Skip to content

Commit

Permalink
Merge pull request #85 from pmonks/dev
Browse files Browse the repository at this point in the history
Release 2.0.400
  • Loading branch information
pmonks authored Mar 27, 2024
2 parents 8a0c78d + a13c278 commit 2410a9b
Show file tree
Hide file tree
Showing 8 changed files with 50 additions and 96 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ jobs:
with:
distribution: 'temurin'
java-version: 21
- uses: DeLaGuardo/setup-clojure@12.3
- uses: DeLaGuardo/setup-clojure@12.5
with:
cli: latest
- uses: actions/cache@v4
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/deploy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ name: deploy
on:
push:
branches:
- main
- release

jobs:
deploy:
Expand All @@ -17,7 +17,7 @@ jobs:
with:
distribution: 'temurin'
java-version: 21
- uses: DeLaGuardo/setup-clojure@12.3
- uses: DeLaGuardo/setup-clojure@12.5
with:
cli: latest
- uses: actions/cache@v4
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/docs.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ name: docs
on:
push:
branches:
- main
- release

jobs:
docs:
Expand All @@ -14,7 +14,7 @@ jobs:
with:
distribution: 'temurin'
java-version: 21
- uses: DeLaGuardo/setup-clojure@12.3
- uses: DeLaGuardo/setup-clojure@12.5
with:
cli: latest
- uses: actions/cache@v4
Expand Down
50 changes: 0 additions & 50 deletions .github/workflows/vulnerabilities.yml

This file was deleted.

46 changes: 23 additions & 23 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
| | | | |
|---:|:---:|:---:|:---:|
| [**main**](https://github.com/pmonks/pbr/tree/main) | [![CI](https://github.com/pmonks/pbr/workflows/CI/badge.svg?branch=main)](https://github.com/pmonks/pbr/actions?query=workflow%3ACI+branch%3Amain) | [![Dependencies](https://github.com/pmonks/pbr/workflows/dependencies/badge.svg?branch=main)](https://github.com/pmonks/pbr/actions?query=workflow%3Adependencies+branch%3Amain) | [![Vulnerabilities](https://github.com/pmonks/pbr/workflows/vulnerabilities/badge.svg?branch=main)](https://pmonks.github.io/pbr/nvd/dependency-check-report.html) |
| [**dev**](https://github.com/pmonks/pbr/tree/dev) | [![CI](https://github.com/pmonks/pbr/workflows/CI/badge.svg?branch=dev)](https://github.com/pmonks/pbr/actions?query=workflow%3ACI+branch%3Adev) | [![Dependencies](https://github.com/pmonks/pbr/workflows/dependencies/badge.svg?branch=dev)](https://github.com/pmonks/pbr/actions?query=workflow%3Adependencies+branch%3Adev) | [![Vulnerabilities](https://github.com/pmonks/pbr/workflows/vulnerabilities/badge.svg?branch=dev)](https://github.com/pmonks/pbr/actions?query=workflow%3Avulnerabilities+branch%3Adev) |
| | | |
|---:|:---:|:---:|
| [**release**](https://github.com/pmonks/pbr/tree/release) | [![CI](https://github.com/pmonks/pbr/actions/workflows/ci.yml/badge.svg?branch=release)](https://github.com/pmonks/pbr/actions?query=workflow%3ACI+branch%3Arelease) | [![Dependencies](https://github.com/pmonks/pbr/actions/workflows/dependencies.yml/badge.svg?branch=release)](https://github.com/pmonks/pbr/actions?query=workflow%3Adependencies+branch%3Arelease) |
| [**dev**](https://github.com/pmonks/pbr/tree/dev) | [![CI](https://github.com/pmonks/pbr/actions/workflows/ci.yml/badge.svg?branch=dev)](https://github.com/pmonks/pbr/actions?query=workflow%3ACI+branch%3Adev) | [![Dependencies](https://github.com/pmonks/pbr/actions/workflows/dependencies.yml/badge.svg?branch=dev)](https://github.com/pmonks/pbr/actions?query=workflow%3Adependencies+branch%3Adev) |

[![Latest Version](https://img.shields.io/clojars/v/com.github.pmonks/pbr)](https://clojars.org/com.github.pmonks/pbr/) [![Open Issues](https://img.shields.io/github/issues/pmonks/pbr.svg)](https://github.com/pmonks/pbr/issues) [![License](https://img.shields.io/github/license/pmonks/pbr.svg)](https://github.com/pmonks/pbr/blob/main/LICENSE)
[![Latest Version](https://img.shields.io/clojars/v/com.github.pmonks/pbr)](https://clojars.org/com.github.pmonks/pbr/) [![License](https://img.shields.io/github/license/pmonks/pbr.svg)](https://github.com/pmonks/pbr/blob/release/LICENSE) [![Open Issues](https://img.shields.io/github/issues/pmonks/pbr.svg)](https://github.com/pmonks/pbr/issues)


