cicd/setup-java
1
0
Fork 0
mirror of https://github.com/actions/setup-java.git synced 2026-06-22 07:41:13 +03:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: cicd/setup-java:dependabot/npm_and_yarn/eslint-10.5.0
Branches Tags
cicd/setup-java:main cicd/setup-java:dependabot/github_actions/actions/checkout-7 cicd/setup-java:dependabot/npm_and_yarn/types/node-26.0.0 cicd/setup-java:dependabot/npm_and_yarn/actions/http-client-4.0.1 cicd/setup-java:dependabot/npm_and_yarn/actions/cache-6.1.0 cicd/setup-java:brunoborges-patch-doc1 cicd/setup-java:dependabot/npm_and_yarn/typescript-6.0.3 cicd/setup-java:dependabot/npm_and_yarn/eslint-10.5.0 cicd/setup-java:copilot/upgrade-dependencies-and-fix-vulnerabilities cicd/setup-java:releases/v4 cicd/setup-java:v4Fix cicd/setup-java:test-macos-x64-runner cicd/setup-java:error-handling cicd/setup-java:releases/v3 cicd/setup-java:UpdatePublishImmutable cicd/setup-java:add-publish-immutable-action cicd/setup-java:actions-cache-4.0.3-upgrade-v3 cicd/setup-java:upgrade-actions-cache-4.0.3 cicd/setup-java:benwells/readme-update-permissions cicd/setup-java:DependabotSetup cicd/setup-java:upgrade-cache-4.0.0 cicd/setup-java:update-graalvm-doc cicd/setup-java:Jcambass-patch-1 cicd/setup-java:basicvalidation cicd/setup-java:test-dragonwellfix cicd/setup-java:macoslatestfix cicd/setup-java:upgrade-actions-cache-4.0.3-v3 cicd/setup-java:releases/v1 cicd/setup-java:releases/v2 cicd/setup-java:revert-421-revert-401-oracle-jdk cicd/setup-java:v2-preview
cicd/setup-java:v5.3.0 cicd/setup-java:v5 cicd/setup-java:v5.2.0 cicd/setup-java:v5.1.0 cicd/setup-java:v4 cicd/setup-java:v4.8.0 cicd/setup-java:v5.0.0 cicd/setup-java:v3 cicd/setup-java:v3.14.1 cicd/setup-java:v3.14.0 cicd/setup-java:v4.7.1 cicd/setup-java:v4.7.0 cicd/setup-java:v4.6.0 cicd/setup-java:v4.5.0 cicd/setup-java:v4.4.0 cicd/setup-java:v4.3.0 cicd/setup-java:v4.2.2 cicd/setup-java:v4.2.1 cicd/setup-java:v4.2.0 cicd/setup-java:v4.1.0 cicd/setup-java:v4.0.0 cicd/setup-java:v3.13.0 cicd/setup-java:v3.12.0 cicd/setup-java:v1.4.4 cicd/setup-java:v1 cicd/setup-java:v2 cicd/setup-java:v2.5.1 cicd/setup-java:v3.11.0 cicd/setup-java:v3.10.0 cicd/setup-java:v3.9.0 cicd/setup-java:v3.8.0 cicd/setup-java:v3.6.0 cicd/setup-java:v3.5.1 cicd/setup-java:v3.5.0 cicd/setup-java:v3.4.1 cicd/setup-java:v3.4.0 cicd/setup-java:v3.3.0 cicd/setup-java:v3.2.0 cicd/setup-java:v3.1.1 cicd/setup-java:v3.1.0 cicd/setup-java:v3.0.0 cicd/setup-java:v2.5.0 cicd/setup-java:v2.4.0 cicd/setup-java:v2.3.1 cicd/setup-java:v2.3.0 cicd/setup-java:v2.2.0 cicd/setup-java:v2.1.0 cicd/setup-java:v2.0.0 cicd/setup-java:v1.4.3 cicd/setup-java:v1.4.2 cicd/setup-java:v1.4.1 cicd/setup-java:v1.4.0 cicd/setup-java:v1.3.0 cicd/setup-java:v1.2.0 cicd/setup-java:v1.0 cicd/setup-java:v1.1.0 cicd/setup-java:v1.0.1 cicd/setup-java:v1.0.0
..
