update project config

.gitattributes

@@ -58,6 +58,7 @@
 *.zsh        text eol=lf
 *.lua        text
 *.php        text
+*.py         text
 *.python     text
 *.sql        text
 

.github/dependabot.yml

@@ -6,24 +6,26 @@ updates:
     schedule:
       interval: weekly
       day: monday
-      time: "09:00"
+      time: "10:00"
     commit-message:
       prefix: fix
       prefix-development: chore
       include: scope
     labels:
-      - gha
+      - pinned
       - dependencies
+      - gha
   - package-ecosystem: maven
     directory: /
     schedule:
       interval: weekly
       day: monday
-      time: "09:00"
+      time: "10:00"
     commit-message:
       prefix: fix
       prefix-development: chore
       include: scope
     labels:
-      - mvn
+      - pinned
       - dependencies
+      - mvn

.github/stale.yml

@@ -1,13 +1,14 @@
 # Configuration for probot-stale - https://github.com/probot/stale
 
 # Number of days of inactivity before an issue becomes stale
-daysUntilStale: 60
+daysUntilStale: 120
 
 # Number of days of inactivity before a stale issue is closed
-daysUntilClose: 7
+daysUntilClose: 14
 
 # Issues with these labels will never be considered stale
 exemptLabels:
+  - enhancement
   - pinned
   - security
 
@@ -18,7 +19,8 @@ staleLabel: wontfix
 markComment: >
   This issue has been automatically marked as stale because it has not had
   recent activity. It will be closed in 7 days if no further activity occurs.
-  Thank you for your contributions.
+  If the issue is still valid, please add a respective comment to prevent this 
+  issue from being closed automatically. Thank you for your contributions.
 
 # Comment to post when closing a stale issue. Set to `false` to disable
 closeComment: false

.github/workflows/build.yml

@@ -1,5 +1,5 @@
 # SPDX-FileCopyrightText: © Vegard IT GmbH (https://vegardit.com)
-# SPDX-FileContributor: Sebastian Thomschke
+# SPDX-FileContributor: Sebastian Thomschke (Vegard IT GmbH)
 # SPDX-License-Identifier: Apache-2.0
 # SPDX-ArtifactOfProjectHomePage: https://github.com/vegardit/depcheck-maven-plugin
 #
@@ -33,7 +33,7 @@ on:
         required: false
         default: ''
       debug-with-ssh:
-        description: "Start an SSH session for debugging purposes after tests ran:"
+        description: "Start an SSH session for debugging purposes at the end of the build:"
         default: never
         type: choice
         options: [ always, on_failure, on_failure_or_cancelled, never ]
@@ -53,8 +53,12 @@ defaults:
   run:
     shell: bash
 
+
 jobs:
-  build:
+
+  ###########################################################
+  maven-build:
+  ###########################################################
     runs-on: ubuntu-latest
     continue-on-error: ${{ matrix.experimental }}
     strategy:
@@ -70,19 +74,23 @@ jobs:
         - java: 20
           may_create_release: false
           experimental: false
+
     steps:
     - name: Show environment variables
       run: env | sort
 
+
     - name: Git Checkout
-      uses: actions/checkout@v4 #https://github.com/actions/checkout
+      uses: actions/checkout@v4 # https://github.com/actions/checkout
 
-    - name: Set up JDK ${{ matrix.java }}
-      uses: actions/setup-java@v4 #https://github.com/actions/setup-java
+
+    - name: "Install: JDK ${{ env.JAVA_VERSION }}"
+      uses: actions/setup-java@v4 # https://github.com/actions/setup-java
       with:
         distribution: temurin
         java-version: ${{ matrix.java }}
 
+
     # reusing CDS archives of the same JVM randomly fails in GitHub Actions with
     # "An error has occurred while processing the shared archive file. shared class paths mismatch"
     #- name: Calculate Java version checksum
@@ -96,22 +104,18 @@ jobs:
     #      ~/.xshare/${{ steps.java-version-checksum.outputs.md5sum }}
     #    key: ${{ runner.os }}-xshare-${{ steps.java-version-checksum.outputs.md5sum }}
 
-    - name: "Cache: Local Maven Repository"
-      uses: actions/cache@v3
+
+    - name: "Cache: Restore"
+      id: cache-restore
+      if: ${{ !env.ACT }} # https://github.com/nektos/act#skipping-steps
+      uses: actions/cache/restore@v3
       with:
         path: |
+          ~/.m2/bin
           ~/.m2/repository
           !~/.m2/repository/com/vegardit/maven
-        key: ${{ runner.os }}-mvnrepo-${{ hashFiles('**/pom.xml') }}
-        restore-keys: |
-          ${{ runner.os }}-mvnrepo-
+        key: ${{ runner.os }}-${{ hashFiles('**/pom.xml') }}
 
-    - name: "Cache: Maven Binaries"
-      uses: actions/cache@v3
-      with:
-        path: |
-          ~/.m2/bin
-        key: ${{ runner.os }}-mvnbin-${{ hashFiles('.ci/build.sh') }}
 
