toolchain-id';
 export const INPUT_MVN_TOOLCHAIN_VENDOR = 'mvn-toolchain-vendor';
+export const INPUT_SHOW_DOWNLOAD_PROGRESS = 'show-download-progress';
+
+export const MAVEN_ARGS_ENV = 'MAVEN_ARGS';
+export const MAVEN_NO_TRANSFER_PROGRESS_FLAG = '-ntp';
+export const MAVEN_NO_TRANSFER_PROGRESS_LONG_FLAG = '--no-transfer-progress';
 
 export const DISTRIBUTIONS_ONLY_MAJOR_VERSION = ['corretto'];

src/maven-args.ts

@@ -0,0 +1,69 @@
+import * as core from '@actions/core';
+import {getBooleanInput} from './util';
+import {
+  INPUT_SHOW_DOWNLOAD_PROGRESS,
+  MAVEN_ARGS_ENV,
+  MAVEN_NO_TRANSFER_PROGRESS_FLAG,
+  MAVEN_NO_TRANSFER_PROGRESS_LONG_FLAG
+} from './constants';
+
+/**
+ * Configures the MAVEN_ARGS environment variable so that Maven suppresses
+ * artifact transfer/download progress output by default, producing cleaner
+ * CI logs.
+ *
+ * Behavior:
+ * - When `show-download-progress` is `false` (the default), `-ntp`
+ *   (`--no-transfer-progress`) is appended to any existing MAVEN_ARGS value.
+ * - When `show-download-progress` is `true`, MAVEN_ARGS is left untouched so
+ *   the user's own configuration (and Maven's default progress output) is
+ *   preserved.
+ *
+ * The change is idempotent: if MAVEN_ARGS already disables transfer progress
+ * (via `-ntp` or `--no-transfer-progress`) nothing is added. Any pre-existing
+ * MAVEN_ARGS value is preserved.
+ *
+ * MAVEN_ARGS is honored by Maven 3.9.0+ and the Maven Wrapper; older Maven
+ * versions ignore it, so this is a no-op there. It has no effect on non-Maven
+ * builds such as Gradle or sbt.
+ */
+export function configureMavenArgs(): void {
+  const showDownloadProgress = getBooleanInput(
+    INPUT_SHOW_DOWNLOAD_PROGRESS,
+    false
+  );
+
+  if (showDownloadProgress) {
+    core.debug(
+      `${INPUT_SHOW_DOWNLOAD_PROGRESS} is true; leaving ${MAVEN_ARGS_ENV} unchanged`
+    );
+    return;
+  }
+
+  const existingArgs = (process.env[MAVEN_ARGS_ENV] ?? '').trim();
+
+  const alreadyDisabled = existingArgs
+    .split(/\s+/)
+    .some(
+      arg =>
+        arg === MAVEN_NO_TRANSFER_PROGRESS_FLAG ||
+        arg === MAVEN_NO_TRANSFER_PROGRESS_LONG_FLAG
+    );
+
+  if (alreadyDisabled) {
+    core.debug(
+      `${MAVEN_ARGS_ENV} already disables transfer progress; leaving it unchanged`
+    );
+    return;
+  }
+
+  const updatedArgs = existingArgs
+    ? `${existingArgs} ${MAVEN_NO_TRANSFER_PROGRESS_FLAG}`
+    : MAVEN_NO_TRANSFER_PROGRESS_FLAG;
+
+  core.exportVariable(MAVEN_ARGS_ENV, updatedArgs);
+  core.info(
+    `Configured ${MAVEN_ARGS_ENV} to include ${MAVEN_NO_TRANSFER_PROGRESS_FLAG} to suppress Maven transfer progress logs. ` +
+      `Set '${INPUT_SHOW_DOWNLOAD_PROGRESS}: true' to keep the download progress output.`
+  );
+}

src/setup-java.ts

@@ -12,6 +12,7 @@ import {restore} from './cache';
 import * as path from 'path';
 import {getJavaDistribution} from './distributions/distribution-factory';
 import {JavaInstallerOptions} from './distributions/base-models';
+import {configureMavenArgs} from './maven-args';
 
 async function run() {
   try {
@@ -79,6 +80,7 @@ async function run() {
     core.info(`##[add-matcher]${path.join(matchersPath, 'java.json')}`);
 
     await auth.configureAuthentication();
+    configureMavenArgs();
     if (cache && isCacheFeatureAvailable()) {
       await restore(cache, cacheDependencyPath);
     }