build(deps): Bump org.checkerframework:checker-qual from 3.49.2 to 3.49.3 #1
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Check Aliyun Maven Dependencies | |
| on: | |
| pull_request_target: | |
| types: [ opened, synchronize ] | |
| workflow_dispatch: | |
| permissions: | |
| contents: read | |
| pull-requests: write | |
| jobs: | |
| check-dependencies: | |
| # 只在dependabot的PR上运行 | |
| if: github.actor == 'dependabot[bot]' | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ github.event.pull_request.head.ref }} | |
| - name: Set up Java | |
| uses: actions/setup-java@v4 | |
| with: | |
| distribution: 'temurin' | |
| java-version: '17' | |
| - name: Get build file changes | |
| id: get-changes | |
| run: | | |
| # 检测项目类型并获取变更内容 | |
| if [ -f "pom.xml" ]; then | |
| echo "build_type=maven" >> $GITHUB_OUTPUT | |
| # PR事件获取当前PR的pom.xml变更 | |
| git diff origin/${{ github.event.pull_request.base.ref }} -- pom.xml > changes.diff || true | |
| elif [ -f "build.gradle" ]; then | |
| echo "build_type=gradle" >> $GITHUB_OUTPUT | |
| git diff origin/${{ github.event.pull_request.base.ref }} -- build.gradle > changes.diff || true | |
| else | |
| echo "No supported build file found" | |
| exit 0 | |
| fi | |
| echo "changes<<EOF" >> $GITHUB_OUTPUT | |
| cat changes.diff >> $GITHUB_OUTPUT | |
| echo "EOF" >> $GITHUB_OUTPUT | |
| - name: Parse dependencies | |
| id: parse-deps | |
| uses: actions/github-script@v7 | |
| with: | |
| script: | | |
| const core = require('@actions/core'); | |
| try { | |
| const buildType = '${{ steps.get-changes.outputs.build_type }}'; | |
| const changes = '${{ steps.get-changes.outputs.changes }}'; | |
| const dependencies = []; | |
| if (buildType === 'gradle') { | |
| // Gradle 依赖解析 | |
| const regex = /([+-])\s*(implementation|api|compile|testImplementation|runtimeOnly)\s*['"]([^'"]+)['"]/g; | |
| let match; | |
| while ((match = regex.exec(changes)) !== null) { | |
| if (match[1] === '+') { | |
| const depParts = match[3].split(':'); | |
| if (depParts.length === 3) { | |
| dependencies.push({ | |
| group: depParts[0], | |
| artifact: depParts[1], | |
| version: depParts[2] | |
| }); | |
| } | |
| } | |
| } | |
| } else if (buildType === 'maven') { | |
| // Maven 依赖解析 | |
| const diffLines = changes.split('\n'); | |
| let currentDep = null; | |
| let inDependency = false; | |
| let isNewDep = false; | |
| for (const line of diffLines) { | |
| if (line.startsWith('+ <dependency>')) { | |
| inDependency = true; | |
| isNewDep = true; | |
| currentDep = {}; | |
| } else if (line.startsWith('+ </dependency>') && isNewDep) { | |
| inDependency = false; | |
| if (currentDep.groupId && currentDep.artifactId && currentDep.version) { | |
| dependencies.push({ | |
| group: currentDep.groupId, | |
| artifact: currentDep.artifactId, | |
| version: currentDep.version | |
| }); | |
| } | |
| } else if (inDependency && isNewDep) { | |
| if (line.startsWith('+ <groupId>')) { | |
| currentDep.groupId = line.replace(/^\+ <groupId>|<\/groupId>$/g, '').trim(); | |
| } else if (line.startsWith('+ <artifactId>')) { | |
| currentDep.artifactId = line.replace(/^\+ <artifactId>|<\/artifactId>$/g, '').trim(); | |
| } else if (line.startsWith('+ <version>')) { | |
| currentDep.version = line.replace(/^\+ <version>|<\/version>$/g, '').trim(); | |
| } | |
| } | |
| } | |
| } | |
| core.setOutput('dependencies', JSON.stringify(dependencies)); | |
| return dependencies.length; | |
| } catch (error) { | |
| core.setFailed(`Failed to parse dependencies: ${error}`); | |
| } | |
| - name: Check Aliyun Maven availability | |
| if: steps.parse-deps.outputs.dependencies != '[]' | |
| id: check-aliyun | |
| uses: actions/github-script@v7 | |
| with: | |
| script: | | |
| const { execSync } = require('child_process'); | |
| const core = require('@actions/core'); | |
| const { context, getOctokit } = require('@actions/github'); | |
| try { | |
| const dependencies = JSON.parse('${{ steps.parse-deps.outputs.dependencies }}'); | |
| const aliMavenUrl = 'https://maven.aliyun.com/repository/public'; | |
| const results = []; | |
| for (const dep of dependencies) { | |
| const artifactPath = dep.group.replace(/\./g, '/') + '/' + dep.artifact + '/' + dep.version; | |
| const pomUrl = `${aliMavenUrl}/${artifactPath}/${dep.artifact}-${dep.version}.pom`; | |
| try { | |
| execSync(`curl -I -s -o /dev/null -w "%{http_code}" ${pomUrl} | grep 200`); | |
| results.push(`✅ ${dep.group}:${dep.artifact}:${dep.version} - 可用`); | |
| } catch (e) { | |
| results.push(`❌ ${dep.group}:${dep.artifact}:${dep.version} - 不可用`); | |
| } | |
| } | |
| if (results.length > 0) { | |
| const commentBody = `### 阿里云 Maven 依赖检查结果\n\n${results.join('\n')}`; | |
| const octokit = getOctokit(process.env.GITHUB_TOKEN); | |
| await octokit.rest.issues.createComment({ | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| issue_number: ${{ github.event.pull_request.number }}, | |
| body: commentBody | |
| }); | |
| core.setOutput('result', commentBody); | |
| } | |
| return 'Dependency check completed'; | |
| } catch (error) { | |
| core.setFailed(`Action failed with error: ${error}`); | |
| } | |
| - name: Output result | |
| if: steps.parse-deps.outputs.dependencies != '[]' | |
| run: echo "${{ steps.check-aliyun.outputs.result }}" |