From 845a3f259b725f129b0057b42de58a37c0d82ae3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sebastian=20Ho=C3=9F?= Date: Tue, 30 Jun 2026 15:52:09 +0200 Subject: [PATCH 1/4] use CD pipeline MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Sebastian Hoß --- .github/dependabot.yml | 17 --- .github/workflows/dependabot-automerge.yml | 25 ---- .github/workflows/release.yml | 87 +++++++++----- .github/workflows/reuse.yml | 14 --- .github/workflows/verify.yml | 38 +++++- .gitignore | 2 + .reuse/dep5 | 16 --- CODE_OF_CONDUCT.md | 133 --------------------- CONTRIBUTING.md | 36 ------ REUSE.toml | 10 ++ SECURITY.md | 14 --- renovate.json | 4 + 12 files changed, 106 insertions(+), 290 deletions(-) delete mode 100644 .github/dependabot.yml delete mode 100644 .github/workflows/dependabot-automerge.yml delete mode 100644 .github/workflows/reuse.yml delete mode 100644 .reuse/dep5 delete mode 100644 CODE_OF_CONDUCT.md delete mode 100644 CONTRIBUTING.md create mode 100644 REUSE.toml delete mode 100644 SECURITY.md create mode 100644 renovate.json diff --git a/.github/dependabot.yml b/.github/dependabot.yml deleted file mode 100644 index 6d669cf..0000000 --- a/.github/dependabot.yml +++ /dev/null @@ -1,17 +0,0 @@ -# SPDX-FileCopyrightText: The ilo Authors -# SPDX-License-Identifier: 0BSD - -version: 2 -updates: - - package-ecosystem: github-actions - directory: / - schedule: - interval: daily - assignees: - - sebhoss - - package-ecosystem: maven - directory: / - schedule: - interval: daily - assignees: - - sebhoss diff --git a/.github/workflows/dependabot-automerge.yml b/.github/workflows/dependabot-automerge.yml deleted file mode 100644 index 24375e1..0000000 --- a/.github/workflows/dependabot-automerge.yml +++ /dev/null @@ -1,25 +0,0 @@ -# SPDX-FileCopyrightText: The ilo Authors -# SPDX-License-Identifier: 0BSD - -name: Dependabot auto-merge -on: pull_request - -permissions: - contents: write - pull-requests: write - -jobs: - dependabot: - runs-on: ubuntu-latest - if: ${{ github.event.pull_request.user.login == 'dependabot[bot]' }} - steps: - - name: Dependabot metadata - id: metadata - uses: dependabot/fetch-metadata@v3 - with: - github-token: "${{ secrets.GITHUB_TOKEN }}" - - name: Enable auto-merge for Dependabot PRs - run: gh pr merge --auto --rebase "$PR_URL" - env: - PR_URL: ${{ github.event.pull_request.html_url }} - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index caf8e04..b817449 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -3,43 +3,72 @@ name: Automated Release on: - schedule: - - cron: 35 5 * * FRI + push: + branches: [main] workflow_dispatch: +# Serialize release runs. Each run's release-notes lower bound is the latest tag +# at the time its prepare job runs; two merges in quick succession would both +# read that bound before either run has tagged, producing overlapping notes. +# Queueing (no cancel) lets the earlier release finish and create its tag first, +# so the next run's notes start from that tag and carry only its own commits. +concurrency: + group: ${{ github.workflow }} + cancel-in-progress: false jobs: - publish: + prepare: + name: Prepare Release + runs-on: ubuntu-latest + outputs: + needed: ${{ steps.gate.outputs.needed }} + version: ${{ steps.version.outputs.version }} + previous: ${{ steps.gate.outputs.last }} + steps: + - name: Clone Git Repository + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 + with: + fetch-depth: 0 + - id: gate + name: Check whether a release is needed + uses: metio/ci/needs-release@392a32762cd5626c0aa9e6e67414240a021b90ae # 2026.6.26153329 + with: + paths: src/main/java pom.xml + - id: version + name: Compute the next version + if: steps.gate.outputs.needed == 'true' + uses: metio/ci/calver@392a32762cd5626c0aa9e6e67414240a021b90ae # 2026.6.26153329 + release: + needs: [prepare] + if: needs.prepare.outputs.needed == 'true' runs-on: ubuntu-latest permissions: - contents: write + contents: write # create the GitHub Release steps: - id: checkout name: Clone Git Repository - uses: actions/checkout@v7 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 with: fetch-depth: 0 - - id: last_release - name: Fetch last release info - run: echo "tag=$(gh release view --json tagName --jq '.tagName')" >> $GITHUB_OUTPUT - env: - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - id: commits - name: Count Commits - run: echo "count=$(git rev-list --count ${{ steps.last_release.outputs.tag }}..HEAD -- src/main/java pom.xml)" >> $GITHUB_OUTPUT - - id: release - name: Create Release Version - if: steps.commits.outputs.count > 0 - run: echo "version=$(date +'%Y.