<img alt="Ice cold can of hangover-inducing rubbish beer" align="right" width="25%" src="https://pabstblueribbon.com/wp-content/uploads/2020/10/pbr-org.png">
Expand All @@ -22,7 +22,7 @@ This project looks very promising - I encourage folks to try it out and contribu

### Why not [build-clj](https://github.com/seancorfield/build-clj)?

_Discontinued in February 2023._
_Discontinued February 2023._

## Features

Expand All @@ -32,31 +32,31 @@ PBR includes a library of tools.build tasks that are [documented here](https://p

### Turnkey build script

PBR also provides a turnkey `build.clj` script that provides all of the tasks I typically need in my build scripts. It allows customisation via a per-project `pbr.clj` file, which must contain a `set-opts` fn where various project specific options can be set. You can look at [PBR's own `pbr.clj` file](https://github.com/pmonks/pbr/blob/main/pbr.clj) for an idea of what this looks like.
PBR also provides a turnkey `build.clj` script that provides all of the tasks I typically need in my build scripts. It allows customisation via a per-project `pbr.clj` file, which must contain a `set-opts` fn where various project specific options can be set. You can look at [PBR's own `pbr.clj` file](https://github.com/pmonks/pbr/blob/release/pbr.clj) for an idea of what this looks like.

Tasks can be listed by running `clojure -A:deps -T:build help/doc`, and are:
Tasks can be listed by running `clojure -A:deps -T:build help/doc`, and include:

* `check` - Check the code by AOT compiling it (and throwing away the result).
* `check` - Check the code by AOT compiling it (and throwing away the result). Uses [clj-check](https://github.com/athos/clj-check).
* `check-asf-policy` - Checks this project's dependencies' licenses against the ASF's 3rd party license policy (https://www.apache.org/legal/resolved.html).
* `check-release` - Check that a release can be done from the current directory.
* `ci` - Run the CI pipeline.
* `clean` - Clean up the project.
* `deploy` - Deploys the library JAR to Clojars.
* `docs` - Generates documentation (using codox).
* `eastwood` - Run the eastwood linter.
* `deploy` - Deploys the library JAR to Clojars (using [deps-deploy](https://github.com/slipset/deps-deploy)).
* `docs` - Generates documentation (using [codox](https://github.com/weavejester/codox)).
* `eastwood` - Run the [eastwood](https://github.com/jonase/eastwood) linter.
* `install` - Install the library locally e.g. so it can be tested by downstream dependencies
* `jar` - Generates a library JAR for the project.
* `kondo` - Run the clj-kondo linter.
* `licenses` - Attempts to list all licenses for the transitive set of dependencies of the project, as SPDX license expressions.
* `kondo` - Run the [clj-kondo](https://github.com/clj-kondo/clj-kondo) linter.
* `licenses` - Attempts to list all licenses for the transitive set of dependencies of the project, as SPDX license expressions, using [tools-licenses](https://github.com/pmonks/tools-licenses).
* `lint` - Run all linters.
* `nvd` - Run an NVD vulnerability check.
* `outdated` - Check for outdated dependencies (using antq).
* `pom` - Generates a comprehensive pom.xml for the project.
* `nvd` - Run an NVD vulnerability check. NOTE: requires an API key from [here](https://nvd.nist.gov/developers/request-an-api-key).
* `outdated` - Check for outdated dependencies, using [antq](https://github.com/liquidz/antq).
* `pom` - Generates a comprehensive pom.xml for the project, using [tools-pom](https://github.com/pmonks/tools-pom)
* `release` - Release a new version of the library.
* `test` - Run the tests.
* `uber` - Create an uber jar.
* `uberexec` - Creates an executable uber jar. NOTE: does not bundle a JRE, though one is still required.
* `upgrade` - Upgrade any outdated dependencies (using antq). NOTE: does not prompt for confirmation!
* `upgrade` - Upgrade any outdated dependencies, using [antq](https://github.com/liquidz/antq). NOTE: does not prompt for confirmation!

#### deps.edn required by turnkey build script

Expand Down Expand Up @@ -99,21 +99,21 @@ $ clj -A:build -P
**A.** Because this code is cheap and nasty, and will give you a headache if you consume too much of it.

