diff --git a/.github/workflows/ci.build.yml b/.github/workflows/ci.build.yml new file mode 100644 index 000000000000..460bce180945 --- /dev/null +++ b/.github/workflows/ci.build.yml @@ -0,0 +1,204 @@ +# Guava GitHub CI +# --------------------------------------------------------------------------------------------------------------------- +# This is the main CI build on GitHub for the Google Guava project. This workflow is not invoked directly; instead, the +# `on.pr.yml` and `on.push.yml` workflows kick in on PR and push events, respectively, and call this workflow as a +# Reusable Workflow. +# +# This workflow can be tested independently of the entrypoint flow through the `workflow_dispatch` hook, which adds a +# button within the UI of the GitHub repository. You can trigger the workflow from here: +# +# https://github.com/google/guava/actions/workflows/ci.build.yml +# +# ## Inputs +# +# See the set of input parameters underneath the `workflow_call` and `workflow_dispatch` hooks for ways this workflow +# can be controlled when called. +# +# ## SLSA Provenance +# +# After building Guava in both JRE and Android variants, this workflow will (if enabled) generate provenance material +# and upload it to an associated release. Learn more about SLSA here: https://slsa.dev. + +name: Build + +on: + workflow_call: + inputs: + provenance: + type: boolean + description: "Provenance" + default: false + provenance_publish: + type: boolean + description: "Publish: Provenance" + default: true + snapshot: + type: boolean + description: "Publish: Snapshot" + default: false + repository: + type: string + description: "Publish Repository" + default: "sonatype-nexus-snapshots" + + workflow_dispatch: + inputs: + provenance: + type: boolean + description: "Provenance" + default: false + provenance_publish: + type: boolean + description: "Publish: Provenance" + default: false + snapshot: + type: boolean + description: "Publish: Snapshot" + default: true + repository: + type: string + description: "Publish Repository" + default: "sonatype-nexus-snapshots" + +permissions: + contents: read + +jobs: + build: + strategy: + fail-fast: false + matrix: + mode: ["JRE", "Android"] + name: "Build Guava (${{ matrix.mode }})" + runs-on: ubuntu-latest + permissions: + contents: read # for actions/checkout to fetch code + outputs: + hashes: ${{ steps.hash.outputs.hashes }} + env: + ROOT_POM: ${{ matrix.mode == 'Android' && 'android/pom.xml' || 'pom.xml' }} + steps: + - name: Harden Runner + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 + with: + disable-sudo: true + egress-policy: block + allowed-endpoints: > + api.azul.com:443 + api.github.com:443 + cdn.azul.com:443 + dl.google.com:443 + docs.oracle.com:443 + errorprone.info:443 + github.com:443 + objects.githubusercontent.com:443 + oss.sonatype.org:443 + repo.maven.apache.org:443 + services.gradle.org:443 + - name: 'Check out repository' + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + persist-credentials: false + - name: 'Set up JDK 11' + uses: actions/setup-java@9704b39bf258b59bc04b50fa2dd55e9ed76b47a8 # v4.1.0 + with: + java-version: 11 + distribution: 'zulu' + cache: 'maven' + - name: 'Install' + shell: bash + run: ./mvnw --strict-checksums -B -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn install -U -DskipTests=true -f $ROOT_POM + - name: Generate hashes + shell: bash + id: hash + if: matrix.mode == 'JRE' + run: | + echo "Building SLSA provenance material..." + ls guava/target/*.jar guava-gwt/target/*.jar guava-testlib/target/*.jar + echo "hashes=$(sha256sum guava/target/*.jar guava-gwt/target/*.jar guava-testlib/target/*.jar | base64 -w0)" >> ./provenance-hashes.txt + cat ./provenance-hashes.txt >> "$GITHUB_OUTPUT" + echo "Gathered provenance hashes:" + cat ./provenance-hashes.txt + - name: 'Upload artifacts' + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 + if: matrix.mode == 'JRE' + with: + name: guava-artifacts-${{ matrix.mode == 'Android' && 'android' || 'jre' }}-${{ github.sha }} + path: | + guava/target/*.jar + guava-gwt/target/*.jar + guava-testlib/target/*.jar + ./provenance-hashes.txt + if-no-files-found: warn + retention-days: 7 + + # Generate SLSA provenance + provenance: + needs: [build] + if: inputs.provenance + name: "SLSA Provenance" + uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.9.0 + permissions: + actions: read + id-token: write + contents: write + with: + base64-subjects: "${{ needs.build.outputs.hashes }}" + upload-assets: ${{ inputs.provenance_publish }} + + # Publish snapshot JAR + publish_snapshot: + name: 'Publish Snapshot' + needs: [build, provenance] + if: inputs.snapshot + runs-on: ubuntu-latest + steps: + - name: Harden Runner + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 + with: + egress-policy: audit + - name: 'Check out repository' + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - name: 'Set up JDK 11' + uses: actions/setup-java@9704b39bf258b59bc04b50fa2dd55e9ed76b47a8 # v4.1.0 + with: + java-version: 11 + distribution: 'zulu' + server-id: ${{ inputs.repository }} + server-username: CI_DEPLOY_USERNAME + server-password: CI_DEPLOY_PASSWORD + cache: 'maven' + - name: "Download artifacts" + uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4 + with: + name: guava-artifacts-jre-${{ github.sha }} + - name: 'Publish' + env: + CI_DEPLOY_USERNAME: ${{ secrets.CI_DEPLOY_USERNAME }} + CI_DEPLOY_PASSWORD: ${{ secrets.CI_DEPLOY_PASSWORD }} + run: ./util/deploy_snapshot.sh + + generate_docs: + permissions: + contents: write + name: 'Generate Docs' + needs: build + if: github.event_name == 'push' && github.repository == 'google/guava' + runs-on: ubuntu-latest + steps: + - name: Harden Runner + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 + with: + egress-policy: audit + - name: 'Check out repository' + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - name: 'Set up JDK 11' + uses: actions/setup-java@9704b39bf258b59bc04b50fa2dd55e9ed76b47a8 # v4.1.0 + with: + java-version: 11 + distribution: 'zulu' + cache: 'maven' + - name: 'Generate latest docs' + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: ./util/update_snapshot_docs.sh diff --git a/.github/workflows/ci.test.yml b/.github/workflows/ci.test.yml new file mode 100644 index 000000000000..812d82244369 --- /dev/null +++ b/.github/workflows/ci.test.yml @@ -0,0 +1,97 @@ +# Guava GitHub CI +# --------------------------------------------------------------------------------------------------------------------- +# This is the main CI testsuite on GitHub for the Google Guava project. This workflow is not invoked directly; instead, +# the `on.pr.yml` and `on.push.yml` workflows kick in on PR and push events, respectively, and call this workflow as a +# Reusable Workflow. +# +# This workflow can be tested independently of the entrypoint flow through the `workflow_dispatch` hook, which adds a +# button within the UI of the GitHub repository. You can trigger the workflow from here: +# +# https://github.com/google/guava/actions/workflows/ci.test.yml +# +# ## Inputs +# +# See the set of input parameters underneath the `workflow_call` and `workflow_dispatch` hooks for ways this workflow +# can be controlled when called. +# +# ## Multi-OS and Multi-JVM Testing +# +# Guava is tested against each LTS release at JDK 8 through JDK 21, on Linux and on Windows (starting at JDK 17), and +# in Android and JRE flavors. + +name: Tests + +on: + workflow_call: {} + workflow_dispatch: {} + +permissions: + contents: read + +jobs: + test: + permissions: + contents: read # for actions/checkout to fetch code + name: "JDK ${{ matrix.java }} ${{ matrix.mode }} (${{ matrix.os }})" + strategy: + matrix: + os: [ ubuntu-latest ] + java: [ 8, 11, 17 ] + mode: [ 'JRE', 'Android' ] + include: + - os: windows-latest + java: 17 + mode: JRE + root-pom: pom.xml + - os: windows-latest + java: 17 + mode: Android + root-pom: pom.xml + runs-on: ${{ matrix.os }} + outputs: + hashes: ${{ steps.hash.outputs.hashes }} + env: + ROOT_POM: ${{ matrix.root-pom == 'Android' && 'android/pom.xml' || 'pom.xml' }} + steps: + - name: Harden Runner + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 + with: + disable-sudo: true + egress-policy: block + allowed-endpoints: > + api.azul.com:443 + api.github.com:443 + cdn.azul.com:443 + dl.google.com:443 + docs.oracle.com:443 + errorprone.info:443 + github.com:443 + objects.githubusercontent.com:443 + oss.sonatype.org:443 + repo.maven.apache.org:443 + services.gradle.org:443 + - name: 'Check out repository' + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + persist-credentials: false + - name: 'Set up JDK ${{ matrix.java }}' + uses: actions/setup-java@9704b39bf258b59bc04b50fa2dd55e9ed76b47a8 # v4.1.0 + with: + java-version: ${{ matrix.java }} + distribution: 'zulu' + cache: 'maven' + - name: 'Install' + shell: bash + run: ./mvnw --strict-checksums -B -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn install -U -DskipTests=true -f $ROOT_POM + - name: 'Test' + shell: bash + run: ./mvnw --strict-checksums -B -P!standard-with-extra-repos verify -U -Dmaven.javadoc.skip=true -f $ROOT_POM + - name: 'Print Surefire reports' + # Note: Normally a step won't run if the job has failed, but this causes it to + if: ${{ failure() }} + shell: bash + run: ./util/print_surefire_reports.sh + - name: 'Integration Test' + if: matrix.java == 11 + shell: bash + run: util/gradle_integration_tests.sh diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml deleted file mode 100644 index c0cac9d8e013..000000000000 --- a/.github/workflows/ci.yml +++ /dev/null @@ -1,107 +0,0 @@ -name: CI - -on: - push: - branches: - - master - pull_request: - branches: - - master - -permissions: - contents: read - -jobs: - test: - permissions: - actions: write # for styfle/cancel-workflow-action to cancel/stop running workflows - contents: read # for actions/checkout to fetch code - name: "${{ matrix.root-pom }} on JDK ${{ matrix.java }} on ${{ matrix.os }}" - strategy: - matrix: - os: [ ubuntu-latest ] - java: [ 8, 11, 17 ] - root-pom: [ 'pom.xml', 'android/pom.xml' ] - include: - - os: windows-latest - java: 17 - root-pom: pom.xml - runs-on: ${{ matrix.os }} - env: - ROOT_POM: ${{ matrix.root-pom }} - steps: - # Cancel any previous runs for the same branch that are still running. - - name: 'Cancel previous runs' - uses: styfle/cancel-workflow-action@85880fa0301c86cca9da44039ee3bb12d3bedbfa # 0.12.1 - with: - access_token: ${{ github.token }} - - name: 'Check out repository' - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - name: 'Set up JDK ${{ matrix.java }}' - uses: actions/setup-java@9704b39bf258b59bc04b50fa2dd55e9ed76b47a8 # v4.1.0 - - with: - java-version: ${{ matrix.java }} - distribution: 'zulu' - cache: 'maven' - - name: 'Install' - shell: bash - run: ./mvnw -B -Dorg.slf4j.simpleLogger.log.org.apache.maven.cli.transfer.Slf4jMavenTransferListener=warn install -U -DskipTests=true -f $ROOT_POM - - name: 'Test' - shell: bash - run: ./mvnw -B -P!standard-with-extra-repos verify -U -Dmaven.javadoc.skip=true -f $ROOT_POM - - name: 'Print Surefire reports' - # Note: Normally a step won't run if the job has failed, but this causes it to - if: ${{ failure() }} - shell: bash - run: ./util/print_surefire_reports.sh - - name: 'Integration Test' - if: matrix.java == 11 - shell: bash - run: util/gradle_integration_tests.sh - - publish_snapshot: - name: 'Publish snapshot' - needs: test - if: github.event_name == 'push' && github.repository == 'google/guava' - runs-on: ubuntu-latest - steps: - - name: 'Check out repository' - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - name: 'Set up JDK 11' - uses: actions/setup-java@9704b39bf258b59bc04b50fa2dd55e9ed76b47a8 # v4.1.0 - - with: - java-version: 11 - distribution: 'zulu' - server-id: sonatype-nexus-snapshots - server-username: CI_DEPLOY_USERNAME - server-password: CI_DEPLOY_PASSWORD - cache: 'maven' - - name: 'Publish' - env: - CI_DEPLOY_USERNAME: ${{ secrets.CI_DEPLOY_USERNAME }} - CI_DEPLOY_PASSWORD: ${{ secrets.CI_DEPLOY_PASSWORD }} - run: ./util/deploy_snapshot.sh - - generate_docs: - permissions: - contents: write - name: 'Generate latest docs' - needs: test - if: github.event_name == 'push' && github.repository == 'google/guava' - runs-on: ubuntu-latest - steps: - - name: 'Check out repository' - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - name: 'Set up JDK 11' - uses: actions/setup-java@9704b39bf258b59bc04b50fa2dd55e9ed76b47a8 # v4.1.0 - - with: - java-version: 11 - distribution: 'zulu' - cache: 'maven' - - name: 'Generate latest docs' - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: ./util/update_snapshot_docs.sh diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 000000000000..f7ac0f8e3d35 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,78 @@ +name: "CodeQL" + +on: + workflow_call: {} + workflow_dispatch: {} + push: + branches: ["master"] + schedule: + - cron: "0 0 * * 1" + +permissions: + contents: read + +jobs: + analyze: + name: CodeQL Analysis + runs-on: ubuntu-latest + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: ["java"] + # CodeQL supports [ $supported-codeql-languages ] + # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support + + steps: + - name: Harden Runner + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 + with: + disable-sudo: true + egress-policy: block + allowed-endpoints: > + api.azul.com:443 + api.github.com:443 + cdn.azul.com:443 + dl.google.com:443 + docs.oracle.com:443 + errorprone.info:443 + github.com:443 + objects.githubusercontent.com:443 + oss.sonatype.org:443 + repo.maven.apache.org:443 + services.gradle.org:443 + - name: Checkout repository + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + persist-credentials: false + - name: Initialize CodeQL + uses: github/codeql-action/init@8a470fddafa5cbb6266ee11b37ef4d8aae19c571 # v3.24.6 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@8a470fddafa5cbb6266ee11b37ef4d8aae19c571 # v3.24.6 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun + + # If the Autobuild fails above, remove it and uncomment the following three lines. + # modify them (or add more) to build your code if your project, please refer to the EXAMPLE below for guidance. + + # - run: | + # echo "Run, Build Application using script" + # ./location_of_script_within_repo/buildscript.sh + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@8a470fddafa5cbb6266ee11b37ef4d8aae19c571 # v3.24.6 + with: + category: "/language:${{matrix.language}}" diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml new file mode 100644 index 000000000000..abc802dae2ac --- /dev/null +++ b/.github/workflows/dependency-review.yml @@ -0,0 +1,59 @@ +# Guava GitHub CI +# --------------------------------------------------------------------------------------------------------------------- +# This workflow is called from `on.push.yml` and `on.pr.yml` to operate on Guava's dependency graph: +# +# - The dependency graph is calculated from pom.xml files +# - The graph is then published to GitHub, and associated with the Guava repository +# - When operating on a PR, Dependency Review can be invoked to check dependency changes +# +# ## Inputs +# +# See the set of input parameters underneath the `workflow_call` and `workflow_dispatch` hooks for ways this workflow +# can be controlled when called. + +name: 'Dependency Graph' +on: + workflow_call: + inputs: + review: + type: boolean + description: "Dependency Review" + default: false + workflow_dispatch: + inputs: + review: + type: boolean + description: "Dependency Review" + default: false + +permissions: + contents: read + +jobs: + dependency-review: + name: 'Dependency Graph' + runs-on: ubuntu-latest + permissions: + contents: write # needed to post a dependency graph + id-token: write # needed to exchange the graph publish token for an access token + steps: + - name: Harden Runner + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 + with: + disable-sudo: true + egress-policy: block + allowed-endpoints: > + api.github.com:443 + github.com:443 + oss.sonatype.org:443 + repo.maven.apache.org:443 + - name: 'Checkout Repository' + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - name: Maven Dependency Tree Dependency Submission + continue-on-error: true + uses: advanced-security/maven-dependency-submission-action@bfd2106013da0957cdede0b6c39fb5ca25ae375e # v4.0.2 + - name: 'Dependency Review' + uses: actions/dependency-review-action@9129d7d40b8c12c1ed0f60400d00c92d437adcce # v4.1.3 + continue-on-error: true + with: + retry-on-snapshot-warnings: true diff --git a/.github/workflows/gradle-wrapper-validation.yml b/.github/workflows/gradle-wrapper-validation.yml index 317c184351f5..bedc36698d20 100644 --- a/.github/workflows/gradle-wrapper-validation.yml +++ b/.github/workflows/gradle-wrapper-validation.yml @@ -1,13 +1,24 @@ name: "Validate Gradle Wrapper" -on: [push, pull_request] +on: + workflow_call: {} + workflow_dispatch: {} permissions: contents: read jobs: validation: - name: "Validation" + name: "Gradle Wrapper Validate" runs-on: ubuntu-latest steps: + - name: Harden Runner + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 + with: + disable-sudo: true + egress-policy: block + allowed-endpoints: > + github.com:443 - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + persist-credentials: false - uses: gradle/wrapper-validation-action@699bb18358f12c5b78b37bb0111d3a0e2276e0e2 # v2.1.1 diff --git a/.github/workflows/on.pr.yml b/.github/workflows/on.pr.yml new file mode 100644 index 000000000000..a7cd494d7e69 --- /dev/null +++ b/.github/workflows/on.pr.yml @@ -0,0 +1,64 @@ +# Guava GitHub CI +# --------------------------------------------------------------------------------------------------------------------- +# This is an entrypoint workflow which operates on pull requests; this workflow doesn't do much on its own. Its job is +# to dispatch `on.build.yml` and check workflows, which can be found in this same directory. +# +# PR workflows are slightly different from push workflows (for example, they do not publish snapshots). See the +# `on.push.yml` workflow. PR and push flows are designed to be invoked separately. + +name: PR + +on: + pull_request: + branches: + - master + +permissions: + contents: read + +jobs: + ## Build the library and provenance material, but don't publish + build: + name: "Build" + uses: ./.github/workflows/ci.build.yml + permissions: + actions: write + contents: write + id-token: write + with: + provenance: true + provenance_publish: false + snapshot: false + + ## Run main CI build and tests. + test: + name: "Tests" + uses: ./.github/workflows/ci.test.yml + permissions: + actions: write + contents: write + id-token: write + + ## Validate the Gradle Wrapper binary + checks-gradle-wrapper: + name: "Checks" + uses: ./.github/workflows/gradle-wrapper-validation.yml + + ## Publish and check the dependency graph. + checks-dependency-graph: + name: "Checks" + uses: ./.github/workflows/dependency-review.yml + permissions: + contents: write + id-token: write + with: + review: true + + ## Run CodeQL checks + checks-codeql: + name: "Checks" + uses: ./.github/workflows/codeql.yml + permissions: + actions: read + contents: read + security-events: write diff --git a/.github/workflows/on.push.yml b/.github/workflows/on.push.yml new file mode 100644 index 000000000000..d34a85f6c1e7 --- /dev/null +++ b/.github/workflows/on.push.yml @@ -0,0 +1,43 @@ +# Guava GitHub CI +# --------------------------------------------------------------------------------------------------------------------- +# This is an entrypoint workflow which operates on pushed revisions to Guava; this workflow doesn't do much on its own. +# Its job is to dispatch `on.build.yml` and check workflows, which can be found in this same directory. +# +# PR workflows are slightly different from push workflows (for example, the push workflow publishes snapshots). See the +# `on.pr.yml` workflow. PR and push flows are designed to be invoked