stevespringett / threatmodel-sdk

A Java library for parsing and programmatically using threat models
79 stars 24 forks source link

Bump actions/setup-java from 1 to 2 #26

Closed dependabot[bot] closed 3 years ago

dependabot[bot] commented 3 years ago

Bumps actions/setup-java from 1 to 2.

Release notes

Sourced from actions/setup-java's releases.

v2.0.0

The major release actions/setup-java@v2

See more details in README file.

This action provides the following functionality for GitHub Actions runners:

  • Downloading and setting up a requested version of Java. See Usage for a list of supported distributions
  • Extracting and caching custom version of Java from a local file
  • Configuring runner for publishing using Apache Maven
  • Configuring runner for publishing using Gradle
  • Configuring runner for using GPG private key
  • Registering problem matchers for error output

V2 vs V1

  • V2 supports custom distributions and provides support for Zulu OpenJDK and Adopt OpenJDK out of the box. V1 supports only Zulu OpenJDK
  • V2 requires you to specify distribution along with the version. V1 defaults to Zulu OpenJDK, only version input is required. Follow the migration guide to switch from V1 to V2

Usage

Inputs java-version and distribution are mandatory. See Supported distributions section for a list of available options.

Basic

Adopt OpenJDK

steps:
- uses: actions/checkout@v2
- uses: actions/setup-java@v2
  with:
    distribution: 'adopt' # See 'Supported distributions' for available options
    java-version: '11'
- run: java -cp java HelloWorldApp

Zulu OpenJDK

steps:
- uses: actions/checkout@v2
- uses: actions/setup-java@v2
  with:
    distribution: 'zulu' # See 'Supported distributions' for available options
    java-version: '11'
- run: java -cp java HelloWorldApp

Supported version syntax

The java-version input supports an exact version or a version range using SemVer notation:

  • major versions: 8, 11, 15
  • more specific versions: 11.0, 11.0.4, 8.0.232, 8.0.282+8
  • early access (EA) versions: 15-ea, 15.0.0-ea, 15.0.0-ea.2, 15.0.0+2-ea

Supported distributions

... (truncated)

Commits
  • 8764a52 Rename v2-preview to v2 in docs and tests (#151)
  • b53500d Merge "v2-preview" branch into "main" (#150)
  • ebb424f Beatify "main" warning about breaking changes (#144)
  • 9c7940b Add breaking change warning to 'main' branch (#138)
  • fc62cca V2 setup-java ADR (#97)
  • e73e96a Merge pull request #131 from actions/v-malob/update-codeowners
  • ea31b1d Update CODEOWNERS
  • ff0054d Merge pull request #123 from dmitry-shibanov/fix-documentation-for-gpg-import...
  • 81290cd change imported to exported
  • 546dae7 Merge pull request #122 from dmitry-shibanov/update-docs-for-maven-and-gpg
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 3 years ago

Superseded by #27.