Update dependencies, support Java 25 builds

ibauersachs · ibauersachs · commit f6608422df44 · 2026-01-18T16:36:59.000+01:00
diff --git a/.github/actions/download-artifact/action.yml b/.github/actions/download-artifact/action.yml
@@ -16,15 +16,16 @@ runs:
   steps:
     - name: Download artifacts
       if: github.event_name != 'workflow_run'
-      uses: actions/download-artifact@v4
+      uses: actions/download-artifact@v7
       with:
         pattern: ${{ inputs.name }}
         path: ${{ inputs.path }}
         merge-multiple: true
 
     - name: Download artifacts
       if: github.event_name == 'workflow_run'
-      uses: dawidd6/action-download-artifact@v7
+      #v12
+      uses: dawidd6/action-download-artifact@0bd50d53a6d7fb5cb921e607957e9cc12b4ce392
       with:
         workflow: ${{ github.event.workflow_run.name }}
         run_id: ${{ github.event.workflow_run.id }}
diff --git a/.github/actions/prepare-analysis/action.yml b/.github/actions/prepare-analysis/action.yml
@@ -38,7 +38,8 @@ runs:
         echo "check_name<<EOF"$'\n'"${check_name}EOF" >> $GITHUB_OUTPUT
 
     - name: Publish Test Report
-      uses: mikepenz/action-junit-report@v4
+      #v6.1.0
+      uses: mikepenz/action-junit-report@a294a61c909bd8a4b563024a2faa28897fd53ebc
       with:
         commit: ${{ github.event.workflow_run.head_sha }}
         report_paths: ${{ steps.junit_paths.outputs.report_paths }}
@@ -48,15 +49,15 @@ runs:
         detailed_summary: true
 
     - name: Set up JDK
-      uses: actions/setup-java@v4
+      uses: actions/setup-java@v5
       with:
         java-version: ${{ env.BUILD_JAVA_VERSION }}
         distribution: temurin
         cache: ${{ inputs.cache }}
 
     - name: Cache SonarCloud packages
       if: inputs.cache
-      uses: actions/cache@v4
+      uses: actions/cache@v5
       with:
         path: ~/.sonar/cache
         key: ${{ runner.os }}-sonar
diff --git a/.github/actions/upload-artifact/action.yml b/.github/actions/upload-artifact/action.yml
@@ -38,7 +38,7 @@ runs:
       shell: bash
 
     - name: Upload artifacts
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v6
       with:
         if-no-files-found: ${{ inputs.if-no-files-found }}
         name: ${{ inputs.name }}
diff --git a/.github/workflows/analyze.yml b/.github/workflows/analyze.yml
@@ -13,7 +13,7 @@ permissions:
   checks: write
 
 env:
-  BUILD_JAVA_VERSION: '21'
+  BUILD_JAVA_VERSION: '25'
 
 jobs:
   analyze:
@@ -24,7 +24,8 @@ jobs:
     steps:
       - name: Download PR number artifact
         id: get_pr_number
-        uses: dawidd6/action-download-artifact@v6
+        #v12
+        uses: dawidd6/action-download-artifact@0bd50d53a6d7fb5cb921e607957e9cc12b4ce392
         with:
           workflow: ${{ github.event.workflow_run.name }}
           run_id: ${{ github.event.workflow_run.id }}
@@ -39,7 +40,8 @@ jobs:
       - name: Request PR data from GitHub API
         id: get_pr_data
         if: steps.get_pr_number.outputs.found_artifact
-        uses: octokit/request-action@v2.x
+        #v2.4.0
+        uses: octokit/request-action@dad4362715b7fb2ddedf9772c8670824af564f0d
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
@@ -48,20 +50,17 @@ jobs:
           number: ${{ steps.pr_number.outputs.pr_number }}
 
       - name: Checkout PR
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           repository: ${{ github.event.workflow_run.head_repository.full_name }}
           ref: ${{ github.event.workflow_run.head_sha }}
           persist-credentials: false
+          path: pr
           # for Sonar
           fetch-depth: 0
 
