Bump ws from 7.4.3 to 7.5.5 (#228)

Bumps [ws](https://github.com/websockets/ws) from 7.4.3 to 7.5.5.
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](https://github.com/websockets/ws/compare/7.4.3...7.5.5)

---
updated-dependencies:
- dependency-name: ws
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.github/workflows/build.yml

@@ -27,7 +27,4 @@ jobs:
       - run: npm ci
       - run: npm run build
       - run: npm run format-check
-      - run: npm test
+      - run: npm test
-      - name: Verify no unstaged changes
-        if: runner.os != 'windows'
-        run: bash __tests__/verify-no-unstaged-changes.sh

.github/workflows/check-dist.yml

@@ -0,0 +1,51 @@
+# `dist/index.js` is a special file in Actions.
+# When you reference an action with `uses:` in a workflow,
+# `index.js` is the code that will run.
+# For our project, we generate this file through a build process from other source files.
+# We need to make sure the checked-in `index.js` actually matches what we expect it to be.
+name: Check dist/
+
+on:
+  push:
+    branches:
+      - main
+    paths-ignore:
+      - '**.md'
+  pull_request:
+    paths-ignore:
+      - '**.md'
+  workflow_dispatch:
+
+jobs:
+  check-dist:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: Set Node.js 12.x
+        uses: actions/setup-node@v1
+        with:
+          node-version: 12.x
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Rebuild the dist/ directory
+        run: npm run build
+
+      - name: Compare the expected and actual dist/ directories
+        run: |
+          if [ "$(git diff --ignore-space-at-eol dist/ | wc -l)" -gt "0" ]; then
+            echo "Detected uncommitted changes after build.  See status below:"
+            git diff
+            exit 1
+          fi
+        id: diff
+
+      # If index.js was different than expected, upload the expected version as an artifact
+      - uses: actions/upload-artifact@v2
+        if: ${{ failure() && steps.diff.conclusion == 'failure' }}
+        with:
+          name: dist
+          path: dist/

.github/workflows/e2e-versions.yml

@@ -20,7 +20,7 @@ jobs:
       fail-fast: false
       matrix:
         os: [macos-latest, windows-latest, ubuntu-latest]
-        distribution: ['adopt', 'adopt-openj9', 'temurin', 'zulu'] # internally 'adopt-hotspot' is the same as 'adopt'
+        distribution: ['temurin', 'adopt', 'adopt-openj9', 'zulu'] # internally 'adopt-hotspot' is the same as 'adopt'
         version: ['8', '11', '16']
     steps:
       - name: Checkout
@@ -43,30 +43,11 @@ jobs:
       fail-fast: false
       matrix:
         os: [macos-latest, windows-latest, ubuntu-latest]
-        distribution: ['adopt', 'zulu']
+        distribution: ['temurin', 'zulu']
         version:
         - '11.0'
-        - '8.0.282'
+        - '8.0.302'
-        - '11.0.2+7'
+        - '16.0.2+7'
-        include:
-          - distribution: 'adopt'
-            version: '12.0.2+10.1'
-            os: macos-latest
-          - distribution: 'adopt'
-            version: '12.0.2+10.1'
-            os: windows-latest
-          - distribution: 'adopt'
-            version: '12.0.2+10.1'
-            os: ubuntu-latest
-          - distribution: 'temurin'
-            version: '16.0.2+7'
-            os: macos-latest
-          - distribution: 'temurin'
-            version: '16.0.2+7'
-            os: windows-latest
-          - distribution: 'temurin'
-            version: '16.0.2+7'
-            os: ubuntu-latest
     steps:
       - name: Checkout
         uses: actions/checkout@v2
@@ -88,7 +69,7 @@ jobs:
       fail-fast: false
       matrix:
         os: [macos-latest, windows-latest, ubuntu-latest]
-        distribution: ['adopt', 'temurin', 'zulu']
+        distribution: ['temurin', 'zulu']
     steps:
       - name: Checkout
         uses: actions/checkout@v2
@@ -125,28 +106,6 @@ jobs:
         run: bash __tests__/verify-java.sh "${{ matrix.version }}" "${{ steps.setup-java.outputs.path }}"
         shell: bash
 