**Q.** Does PBR use itself for build tasks?
**A.** Yes it does! [You can see this sneaky self-reference here](https://github.com/pmonks/pbr/blob/main/deps.edn#L42).
**A.** Yes it does! [You can see this sneaky self-reference here](https://github.com/pmonks/pbr/blob/release/deps.edn#L42).

## Contributor Information

[Contributing Guidelines](https://github.com/pmonks/pbr/blob/main/.github/CONTRIBUTING.md)
[Contributing Guidelines](https://github.com/pmonks/pbr/blob/release/.github/CONTRIBUTING.md)

[Bug Tracker](https://github.com/pmonks/pbr/issues)

[Code of Conduct](https://github.com/pmonks/pbr/blob/main/.github/CODE_OF_CONDUCT.md)
[Code of Conduct](https://github.com/pmonks/pbr/blob/release/.github/CODE_OF_CONDUCT.md)

### Developer Workflow

This project uses the [git-flow branching strategy](https://nvie.com/posts/a-successful-git-branching-model/), with the caveat that the permanent branches are called `main` and `dev`, and any changes to the `main` branch are considered a release and auto-deployed (JARs to Clojars, API docs to GitHub Pages, etc.).
This project uses the [git-flow branching strategy](https://nvie.com/posts/a-successful-git-branching-model/), and the permanent branches are called `release` and `dev`. Any changes to the `release` branch are considered a release and auto-deployed (JARs to Clojars, API docs to GitHub Pages, etc.).

For this reason, **all development must occur either in branch `dev`, or (preferably) in temporary branches off of `dev`.** All PRs from forked repos must also be submitted against `dev`; the `main` branch is **only** updated from `dev` via PRs created by the core development team. All other changes submitted to `main` will be rejected.
For this reason, **all development must occur either in branch `dev`, or (preferably) in temporary branches off of `dev`.** All PRs from forked repos must also be submitted against `dev`; the `release` branch is **only** updated from `dev` via PRs created by the core development team. All other changes submitted to `release` will be rejected.

### Build Tasks

Expand Down
28 changes: 14 additions & 14 deletions deps.edn
Original file line number Diff line number Diff line change
Expand Up @@ -18,32 +18,32 @@

{:paths ["src" "resources"]
:deps
{org.clojure/clojure {:mvn/version "1.11.1"}
org.clojure/tools.deps {:mvn/version "0.18.1398"}
{org.clojure/clojure {:mvn/version "1.11.2"}
org.clojure/tools.deps {:mvn/version "0.19.1417"}
org.clojure/data.json {:mvn/version "2.5.0"}
slipset/deps-deploy {:mvn/version "0.2.2" :exclusions [org.slf4j/slf4j-nop ch.qos.logback/logback-classic]}
io.github.clojure/tools.build {:mvn/version "0.9.6" :exclusions [org.slf4j/slf4j-nop]}
com.github.pmonks/tools-convenience {:mvn/version "1.0.142"}
com.github.pmonks/tools-pom {:mvn/version "1.0.127"}
com.github.pmonks/tools-licenses {:mvn/version "2.0.188"}
clj-kondo/clj-kondo {:mvn/version "2023.12.15"}
; io.github.clojure/tools.build {:mvn/version "0.9.6" :exclusions [org.slf4j/slf4j-nop]}
com.github.pmonks/tools-convenience {:mvn/version "1.0.151"}
com.github.pmonks/tools-pom {:mvn/version "1.0.136"}
com.github.pmonks/tools-licenses {:mvn/version "2.0.200"}
clj-kondo/clj-kondo {:mvn/version "2024.03.13"}

; Forced versions for shit that's broken elsewhere
org.springframework.build/aws-maven {:mvn/version "4.8.0.RELEASE"} ; Note: do NOT upgrade to 5.0.0.RELEASE or deps-deploy throws a ClassDefNotFoundException