%-m.%-d')" >> $GITHUB_OUTPUT - - id: sha - name: Last Commit - if: steps.commits.outputs.count > 0 - run: echo "sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT - id: timestamp name: Build Timestamp - if: steps.commits.outputs.count > 0 run: echo "iso8601=$(date --utc --iso-8601=seconds)" >> $GITHUB_OUTPUT + - id: notes + name: Generate Release Notes + uses: metio/ci/release-notes@392a32762cd5626c0aa9e6e67414240a021b90ae # 2026.6.26153329 + with: + version: ${{ needs.prepare.outputs.version }} + previous: ${{ needs.prepare.outputs.previous }} + - name: Append usage and verification footer + env: + VERSION: ${{ needs.prepare.outputs.version }} + NOTES: ${{ steps.notes.outputs.file }} + run: | + cat >> "$NOTES" < 0 uses: actions/setup-java@v5 with: java-version: 25 @@ -50,7 +79,6 @@ jobs: server-password: MAVEN_CENTRAL_TOKEN - id: gpg name: GPG Key - if: steps.commits.outputs.count > 0 uses: timheuer/base64-to-file@v2 with: fileName: signing.key.asc @@ -58,11 +86,9 @@ jobs: encodedString: ${{ secrets.GPG_SECRET_KEY_BASE64 }} - id: pom-version name: Set Release Version - if: steps.commits.outputs.count > 0 - run: mvn --batch-mode --define newVersion=${{ steps.release.outputs.version }} --define generateBackupPoms=false versions:set + run: mvn --batch-mode --define newVersion=${{ needs.prepare.outputs.version }} --define generateBackupPoms=false versions:set - id: deploy-maven name: Deploy Maven Artifact - if: steps.commits.outputs.count > 0 run: > mvn --batch-mode @@ -77,12 +103,11 @@ jobs: MAVEN_CENTRAL_TOKEN: ${{ secrets.MAVEN_CENTRAL_TOKEN }} - id: create_release name: Create Release - if: steps.commits.outputs.count > 0 uses: softprops/action-gh-release@v3 with: - tag_name: ${{ steps.release.outputs.version }} - name: ${{ steps.release.outputs.version }} + tag_name: ${{ needs.prepare.outputs.version }} + name: ${{ needs.prepare.outputs.version }} token: ${{ secrets.GITHUB_TOKEN }} draft: false prerelease: false - generate_release_notes: true + body_path: ${{ steps.notes.outputs.file }} diff --git a/.github/workflows/reuse.yml b/.github/workflows/reuse.yml deleted file mode 100644 index f7487e0..0000000 --- a/.github/workflows/reuse.yml +++ /dev/null @@ -1,14 +0,0 @@ -# SPDX-FileCopyrightText: The devcontainer.java Authors -# SPDX-License-Identifier: 0BSD - -name: REUSE compliance -on: - pull_request: - branches: [ main ] -jobs: - reuse: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v7 - - name: REUSE Compliance Check - uses: fsfe/reuse-action@v6 diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml index f2fd909..a8c02bd 100644 --- a/.github/workflows/verify.yml +++ b/.github/workflows/verify.yml @@ -1,12 +1,28 @@ # SPDX-FileCopyrightText: The devcontainer.java Authors # SPDX-License-Identifier: 0BSD - -name: Verify Commits +name: Verify on: pull_request: - branches: [ main ] + branches: [main] +permissions: + contents: read jobs: - verify: + github-actions: + name: github-actions + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 + - uses: reviewdog/action-actionlint@6fb7acc99f4a1008869fa8a0f09cfca740837d9d # v1 + with: + fail_on_error: true + filter_mode: nofilter + reuse: + name: reuse + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7 + - uses: fsfe/reuse-action@676e2d560c9a403aa252096d99fcab3e1132b0f5 # v6 + mvn: runs-on: ubuntu-latest steps: - id: checkout @@ -32,3 +48,17 @@ jobs: - id: verify name: Verify Project run: mvn --batch-mode --activate-profiles=native verify + verify: + # Single required check: mark only this one required in branch protection and + # new jobs are covered automatically. + name: Verify + needs: [github-actions, reuse, mvn] + if: always() + runs-on: ubuntu-latest + steps: + - name: Verify every job succeeded or skipped + env: + NEEDS: ${{ toJSON(needs) }} + run: | + bad=$(echo "$NEEDS" | jq -r 'to_entries[] | select(.value.result != "success" and .value.result != "skipped") | "\(.key)=\(.value.result)"') + [ -z "$bad" ] || { echo "::error::$bad"; exit 1; } diff --git a/.gitignore b/.gitignore index e24f5d7..34a5716 100644 --- a/.gitignore +++ b/.gitignore @@ -135,3 +135,5 @@ fabric.properties # Android studio 3.1+ serialized cache file .idea/caches/build_file_checksums.ser + +.claude/settings.local.json diff --git a/.reuse/dep5 b/.reuse/dep5 deleted file mode 100644 index 24de89f..0000000 --- a/.reuse/dep5 +++ /dev/null @@ -1,16 +0,0 @@ -Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ -Upstream-Name: devcontainer.java -Upstream-Contact: Sebastian Hoß -Source: https://github.com/metio/devcontainer.java - -Files: .idea/* -Copyright: The devcontainer.java Authors -License: 0BSD - -Files: src/main/resources/META-INF/* -Copyright: The devcontainer.java Authors -License: 0BSD - -Files: src/test/resources/*.json -Copyright: The devcontainer.java Authors -License: 0BSD diff --git a/CODE_OF_CONDUCT.md b/CODE_OF_CONDUCT.md deleted file mode 100644 index 88df67a..0000000 --- a/CODE_OF_CONDUCT.md +++ /dev/null @@ -1,133 +0,0 @@ - - -# Contributor Covenant Code of Conduct - -## Our Pledge - -We as members, contributors, and leaders pledge to make participation in our -community a harassment-free experience for everyone, regardless of age, body -size, visible or invisible disability, ethnicity, sex characteristics, gender -identity and expression, level of experience, education, socio-economic status, -nationality, personal appearance, race, religion, or sexual identity -and orientation. - -We pledge to act and interact in ways that contribute to an open, welcoming, -diverse, inclusive, and healthy community. - -## Our Standards - -Examples of behavior that contributes to a positive environment for our -community include: - -* Demonstrating empathy and kindness toward other people -* Being respectful of differing opinions, viewpoints, and experiences -* Giving and gracefully accepting constructive feedback -* Accepting responsibility and apologizing to those affected by our mistakes, -and learning from the experience -* Focusing on what is best not just for us as individuals, but for the -overall community - -Examples of unacceptable behavior include: - -* The use of sexualized language or imagery, and sexual attention or -advances of any kind -* Trolling, insulting or derogatory comments, and personal or political attacks -* Public or private harassment -* Publishing others' private information, such as a physical or email -address, without their explicit permission -* Other conduct which could reasonably be considered inappropriate in a -professional setting - -## Enforcement Responsibilities - -Community leaders are responsible for clarifying and enforcing our standards of -acceptable behavior and will take appropriate and fair corrective action in -response to any behavior that they deem inappropriate, threatening, offensive, -or harmful. - -Community leaders have the right and responsibility to remove, edit, or reject -comments, commits, code, wiki edits, issues, and other contributions that are -not aligned to this Code of Conduct, and will communicate reasons for moderation -decisions when appropriate. - -## Scope - -This Code of Conduct applies within all community spaces, and also applies when -an individual is officially representing the community in public spaces. -Examples of representing our community include using an official e-mail address, -posting via an official social media account, or acting as an appointed -representative at an online or offline event. - -## Enforcement - -Instances of abusive, harassing, or otherwise unacceptable behavior may be -reported to the community leaders responsible for enforcement at -abuse@metio.wtf. -All complaints will be reviewed and investigated promptly and fairly. - -All community leaders are obligated to respect the privacy and security of the -reporter of any incident. - -## Enforcement Guidelines - -Community leaders will follow these Community Impact Guidelines in determining -the consequences for any action they deem in violation of this Code of Conduct: - -### 1. Correction - -**Community Impact**: Use of inappropriate language or other behavior deemed -unprofessional or unwelcome in the community. - -**Consequence**: A private, written warning from community leaders, providing -clarity around the nature of the violation and an explanation of why the -behavior was inappropriate. A public apology may be requested. - -### 2. Warning - -**Community Impact**: A violation through a single incident or series -of actions. - -**Consequence**: A warning with consequences for continued behavior. No -interaction with the people involved, including unsolicited interaction with -those enforcing the