diff --git a/.config/pmd/java/ruleset.xml b/.config/pmd/java/ruleset.xml
index 88a7b5a..5f5884b 100644
--- a/.config/pmd/java/ruleset.xml
+++ b/.config/pmd/java/ruleset.xml
@@ -194,4 +194,52 @@
+
+
+
+ Calling setters of java.lang.System usually indicates bad design and likely causes unexpected behavior.
+ For example, it may break when multiple Threads are setting the value.
+ It may also overwrite user defined options or properties.
+
+ Try to pass the value only to the place where it's really needed and use it there accordingly.
+
+ 3
+
+
+
+
+
+
+
+
+
+
+
+ Nearly every known usage of (Java) Object Deserialization has resulted in [a security vulnerability](https://cloud.google.com/blog/topics/threat-intelligence/hunting-deserialization-exploits?hl=en).
+ Vulnerabilities are so common that there are [dedicated projects for exploit payload generation](https://github.com/frohoff/ysoserial).
+
+ Java Object Serialization may also fail to deserialize when the underlying classes are changed.
+
+ Use proven data interchange formats like JSON instead.
+
+ 2
+
+
+
+
+
+
+
+
diff --git a/.github/workflows/broken-links.yml b/.github/workflows/broken-links.yml
index e2f3597..7d8ae66 100644
--- a/.github/workflows/broken-links.yml
+++ b/.github/workflows/broken-links.yml
@@ -13,13 +13,13 @@ jobs:
runs-on: ubuntu-latest
timeout-minutes: 15
steps:
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v5
- run: mv .github/.lycheeignore .lycheeignore
- name: Link Checker
id: lychee
- uses: lycheeverse/lychee-action@82202e5e9c2f4ef1a55a3d02563e1cb6041e5332 # v2
+ uses: lycheeverse/lychee-action@885c65f3dc543b57c898c8099f4e08c8afd178a2 # v2
with:
fail: false # Don't fail on broken links, create an issue instead
diff --git a/.github/workflows/check-build.yml b/.github/workflows/check-build.yml
index f922414..196e908 100644
--- a/.github/workflows/check-build.yml
+++ b/.github/workflows/check-build.yml
@@ -30,10 +30,10 @@ jobs:
distribution: [temurin]
steps:
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v5
- name: Set up JDK
- uses: actions/setup-java@v4
+ uses: actions/setup-java@v5
with:
distribution: ${{ matrix.distribution }}
java-version: ${{ matrix.java }}
@@ -85,10 +85,10 @@ jobs:
distribution: [temurin]
steps:
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v5
- name: Set up JDK
- uses: actions/setup-java@v4
+ uses: actions/setup-java@v5
with:
distribution: ${{ matrix.distribution }}
java-version: ${{ matrix.java }}
@@ -108,10 +108,10 @@ jobs:
distribution: [temurin]
steps:
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v5
- name: Set up JDK
- uses: actions/setup-java@v4
+ uses: actions/setup-java@v5
with:
distribution: ${{ matrix.distribution }}
java-version: ${{ matrix.java }}
diff --git a/.github/workflows/check-ide-compatibility.yml b/.github/workflows/check-ide-compatibility.yml
index 35770c0..2d52b0b 100644
--- a/.github/workflows/check-ide-compatibility.yml
+++ b/.github/workflows/check-ide-compatibility.yml
@@ -35,10 +35,10 @@ jobs:
"$AGENT_TOOLSDIRECTORY" || true
sudo df -h
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v5
- name: Set up JDK
- uses: actions/setup-java@v4
+ uses: actions/setup-java@v5
with:
distribution: 'temurin'
java-version: 21
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 26211c0..a457478 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -13,10 +13,10 @@ jobs:
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v5
- name: Set up JDK
- uses: actions/setup-java@v4
+ uses: actions/setup-java@v5
with:
java-version: '21'
distribution: 'temurin'
@@ -50,7 +50,7 @@ jobs:
outputs:
upload_url: ${{ steps.create_release.outputs.upload_url }}
steps:
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v5
- name: Configure Git
run: |
@@ -103,10 +103,10 @@ jobs:
needs: [prepare_release]
timeout-minutes: 60
steps:
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v5
- name: Set up JDK
- uses: actions/setup-java@v4
+ uses: actions/setup-java@v5
with:
distribution: 'temurin'
java-version: 21
@@ -137,7 +137,7 @@ jobs:
needs: [publish]
timeout-minutes: 10
steps:
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v5
- name: Init Git and pull
run: |
diff --git a/.github/workflows/sync-labels.yml b/.github/workflows/sync-labels.yml
index dc67287..f6c50a1 100644
--- a/.github/workflows/sync-labels.yml
+++ b/.github/workflows/sync-labels.yml
@@ -16,7 +16,7 @@ jobs:
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v5
with:
sparse-checkout: .github/labels.yml
diff --git a/.github/workflows/test-deploy.yml b/.github/workflows/test-deploy.yml
index 67987b2..84f46a9 100644
--- a/.github/workflows/test-deploy.yml
+++ b/.github/workflows/test-deploy.yml
@@ -8,10 +8,10 @@ jobs:
runs-on: ubuntu-latest
timeout-minutes: 60
steps:
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v5
- name: Set up JDK
- uses: actions/setup-java@v4
+ uses: actions/setup-java@v5
with:
distribution: 'temurin'
java-version: 21
diff --git a/.github/workflows/update-from-template.yml b/.github/workflows/update-from-template.yml
index 89c821c..ac28c95 100644
--- a/.github/workflows/update-from-template.yml
+++ b/.github/workflows/update-from-template.yml
@@ -36,7 +36,7 @@ jobs:
update_branch_merged_commit: ${{ steps.manage-branches.outputs.update_branch_merged_commit }}
create_update_branch_merged_pr: ${{ steps.manage-branches.outputs.create_update_branch_merged_pr }}
steps:
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v5
with:
# Required because otherwise there are always changes detected when executing diff/rev-list
fetch-depth: 0
@@ -183,7 +183,7 @@ jobs:
runs-on: ubuntu-latest
timeout-minutes: 60
steps:
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v5
with:
# Required because otherwise there are always changes detected when executing diff/rev-list
fetch-depth: 0
diff --git a/.gitignore b/.gitignore
index c0544b5..a4a5d62 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,9 +8,6 @@
out
classes
-# Vim
-*.swp
-
# Plugins
*.idea/checkstyle-idea.xml
@@ -29,6 +26,7 @@ build/
!.idea/saveactions_settings.xml
!.idea/checkstyle-idea.xml
!.idea/externalDependencies.xml
+!.idea/PMDPlugin.xml
!.idea/inspectionProfiles/
.idea/inspectionProfiles/*
diff --git a/.idea/PMDPlugin.xml b/.idea/PMDPlugin.xml
new file mode 100644
index 0000000..0936e51
--- /dev/null
+++ b/.idea/PMDPlugin.xml
@@ -0,0 +1,16 @@
+
+
+
+
+
+
+
+
\ No newline at end of file
diff --git a/.idea/saveactions_settings.xml b/.idea/saveactions_settings.xml
index 0b06f2f..8858dd6 100644
--- a/.idea/saveactions_settings.xml
+++ b/.idea/saveactions_settings.xml
@@ -5,6 +5,7 @@
+
diff --git a/build.gradle b/build.gradle
index 3069aad..49a809f 100644
--- a/build.gradle
+++ b/build.gradle
@@ -3,11 +3,11 @@ plugins {
id 'idea'
id 'checkstyle'
id 'pmd'
- id 'org.jetbrains.intellij.platform' version '2.7.0'
+ id 'org.jetbrains.intellij.platform' version '2.7.2'
}
ext {
- checkstyleVersion = '10.26.1'
+ checkstyleVersion = '11.0.0'
pmdVersion = '7.16.0'
}
@@ -61,7 +61,7 @@ dependencies {
testImplementation platform('org.junit:junit-bom:5.13.4'),
'org.junit.jupiter:junit-jupiter',
'org.junit.jupiter:junit-jupiter-engine',
- 'org.assertj:assertj-core:3.27.3'
+ 'org.assertj:assertj-core:3.27.4'
testRuntimeOnly("org.junit.platform:junit-platform-launcher") {
because("Only needed to run tests in a version of IntelliJ IDEA that bundles older versions")
}