Merge branch 'release/1.8.0'

Author: infeo

.github/workflows/build.yml

@@ -3,32 +3,117 @@ on:
   push:
   pull_request_target:
     types: [labeled]
+
+env:
+  JAVA_VERSION: 25
+
 jobs:
   build:
     name: Build and Test
     runs-on: ubuntu-latest
-    if: "!contains(github.event.head_commit.message, '[ci skip]') && !contains(github.event.head_commit.message, '[skip ci]')"
+    permissions:
+      id-token: write # Required for the attestations step
+      attestations: write # Required for the attestations step
     steps:
-      - uses: actions/checkout@v5
-      - uses: actions/setup-java@v5
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
         with:
           distribution: 'temurin'
-          java-version: 21
+          java-version: ${{ env.JAVA_VERSION }}
           cache: 'maven'
       - name: Ensure to use tagged version
         if: startsWith(github.ref, 'refs/tags/')
         run: mvn versions:set --file ./pom.xml -DnewVersion=${GITHUB_REF##*/}
       - name: Build and Test
-        id: buildAndTest
-        run: mvn -B clean install
-      - uses: actions/upload-artifact@v4
+        run: mvn -B verify --no-transfer-progress
+      - name: Attest
+        if: startsWith(github.ref, 'refs/tags/')
+        uses: actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f # v3.2.0
+        with:
+          subject-path: |
+            target/*.jar
+            target/*.pom
+      - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
         with:
           name: artifacts
           path: target/*.jar
-      - name: Create Release
-        uses: softprops/action-gh-release@v2
+
+  deploy-central:
+    name: Deploy to Maven Central
+    runs-on: ubuntu-latest
+    permissions: {}
+    needs: [build]
+    if: github.repository_owner == 'cryptomator' && (startsWith(github.ref, 'refs/tags/') || contains(github.event.head_commit.message, '[deploy]'))
+    steps:
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
+        with:
+          distribution: 'temurin'
+          java-version: ${{ env.JAVA_VERSION }}
+          cache: 'maven'
+          server-id: central
+          server-username: MAVEN_CENTRAL_USERNAME
+          server-password: MAVEN_CENTRAL_PASSWORD
+      - name: Ensure to use tagged version
         if: startsWith(github.ref, 'refs/tags/')
+        run: mvn versions:set --file ./pom.xml -DnewVersion=${GITHUB_REF##*/}
+      - name: Verify project version is -SNAPSHOT
+        if: startsWith(github.ref, 'refs/tags/') == false
+        run: |
+          PROJECT_VERSION=$(mvn help:evaluate "-Dexpression=project.version" -q -DforceStdout)
+          test "${PROJECT_VERSION: -9}" = "-SNAPSHOT"
+      - name: Deploy to Maven Central
+        run: mvn deploy -B -DskipTests -Psign,deploy-central --no-transfer-progress
+        env:
+          MAVEN_CENTRAL_USERNAME: ${{ secrets.MAVEN_CENTRAL_USERNAME }}
+          MAVEN_CENTRAL_PASSWORD: ${{ secrets.MAVEN_CENTRAL_PASSWORD }}
+          MAVEN_GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }}
+          MAVEN_GPG_KEY: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }} # Value of the GPG private key to import
+          MAVEN_GPG_KEY_FINGERPRINT: ${{ vars.RELEASES_GPG_KEY_FINGERPRINT }}
+
+  deploy-github:
+    name: Deploy to GitHub Packages
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write # Required for the deploy to GitHub Packages step
+    needs: [build]
+    if: github.repository_owner == 'cryptomator' && (startsWith(github.ref, 'refs/tags/') || contains(github.event.head_commit.message, '[deploy]'))
+    steps:
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
+        with:
+          java-version: ${{ env.JAVA_VERSION }}
+          distribution: 'temurin'
+          cache: 'maven'
+      - name: Ensure to use tagged version
+        if: startsWith(github.ref, 'refs/tags/')
+        run: mvn versions:set --file ./pom.xml -DnewVersion=${GITHUB_REF##*/}
+      - name: Verify project version is -SNAPSHOT
+        if: startsWith(github.ref, 'refs/tags/') == false
+        run: |
+          PROJECT_VERSION=$(mvn help:evaluate "-Dexpression=project.version" -q -DforceStdout)
+          test "${PROJECT_VERSION: -9}" = "-SNAPSHOT"
+      - name: Deploy to GitHub Packages
+        run: mvn deploy -B -DskipTests -Psign,deploy-github --no-transfer-progress
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          MAVEN_GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }}
+          MAVEN_GPG_KEY: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }} # Value of the GPG private key to import
+          MAVEN_GPG_KEY_FINGERPRINT: ${{ vars.RELEASES_GPG_KEY_FINGERPRINT }}
+
+  release:
+    name: Release
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write # Required for the release step
+    needs: [deploy-central, deploy-github]
+    if: startsWith(github.ref, 'refs/tags/')
+    steps:
+      - name: Create Release
+        uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 # v2.4.1
         with:
           prerelease: true
           token: ${{ secrets.CRYPTOBOT_RELEASE_TOKEN }}
           generate_release_notes: true
+          body: |
+            For a list of all notable changes, read the [changelog](/CHANGELOG.md).