separately. + +name: Push + +on: + push: + branches: + - master + +permissions: + contents: read + +jobs: + ## Run main CI build and tests. + run-ci: + name: "Build" + uses: ./.github/workflows/ci.build.yml + permissions: + actions: write + contents: write + id-token: write + with: + snapshot: github.repository == 'google/guava' + provenance: true + + ## Publish and check the dependency graph. + checks-dependency-graph: + name: "Checks" + uses: ./.github/workflows/dependency-review.yml + permissions: + contents: write + id-token: write + + ## Validate the Gradle Wrapper binary + checks-gradle-wrapper: + name: "Checks" + uses: ./.github/workflows/gradle-wrapper-validation.yml diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index b42a78370343..c48175975b36 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -31,6 +31,10 @@ jobs: # actions: read steps: + - name: Harden Runner + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 + with: + egress-policy: audit - name: "Checkout code" uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: diff --git a/.mvn/jvm.config b/.mvn/jvm.config new file mode 100644 index 000000000000..8fc30111dd55 --- /dev/null +++ b/.mvn/jvm.config @@ -0,0 +1 @@ +-XX:-TieredCompilation -XX:TieredStopAtLevel=1 -XX:+UseParallelGC -Djava.awt.headless=true \ No newline at end of file diff --git a/.mvn/maven.config b/.mvn/maven.config new file mode 100644 index 000000000000..cc57db8375d4 --- /dev/null +++ b/.mvn/maven.config @@ -0,0 +1,2 @@ +-T2C +--strict-checksums diff --git a/android/guava-testlib/src/com/google/common/testing/FreshValueGenerator.java b/android/guava-testlib/src/com/google/common/testing/FreshValueGenerator.java index 4cc25e1289fb..d1a7819f1977 100644 --- a/android/guava-testlib/src/com/google/common/testing/FreshValueGenerator.java +++ b/android/guava-testlib/src/com/google/common/testing/FreshValueGenerator.java @@ -18,6 +18,7 @@ import static com.google.common.base.Preconditions.checkNotNull; import static com.google.common.base.Throwables.throwIfUnchecked; +import static java.util.Objects.requireNonNull; import com.google.common.annotations.GwtIncompatible; import com.google.common.annotations.J2ktIncompatible; @@ -211,7 +212,7 @@ final T newFreshProxy(final Class interfaceType) { return pickInstance(rawType.getEnumConstants(), null); } if (type.isArray()) { - TypeToken componentType = checkNotNull(type.getComponentType()); + TypeToken componentType = requireNonNull(type.getComponentType()); Object array = Array.newInstance(componentType.getRawType(), 1); Array.set(array, 0, generate(componentType)); return array; diff --git a/android/guava/pom.xml b/android/guava/pom.xml index 7444cd6972ba..18a37fae8be8 100644 --- a/android/guava/pom.xml +++ b/android/guava/pom.xml @@ -106,23 +106,8 @@ maven-source-plugin - maven-dependency-plugin - - - unpack-jdk-sources - generate-sources - unpack-dependencies - - srczip - ${project.build.directory}/jdk-sources - false - - **/module-info.java,**/java/io/FileDescriptor.java - - - org.codehaus.mojo @@ -131,11 +116,6 @@ maven-javadoc-plugin - - - - ${project.build.sourceDirectory}:${project.build.directory}/jdk-sources - @@ -247,53 +227,4 @@ - - - srczip-parent - - - ${java.home}/../src.zip - - - - - jdk - srczip - 999 - system - ${java.home}/../src.zip - true - - - - - srczip-lib - - - ${java.home}/lib/src.zip - - - - - jdk - srczip - 999 - system - ${java.home}/lib/src.zip - true - - - - - - maven-javadoc-plugin - - - ${project.build.sourceDirectory}:${project.build.directory}/jdk-sources/java.base - - - - - - diff --git a/android/guava/src/com/google/common/collect/TableCollectors.java b/android/guava/src/com/google/common/collect/TableCollectors.java index 0508c4802fc9..f53569627e5e 100644 --- a/android/guava/src/com/google/common/collect/TableCollectors.java +++ b/android/guava/src/com/google/common/collect/TableCollectors.java @@ -199,14 +199,12 @@ void merge(V value, BinaryOperator mergeFunction) { } } - private static < - R extends @Nullable