Merge branch 'develop' into release/1.8.0

Author: infeo

.github/workflows/build.yml

@@ -15,8 +15,8 @@ jobs:
       id-token: write # Required for the attestations step
       attestations: write # Required for the attestations step
     steps:
-      - uses: actions/checkout@v5
-      - uses: actions/setup-java@v5
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
         with:
           distribution: 'temurin'
           java-version: ${{ env.JAVA_VERSION }}
@@ -28,12 +28,12 @@ jobs:
         run: mvn -B verify --no-transfer-progress
       - name: Attest
         if: startsWith(github.ref, 'refs/tags/')
-        uses: actions/attest-build-provenance@v3
+        uses: actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f # v3.2.0
         with:
           subject-path: |
             target/*.jar
             target/*.pom
-      - uses: actions/upload-artifact@v5
+      - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
         with:
           name: artifacts
           path: target/*.jar
@@ -45,20 +45,18 @@ jobs:
     needs: [build]
     if: github.repository_owner == 'cryptomator' && (startsWith(github.ref, 'refs/tags/') || contains(github.event.head_commit.message, '[deploy]'))
     steps:
-      - uses: actions/checkout@v5
-      - uses: actions/setup-java@v5
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
         with:
           distribution: 'temurin'
           java-version: ${{ env.JAVA_VERSION }}
           cache: 'maven'
           server-id: central
           server-username: MAVEN_CENTRAL_USERNAME
           server-password: MAVEN_CENTRAL_PASSWORD
-      - name: Verify project version matches tag
+      - name: Ensure to use tagged version
         if: startsWith(github.ref, 'refs/tags/')
-        run: |
-          PROJECT_VERSION=$(mvn help:evaluate "-Dexpression=project.version" -q -DforceStdout)
-          test "$PROJECT_VERSION" = "${GITHUB_REF##*/}"
+        run: mvn versions:set --file ./pom.xml -DnewVersion=${GITHUB_REF##*/}
       - name: Verify project version is -SNAPSHOT
         if: startsWith(github.ref, 'refs/tags/') == false
         run: |
@@ -81,17 +79,15 @@ jobs:
     needs: [build]
     if: github.repository_owner == 'cryptomator' && (startsWith(github.ref, 'refs/tags/') || contains(github.event.head_commit.message, '[deploy]'))
     steps:
-      - uses: actions/checkout@v5
-      - uses: actions/setup-java@v5
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
         with:
           java-version: ${{ env.JAVA_VERSION }}
           distribution: 'temurin'
           cache: 'maven'
-      - name: Verify project version matches tag
+      - name: Ensure to use tagged version
         if: startsWith(github.ref, 'refs/tags/')
-        run: |
-          PROJECT_VERSION=$(mvn help:evaluate "-Dexpression=project.version" -q -DforceStdout)
-          test "$PROJECT_VERSION" = "${GITHUB_REF##*/}"
+        run: mvn versions:set --file ./pom.xml -DnewVersion=${GITHUB_REF##*/}
       - name: Verify project version is -SNAPSHOT
         if: startsWith(github.ref, 'refs/tags/') == false
         run: |
@@ -114,7 +110,7 @@ jobs:
     if: startsWith(github.ref, 'refs/tags/')
     steps:
       - name: Create Release
-        uses: softprops/action-gh-release@v2
+        uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 # v2.4.1
         with:
           prerelease: true
           token: ${{ secrets.CRYPTOBOT_RELEASE_TOKEN }}

.github/workflows/codeql-analysis.yml

@@ -16,19 +16,19 @@ jobs:
     # dependeabot has on push events only read-only access, but codeql requires write access
     if: ${{ !(github.actor == 'dependabot[bot]' && contains(fromJSON('["push"]'), github.event_name)) }}
     steps:
-    - uses: actions/checkout@v5
+    - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       with:
         fetch-depth: 2
-    - uses: actions/setup-java@v5
+    - uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
       with:
         distribution: 'temurin'
         java-version: 25
         cache: 'maven'
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v4
+      uses: github/codeql-action/init@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6
       with:
         languages: java
     - name: Build
       run: mvn -B compile
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v4
+      uses: github/codeql-action/analyze@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6

CHANGELOG.md

@@ -7,14 +7,21 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
 The changelog starts with version 1.7.0.
 Changes to prior versions can be found on the [Github release page](https://github.com/cryptomator/integrations-api/releases).
 