     - name: Test with Maven
       id: maven-test
@@ -124,6 +128,7 @@ jobs:
       run: |
         bash .ci/build.sh ${{ github.event.inputs.additional_maven_args }}
 
+
     - name: Build with Maven
       id: maven-build
       if: ${{ matrix.may_create_release && !env.ACT }}
@@ -149,6 +154,7 @@ jobs:
           echo 'has_jacoco_results=true' >> $GITHUB_OUTPUT
         fi
 
+
     - name: Publish test coverage to codeclimate.com
       uses: paambaati/[email protected] # https://github.com/paambaati/codeclimate-action
       if: ${{ matrix.may_create_release && steps.maven-build.outputs.has_jacoco_results && !env.ACT }}
@@ -161,41 +167,72 @@ jobs:
           ${{ github.workspace }}/target/site/jacoco-it/jacoco.xml:jacoco
 
 
+    ##################################################
+    # Cache Update
+    # See https://github.com/actions/cache/issues/342
+    ##################################################
+    - name: "Cache: Delete Previous"
+      if: ${{ steps.cache-restore.outputs.cache-hit && !env.ACT }}
+      env:
+        GH_TOKEN: ${{ github.token }}
+      run: |
+        gh extension install actions/gh-actions-cache
+        # "|| true" is to avoid "Error: Resource not accessible by integration" from failing the job 
+        gh actions-cache delete ${{ steps.cache-restore.outputs.cache-primary-key }} --confirm || true
+
+    - name: "Cache: Update"
+      uses: actions/cache/save@v3
+      if: ${{ always() && !cancelled() && !env.ACT }} # save cache even fails
+      with:
+        path: |
+          ~/.m2/bin
+          ~/.m2/repository
+          !~/.m2/repository/com/vegardit/maven
+          !~/.m2/repository/*SNAPSHOT*
+        key: ${{ steps.cache-restore.outputs.cache-primary-key }}
+
+
     ##################################################
     # Setup SSH debug session
     ##################################################
     - name: "SSH session for debugging: check"
       id: DEBUG_SSH_SESSSION_CHECK
       if: always()
-      shell: bash
       run: |
         set -eu
         job_filter_pattern="${{ inputs.debug-with-ssh-only-jobs-matching }}"
         echo "job_filter: $job_filter_pattern"
 
-        job_info=$(echo "$GITHUB_JOB ${{ runner.os }} haxe-${{ matrix.haxe-version }}" | tr -d '\n')
+        job_info=$(echo "$GITHUB_JOB ${{ runner.os }} java-${{ matrix.java }}" | tr -d '\n')
         echo "job_info: $job_info"
+        
+        when="${{ inputs.debug-with-ssh }}"
 
-        if [[ "$job_info" =~ .*$job_filter_pattern.* ]] && case "${{ job.status }}" in
-           success)   [[ "${{ inputs.debug-with-ssh }}" == always ]] ;;
-           cancelled) [[ "${{ inputs.debug-with-ssh }}" == on_failure_or_cancelled ]] ;;
-           failure)   [[ "${{ inputs.debug-with-ssh }}" =~ on_failure.* ]] ;;
+        if [[ $when == "always" ]] || [[ "$job_info" =~ .*$job_filter_pattern.* ]] && case "${{ job.status }}" in
+          success)   [[ $when == "always" ]] ;;
+          cancelled) [[ $when == "on_failure_or_cancelled" ]] ;;
+          failure)   [[ $when == "on_failure"* ]] ;;
         esac; then
-           echo "start_session=true" | tee -a "$GITHUB_OUTPUT"
+          echo "start_ssh_session=true" | tee -a "$GITHUB_OUTPUT"
         fi
 
+
     - name: "SSH session for debugging: start"
       uses: mxschmitt/action-tmate@v3 # https://github.com/mxschmitt/action-tmate
-      if: always() && steps.DEBUG_SSH_SESSSION_CHECK.outputs.start_session
+      if: always() && steps.DEBUG_SSH_SESSSION_CHECK.outputs.start_ssh_session
       with:
         limit-access-to-actor: ${{ inputs.debug-with-ssh-only-for-actor }}
 
 
+  ###########################################################
   dependabot-pr-auto-merge:
-    needs: build
+  ###########################################################
+    needs: maven-build
     if: ${{ github.event_name == 'pull_request' && github.actor == 'dependabot[bot]' }}
     runs-on: ubuntu-latest
 
+    concurrency: dependabot-pr-auto-merge
+
     permissions:
       contents: write
       pull-requests: write
@@ -207,6 +244,7 @@ jobs:
       with:
         github-token: "${{ secrets.GITHUB_TOKEN }}"
 
+
     - name: Enable auto-merge for Dependabot PRs
       if: |
         ${{

CHANGELOG.md

@@ -2,7 +2,7 @@
 
 All notable changes to this project will be documented in this file.
 