Code of Conduct, for a specified period of time. This -includes avoiding interactions in community spaces as well as external channels -like social media. Violating these terms may lead to a temporary or -permanent ban. - -### 3. Temporary Ban - -**Community Impact**: A serious violation of community standards, including -sustained inappropriate behavior. - -**Consequence**: A temporary ban from any sort of interaction or public -communication with the community for a specified period of time. No public or -private interaction with the people involved, including unsolicited interaction -with those enforcing the Code of Conduct, is allowed during this period. -Violating these terms may lead to a permanent ban. - -### 4. Permanent Ban - -**Community Impact**: Demonstrating a pattern of violation of community -standards, including sustained inappropriate behavior, harassment of an -individual, or aggression toward or disparagement of classes of individuals. - -**Consequence**: A permanent ban from any sort of public interaction within -the community. - -## Attribution - -This Code of Conduct is adapted from the [Contributor Covenant][homepage], -version 2.0, available at -https://www.contributor-covenant.org/version/2/0/code_of_conduct.html. - -Community Impact Guidelines were inspired by [Mozilla's code of conduct -enforcement ladder](https://github.com/mozilla/diversity). - -[homepage]: https://www.contributor-covenant.org - -For answers to common questions about this code of conduct, see the FAQ at -https://www.contributor-covenant.org/faq. Translations are available at -https://www.contributor-covenant.org/translations. diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md deleted file mode 100644 index 046919f..0000000 --- a/CONTRIBUTING.md +++ /dev/null @@ -1,36 +0,0 @@ - - -# Contributor Guide - -Thank you so much for helping out! This project uses a [DCO](https://developercertificate.org/) to verify that each change is legally acceptable. Its text is as follows: - -``` -By making a contribution to this project, I certify that: - -(a) The contribution was created in whole or in part by me and I - have the right to submit it under the open source license - indicated in the file; or - -(b) The contribution is based upon previous work that, to the best - of my knowledge, is covered under an appropriate open source - license and I have the right under that license to submit that - work with modifications, whether created in whole or in part - by me, under the same open source license (unless I am - permitted to submit under a different license), as indicated - in the file; or - -(c) The contribution was provided directly to me by some other - person who certified (a), (b) or (c) and I have not modified - it. - -(d) I understand and agree that this project and the contribution - are public and that a record of the contribution (including all - personal information I submit with it, including my sign-off) is - maintained indefinitely and may be redistributed consistent with - this project or the open source license(s) involved. -``` - -In order to sign this DCO, simply use `git commit --signoff` while working on this project. diff --git a/REUSE.toml b/REUSE.toml new file mode 100644 index 0000000..f588db2 --- /dev/null +++ b/REUSE.toml @@ -0,0 +1,10 @@ +# SPDX-FileCopyrightText: The devcontainer.java Authors +# SPDX-License-Identifier: 0BSD + +version = 1 + +[[annotations]] +path = ["src/main/resources/META-INF/*", "src/test/resources/*.json"] +precedence = "override" +SPDX-FileCopyrightText = "The devcontainer.java Authors" +SPDX-License-Identifier = "0BSD" diff --git a/SECURITY.md b/SECURITY.md deleted file mode 100644 index f545753..0000000 --- a/SECURITY.md +++ /dev/null @@ -1,14 +0,0 @@ - - -# Security Policy - -This project is using a continuous delivery mode and therefore only supports the latest released version. - -## Reporting a Vulnerability - -Email security@metio.wtf with details about the vulnerability. - -Please include some way to reproduce your problem. We are going to provide a fix as soon as possible and include it in the next release. diff --git a/renovate.json b/renovate.json new file mode 100644 index 0000000..6c1bcd6 --- /dev/null +++ b/renovate.json @@ -0,0 +1,4 @@ +{ + "$schema": "https://docs.renovatebot.com/renovate-schema.json", + "extends": ["github>metio/renovate-config"] +} \ No newline at end of file From f4eb0ae99acfc3bd2a80d5887a46e1caa5271d31 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sebastian=20Ho=C3=9F?