+
 ## [Unreleased](https://github.com/cryptomator/integrations-api/compare/1.7.0...HEAD)
 
 ### Added
-
 * Experimental [Update API](https://github.com/cryptomator/integrations-api/blob/a522f36cf45884127e2431dd18222391669d5992/src/main/java/org/cryptomator/integrations/update/UpdateMechanism.java) (#72)
 
-## [1.7.0](https://github.com/cryptomator/integrations-api/releases/tag/1.7.0) - 2025-09-17
+### Fixed
+* Fixed plugin loading/discovery active even if pluginDir property is not set ([#86](https://github.com/cryptomator/integrations-api/pull/86))
 
 ### Changed
+* **[BREAKING]** Updated required build JDK to 25 ([#73](https://github.com/cryptomator/integrations-api/pull/73))
+* Pin version of GitHub actions in CI ([#87](https://github.com/cryptomator/integrations-api/pull/87))
+
 
+## [1.7.0](https://github.com/cryptomator/integrations-api/releases/tag/1.7.0) - 2025-09-17
+
+### Changed
 * **[BREAKING]** Updated required build JDK to 21 (a88fa29d9cc05a0e39ab15420517d0f25cff6f35)

pom.xml

@@ -30,20 +30,20 @@
 		<jdk.version>25</jdk.version>
 
 		<slf4j.version>2.0.17</slf4j.version>
-		<jackson.version>2.20.0</jackson.version>
-		<jetbrains-annotation.version>26.0.2-1</jetbrains-annotation.version>
+		<jackson.version>2.21.1</jackson.version>
+		<jetbrains-annotation.version>26.1.0</jetbrains-annotation.version>
 
 		<!-- Test dependencies -->
-		<junit.version>6.0.0</junit.version>
-		<mockito.version>5.20.0</mockito.version>
+		<junit.version>6.0.1</junit.version>
+		<mockito.version>5.21.0</mockito.version>
 
 		<!-- Build dependencies -->
-		<mvn-compiler.version>3.14.1</mvn-compiler.version>
-		<mvn-source.version>3.3.1</mvn-source.version>
-		<mvn-surefire.version>3.5.4</mvn-surefire.version>
+		<mvn-compiler.version>3.15.0</mvn-compiler.version>
+		<mvn-source.version>3.4.0</mvn-source.version>
+		<mvn-surefire.version>3.5.5</mvn-surefire.version>
 		<mvn-javadoc.version>3.12.0</mvn-javadoc.version>
 		<mvn-gpg.version>3.2.8</mvn-gpg.version>
-		<central-publishing.version>0.9.0</central-publishing.version>
+		<central-publishing.version>0.10.0</central-publishing.version>
 	</properties>
 
 	<licenses>

src/main/java/org/cryptomator/integrations/common/ClassLoaderFactory.java

@@ -18,7 +18,6 @@
 class ClassLoaderFactory {
 
 	private static final Logger LOG = LoggerFactory.getLogger(ClassLoaderFactory.class);
-	private static final String USER_HOME = System.getProperty("user.home");
 	private static final String PLUGIN_DIR_KEY = "cryptomator.pluginDir";
 	private static final String JAR_SUFFIX = ".jar";
 
@@ -30,21 +29,27 @@ class ClassLoaderFactory {
 	 */
 	@Contract(value = "-> new", pure = true)
 	public static URLClassLoader forPluginDir() {
-		String val = System.getProperty(PLUGIN_DIR_KEY, "");
-		final Path p;
-		if (val.startsWith("~/")) {
-			p = Path.of(USER_HOME).resolve(val.substring(2));
-		} else {
-			p = Path.of(val);
+		String val = System.getProperty(PLUGIN_DIR_KEY);
+		if (val == null) {
+			return URLClassLoader.newInstance(new URL[0]);
+		}
+
+		try {
+			if (val.isBlank()) {
+				throw new IllegalArgumentException("Plugin dir path is blank");
+			}
+			return forPluginDirWithPath(Path.of(val)); //Path.of() might throw InvalidPathException
+		} catch (IllegalArgumentException e) {
+			LOG.debug("{} contains illegal value. Skipping plugin directory.", PLUGIN_DIR_KEY, e);
+			return URLClassLoader.newInstance(new URL[0]);
 		}
-		return forPluginDirWithPath(p);
 	}
 