compare: cicd/setup-java:dependabot/github_actions/actions/checkout-7
Branches Tags
cicd/setup-java:dependabot/github_actions/actions/checkout-7 cicd/setup-java:dependabot/npm_and_yarn/types/node-26.0.0 cicd/setup-java:dependabot/npm_and_yarn/actions/http-client-4.0.1 cicd/setup-java:dependabot/npm_and_yarn/actions/cache-6.1.0 cicd/setup-java:brunoborges-patch-doc1 cicd/setup-java:main cicd/setup-java:dependabot/npm_and_yarn/typescript-6.0.3 cicd/setup-java:dependabot/npm_and_yarn/eslint-10.5.0 cicd/setup-java:copilot/upgrade-dependencies-and-fix-vulnerabilities cicd/setup-java:releases/v4 cicd/setup-java:v4Fix cicd/setup-java:test-macos-x64-runner cicd/setup-java:error-handling cicd/setup-java:releases/v3 cicd/setup-java:UpdatePublishImmutable cicd/setup-java:add-publish-immutable-action cicd/setup-java:actions-cache-4.0.3-upgrade-v3 cicd/setup-java:upgrade-actions-cache-4.0.3 cicd/setup-java:benwells/readme-update-permissions cicd/setup-java:DependabotSetup cicd/setup-java:upgrade-cache-4.0.0 cicd/setup-java:update-graalvm-doc cicd/setup-java:Jcambass-patch-1 cicd/setup-java:basicvalidation cicd/setup-java:test-dragonwellfix cicd/setup-java:macoslatestfix cicd/setup-java:upgrade-actions-cache-4.0.3-v3 cicd/setup-java:releases/v1 cicd/setup-java:releases/v2 cicd/setup-java:revert-421-revert-401-oracle-jdk cicd/setup-java:v2-preview
cicd/setup-java:v5.3.0 cicd/setup-java:v5 cicd/setup-java:v5.2.0 cicd/setup-java:v5.1.0 cicd/setup-java:v4 cicd/setup-java:v4.8.0 cicd/setup-java:v5.0.0 cicd/setup-java:v3 cicd/setup-java:v3.14.1 cicd/setup-java:v3.14.0 cicd/setup-java:v4.7.1 cicd/setup-java:v4.7.0 cicd/setup-java:v4.6.0 cicd/setup-java:v4.5.0 cicd/setup-java:v4.4.0 cicd/setup-java:v4.3.0 cicd/setup-java:v4.2.2 cicd/setup-java:v4.2.1 cicd/setup-java:v4.2.0 cicd/setup-java:v4.1.0 cicd/setup-java:v4.0.0 cicd/setup-java:v3.13.0 cicd/setup-java:v3.12.0 cicd/setup-java:v1.4.4 cicd/setup-java:v1 cicd/setup-java:v2 cicd/setup-java:v2.5.1 cicd/setup-java:v3.11.0 cicd/setup-java:v3.10.0 cicd/setup-java:v3.9.0 cicd/setup-java:v3.8.0 cicd/setup-java:v3.6.0 cicd/setup-java:v3.5.1 cicd/setup-java:v3.5.0 cicd/setup-java:v3.4.1 cicd/setup-java:v3.4.0 cicd/setup-java:v3.3.0 cicd/setup-java:v3.2.0 cicd/setup-java:v3.1.1 cicd/setup-java:v3.1.0 cicd/setup-java:v3.0.0 cicd/setup-java:v2.5.0 cicd/setup-java:v2.4.0 cicd/setup-java:v2.3.1 cicd/setup-java:v2.3.0 cicd/setup-java:v2.2.0 cicd/setup-java:v2.1.0 cicd/setup-java:v2.0.0 cicd/setup-java:v1.4.3 cicd/setup-java:v1.4.2 cicd/setup-java:v1.4.1 cicd/setup-java:v1.4.0 cicd/setup-java:v1.3.0 cicd/setup-java:v1.2.0 cicd/setup-java:v1.0 cicd/setup-java:v1.1.0 cicd/setup-java:v1.0.1 cicd/setup-java:v1.0.0

4 Commits
dependabot/npm_and_yarn/eslint-10.5.0 .. dependabot/github_actions/actions/checkout-7

Author SHA1 Message Date
dependabot[bot] 7222542397 Bump actions/checkout from 6 to 7 
Bumps [actions/checkout](https://github.com/actions/checkout) from 6 to 7.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-06-22 03:43:15 +00:00
Sean Proctor baa1691374 fix: reject non-semver candidate versions in isVersionSatisfies (#1009) 
Distributions like JetBrains Runtime publish 4-segment versions such as
'17.0.8.1+1080.1' that the semver package rejects. Both compareBuild and
satisfies throw on these, which surfaced to users as "Error: Invalid
Version: 17.0.8.1+1080.1" and aborted the whole install when any
available version was non-semver. Guard with an early semver.valid check
so unparseable versions are treated as a non-match.

Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-06-17 22:47:02 -05:00
George Adams bc52a13212 fix CodeQL permissions (#1025) 2026-06-17 07:58:23 -07:00
Josh Soref c9b6aee07e Fix codeql workflow permissions (#993) 
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
 2026-06-17 07:52:02 -07:00
13 changed files with 432 additions and 581 deletions
Expand all files Collapse all files
.github/workflows/codeql-analysis.yml
+4
View File
@@ -10,5 +10,9 @@ on:
jobs:
call-codeQL-analysis:
permissions:
actions: read
contents: read
security-events: write
name: CodeQL analysis
uses: actions/reusable-workflows/.github/workflows/codeql-analysis.yml@main
.github/workflows/e2e-cache-dependency-path.yml
+3 -3
View File
@@ -24,7 +24,7 @@ jobs:
os: [macos-latest, windows-latest, ubuntu-latest]
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: Run setup-java with the cache for gradle
uses: ./
id: setup-java
@@ -51,7 +51,7 @@ jobs:
needs: gradle1-save
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: Run setup-java with the cache for gradle
uses: ./
id: setup-java
@@ -76,7 +76,7 @@ jobs:
needs: gradle1-save
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: Run setup-java with the cache for gradle
uses: ./
id: setup-java
.github/workflows/e2e-cache.yml
+6 -6
View File
@@ -24,7 +24,7 @@ jobs:
os: [macos-15-intel, windows-latest, ubuntu-latest]
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: Run setup-java with the cache for gradle
uses: ./
id: setup-java
@@ -50,7 +50,7 @@ jobs:
needs: gradle-save
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: Run setup-java with the cache for gradle
uses: ./
id: setup-java
@@ -73,7 +73,7 @@ jobs:
os: [macos-15-intel, windows-latest, ubuntu-latest]
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: Run setup-java with the cache for maven
uses: ./
id: setup-java
@@ -97,7 +97,7 @@ jobs:
needs: maven-save
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: Run setup-java with the cache for maven
uses: ./
id: setup-java
@@ -124,7 +124,7 @@ jobs:
os: [macos-15-intel, windows-latest, ubuntu-22.04]
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: Run setup-java with the cache for sbt
uses: ./
id: setup-java
@@ -174,7 +174,7 @@ jobs:
needs: sbt-save
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: Run setup-java with the cache for sbt
uses: ./
id: setup-java
.github/workflows/e2e-local-file.yml
+3 -3
View File
@@ -21,7 +21,7 @@ jobs:
os: [macos-latest, windows-latest, ubuntu-latest]
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: Download Adopt OpenJDK file
run: |
if ($IsLinux) {
@@ -58,7 +58,7 @@ jobs:
os: [macos-latest, windows-latest, ubuntu-latest]
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: Download Zulu OpenJDK file
run: |
if ($IsLinux) {
@@ -95,7 +95,7 @@ jobs:
os: [macos-latest, windows-latest, ubuntu-latest]
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: Download Eclipse Temurin file
run: |
if ($IsLinux) {
.github/workflows/e2e-publishing.yml
+4 -4
View File
@@ -25,7 +25,7 @@ jobs:
os: [macos-latest, windows-latest, ubuntu-latest]
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: setup-java
uses: ./
id: setup-java
@@ -60,7 +60,7 @@ jobs:
os: [macos-latest, windows-latest, ubuntu-latest]
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: Create fake settings.xml
run: |
$xmlDirectory = Join-Path $HOME ".m2"
@@ -96,7 +96,7 @@ jobs:
os: [macos-latest, windows-latest, ubuntu-latest]
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: Create fake settings.xml
run: |
$xmlDirectory = Join-Path $HOME ".m2"
@@ -133,7 +133,7 @@ jobs:
os: [macos-latest, windows-latest, ubuntu-latest]
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: setup-java
uses: ./
id: setup-java
.github/workflows/e2e-versions.yml
+14 -14
View File
@@ -73,7 +73,7 @@ jobs:
version: '24-ea'
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: setup-java
uses: ./
id: setup-java
@@ -99,7 +99,7 @@ jobs:
version: ['21', '17']
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: Install bash
run: apk add --no-cache bash
- name: setup-java
@@ -149,7 +149,7 @@ jobs:
version: '17.0.7'
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: setup-java
uses: ./
id: setup-java
@@ -184,7 +184,7 @@ jobs:
os: macos-latest
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: setup-java
uses: ./
id: setup-java
@@ -220,7 +220,7 @@ jobs:
os: macos-latest
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: setup-java
uses: ./
id: setup-java
@@ -259,7 +259,7 @@ jobs:
version: ['17-ea', '15.0.0-ea.14']
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: setup-java
uses: ./
id: setup-java
@@ -281,7 +281,7 @@ jobs:
