Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
40 changes: 40 additions & 0 deletions .github/workflows/sonarqube.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
# SPDX-FileCopyrightText: 2026 Bernard Ladenthin <bernard.ladenthin@gmail.com>
#
# SPDX-License-Identifier: MIT

name: SonarQube
on:
push:
branches:
- main
pull_request:
types: [opened, synchronize, reopened]
Comment on lines +5 to +11

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing SPDX headers. Other workflows in this repo include SPDX copyright and license headers (e.g., codeql.yml, reuse.yml). Add:

Suggested change
name: SonarQube
on:
push:
branches:
- main
pull_request:
types: [opened, synchronize, reopened]
# SPDX-FileCopyrightText: 2026 Bernard Ladenthin <bernard.ladenthin@gmail.com>
# SPDX-FileCopyrightText: 2023-2025 Konstantin Herud
#
# SPDX-License-Identifier: MIT
name: SonarQube
on:
push:
branches:
- main
pull_request:
types: [opened, synchronize, reopened]

jobs:
build:
name: Build and analyze
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
with:
fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis
- name: Set up JDK 21
uses: actions/setup-java@c1e323688fd81a25caa38c78aa6df2d33d3e20d9 # v4.8.0
with:
java-version: 21
distribution: 'zulu'
Comment on lines +17 to +24

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Inconsistent action version pinning: This workflow uses full commit SHAs for some actions while other workflows in the repo use semantic versioning (@v6, @v5, etc.). For consistency and maintainability, consider using the same pattern as established workflows in this repo. Either:

  1. Update to use @v4 semver tags (simpler, follows other workflows), or
  2. Document why this workflow requires stricter pinning via commit SHA

Examples from other workflows:

  • codeql.yml: uses @v4, @v6, @v5
  • reuse.yml: uses @v6
  • publish.yml: uses @v7, @v8, etc.

- name: Cache SonarQube packages
uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
with:
path: ~/.sonar/cache
key: ${{ runner.os }}-sonar
restore-keys: ${{ runner.os }}-sonar
- name: Cache Maven packages
uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
with:
path: ~/.m2
key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
restore-keys: ${{ runner.os }}-m2
- name: Build and analyze
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=bernardladenthin_java-llama.cpp
Comment on lines +37 to +40

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing error handling: The workflow runs mvn verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar but doesn't check if SONAR_TOKEN is actually set. If the secret is not configured, the Maven command will fail silently or with unclear errors. Consider adding a check or documenting this dependency:

Suggested change
- name: Build and analyze
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=bernardladenthin_java-llama.cpp
- name: Build and analyze
env:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
run: |
if [ -z "$SONAR_TOKEN" ]; then
echo "Warning: SONAR_TOKEN not set, skipping SonarQube analysis"
mvn -B verify
else
mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Dsonar.projectKey=bernardladenthin_java-llama.cpp
fi

Alternatively, document in the PR body or README that this workflow requires the SONAR_TOKEN secret to be configured for the repository.

1 change: 1 addition & 0 deletions pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,7 @@ SPDX-License-Identifier: MIT
</distributionManagement>

<properties>
<sonar.organization>bernardladenthin</sonar.organization>
<jna.version>5.19.0</jna.version>
<jspecify.version>1.0.0</jspecify.version>
<lombok.version>1.18.46</lombok.version>
Expand Down
13 changes: 0 additions & 13 deletions src/main/java/net/ladenthin/llama/LlamaModel.java
Original file line number Diff line number Diff line change
Expand Up @@ -158,19 +158,6 @@ public CompletionResult completeWithStats(InferenceParameters parameters) {
return completionParser.parseCompletionResult(json);
}

/**
* Cancellable variant of {@link #complete(InferenceParameters)}. Runs in streaming mode
* internally so the inference loop can observe a {@link net.ladenthin.llama.callback.CancellationToken#cancel()} call
* from another thread and return early with whatever text was accumulated so far.
* <p>
* The token is rebound to this call (any prior {@code cancel} state is cleared on entry).
* On return &mdash; whether by natural stop or cancellation &mdash; the token is unbound.
* </p>
*
* @param parameters the inference configuration (its {@code stream} flag will be set to true)
* @param token cancellation handle; {@link net.ladenthin.llama.callback.CancellationToken#cancel()} aborts the loop
* @return the text generated up to the point of stop or cancellation
*/
/**
* Dispatch a list of completion requests in parallel and return the generated texts
* in the same order. Each request is sent immediately; the native scheduler dispatches
Expand Down
Loading