.github/workflows/codeql-analysis.yml

@@ -16,19 +16,19 @@ jobs:
     # dependeabot has on push events only read-only access, but codeql requires write access
     if: ${{ !(github.actor == 'dependabot[bot]' && contains(fromJSON('["push"]'), github.event_name)) }}
     steps:
-    - uses: actions/checkout@v5
+    - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       with:
         fetch-depth: 2
-    - uses: actions/setup-java@v5
+    - uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0
       with:
         distribution: 'temurin'
-        java-version: 21
+        java-version: 25
         cache: 'maven'
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6
       with:
         languages: java
     - name: Build
       run: mvn -B compile
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6

.github/workflows/publish-central.yml

@@ -7,8 +7,21 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/).
 The changelog starts with version 1.7.0.
 Changes to prior versions can be found on the [Github release page](https://github.com/cryptomator/integrations-api/releases).
 
-## [1.7.0] - 2025-09-17
+
+## [1.8.0](https://github.com/cryptomator/integrations-api/releases/1.8.0) - 2026-03-12
+
+### Added
+* Experimental [Update API](https://github.com/cryptomator/integrations-api/blob/a522f36cf45884127e2431dd18222391669d5992/src/main/java/org/cryptomator/integrations/update/UpdateMechanism.java) (#72)
+
+### Fixed
+* Fixed plugin loading/discovery active even if pluginDir property is not set ([#86](https://github.com/cryptomator/integrations-api/pull/86))
 
 ### Changed
+* **[BREAKING]** Updated required build JDK to 25 ([#73](https://github.com/cryptomator/integrations-api/pull/73))
+* Pin version of GitHub actions in CI ([#87](https://github.com/cryptomator/integrations-api/pull/87))
 
+
+## [1.7.0](https://github.com/cryptomator/integrations-api/releases/tag/1.7.0) - 2025-09-17
+
+### Changed
 * **[BREAKING]** Updated required build JDK to 21 (a88fa29d9cc05a0e39ab15420517d0f25cff6f35)

.github/workflows/publish-github.yml

@@ -5,7 +5,7 @@
 	<modelVersion>4.0.0</modelVersion>
 	<groupId>org.cryptomator</groupId>
 	<artifactId>integrations-api</artifactId>
-	<version>1.7.0</version>
+	<version>1.8.0-beta1</version>
 
 	<name>Cryptomator Integrations API</name>
 	<description>Defines optional service interfaces that may be used by Cryptomator</description>
@@ -27,22 +27,23 @@
 
