Merge branch 'release/1.3.0'

Author: infeo

.coderabbit/config.yml

@@ -0,0 +1,3 @@
+path_filters:
+  exclude:
+    - src/main/java/org/cryptomator/windows/capi/**

.github/workflows/build.yml

@@ -1,6 +1,8 @@
 name: Build
 on:
-  [push]
+  push:
+  pull_request_target:
+    types: [labeled]
 
 defaults:
   run:
@@ -16,7 +18,7 @@ jobs:
       - uses: actions/setup-java@v4
         with:
           distribution: 'temurin'
-          java-version: 17
+          java-version: 22
           cache: 'maven'
       - name: Ensure to use tagged version
         if: startsWith(github.ref, 'refs/tags/')
@@ -27,7 +29,7 @@ jobs:
         run: mvn -B clean test
       - name: Codesign DLL on release
         if: startsWith(github.ref, 'refs/tags/')
-        uses: skymatic/code-sign-action@v2
+        uses: skymatic/code-sign-action@v3
         with:
           certificate: ${{ secrets.WIN_CODESIGN_P12_BASE64 }}
           password: ${{ secrets.WIN_CODESIGN_P12_PW }}
@@ -42,9 +44,9 @@ jobs:
           name: artifacts
           path: target/*.jar
       - name: Create Release
-        uses: softprops/action-gh-release@v1
+        uses: softprops/action-gh-release@v2
         if: startsWith(github.ref, 'refs/tags/')
         with:
           prerelease: true
           token: ${{ secrets.CRYPTOBOT_RELEASE_TOKEN }}
-          generate_release_notes: true
+          generate_release_notes: true

.github/workflows/codeql-analysis.yml

@@ -25,7 +25,7 @@ jobs:
     - uses: actions/setup-java@v4
       with:
         distribution: 'temurin'
-        java-version: 17
+        java-version: 22
         cache: 'maven'
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v3

.github/workflows/dependency-check.yml

@@ -14,7 +14,7 @@ jobs:
     with:
       runner-os: 'windows-latest'
       java-distribution: 'temurin'
-      java-version: 17
+      java-version: 22
     secrets:
       nvd-api-key: ${{ secrets.NVD_API_KEY }}
       slack-webhook-url: ${{ secrets.SLACK_WEBHOOK_URL }}

.github/workflows/publish-central.yml

@@ -21,13 +21,11 @@ jobs:
       - uses: actions/setup-java@v4
         with:
           distribution: 'temurin'
-          java-version: 17
+          java-version: 22
           cache: 'maven'
           server-id: ossrh # Value of the distributionManagement/repository/id field of the pom.xml
           server-username: MAVEN_USERNAME # env variable for username in deploy
           server-password: MAVEN_PASSWORD # env variable for token in deploy
-          gpg-private-key: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }} # Value of the GPG private key to import
-          gpg-passphrase: MAVEN_GPG_PASSPHRASE # env variable for GPG private key passphrase
       - name: Enforce project version ${{ github.event.inputs.tag }}
         run: mvn versions:set -B -DnewVersion="${{ github.event.inputs.tag }}"
       - name: Deploy
@@ -40,4 +38,5 @@ jobs:
             --add-opens=java.desktop/java.awt.font=ALL-UNNAMED
           MAVEN_USERNAME: ${{ secrets.OSSRH_USERNAME }}
           MAVEN_PASSWORD: ${{ secrets.OSSRH_PASSWORD }}
-          MAVEN_GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }}
+          MAVEN_GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }}
+          MAVEN_GPG_KEY: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }}

.github/workflows/publish-github.yml

@@ -16,17 +16,16 @@ jobs:
       - uses: actions/setup-java@v4
         with:
           distribution: 'temurin'
-          java-version: 17
+          java-version: 22
           cache: 'maven'
-          gpg-private-key: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }} # Value of the GPG private key to import
-          gpg-passphrase: MAVEN_GPG_PASSPHRASE # env variable for GPG private key passphrase
       - name: Enforce project version ${{ github.event.release.tag_name }}
         run: mvn versions:set -B -DnewVersion="${{ github.event.release.tag_name }}"
       - name: Deploy
         run: mvn deploy -B -DskipTests -Psign,deploy-github --no-transfer-progress
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           MAVEN_GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }}
+          MAVEN_GPG_KEY: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }}
   notify:
     runs-on: ubuntu-latest
     needs: [publish]

.idea/misc.xml

@@ -12,7 +12,7 @@ This project uses the following JVM properties:
 
 This project uses JNI, hence you'll nedd Java as well as GCC build tools:
 
-* JDK 17
+* JDK 22
 * Maven
 * MinGW GCC compiler (`choco install mingw --version=10.2.0`)
 * Make (`choco install make`)