Releases: nvuillam/npm-groovy-lint
Releases · nvuillam/npm-groovy-lint
Release list
v18.0.0
What's Changed
- Upgrade java-caller to v5 (#584)
- Breaking (upstream): when no compatible local JDK is found, the JRE that java-caller auto-downloads now comes from Eclipse Temurin (
api.adoptium.net) instead of the deprecated AdoptOpenJDK endpoint - Fixes hanging of CodeNarc calls during Java detection on Node 24 + Windows (java-caller
run()/java -versionno longer stalls)
- Breaking (upstream): when no compatible local JDK is found, the JRE that java-caller auto-downloads now comes from Eclipse Temurin (
- Speed up CI test suite: pre-warm the CodeNarc server once before the Mocha run, and replace the full node × java × os product (20 jobs) with a curated 8-job matrix
Pull Requests
- Update all non-major dependencies by @renovate[bot] in #574
- Update all non-major dependencies by @renovate[bot] in #576
- Update dependency which to v7 by @renovate[bot] in #573
- Update dependency npm-run-all2 to v9 by @renovate[bot] in #575
- Update babel monorepo to v8 by @renovate[bot] in #578
- Update actions/checkout action to v7 by @renovate[bot] in #579
- Update dependency js-yaml to v5 by @renovate[bot] in #580
- Update all non-major dependencies by @renovate[bot] in #582
- Update dependency prettier to v3.9.4 by @renovate[bot] in #583
- Update dependency java-caller to v5 by @renovate[bot] in #584
- [GitHub Dependents Info] Updated markdown file by @github-actions[bot] in #566
- docs(changelog): document java-caller v5 upgrade and breaking change by @nvuillam in #586
Full Changelog: v17.0.5...v18.0.0
v17.0.5
What's Changed
- Bump uuid from 13.0.0 to 14.0.0 in the npm_and_yarn group across 1 directory by @dependabot[bot] in #570
- Upgrade axios from 1.15.0 to 1.16.0 to fix security vulnerabilities by @Copilot in #572
- Update all non-major dependencies by @renovate[bot] in #567
Full Changelog: v17.0.4...v17.0.5
v17.0.4
What's Changed
- Upgrade dependencies
Pull Requests
- Update dependency axios to v1.15.0 [SECURITY] by @renovate[bot] in #563
- Update all non-major dependencies by @renovate[bot] in #560
- Update dependency diff to v9 by @renovate[bot] in #564
- [GitHub Dependents Info] Updated markdown file by @github-actions[bot] in #559
Full Changelog: v17.0.3...v17.0.4
v17.0.3
v17.0.2
What's Changed
- Upgrade dependencies
Pull Requests
- chore(deps): update dependency handlebars to v4.7.9 [security] by @renovate[bot] in #557
- chore(deps): update all non-major dependencies by @renovate[bot] in #551
- chore(deps): update docker/login-action action to v4 by @renovate[bot] in #552
- chore(deps): update docker/setup-qemu-action action to v4 by @renovate[bot] in #553
- chore(deps): update docker/setup-buildx-action action to v4 by @renovate[bot] in #554
- chore(deps): update docker/build-push-action action to v7 by @renovate[bot] in #555
- Upgrade java-caller by @nvuillam in #558
- [GitHub Dependents Info] Updated markdown file by @github-actions[bot] in #516
Full Changelog: v17.0.0...v17.0.2
v17.0.0
What's Changed
- Minimum Node version is now Node 22
- Upgrade dependencies
- Migrate code to match import-fresh v4 new behaviour
- Fix closing brace indentation for lines with multiple braces (inline closures)
- Revert UnnecessaryGString for strings with slashes
- Reduce noise in CI test output
- Performance updates
- Use exponential backoff (50ms→400ms) for server startup polling instead of fixed 400ms interval
- Replace synchronous
readdirSyncwith asyncreaddirin temp file cleanup - Use
structuredClone()instead ofJSON.parse(JSON.stringify())for deep cloning - Cache loaded lint rules to avoid re-importing all rule files on every call