; Dynamic dependencies - any time any of these changes it MUST ALSO BE CHANGED IN pbr.tasks!!
org.apache.logging.log4j/log4j-api {:mvn/version "2.22.1"} ; Use log4j2 for logging, since logback has become a huge pita in recent times...
org.apache.logging.log4j/log4j-core {:mvn/version "2.22.1"}
org.apache.logging.log4j/log4j-jul {:mvn/version "2.22.1"} ; Java utils clogging bridge
org.apache.logging.log4j/log4j-jcl {:mvn/version "2.22.1"} ; Apache commons clogging bridge
org.apache.logging.log4j/log4j-slf4j2-impl {:mvn/version "2.22.1"} ; SLF4J clogging bridge
org.apache.logging.log4j/log4j-1.2-api {:mvn/version "2.22.1"} ; log4j1 clogging bridge
org.apache.logging.log4j/log4j-api {:mvn/version "2.23.1"} ; Use log4j2 for logging, since logback has become a huge pita in recent times...
org.apache.logging.log4j/log4j-core {:mvn/version "2.23.1"}
org.apache.logging.log4j/log4j-jul {:mvn/version "2.23.1"} ; Java utils clogging bridge
org.apache.logging.log4j/log4j-jcl {:mvn/version "2.23.1"} ; Apache commons clogging bridge
org.apache.logging.log4j/log4j-slf4j2-impl {:mvn/version "2.23.1"} ; SLF4J clogging bridge
org.apache.logging.log4j/log4j-1.2-api {:mvn/version "2.23.1"} ; log4j1 clogging bridge
; org.slf4j/slf4j-nop {:mvn/version "2.0.10"} ; Note: used for some commands invoked as sub-processes, but can't be used here or it will shadow log4j2
jonase/eastwood {:mvn/version "1.4.0"} ; Note: 1.4.2 uses a version of org.ow2.asm/asm that's incompatible with clj-kondo's dependent version
codox/codox {:mvn/version "0.10.8"}
com.github.athos/clj-check {:git/sha "518d5a1cbfcd7c952f548e6dbfcb9a4a5faf9062"}
io.github.cognitect-labs/test-runner {:git/tag "v0.5.1" :git/sha "dfb30dd"}
com.github.liquidz/antq {:mvn/version "2.8.1173"}}
com.github.liquidz/antq {:mvn/version "2.8.1185"}}
:aliases
{:build {:deps {com.github.pmonks/pbr {:local/root "."}}
:ns-default pbr.build}}}
1 change: 1 addition & 0 deletions pbr.clj
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
(assoc opts
:lib 'com.github.pmonks/pbr
:version (pbr/calculate-version 2 0)
:prod-branch "release"
:ignore-deps? true
:write-pom true
:validate-pom true
Expand Down
11 changes: 7 additions & 4 deletions src/pbr/tasks.clj
Original file line number Diff line number Diff line change
Expand Up @@ -33,10 +33,10 @@
(def ^:private ver-clj-check {:git/sha "518d5a1cbfcd7c952f548e6dbfcb9a4a5faf9062"})
(def ^:private ver-test-runner {:git/tag "v0.5.1" :git/sha "dfb30dd"})
(def ^:private ver-slf4j {:mvn/version "2.0.10"})
(def ^:private ver-log4j2 {:mvn/version "2.22.1"})
(def ^:private ver-log4j2 {:mvn/version "2.23.1"})
(def ^:private ver-eastwood {:mvn/version "1.4.0"})
(def ^:private ver-codox {:mvn/version "0.10.8"})
(def ^:private ver-antq {:mvn/version "2.8.1173"})
(def ^:private ver-antq {:mvn/version "2.8.1185"})

; Utility functions

Expand Down Expand Up @@ -204,6 +204,7 @@
"} :main-opts [\"-m\" \"antq.core\"]}}}")
"-M:antq"
"--ignore-locals"
; "--transitive" ; This seems to cause a deadlock, and there are several other bugs raised against it in the antq repo
"--skip=pom")
opts)

Expand Down Expand Up @@ -365,7 +366,9 @@
(defn nvd
"Run the NVD vulnerability checker
:nvd -- opt: a map containing nvd-clojure-specific configuration options. See https://github.com/rm-hull/nvd-clojure#configuration-options"
:nvd -- opt: a map containing nvd-clojure-specific configuration options. See https://github.com/rm-hull/nvd-clojure#configuration-options
Note: this task requires that you obtain and configure an NVD API token."
[opts]
(when (and (s/blank? (System/getenv "NVD_API_TOKEN"))
(s/blank? (get-in opts [:nvd :nvd-api :key])))
Expand Down Expand Up @@ -484,7 +487,7 @@
opts)

(defn release
"Release a new version of the code via a PR to main. opts includes:
"Release a new version of the code via a PR to the prod branch. opts includes:
:lib -- req: a symbol identifying your project e.g. 'org.github.pmonks/pbr
:version -- req: a string containing the version of your project e.g. \"1.0.0-SNAPSHOT\"
Expand Down

0 comments on commit 2410a9b

Please sign in to comment.