-  setup-java-ea-versions-adopt:
-    name: adopt ${{ matrix.version }} (jdk-x64) - ${{ matrix.os }}
-    needs: setup-java-major-minor-versions
-    runs-on: ${{ matrix.os }}
-    strategy:
-      fail-fast: false
-      matrix:
-        os: [macos-latest, windows-latest, ubuntu-latest]
-        version: ['17-ea', '15.0.0-ea.14.1.202003160455']
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v2
-      - name: setup-java
-        uses: ./
-        id: setup-java
-        with:
-          java-version: ${{ matrix.version }}
-          distribution: adopt
-      - name: Verify Java
-        run: bash __tests__/verify-java.sh "${{ matrix.version }}" "${{ steps.setup-java.outputs.path }}"
-        shell: bash
-
   setup-java-ea-versions-temurin:
     name: temurin ${{ matrix.version }} (jdk-x64) - ${{ matrix.os }}
     needs: setup-java-major-minor-versions
@@ -177,10 +136,9 @@ jobs:
       fail-fast: false
       matrix:
         os: [macos-latest, windows-latest, ubuntu-latest]
-        distribution: ['adopt', 'temurin', 'zulu']
+        distribution: ['temurin', 'zulu']
         java-package: ['jre']
-        version:
+        version: ['16.0']
-        - '16.0'
         include:
           - distribution: 'zulu'
             java-package: jre+fx

.github/workflows/licensed.yml

@@ -1,8 +1,12 @@
 name: Licensed
 
 on:
-  push: {branches: main}
+  push:
-  pull_request: {branches: main}
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
 
 jobs:
   test:
@@ -17,4 +21,4 @@ jobs:
           curl -Lfs -o licensed.tar.gz https://github.com/github/licensed/releases/download/2.12.2/licensed-2.12.2-linux-x64.tar.gz
           sudo tar -xzf licensed.tar.gz
           sudo mv licensed /usr/local/bin/licensed
-      - run: licensed status
+      - run: licensed status

.licenses/npm/@actions/http-client.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@actions/http-client"
-version: 1.0.9
+version: 1.0.11
 type: npm
 summary: Actions Http Client
 homepage: https://github.com/actions/http-client#readme

README.md

@@ -15,24 +15,13 @@ This action provides the following functionality for GitHub Actions runners:
 - Caching dependencies managed by Gradle
 
 ## V2 vs V1
-- V2 supports custom distributions and provides support for Zulu OpenJDK, Adopt OpenJDK and Eclipse Temurin out of the box. V1 supports only Zulu OpenJDK
+- V2 supports custom distributions and provides support for Zulu OpenJDK, Eclipse Temurin and Adopt OpenJDK  out of the box. V1 supports only Zulu OpenJDK
 - V2 requires you to specify distribution along with the version. V1 defaults to Zulu OpenJDK, only version input is required. Follow [the migration guide](docs/switching-to-v2.md) to switch from V1 to V2
 
 ## Usage
 Inputs `java-version` and `distribution` are mandatory. See [Supported distributions](#supported-distributions) section for a list of available options.
 
 ### Basic
-**Adopt OpenJDK**
-```yaml
-steps:
-- uses: actions/checkout@v2
-- uses: actions/setup-java@v2
-  with:
-    distribution: 'adopt' # See 'Supported distributions' for available options
-    java-version: '11'
-- run: java -cp java HelloWorldApp
-```
-
 **Eclipse Temurin**
 ```yaml
 steps:
@@ -40,7 +29,7 @@ steps:
 - uses: actions/setup-java@v2
   with:
     distribution: 'temurin' # See 'Supported distributions' for available options
-    java-version: '8'
+    java-version: '11'
 - run: java -cp java HelloWorldApp
 ```
 