-The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 

CODE_OF_CONDUCT.md

@@ -6,8 +6,8 @@ We as members, contributors, and leaders pledge to make participation in our
 community a harassment-free experience for everyone, regardless of age, body
 size, visible or invisible disability, ethnicity, sex characteristics, gender
 identity and expression, level of experience, education, socio-economic status,
-nationality, personal appearance, race, religion, or sexual identity
-and orientation.
+nationality, personal appearance, race, caste, color, religion, or sexual
+identity and orientation.
 
 We pledge to act and interact in ways that contribute to an open, welcoming,
 diverse, inclusive, and healthy community.
@@ -22,17 +22,17 @@ community include:
 * Giving and gracefully accepting constructive feedback
 * Accepting responsibility and apologizing to those affected by our mistakes,
   and learning from the experience
-* Focusing on what is best not just for us as individuals, but for the
-  overall community
+* Focusing on what is best not just for us as individuals, but for the overall
+  community
 
 Examples of unacceptable behavior include:
 
-* The use of sexualized language or imagery, and sexual attention or
-  advances of any kind
+* The use of sexualized language or imagery, and sexual attention or advances of
+  any kind
 * Trolling, insulting or derogatory comments, and personal or political attacks
 * Public or private harassment
-* Publishing others' private information, such as a physical or email
-  address, without their explicit permission
+* Publishing others' private information, such as a physical or email address,
+  without their explicit permission
 * Other conduct which could reasonably be considered inappropriate in a
   professional setting
 
@@ -60,7 +60,7 @@ representative at an online or offline event.
 
 Instances of abusive, harassing, or otherwise unacceptable behavior may be
 reported to the community leaders responsible for enforcement at
-https://vegardit.com/about/legal/.
+https://vegardit.com/en/legal/
 All complaints will be reviewed and investigated promptly and fairly.
 
 All community leaders are obligated to respect the privacy and security of the
@@ -82,15 +82,15 @@ behavior was inappropriate. A public apology may be requested.
 
 ### 2. Warning
 
-**Community Impact**: A violation through a single incident or series
-of actions.
+**Community Impact**: A violation through a single incident or series of
+actions.
 
 **Consequence**: A warning with consequences for continued behavior. No
 interaction with the people involved, including unsolicited interaction with
 those enforcing the Code of Conduct, for a specified period of time. This
 includes avoiding interactions in community spaces as well as external channels
-like social media. Violating these terms may lead to a temporary or
-permanent ban.
+like social media. Violating these terms may lead to a temporary or permanent
+ban.
 
 ### 3. Temporary Ban
 
@@ -106,23 +106,27 @@ Violating these terms may lead to a permanent ban.
 ### 4. Permanent Ban
 
 **Community Impact**: Demonstrating a pattern of violation of community
-standards, including sustained inappropriate behavior,  harassment of an
+standards, including sustained inappropriate behavior, harassment of an
 individual, or aggression toward or disparagement of classes of individuals.
 
-**Consequence**: A permanent ban from any sort of public interaction within
-the community.
+**Consequence**: A permanent ban from any sort of public interaction within the
+community.
 
 ## Attribution
 
 This Code of Conduct is adapted from the [Contributor Covenant][homepage],
-version 2.0, available at
-https://www.contributor-covenant.org/version/2/0/code_of_conduct.html.
+version 2.1, available at
+[https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1].
 
-Community Impact Guidelines were inspired by [Mozilla's code of conduct
-enforcement ladder](https://github.com/mozilla/diversity).
-
-[homepage]: https://www.contributor-covenant.org
+Community Impact Guidelines were inspired by
+[Mozilla's code of conduct enforcement ladder][Mozilla CoC].
 
 For answers to common questions about this code of conduct, see the FAQ at
-https://www.contributor-covenant.org/faq. Translations are available at
-https://www.contributor-covenant.org/translations.
+[https://www.contributor-covenant.org/faq][FAQ]. Translations are available at
+[https://www.contributor-covenant.org/translations][translations].
+
+[homepage]: https://www.contributor-covenant.org
+[v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html
+[Mozilla CoC]: https://github.com/mozilla/diversity
+[FAQ]: https://www.contributor-covenant.org/faq
+[translations]: https://www.contributor-covenant.org/translations

CONTRIBUTING.md

@@ -8,6 +8,7 @@ We want to make contributing as easy and transparent as possible.
 ## Code of Conduct
 
 Our code of conduct is described in [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md).
+Please follow it in all your interactions with the project.
 
 
 ## Issues
@@ -20,6 +21,13 @@ We use GitHub issues to track bugs and feature requests. Please ensure your desc
 Before you make a substantial pull request, please file an issue and make sure someone from the team agrees that there is a problem or room for improvement.
 
 
-## License
+### License
 
 By contributing your code, you agree to license your contribution under the [Apache License 2.0](LICENSE.txt).
+
+
+### Source Code Formatting
+
+Before committing your code ensure it is formatted according the [vegardit.com Eclipse formatter rules](https://github.com/vegardit/vegardit-maven-parent/blob/main/src/etc/eclipse-formatter.xml).
+
+IntelliJ users can use the [Eclipse Code Formatter](https://plugins.jetbrains.com/plugin/6546-eclipse-code-formatter) plugin to import and use the formatter settings.