-      - name: Make sure 'base' doesn't exist
-        shell: bash
-        run: rm -rf base
-
       - name: Checkout base
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           repository: ${{ github.event.repository.full_name }}
           ref: ${{ fromJson(steps.get_pr_data.outputs.data).base.ref }}
@@ -80,8 +79,10 @@ jobs:
           WF_BRANCH: ${{ fromJson(steps.get_pr_data.outputs.data).head.ref }}
           WF_BASE: ${{ fromJson(steps.get_pr_data.outputs.data).base.ref }}
         run: |
-          cp -f base/pom.xml .
+          cp -f base/pom.xml pr/
+          cd pr
           mvn -B \
+          -f pom.xml \
           -Dsonar.scm.revision='${WF_REVISION}' \
           -Dsonar.pullrequest.key='${WF_PRKEY}' \
           -Dsonar.pullrequest.branch='${WF_BRANCH}' \
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -11,7 +11,7 @@ on:
       - 'release/**'
 
 env:
-  BUILD_JAVA_VERSION: '21'
+  BUILD_JAVA_VERSION: '25'
 
 jobs:
   test:
@@ -21,7 +21,7 @@ jobs:
       fail-fast: false
       matrix:
         os: [ ubuntu-latest, windows-latest ]
-        java: [ '8', '11', '17', '21' ]
+        java: [ '8', '11', '17', '21', '25' ]
         arch: [ 'x64' ]
         include:
           - os: windows-latest
@@ -32,12 +32,12 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           persist-credentials: false
 
       - name: Set up JDK ${{ matrix.java }}
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@v5
         with:
           java-version: ${{ matrix.java }}
           architecture: ${{ matrix.arch }}
@@ -47,7 +47,7 @@ jobs:
       - name: Build with Maven
         shell: bash
         run: |
-          TEST_EXCLUSIONS=$([ '${{ matrix.java }}' == '21' ] && echo "" || echo "concurrency" )
+          TEST_EXCLUSIONS=$([ '${{ matrix.java }}' == '25' ] && echo "" || echo "concurrency" )
           mvn verify \
             -B \
             -Dsurefire.rerunFailingTestsCount=2 \
@@ -102,12 +102,12 @@ jobs:
     needs: test
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           persist-credentials: false
 
       - name: Set up JDK
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@v5
         with:
           java-version: ${{ env.BUILD_JAVA_VERSION }}
           distribution: temurin
@@ -140,7 +140,7 @@ jobs:
 
       - name: Archive PR number
         if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.owner.login != 'dnsjava'
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v6
         with:
           name: pr_number
           path: pr_number.txt
@@ -152,7 +152,7 @@ jobs:
     if: github.event_name == 'push' || github.event.pull_request.head.repo.owner.login == 'dnsjava'
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           persist-credentials: false
           # for Sonar
@@ -164,7 +164,8 @@ jobs:
           cache: maven
 
       - name: Run codecov
-        uses: codecov/codecov-action@v5
+        #v5.5.2
+        uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de
 
       # doesn't work with PRs from forks, see
       # https://portal.productboard.com/sonarsource/1-sonarcloud/c/50-sonarcloud-analyzes-external-pull-request
@@ -181,12 +182,12 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           persist-credentials: false
 
       - name: Set up JDK ${{ env.BUILD_JAVA_VERSION }}
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@v5
         with:
           java-version: ${{ env.BUILD_JAVA_VERSION }}
           architecture: 'x64'
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -25,20 +25,20 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v6
         with:
           persist-credentials: false
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@v4
         with:
           languages: java
 
-      - name: Set up JDK 21
-        uses: actions/setup-java@v4
+      - name: Set up JDK 25
+        uses: actions/setup-java@v5
         with:
-          java-version: 21
+          java-version: 25
           distribution: temurin
           check-latest: true
           cache: maven
@@ -58,4 +58,4 @@ jobs:
             test-compile
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+        uses: github/codeql-action/analyze@v4
diff --git a/README.adoc b/README.adoc
@@ -283,7 +283,8 @@ on the classpath
 * The link:USAGE.md[command line tools] were moved to the `org.xbill.DNS.tools`
 package
 
-* On Windows, https://github.com/java-native-access/jna[JNA] should be on the classpath for the search path and proper DNS server finding
+* On Windows, https://github.com/java-native-access/jna[JNA] should be on the classpath for the search path and proper DNS server finding.
+As of Java 24, note that additional JVM config is required, see https://javadoc.io/doc/net.java.dev.jna/jna/latest/index.html#special-considerations-for-jdk24--heading[Special considerations for JDK24+].
 
 * The `Resolver` API for custom resolvers has changed to use
 `CompletionStage<Message>` for asynchronous resolving.
diff --git a/pom.xml b/pom.xml