 	@VisibleForTesting
 	@Contract(value = "_ -> new", pure = true)
 	static URLClassLoader forPluginDirWithPath(Path path) throws UncheckedIOException {
 		var jars = findJars(path);
-		if (LOG.isDebugEnabled()) {
+		if (LOG.isDebugEnabled() && jars.length != 0) {
 			String jarList = Arrays.stream(jars).map(URL::getPath).collect(Collectors.joining(", "));
 			LOG.debug("Found jars in cryptomator.pluginDir: {}", jarList);
 		}
@@ -56,7 +61,7 @@ static URL[] findJars(Path path) {
 		try (var stream = Files.walk(path)) {
 			return stream.filter(ClassLoaderFactory::isJarFile).map(ClassLoaderFactory::toUrl).toArray(URL[]::new);
 		} catch (IOException | UncheckedIOException e) {
-			// unable to locate any jars // TODO: log a warning?
+			LOG.debug("Failed to read plugin dir {}", path, e);
 			return new URL[0];
 		}
 	}

src/test/java/org/cryptomator/integrations/common/ClassLoaderFactoryTest.java

@@ -1,11 +1,16 @@
 package org.cryptomator.integrations.common;
 
+import org.junit.jupiter.api.AfterEach;
 import org.junit.jupiter.api.Assertions;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.DisplayName;
 import org.junit.jupiter.api.Nested;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.io.TempDir;
+import org.junit.jupiter.params.ParameterizedTest;
+import org.junit.jupiter.params.provider.EmptySource;
+import org.junit.jupiter.params.provider.ValueSource;
+import org.mockito.MockedStatic;
 import org.mockito.Mockito;
 
 import java.io.ByteArrayInputStream;
@@ -17,6 +22,9 @@
 import java.util.Arrays;
 import java.util.Comparator;
 
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.never;
+
 public class ClassLoaderFactoryTest {
 
 	@Nested
@@ -91,21 +99,49 @@ public void testReadPluginDirFromSysProp() {
 		}
 	}
 
-	@Test
-	@DisplayName("read path from cryptomator.pluginDir and replace ~/ with user.home")
-	public void testReadPluginDirFromSysPropAndReplaceHome() {
-		var ucl = Mockito.mock(URLClassLoader.class, "ucl");
-		var relPath = "~/there/will/be/plugins";
-		var absPath = Path.of(System.getProperty("user.home")).resolve("there/will/be/plugins");
-		try (var mockedClass = Mockito.mockStatic(ClassLoaderFactory.class)) {
+	@Nested
+	@DisplayName("when the system property contains invalid values")
+	public class InvalidSystemProperty {
+
+		MockedStatic<ClassLoaderFactory> mockedClass;
+
+		@BeforeEach
+		public void beforeEach() {
+			mockedClass = Mockito.mockStatic(ClassLoaderFactory.class);
 			mockedClass.when(() -> ClassLoaderFactory.forPluginDir()).thenCallRealMethod();
-			mockedClass.when(() -> ClassLoaderFactory.forPluginDirWithPath(absPath)).thenReturn(ucl);
+			mockedClass.when(() -> ClassLoaderFactory.forPluginDirWithPath(any())).thenReturn(null);
+		}
 
-			System.setProperty("cryptomator.pluginDir", relPath);
+		@AfterEach
+		public void afterEach() {
+			mockedClass.close();
+		}
+
+
+		@Test
+		@DisplayName("Undefined cryptomator.pluginDir returns empty URLClassLoader")
+		public void testUndefinedSysProp() {
+			System.clearProperty("cryptomator.pluginDir");
 			var result = ClassLoaderFactory.forPluginDir();
 
-			Assertions.assertSame(ucl, result);
+			mockedClass.verify(() -> ClassLoaderFactory.forPluginDirWithPath(any()), never());
+			Assertions.assertNotNull(result);
+			Assertions.assertEquals(0, result.getURLs().length);
 		}
+
+		@ParameterizedTest
+		@DisplayName("Property cryptomator.pluginDir filled with blanks returns empty URLClassLoader")
+		@EmptySource
+		@ValueSource(strings = {"\t\t", "  "})
+		public void testBlankSysProp(String propValue) {
+			System.setProperty("cryptomator.pluginDir", propValue);
+			var result = ClassLoaderFactory.forPluginDir();
+
+			mockedClass.verify(() -> ClassLoaderFactory.forPluginDirWithPath(any()), never());
+			Assertions.assertNotNull(result);
+			Assertions.assertEquals(0, result.getURLs().length);
+		}
+
 	}
 
 	@Test