@@ -57,32 +46,49 @@ steps:
 
 #### Supported version syntax
 The `java-version` input supports an exact version or a version range using [SemVer](https://semver.org/) notation:
-- major versions: `8`, `11`, `15`
+- major versions: `8`, `11`, `16`
 - more specific versions: `11.0`, `11.0.4`, `8.0.232`, `8.0.282+8`
 - early access (EA) versions: `15-ea`, `15.0.0-ea`, `15.0.0-ea.2`, `15.0.0+2-ea`
 
 #### Supported distributions
 Currently, the following distributions are supported:
-| Keyword | Distribution | Official site | License |
+| Keyword | Distribution | Official site | License
 |-|-|-|-|
-| `zulu` | Zulu OpenJDK | [Link](https://www.azul.com/downloads/zulu-community/?package=jdk) | [Link](https://www.azul.com/products/zulu-and-zulu-enterprise/zulu-terms-of-use/) |
-| `adopt` or `adopt-hotspot` | Adopt OpenJDK Hotspot | [Link](https://adoptopenjdk.net/) | [Link](https://adoptopenjdk.net/about.html)
-| `adopt-openj9` | Adopt OpenJDK OpenJ9 | [Link](https://adoptopenjdk.net/) | [Link](https://adoptopenjdk.net/about.html)
 | `temurin` | Eclipse Temurin | [Link](https://adoptium.net/) | [Link](https://adoptium.net/about.html)
+| `zulu` | Zulu OpenJDK | [Link](https://www.azul.com/downloads/zulu-community/?package=jdk) | [Link](https://www.azul.com/products/zulu-and-zulu-enterprise/zulu-terms-of-use/) |
+| `adopt` or `adopt-hotspot` | Adopt OpenJDK Hotspot | [Link](https://adoptopenjdk.net/) | [Link](https://adoptopenjdk.net/about.html) |
+| `adopt-openj9` | Adopt OpenJDK OpenJ9 | [Link](https://adoptopenjdk.net/) | [Link](https://adoptopenjdk.net/about.html)
 
 **NOTE:** The different distributors can provide discrepant list of available versions / supported configurations. Please refer to the official documentation to see the list of supported versions.
 
-#### Supported cache types
+**NOTE:** Adopt OpenJDK got moved to Eclipse Temurin and won't be updated anymore. It is highly recommended to migrate workflows from `adopt` to `temurin` to keep receiving software and security updates. See more details in the [Good-bye AdoptOpenJDK post](https://blog.adoptopenjdk.net/2021/08/goodbye-adoptopenjdk-hello-adoptium/).
-Currently, `gradle` and `maven` are supported. You can set `cache` input like below:
+
+### Caching packages dependencies
+The action has a built-in functionality for caching and restoring dependencies. It uses [actions/cache](https://github.com/actions/cache) under hood for caching dependencies but requires less configuration settings. Supported package managers are gradle and maven. The cache input is optional, and caching is turned off by default.
+
+#### Caching gradle dependencies
 ```yaml
 steps:
 - uses: actions/checkout@v2
 - uses: actions/setup-java@v2
   with:
-    distribution: 'adopt'
+    distribution: 'temurin'
     java-version: '11'
-    cache: 'gradle' # will restore cache of dependencies and wrappers
+    cache: 'gradle'
-- run: ./gradlew build
+- run: ./gradlew build --no-daemon
+```
+
+#### Caching maven dependencies
+```yaml
+steps:
+- uses: actions/checkout@v2
+- uses: actions/setup-java@v2
+  with:
+    distribution: 'temurin'
+    java-version: '11'
+    cache: 'maven'
+- name: Build with Maven
+  run: mvn -B package --file pom.xml
 ```
 