Object, C extends @Nullable Object, V extends @Nullable Object> - void mergeTables( - Table table, - @ParametricNullness R row, - @ParametricNullness C column, - @ParametricNullness V value, - BinaryOperator mergeFunction) { + private static void mergeTables( + Table table, + @ParametricNullness R row, + @ParametricNullness C column, + V value, + BinaryOperator mergeFunction) { checkNotNull(value); V oldValue = table.get(row, column); if (oldValue == null) { diff --git a/android/guava/src/com/google/common/collect/TreeMultimap.java b/android/guava/src/com/google/common/collect/TreeMultimap.java index 8e2afe3594eb..289ea54f67b2 100644 --- a/android/guava/src/com/google/common/collect/TreeMultimap.java +++ b/android/guava/src/com/google/common/collect/TreeMultimap.java @@ -17,6 +17,7 @@ package com.google.common.collect; import static com.google.common.base.Preconditions.checkNotNull; +import static java.util.Objects.requireNonNull; import com.google.common.annotations.GwtCompatible; import com.google.common.annotations.GwtIncompatible; @@ -217,8 +218,8 @@ private void writeObject(ObjectOutputStream stream) throws IOException { @SuppressWarnings("unchecked") // reading data stored by writeObject private void readObject(ObjectInputStream stream) throws IOException, ClassNotFoundException { stream.defaultReadObject(); - keyComparator = checkNotNull((Comparator) stream.readObject()); - valueComparator = checkNotNull((Comparator) stream.readObject()); + keyComparator = requireNonNull((Comparator) stream.readObject()); + valueComparator = requireNonNull((Comparator) stream.readObject()); setMap(new TreeMap>(keyComparator)); Serialization.populateMultimap(this, stream); } diff --git a/android/pom.xml b/android/pom.xml index d59ce39455b6..52837fa733d4 100644 --- a/android/pom.xml +++ b/android/pom.xml @@ -18,7 +18,7 @@ 3.0.2 3.42.0 2.24.1 - 2.8 + 3.0.0 9+181-r4173-1 diff --git a/guava-testlib/src/com/google/common/testing/FreshValueGenerator.java b/guava-testlib/src/com/google/common/testing/FreshValueGenerator.java index 65e50df176e6..567b7a76aac7 100644 --- a/guava-testlib/src/com/google/common/testing/FreshValueGenerator.java +++ b/guava-testlib/src/com/google/common/testing/FreshValueGenerator.java @@ -18,6 +18,7 @@ import static com.google.common.base.Preconditions.checkNotNull; import static com.google.common.base.Throwables.throwIfUnchecked; +import static java.util.Objects.requireNonNull; import com.google.common.annotations.GwtIncompatible; import com.google.common.annotations.J2ktIncompatible; @@ -215,7 +216,7 @@ final T newFreshProxy(final Class interfaceType) { return pickInstance(rawType.getEnumConstants(), null); } if (type.isArray()) { - TypeToken componentType = checkNotNull(type.getComponentType()); + TypeToken componentType = requireNonNull(type.getComponentType()); Object array = Array.newInstance(componentType.getRawType(), 1); Array.set(array, 0, generate(componentType)); return array; diff --git a/guava/pom.xml b/guava/pom.xml index 913fc387a619..429ab9d85873 100644 --- a/guava/pom.xml +++ b/guava/pom.xml @@ -44,8 +44,6 @@ com.google.j2objc j2objc-annotations - - @@ -106,24 +104,6 @@ maven-source-plugin - - - maven-dependency-plugin - - - unpack-jdk-sources - generate-sources - unpack-dependencies - - srczip - ${project.build.directory}/jdk-sources - false - - **/module-info.java,**/java/io/FileDescriptor.java - - - - org.codehaus.mojo animal-sniffer-maven-plugin @@ -131,11 +111,6 @@ maven-javadoc-plugin - - - - ${project.build.sourceDirectory}:${project.build.directory}/jdk-sources - @@ -248,52 +223,5 @@ - - srczip-parent - - - ${java.home}/../src.zip - - - - - jdk - srczip - 999 - system - ${java.home}/../src.zip - true - - - - - srczip-lib - - - ${java.home}/lib/src.zip - - - - - jdk - srczip - 999 - system - ${java.home}/lib/src.zip - true - - - - - - maven-javadoc-plugin - - - ${project.build.sourceDirectory}:${project.build.directory}/jdk-sources/java.base - - - - - diff --git