* Use Link headers for Adoptium pagination
* Fix nullable pagination URL types and rebuild dist
* Add 1000-page safeguard for JetBrains pagination
* Adjust plan for pagination safeguard scope
* Move pagination safeguard to non-JetBrains installers
* Add 1000-page safeguard to Adopt Temurin and Semeru pagination
* Fix Prettier formatting in adopt, semeru, and temurin installer files
* Fix CI audit failure by updating vulnerable transitive deps
* Address PR review: RFC-compliant Link parsing, SSRF validation, centralized constant
- Make getNextPageUrlFromLinkHeader RFC 8288 compliant by splitting
link-values and checking for rel=next anywhere in the parameters,
not just as the first parameter after the semicolon.
- Add validatePaginationUrl utility to reject pagination URLs that
point to unexpected origins (SSRF mitigation).
- Centralize MAX_PAGINATION_PAGES in util.ts instead of duplicating
across Adopt, Semeru, and Temurin installers.
- Add tests for rel not being the first parameter, and for URL
origin validation.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Address code review feedback on pagination implementation
- Tighten rel regex with word boundary to prevent false positives
(e.g., rel="nextsomething" no longer matches).
- Use parsed.origin comparison in validatePaginationUrl to correctly
handle explicit default ports (e.g., :443 for HTTPS).
- Fix pagination safeguard tests to use same-origin URLs so they
actually exercise the 1000-page limit instead of being rejected
by origin validation on the first request.
- Add test for rel="nextsomething" not matching.
- Add test for explicit default port acceptance.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Fix prettier formatting in util.test.ts
* Rebuild dist/ to fix check-dist CI failure
---------
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Distributions like JetBrains Runtime publish 4-segment versions such as
'17.0.8.1+1080.1' that the semver package rejects. Both compareBuild and
satisfies throw on these, which surfaced to users as "Error: Invalid
Version: 17.0.8.1+1080.1" and aborted the whole install when any
available version was non-semver. Guard with an early semver.valid check
so unparseable versions are treated as a non-match.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
* Upgrade @actions/cache to v5
- Bump @actions/cache from 4.0.3 to 5.0.0
- Update license cache files for new/updated dependencies
- Rebuild dist bundles
- Mark @actions/http-client as reviewed in licensed config (MIT license text present but detected as 'other')
* chore: Update version to 5.0.1 in package.json and package-lock.json
* upgrade actions/cache to 5.0.1
---------
Co-authored-by: Aparna Jyothi <aparnajyothi-y@github.com>
* chore(e2e-versions): Add e2e test scenario on `setup-java-version-from-file-major-minor-patch-with-dist` for `.sdkmanrc`
* chore(e2e-versions): Update `setup-java-version-from-file-major-minor-patch-with-dist` test to include the file name of the java-version-file that is used
* feat: Add support for `.sdkmanrc` as *Java Version File*
* chore: Add test for the latest known sdkman java versions
* docs(advanced-usage): Document support for `.sdkmanrc` as java-version-file
* chore(docs): Anyone can contribute and maintain 🤷
* Update advanced-usage.md
Add example step/file for `.sdkmanrc`
* Update advanced-usage.md
* Update util.ts
* chore: format and rebuild
* chore: untouch toolchains.ts
* fix check dist error
---------
Co-authored-by: mahabaleshwars <147705296+mahabaleshwars@users.noreply.github.com>
* Code updated to let code accept github token and refactored the code.
* github token accept through environment variable
* fix test error
* audit fix commit
* update package-lock.json
* Update GraalVM Tests
* Lint Issue Resolve
* Update Test case for Windows
* update with enhance code and test
* patch to extract file from other location
* patch to extract filename from other directories
* removed code failing checks
* changed the validation for .java-version type
* added support for tool version file
* testing with one regex
* working regex
* Checked for the file extension
* added e2e checks for tool version
* removed error warning
* updated regex to support early version
* updated regex for early version support
* updated regex for early version
* updated regex to accept early versions
* added coreinfo to analyze
* updated the regex
* updated regex
* new regex for early version
* updated regex to match the new version file format
* new regex
* changed the regex
* redex updated
* used java version regex
* regex updated
* regex modified
* regex updated
* regex updated
* regex updated
* updated regex to support early versions
* Regex updated to support all java versions
* Documentation updated to add tool version description
* Documentation updated for the tool version file
* update the advanced doc and readme file to specify tool version changes
* Fixing issues with the handling of the token and avoiding error on when the token is undefined
* chore: rebuild action
---------
Co-authored-by: Ivan Zosimov <ivanzosimov@github.com>
* Add versions properties to cache
* lint fix
npm run format change
* [FIX] unit test
* docs: fix typo in the Readme.md
* docs: update link to the toolkit/cache package
---------
Co-authored-by: Ivan Zosimov <ivan.zosimov@Ivans-MacBook-Pro.local>