 ### Check latest
@@ -125,6 +131,7 @@ jobs:
 
 ### Advanced
 - [Selecting a Java distribution](docs/advanced-usage.md#Selecting-a-Java-distribution)
+  - [Eclipse Temurin](docs/advanced-usage.md#Eclipse-Temurin)
   - [Adopt](docs/advanced-usage.md#Adopt)
   - [Zulu](docs/advanced-usage.md#Zulu)
 - [Installing custom Java package type](docs/advanced-usage.md#Installing-custom-Java-package-type)

__tests__/auth.test.ts

@@ -1,6 +1,7 @@
 import io = require('@actions/io');
 import fs = require('fs');
 import path = require('path');
+import * as core from '@actions/core';
 import os from 'os';
 
 import * as auth from '../src/auth';
@@ -10,11 +11,14 @@ const settingsFile = path.join(m2Dir, auth.SETTINGS_FILE);
 
 describe('auth tests', () => {
   let spyOSHomedir: jest.SpyInstance;
+  let spyInfo: jest.SpyInstance;
 
   beforeEach(async () => {
     await io.rmRF(m2Dir);
     spyOSHomedir = jest.spyOn(os, 'homedir');
     spyOSHomedir.mockReturnValue(__dirname);
+    spyInfo = jest.spyOn(core, 'info');
+    spyInfo.mockImplementation(() => null);
   }, 300000);
 
   afterAll(async () => {

__tests__/cache.test.ts

@@ -14,6 +14,8 @@ describe('dependency cache', () => {
   let workspace: string;
   let spyInfo: jest.SpyInstance<void, Parameters<typeof core.info>>;
   let spyWarning: jest.SpyInstance<void, Parameters<typeof core.warning>>;
+  let spyDebug: jest.SpyInstance<void, Parameters<typeof core.debug>>;
+  let spySaveState: jest.SpyInstance<void, Parameters<typeof core.saveState>>;
 
   beforeEach(() => {
     workspace = mkdtempSync(join(tmpdir(), 'setup-java-cache-'));
@@ -38,7 +40,16 @@ describe('dependency cache', () => {
 
   beforeEach(() => {
     spyInfo = jest.spyOn(core, 'info');
+    spyInfo.mockImplementation(() => null);
+
     spyWarning = jest.spyOn(core, 'warning');
+    spyWarning.mockImplementation(() => null);
+
+    spyDebug = jest.spyOn(core, 'debug');
+    spyDebug.mockImplementation(() => null);
+
+    spySaveState = jest.spyOn(core, 'saveState');
+    spySaveState.mockImplementation(() => null);
   });
 
   afterEach(() => {
@@ -58,6 +69,7 @@ describe('dependency cache', () => {
       spyCacheRestore = jest
         .spyOn(cache, 'restoreCache')
         .mockImplementation((paths: string[], primaryKey: string) => Promise.resolve(undefined));
+      spyWarning.mockImplementation(() => null);
     });
 
     it('throws error if unsupported package manager specified', () => {
@@ -117,6 +129,7 @@ describe('dependency cache', () => {
       spyCacheSave = jest
         .spyOn(cache, 'saveCache')
         .mockImplementation((paths: string[], key: string) => Promise.resolve(0));
+      spyWarning.mockImplementation(() => null);
     });
 
     it('throws error if unsupported package manager specified', () => {

__tests__/cleanup-java.test.ts

@@ -5,6 +5,7 @@ import * as util from '../src/util';
 
 describe('cleanup', () => {
   let spyWarning: jest.SpyInstance<void, Parameters<typeof core.warning>>;
+  let spyInfo: jest.SpyInstance<void, Parameters<typeof core.info>>;
   let spyCacheSave: jest.SpyInstance<
     ReturnType<typeof cache.saveCache>,
     Parameters<typeof cache.saveCache>
@@ -13,6 +14,9 @@ describe('cleanup', () => {
 
   beforeEach(() => {
     spyWarning = jest.spyOn(core, 'warning');
+    spyWarning.mockImplementation(() => null);
+    spyInfo = jest.spyOn(core, 'info');
+    spyInfo.mockImplementation(() => null);
     spyCacheSave = jest.spyOn(cache, 'saveCache');
     spyJobStatusSuccess = jest.spyOn(util, 'isJobStatusSuccess');
     spyJobStatusSuccess.mockReturnValue(true);