- Reuse single
GroovyShell/GroovyClassLoaderper request instead of per file - Use bounded
FixedThreadPoolinstead of unboundedCachedThreadPoolin CodeNarcServer - Reduce HTTP request timeout from 600s to 120s for local server calls
- Security updates
- Restrict temp directory permissions from
0777to0700(owner-only) - Replace
Math.random()withcrypto.randomUUID()for temp file/directory names - Add 50 MB request body size limit on CodeNarcServer to prevent OOM attacks
- Limit stack trace depth in error responses to 20 frames
- Restrict temp directory permissions from
Pull Requests
- chore(deps): update actions/setup-node action to v6.2.0 by @renovate[bot] in #530
- chore(deps): update dependency axios to v1.13.3 by @renovate[bot] in #533
- chore(deps): update all non-major dependencies by @renovate[bot] in #534
- Bump tar from 7.5.6 to 7.5.7 in the npm_and_yarn group across 1 directory by @dependabot[bot] in #535
- chore(deps): update dependency @babel/core to v7.29.0 by @renovate[bot] in #536
- Bump @isaacs/brace-expansion from 5.0.0 to 5.0.1 in the npm_and_yarn group across 1 directory by @dependabot[bot] in #538
- chore(deps): update all non-major dependencies by @renovate[bot] in #537
- chore(deps): update dependency nyc to v18 by @renovate[bot] in #543
- chore(deps): update actions/upload-artifact action to v7 - autoclosed by @renovate[bot] in #546
- revert: UnnecessaryGString for strings with slashes by @stevenh in #545
- Upgrade axios & deps by @nvuillam in #548
- Fix closing brace indentation for lines with multiple braces (inline closures) by @Copilot in #547
- fix(deps): update dependency node-sarif-builder to v4 by @renovate[bot] in #549
- Node22 minimum + Reduce noise in CI test output + update dependency import-fresh to v4 by @renovate[bot] in #544
- Optimizes server performance and strengthens security by @nvuillam in #550
New Contributors
- @Copilot made their first contribution in #547
Full Changelog: v16.2.0...v17.0.0
v16.2.0
What's Changed
- Use npm Trusted Publishers program to sign releases
- Generate multi-platform Docker images (linux/amd64, linux/arm64)
- Add docker images to GitHub Container Registry (ghcr.io/nvuillam/npm-groovy-lint)
- Scope Java requirements to Java 17 to 24
- Upgrade dependencies
Pull requests
- Add 'fixrulesexclude' to cspell dictionary by @HagegeR in #519
- chore(deps): update dependency globals to v17 by @renovate[bot] in #520
- Bump tar from 7.4.3 to 7.5.6 by @dependabot[bot] in #525
- feat: multi-platform docker image by @little-engineer-2025 in #522
- feat: consolidate deployment workflows to use NPM Trusted Publishers and update README for GHCR support by @nvuillam in #528
- Upgrade node-java-caller & fix release workflow by @nvuillam in #531
- Fix dockerfile by @nvuillam in #532
New Contributors
- @little-engineer-2025 made their first contribution in #522
Full Changelog: v16.1.1...v16.2.0
v16.1.1
- Fix release workflow
Full Changelog: v16.1.0...v16.1.1
v16.1.0
What's Changed
- Implement exclusion of specific rules in the fix process
- Upgrade dependencies
Pull Requests
- chore(deps): update peter-evans/create-pull-request action to v8 by @renovate[bot] in #508
- chore(deps): update actions/upload-artifact action to v6 by @renovate[bot] in #509
- chore(deps): update all non-major dependencies by @renovate[bot] in #510
- Adds GitHub Dependents Info workflow by @nvuillam in #512
- chore(deps): update dependency node-sarif-builder to v3.4.0 by @renovate[bot] in #518
- Implement exclusion of specific rules in the fix process by @HagegeR in #517
New Contributors
Full Changelog: v16.0.1...v16.1.0