Error Prone compatibility check #491
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Validates compatibility with the latest Error Prone release. | |
| # | |
| # XXX: This workflow compiles the code against the `LATEST` Error Prone release | |
| # as determined by Maven, and subsequently runs the unit tests. No other checks | |
| # are performed. This guards against false positives, but is not quite as | |
| # thorough as the validation performed by | |
| # `website/generate-version-compatibility-overview.sh`. Consider unifying these | |
| # approaches. | |
| # XXX: Instead of the `LATEST` release, this workflow could also attempt to | |
| # build against the `1.0-HEAD-SNAPSHOT` version published to the Sonatype | |
| # snapshot repository. This would enable advance notification of upcoming | |
| # incompatibilities. | |
| name: Error Prone compatibility check | |
| on: | |
| push: | |
| branches: [ master ] | |
| schedule: | |
| - cron: '0 4 * * *' | |
| permissions: | |
| contents: read | |
| env: | |
| MAVEN_ARGS: --batch-mode -Dstyle.color=always -T1C | |
| jobs: | |
| validate: | |
| runs-on: ubuntu-24.04 | |
| steps: | |
| - name: Install Harden-Runner | |
| uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 | |
| with: | |
| disable-sudo-and-containers: true | |
| egress-policy: block | |
| allowed-endpoints: > | |
| api.adoptium.net:443 | |
| github.com:443 | |
| objects.githubusercontent.com:443 | |
| release-assets.githubusercontent.com:443 | |
| repo.maven.apache.org:443 | |
| - name: Check out code and set up JDK and Maven | |
| uses: s4u/setup-maven-action@6c4e9964d4ecb8f1026310cd8618791fd51a8016 # v1.19.0 | |
| with: | |
| java-version: 25 | |
| java-distribution: temurin | |
| maven-version: 3.9.11 | |
| - name: Quickly build and install project | |
| run: mvn install -Dverification.skip | |
| - name: Build and test project with self-check against the latest Error Prone release | |
| # Note that it is okay for the build to reference checks that have been | |
| # deleted in the latest release, or to trigger new warnings; those | |
| # don't indicate that Error Prone Support is incompatible with the | |
| # latest Error Prone release as far as downstream users are concerned. | |
| # XXX: This use of `error-prone.patch-args` is a bit dodgy... | |
| run: mvn clean verify -s settings.xml -Pself-check -Dversion.error-prone=LATEST -Derror-prone.patch-args=-XepIgnoreUnknownCheckNames -Dverification.warn |