__tests__/verify-no-unstaged-changes.sh

@@ -1,17 +0,0 @@
-#!/bin/bash
-
-if [[ "$(git status --porcelain)" != "" ]]; then
-    echo ----------------------------------------
-    echo git status
-    echo ----------------------------------------
-    git status
-    echo ----------------------------------------
-    echo git diff
-    echo ----------------------------------------
-    git diff
-    echo ----------------------------------------
-    echo Troubleshooting
-    echo ----------------------------------------
-    echo "::error::Unstaged changes detected. Locally try running: git clean -ffdx && npm ci && npm run pre-checkin"
-    exit 1
-fi

dist/cleanup/index.js

@@ -6196,7 +6196,7 @@ function removePrivateKeyFromKeychain() {
                 yield gpg.deleteKey(keyFingerprint);
             }
             catch (error) {
-                core.setFailed('Failed to remove private key');
+                core.setFailed(`Failed to remove private key due to: ${error.message}`);
             }
         }
     });
@@ -49663,7 +49663,9 @@ class HttpClient {
                 maxSockets: maxSockets,
                 keepAlive: this._keepAlive,
                 proxy: {
-                    proxyAuth: `${proxyUrl.username}:${proxyUrl.password}`,
+                    ...((proxyUrl.username || proxyUrl.password) && {
+                        proxyAuth: `${proxyUrl.username}:${proxyUrl.password}`
+                    }),
                     host: proxyUrl.hostname,
                     port: proxyUrl.port
                 }
@@ -63235,10 +63237,9 @@ function importKey(privateKey) {
 exports.importKey = importKey;
 function deleteKey(keyFingerprint) {
     return __awaiter(this, void 0, void 0, function* () {
-        yield exec.exec('gpg', ['--batch', '--yes', '--delete-secret-keys', keyFingerprint], {
+        yield exec.exec('gpg', ['--batch', '--yes', '--delete-secret-and-public-key', keyFingerprint], {
             silent: true
         });
-        yield exec.exec('gpg', ['--batch', '--yes', '--delete-keys', keyFingerprint], { silent: true });
     });
 }
 exports.deleteKey = deleteKey;

dist/setup/index.js

@@ -39653,7 +39653,9 @@ class HttpClient {
                 maxSockets: maxSockets,
                 keepAlive: this._keepAlive,
                 proxy: {
-                    proxyAuth: `${proxyUrl.username}:${proxyUrl.password}`,
+                    ...((proxyUrl.username || proxyUrl.password) && {
+                        proxyAuth: `${proxyUrl.username}:${proxyUrl.password}`
+                    }),
                     host: proxyUrl.hostname,
                     port: proxyUrl.port
                 }
@@ -94687,10 +94689,9 @@ function importKey(privateKey) {
 exports.importKey = importKey;
 function deleteKey(keyFingerprint) {
     return __awaiter(this, void 0, void 0, function* () {
-        yield exec.exec('gpg', ['--batch', '--yes', '--delete-secret-keys', keyFingerprint], {
+        yield exec.exec('gpg', ['--batch', '--yes', '--delete-secret-and-public-key', keyFingerprint], {
             silent: true
         });
-        yield exec.exec('gpg', ['--batch', '--yes', '--delete-keys', keyFingerprint], { silent: true });
     });
 }
 exports.deleteKey = deleteKey;

docs/advanced-usage.md

@@ -1,5 +1,6 @@
 # Usage
 - [Selecting a Java distribution](#Selecting-a-Java-distribution)
+  - [Eclipse Temurin](#Eclipse-Temurin)
   - [Adopt](#Adopt)
   - [Zulu](#Zulu)
 - [Installing custom Java package type](#Installing-custom-Java-package-type)
@@ -16,13 +17,26 @@ See [action.yml](../action.yml) for more details on task inputs.
 ## Selecting a Java distribution
 Inputs `java-version` and `distribution` are mandatory and needs to be provided. See [Supported distributions](../README.md#Supported-distributions) for a list of available options.
 