a/guava/src/com/google/common/collect/TableCollectors.java b/guava/src/com/google/common/collect/TableCollectors.java index 1164e822de53..ca67a693aec4 100644 --- a/guava/src/com/google/common/collect/TableCollectors.java +++ b/guava/src/com/google/common/collect/TableCollectors.java @@ -195,14 +195,12 @@ void merge(V value, BinaryOperator mergeFunction) { } } - private static < - R extends @Nullable Object, C extends @Nullable Object, V extends @Nullable Object> - void mergeTables( - Table table, - @ParametricNullness R row, - @ParametricNullness C column, - @ParametricNullness V value, - BinaryOperator mergeFunction) { + private static void mergeTables( + Table table, + @ParametricNullness R row, + @ParametricNullness C column, + V value, + BinaryOperator mergeFunction) { checkNotNull(value); V oldValue = table.get(row, column); if (oldValue == null) { diff --git a/guava/src/com/google/common/collect/TreeMultimap.java b/guava/src/com/google/common/collect/TreeMultimap.java index 8e2afe3594eb..289ea54f67b2 100644 --- a/guava/src/com/google/common/collect/TreeMultimap.java +++ b/guava/src/com/google/common/collect/TreeMultimap.java @@ -17,6 +17,7 @@ package com.google.common.collect; import static com.google.common.base.Preconditions.checkNotNull; +import static java.util.Objects.requireNonNull; import com.google.common.annotations.GwtCompatible; import com.google.common.annotations.GwtIncompatible; @@ -217,8 +218,8 @@ private void writeObject(ObjectOutputStream stream) throws IOException { @SuppressWarnings("unchecked") // reading data stored by writeObject private void readObject(ObjectInputStream stream) throws IOException, ClassNotFoundException { stream.defaultReadObject(); - keyComparator = checkNotNull((Comparator) stream.readObject()); - valueComparator = checkNotNull((Comparator) stream.readObject()); + keyComparator = requireNonNull((Comparator) stream.readObject()); + valueComparator = requireNonNull((Comparator) stream.readObject()); setMap(new TreeMap>(keyComparator)); Serialization.populateMultimap(this, stream); } diff --git a/integration-tests/gradle/build.gradle.kts b/integration-tests/gradle/build.gradle.kts index cafccc49b790..51c733a8cb6e 100644 --- a/integration-tests/gradle/build.gradle.kts +++ b/integration-tests/gradle/build.gradle.kts @@ -23,9 +23,9 @@ val expectedReducedRuntimeClasspathJreVersion = "listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar" ) val expectedCompileClasspathAndroidVersion = - expectedReducedRuntimeClasspathAndroidVersion + setOf("j2objc-annotations-2.8.jar") + expectedReducedRuntimeClasspathAndroidVersion + setOf("j2objc-annotations-3.0.0.jar") val expectedCompileClasspathJreVersion = - expectedReducedRuntimeClasspathJreVersion + setOf("j2objc-annotations-2.8.jar") + expectedReducedRuntimeClasspathJreVersion + setOf("j2objc-annotations-3.0.0.jar") val extraLegacyDependencies = setOf("google-collections-1.0.jar") diff --git a/pom.xml b/pom.xml index 83c3fa11ab3b..e04f2b4b6280 100644 --- a/pom.xml +++ b/pom.xml @@ -12,13 +12,17 @@ Parent for guava artifacts https://github.com/google/guava + + all + false + 48 %regex[.*.class] 1.4.2 3.0.2 3.42.0 2.24.1 - 2.8 + 3.0.0 9+181-r4173-1 @@ -31,6 +35,9 @@ HEAD-android-SNAPSHOT android android + https://oss.sonatype.org/content/repositories/snapshots/ + https://oss.sonatype.org/service/local/staging/deploy/maven2/ + 3 GitHub Issues @@ -230,7 +237,7 @@ maven-surefire-plugin - 2.7.2 + 3.2.5 ${test.include} @@ -249,6 +256,8 @@ -Xmx1536M -Duser.language=hi -Duser.country=IN ${test.add.opens} + true + 2C @@ -271,12 +280,12 @@ sonatype-nexus-snapshots Sonatype Nexus Snapshots - https://oss.sonatype.org/content/repositories/snapshots/ + ${publishing.repository.snapshots} sonatype-nexus-staging Nexus Release Repository - https://oss.sonatype.org/service/local/staging/deploy/maven2/ + ${publishing.repository.releases} guava-site @@ -318,6 +327,19 @@ sonatype-oss-release + + dev.sigstore + sigstore-maven-plugin + 0.4.0 + + + sign + + sign + + + + maven-gpg-plugin 3.0.1