 	<properties>
 		<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-		<jdk.version>21</jdk.version>
+		<jdk.version>25</jdk.version>
 
 		<slf4j.version>2.0.17</slf4j.version>
-		<jetbrains-annotation.version>26.0.2-1</jetbrains-annotation.version>
+		<jackson.version>2.21.1</jackson.version>
+		<jetbrains-annotation.version>26.1.0</jetbrains-annotation.version>
 
 		<!-- Test dependencies -->
-		<junit.version>5.13.4</junit.version>
-		<mockito.version>5.19.0</mockito.version>
+		<junit.version>6.0.1</junit.version>
+		<mockito.version>5.21.0</mockito.version>
 
 		<!-- Build dependencies -->
-		<mvn-compiler.version>3.14.0</mvn-compiler.version>
-		<mvn-source.version>3.3.1</mvn-source.version>
-		<mvn-surefire.version>3.5.4</mvn-surefire.version>
-		<mvn-javadoc.version>3.11.3</mvn-javadoc.version>
+		<mvn-compiler.version>3.15.0</mvn-compiler.version>
+		<mvn-source.version>3.4.0</mvn-source.version>
+		<mvn-surefire.version>3.5.5</mvn-surefire.version>
+		<mvn-javadoc.version>3.12.0</mvn-javadoc.version>
 		<mvn-gpg.version>3.2.8</mvn-gpg.version>
-		<central-publishing.version>0.8.0</central-publishing.version>
+		<central-publishing.version>0.10.0</central-publishing.version>
 	</properties>
 
 	<licenses>
@@ -59,6 +60,11 @@
 			<artifactId>slf4j-api</artifactId>
 			<version>${slf4j.version}</version>
 		</dependency>
+		<dependency>
+			<groupId>com.fasterxml.jackson.core</groupId>
+			<artifactId>jackson-databind</artifactId>
+			<version>${jackson.version}</version>
+		</dependency>
 
 		<dependency>
 			<groupId>org.jetbrains</groupId>
@@ -126,7 +132,7 @@
 				</executions>
 				<configuration>
 					<quiet>true</quiet>
-					<release>21</release>
+					<release>25</release>
 					<tags>
 						<!-- workaround for "unknown tag: implNote", see https://blog.codefx.org/java/new-javadoc-tags/#Maven  -->
 						<tag>

.idea/misc.xml

@@ -6,11 +6,14 @@
 import org.cryptomator.integrations.keychain.KeychainAccessProvider;
 import org.cryptomator.integrations.tray.TrayIntegrationProvider;
 import org.cryptomator.integrations.uiappearance.UiAppearanceProvider;
+import org.cryptomator.integrations.update.UpdateMechanism;
 
 
 module org.cryptomator.integrations.api {
 	requires static org.jetbrains.annotations;
 	requires org.slf4j;
+	requires com.fasterxml.jackson.databind;
+	requires java.net.http;
 
 	exports org.cryptomator.integrations.autostart;
 	exports org.cryptomator.integrations.common;
@@ -20,6 +23,7 @@
 	exports org.cryptomator.integrations.tray;
 	exports org.cryptomator.integrations.uiappearance;
 	exports org.cryptomator.integrations.quickaccess;
+	exports org.cryptomator.integrations.update;
 
 	uses AutoStartProvider;
 	uses KeychainAccessProvider;
@@ -29,4 +33,5 @@
 	uses TrayMenuController;
 	uses UiAppearanceProvider;
 	uses QuickAccessService;
+	uses UpdateMechanism;
 }

CHANGELOG.md

@@ -0,0 +1,14 @@
+package org.cryptomator.integrations;
+
+import java.util.ResourceBundle;
+
+public enum Localization {
+	INSTANCE;
+
+	private final ResourceBundle resourceBundle = ResourceBundle.getBundle("IntegrationsApi");
+
+	public static ResourceBundle get() {
+		return INSTANCE.resourceBundle;
+	}
+
+}