-### Adopt
+### Eclipse Temurin
 ```yaml
 steps:
 - uses: actions/checkout@v2
 - uses: actions/setup-java@v2
   with:
-    distribution: 'adopt-hotspot' # See 'Supported distributions' for available options @ README.md
+    distribution: 'temurin'
+    java-version: '11'
+- run: java -cp java HelloWorldApp
+```
+
+### Adopt
+**NOTE:** Adopt OpenJDK got moved to Eclipse Temurin and won't be updated anymore. It is highly recommended to migrate workflows from `adopt` to `temurin` to keep receiving software and security updates. See more details in the [Good-bye AdoptOpenJDK post](https://blog.adoptopenjdk.net/2021/08/goodbye-adoptopenjdk-hello-adoptium/).
+
+```yaml
+steps:
+- uses: actions/checkout@v2
+- uses: actions/setup-java@v2
+  with:
+    distribution: 'adopt-hotspot'
     java-version: '11'
 - run: java -cp java HelloWorldApp
 ```
@@ -91,8 +105,8 @@ jobs:
     runs-on: ubuntu-20.04
     strategy:
       matrix:
-        distribution: [ 'zulu', 'adopt' ]
+        distribution: [ 'zulu', 'temurin' ]
-        java: [ '8', '11', '13', '15' ]
+        java: [ '8', '11' ]
     name: Java ${{ matrix.Java }} (${{ matrix.distribution }}) sample
     steps:
       - uses: actions/checkout@v2
@@ -119,7 +133,7 @@ jobs:
       - name: Setup java
         uses: actions/setup-java@v2
         with:
-          distribution: 'adopt'
+          distribution: 'temurin'
           java-version: ${{ matrix.java }}
       - run: java -cp java HelloWorldApp
 ```
@@ -150,7 +164,7 @@ jobs:
     - name: Set up Apache Maven Central
       uses: actions/setup-java@v2
       with: # running setup-java again overwrites the settings.xml
-        distribution: 'adopt'
+        distribution: 'temurin'
         java-version: '11'
         server-id: maven # Value of the distributionManagement/repository/id field of the pom.xml
         server-username: MAVEN_USERNAME # env variable for username in deploy

package.json

@@ -28,7 +28,7 @@
     "@actions/core": "^1.2.6",
     "@actions/exec": "^1.0.4",
     "@actions/glob": "^0.2.0",
-    "@actions/http-client": "^1.0.9",
+    "@actions/http-client": "^1.0.11",
     "@actions/io": "^1.0.2",
     "@actions/tool-cache": "^1.6.1",
     "semver": "^7.3.4",

src/cleanup-java.ts

@@ -11,7 +11,7 @@ async function removePrivateKeyFromKeychain() {
       const keyFingerprint = core.getState(constants.STATE_GPG_PRIVATE_KEY_FINGERPRINT);
       await gpg.deleteKey(keyFingerprint);
     } catch (error) {
-      core.setFailed('Failed to remove private key');
+      core.setFailed(`Failed to remove private key due to: ${error.message}`);
     }
   }
 }

src/gpg.ts

@@ -39,8 +39,7 @@ export async function importKey(privateKey: string) {
 }
 
 export async function deleteKey(keyFingerprint: string) {
-  await exec.exec('gpg', ['--batch', '--yes', '--delete-secret-keys', keyFingerprint], {
+  await exec.exec('gpg', ['--batch', '--yes', '--delete-secret-and-public-key', keyFingerprint], {
     silent: true
   });
-  await exec.exec('gpg', ['--batch', '--yes', '--delete-keys', keyFingerprint], { silent: true });
 }