From 79f61b5e8040f25e24a3f339a77d2aeda14beed7 Mon Sep 17 00:00:00 2001 From: marko-bekhta Date: Thu, 9 Jan 2025 09:41:36 +0100 Subject: [PATCH 1/5] Add badges linking to Maven Central, Reproducible builds and Develocity --- README.adoc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/README.adoc b/README.adoc index c572adf..d8ff686 100644 --- a/README.adoc +++ b/README.adoc @@ -1,6 +1,10 @@ :fn-managed: footnote:[The application's domain and related classes] == Hibernate models +link:https://central.sonatype.com/search?namespace=org.hibernate.models&sort=name[image:https://img.shields.io/maven-central/v/org.hibernate.models/hibernate-models.svg?label=Maven%20Central&style=for-the-badge[Maven Central]] +link:https://github.com/jvm-repo-rebuild/reproducible-central/blob/master/content/org/hibernate/models/hibernate-models/README.md[image:https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/jvm-repo-rebuild/reproducible-central/master/content/org/hibernate/models/hibernate-models/badge.json&style=for-the-badge[Reproducible Builds]] +link:https://ge.hibernate.org/scans?search.rootProjectNames=hibernate-models-group[image:https://img.shields.io/badge/Revved%20up%20by-Develocity-06A0CE?style=for-the-badge&logo=gradle[Develocity]] + Provides support for dealing with an application's managed resources{fn-managed} as a de-typed abstraction model backed by one or more sources. Consumers can then access details from that abstraction model in a unified way, regardless of the underlying source. From efbfb7fb4351f7e810952554e90ae502850dbd14 Mon Sep 17 00:00:00 2001 From: marko-bekhta Date: Thu, 9 Jan 2025 09:49:59 +0100 Subject: [PATCH 2/5] Add missing license header to fix the build --- .../org/hibernate/models/MultiDimensionalArrayTypeTests.java | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/hibernate-models/src/test/java/org/hibernate/models/MultiDimensionalArrayTypeTests.java b/hibernate-models/src/test/java/org/hibernate/models/MultiDimensionalArrayTypeTests.java index 34e8bc5..1eb7a97 100644 --- a/hibernate-models/src/test/java/org/hibernate/models/MultiDimensionalArrayTypeTests.java +++ b/hibernate-models/src/test/java/org/hibernate/models/MultiDimensionalArrayTypeTests.java @@ -1,3 +1,7 @@ +/* + * SPDX-License-Identifier: Apache-2.0 + * Copyright: Red Hat Inc. and Hibernate Authors + */ package org.hibernate.models; import org.hibernate.models.internal.ArrayTypeDetailsImpl; From cd3fafe55b813c642ab78cd633516505763f22a4 Mon Sep 17 00:00:00 2001 From: marko-bekhta Date: Thu, 9 Jan 2025 10:06:13 +0100 Subject: [PATCH 3/5] Use setup-gradle instead of gradle-build-action since gradle-build-action v3 this action simply delegates to the setup-gradle one; and it is encouraged to switch --- .github/workflows/gradle.yml | 6 +++--- .github/workflows/reproducible-build-check.yml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml index 383dc3f..3610113 100644 --- a/.github/workflows/gradle.yml +++ b/.github/workflows/gradle.yml @@ -28,7 +28,7 @@ jobs: with: java-version: '17' distribution: 'temurin' + - name: Setup Gradle + uses: gradle/actions/setup-gradle@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2 - name: Build with Gradle - uses: gradle/gradle-build-action@bd5760595778326ba7f1441bcf7e88b49de61a25 # v2.6.0 - with: - arguments: build + run: ./gradlew build diff --git a/.github/workflows/reproducible-build-check.yml b/.github/workflows/reproducible-build-check.yml index d078c5a..21a04e8 100644 --- a/.github/workflows/reproducible-build-check.yml +++ b/.github/workflows/reproducible-build-check.yml @@ -29,7 +29,7 @@ jobs: java-version: '17' distribution: 'temurin' - name: Setup Gradle - uses: gradle/actions/setup-gradle@af1da67850ed9a4cedd57bfd976089dd991e2582 # v4.0.0 + uses: gradle/actions/setup-gradle@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2 - name: Check artifacts shell: bash run: | From 4559e3482d1891090aaa4148ebb8c88a1f71c811 Mon Sep 17 00:00:00 2001 From: marko-bekhta Date: Thu, 9 Jan 2025 10:12:59 +0100 Subject: [PATCH 4/5] Consistently use GH SHAs to set action versions --- .github/workflows/codeql.yml | 18 +++++++++--------- .github/workflows/gradle.yml | 5 +++-- .github/workflows/reproducible-build-check.yml | 5 +++-- 3 files changed, 15 insertions(+), 13 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 1b057ba..91b4ded 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -46,18 +46,18 @@ jobs: steps: - - name: Set up JDK - uses: actions/setup-java@v3 + - name: Checkout repository + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #4.2.2 + + - name: Set up JDK 17 + uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # 4.6.0 with: - distribution: 'temurin' java-version: '17' - - - name: Checkout repository - uses: actions/checkout@v3 + distribution: 'temurin' # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # 3.28.0 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -71,7 +71,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # 3.28.0 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -84,6 +84,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # 3.28.0 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml index 3610113..5445c1f 100644 --- a/.github/workflows/gradle.yml +++ b/.github/workflows/gradle.yml @@ -22,9 +22,10 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - name: Checkout repository + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #4.2.2 - name: Set up JDK 17 - uses: actions/setup-java@v3 + uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # 4.6.0 with: java-version: '17' distribution: 'temurin' diff --git a/.github/workflows/reproducible-build-check.yml b/.github/workflows/reproducible-build-check.yml index 21a04e8..6a947be 100644 --- a/.github/workflows/reproducible-build-check.yml +++ b/.github/workflows/reproducible-build-check.yml @@ -22,9 +22,10 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - name: Checkout repository + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 #4.2.2 - name: Set up JDK 17 - uses: actions/setup-java@v3 + uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # 4.6.0 with: java-version: '17' distribution: 'temurin' From 0237abd989006d4000fab09e7ff95c3f8a29c26e Mon Sep 17 00:00:00 2001 From: marko-bekhta Date: Tue, 18 Feb 2025 08:35:29 +0100 Subject: [PATCH 5/5] Enable GitHub actions dependency updates --- .github/dependabot.yml | 9 +++++++++ 1 file changed, 9 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..f5ae9a2 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,9 @@ +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: monthly + allow: + - dependency-name: "actions/*" + - dependency-name: "redhat-actions/*"