= Date: Tue, 30 Jun 2026 15:55:13 +0200 Subject: [PATCH 2/4] Stop tracking ignored directories MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Sebastian Hoß --- .idea/.gitignore | 8 - .idea/.name | 1 - .idea/codeStyles/Project.xml | 19 -- .idea/codeStyles/codeStyleConfig.xml | 5 - .idea/copyright/devcontainer.java.xml | 7 - .idea/copyright/profiles_settings.xml | 10 - .../inspectionProfiles/devcontainer.java.xml | 179 ------------------ .../inspectionProfiles/profiles_settings.xml | 6 - 8 files changed, 235 deletions(-) delete mode 100644 .idea/.gitignore delete mode 100644 .idea/.name delete mode 100644 .idea/codeStyles/Project.xml delete mode 100644 .idea/codeStyles/codeStyleConfig.xml delete mode 100644 .idea/copyright/devcontainer.java.xml delete mode 100644 .idea/copyright/profiles_settings.xml delete mode 100644 .idea/inspectionProfiles/devcontainer.java.xml delete mode 100644 .idea/inspectionProfiles/profiles_settings.xml diff --git a/.idea/.gitignore b/.idea/.gitignore deleted file mode 100644 index 13566b8..0000000 --- a/.idea/.gitignore +++ /dev/null @@ -1,8 +0,0 @@ -# Default ignored files -/shelf/ -/workspace.xml -# Editor-based HTTP Client requests -/httpRequests/ -# Datasource local storage ignored files -/dataSources/ -/dataSources.local.xml diff --git a/.idea/.name b/.idea/.name deleted file mode 100644 index e9e11e8..0000000 --- a/.idea/.name +++ /dev/null @@ -1 +0,0 @@ -devcontainer.java \ No newline at end of file diff --git a/.idea/codeStyles/Project.xml b/.idea/codeStyles/Project.xml deleted file mode 100644 index 0221931..0000000 --- a/.idea/codeStyles/Project.xml +++ /dev/null @@ -1,19 +0,0 @@ - - - - diff --git a/.idea/codeStyles/codeStyleConfig.xml b/.idea/codeStyles/codeStyleConfig.xml deleted file mode 100644 index 0f7bc51..0000000 --- a/.idea/codeStyles/codeStyleConfig.xml +++ /dev/null @@ -1,5 +0,0 @@ - - - - diff --git a/.idea/copyright/devcontainer.java.xml b/.idea/copyright/devcontainer.java.xml deleted file mode 100644 index 90f307f..0000000 --- a/.idea/copyright/devcontainer.java.xml +++ /dev/null @@ -1,7 +0,0 @@ - - - - diff --git a/.idea/copyright/profiles_settings.xml b/.idea/copyright/profiles_settings.xml deleted file mode 100644 index b39fd19..0000000 --- a/.idea/copyright/profiles_settings.xml +++ /dev/null @@ -1,10 +0,0 @@ - - - - - - - - - diff --git a/.idea/inspectionProfiles/devcontainer.java.xml b/.idea/inspectionProfiles/devcontainer.java.xml deleted file mode 100644 index 76ae5e6..0000000 --- a/.idea/inspectionProfiles/devcontainer.java.xml +++ /dev/null @@ -1,179 +0,0 @@ - - - - diff --git a/.idea/inspectionProfiles/profiles_settings.xml b/.idea/inspectionProfiles/profiles_settings.xml deleted file mode 100644 index 863ce5c..0000000 --- a/.idea/inspectionProfiles/profiles_settings.xml +++ /dev/null @@ -1,6 +0,0 @@ - - - - From e471e6101d6b29910f8814e0deb34c2c56d41e9c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sebastian=20Ho=C3=9F?= Date: Tue, 30 Jun 2026 15:55:25 +0200 Subject: [PATCH 3/4] cover renovate MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Sebastian Hoß --- REUSE.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/REUSE.toml b/REUSE.toml index f588db2..899ef36 100644 --- a/REUSE.toml +++ b/REUSE.toml @@ -4,7 +4,7 @@ version = 1 [[annotations]] -path = ["src/main/resources/META-INF/*", "src/test/resources/*.json"] +path = ["renovate.json", "src/main/resources/META-INF/*", "src/test/resources/*.json"] precedence = "override" SPDX-FileCopyrightText = "The devcontainer.java Authors" SPDX-License-Identifier = "0BSD" From cb12f42b756fcd77cc0e6df628c69b9c86ce27bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Sebastian=20Ho=C3=9F?= Date: Tue, 30 Jun 2026 15:57:05 +0200 Subject: [PATCH 4/4] cover all dirs MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Sebastian Hoß --- REUSE.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/REUSE.toml b/REUSE.toml index 899ef36..69f4854 100644 --- a/REUSE.toml +++ b/REUSE.toml @@ -4,7 +4,7 @@ version = 1 [[annotations]] -path = ["renovate.json", "src/main/resources/META-INF/*", "src/test/resources/*.json"] +path = ["renovate.json", "src/main/resources/META-INF/**", "src/test/resources/*.json"] precedence = "override" SPDX-FileCopyrightText = "The devcontainer.java Authors" SPDX-License-Identifier = "0BSD"