version: ['17-ea']
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: setup-java
uses: ./
id: setup-java
@@ -303,7 +303,7 @@ jobs:
version: ['17-ea', '21-ea']
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: setup-java
uses: ./
id: setup-java
@@ -390,7 +390,7 @@ jobs:
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: setup-java
uses: ./
id: setup-java
@@ -418,7 +418,7 @@ jobs:
version: ['11']
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: setup-java
uses: ./
id: setup-java
@@ -441,7 +441,7 @@ jobs:
java-version-file: ['.java-version', '.tool-versions']
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: Create .java-version file
shell: bash
run: echo "17" > .java-version
@@ -470,7 +470,7 @@ jobs:
java-version-file: ['.java-version', '.tool-versions']
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: Create .java-version file
shell: bash
run: echo "11" > .java-version
@@ -498,7 +498,7 @@ jobs:
java-version-file: ['.java-version', '.tool-versions']
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: Create .java-version file
shell: bash
run: echo "17.0.10" > .java-version
@@ -526,7 +526,7 @@ jobs:
java-version-file: ['.java-version', '.tool-versions', '.sdkmanrc']
steps:
- name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: Create .java-version file
shell: bash
run: echo "openjdk64-17.0.10" > .java-version
.github/workflows/publish-immutable-actions.yml
+1 -1
View File
@@ -15,7 +15,7 @@ jobs:
steps:
- name: Checking out
uses: actions/checkout@v6
uses: actions/checkout@v7
- name: Publish
id: publish
uses: actions/publish-immutable-action@v0.0.4
__tests__/util.test.ts
+5 -1
View File
@@ -29,7 +29,11 @@ describe('isVersionSatisfies', () => {
['2.5.1+3', '2.5.1+3', true],
['2.5.1+3', '2.5.1+2', false],
['15.0.0+14', '15.0.0+14.1.202003190635', false],
['15.0.0+14.1.202003190635', '15.0.0+14.1.202003190635', true]
['15.0.0+14.1.202003190635', '15.0.0+14.1.202003190635', true],
// 4-segment versions (e.g. JetBrains Runtime '17.0.8.1+1080.1') are not
// valid semver — they should be rejected, not throw.
['25.0.3+480.61', '17.0.8.1+1080.1', false],
['17', '17.0.8.1+1080.1', false]
])(
'%s, %s -> %s',
(inputRange: string, inputVersion: string, expected: boolean) => {
dist/cleanup/index.js
Vendored
+7
View File
@@ -52208,6 +52208,13 @@ function getDownloadArchiveExtension() {
exports.getDownloadArchiveExtension = getDownloadArchiveExtension;
function isVersionSatisfies(range, version) {
var _a;
// Some distributions (e.g. JetBrains Runtime) publish 4-segment versions
// like '17.0.8.1+1080.1' that semver rejects. If the candidate version
// isn't valid semver, it can't match — bail out rather than letting
// compareBuild / satisfies throw.
if (!semver.valid(version)) {
return false;
}
if (semver.valid(range)) {
// if full version with build digit is provided as a range (such as '1.2.3+4')
// we should check for exact equal via compareBuild
dist/setup/index.js
Vendored
+7
View File
@@ -81039,6 +81039,13 @@ function getDownloadArchiveExtension() {
exports.getDownloadArchiveExtension = getDownloadArchiveExtension;
function isVersionSatisfies(range, version) {
var _a;
// Some distributions (e.g. JetBrains Runtime) publish 4-segment versions
// like '17.0.8.1+1080.1' that semver rejects. If the candidate version
// isn't valid semver, it can't match — bail out rather than letting
// compareBuild / satisfies throw.
if (!semver.valid(version)) {
return false;
}
if (semver.valid(range)) {
// if full version with build digit is provided as a range (such as '1.2.3+4')
// we should check for exact equal via compareBuild
package-lock.json
Generated
+369 -548
View File
File diff suppressed because it is too large Load Diff
package.json
+1 -1
View File
@@ -46,7 +46,7 @@
"@typescript-eslint/eslint-plugin": "^8.48.0",
"@typescript-eslint/parser": "^8.61.1",
"@vercel/ncc": "^0.44.0",
"eslint": "^10.5.0",
"eslint": "^8.57.0",
"eslint-config-prettier": "^10.1.8",
"eslint-plugin-jest": "^29.0.1",
"eslint-plugin-node": "^11.1.0",
src/util.ts
+8
View File
@@ -55,6 +55,14 @@ export function getDownloadArchiveExtension() {
}
export function isVersionSatisfies(range: string, version: string): boolean {
// Some distributions (e.g. JetBrains Runtime) publish 4-segment versions
// like '17.0.8.1+1080.1' that semver rejects. If the candidate version
// isn't valid semver, it can't match — bail out rather than letting
// compareBuild / satisfies throw.
if (!semver.valid(version)) {
return false;
}
if (semver.valid(range)) {
// if full version with build digit is provided as a range (such as '1.2.3+4')
// we should check for exact equal via compareBuild