Merge branch 'develop' into release/2.10.0

Author: infeo

.github/workflows/build.yml

@@ -17,17 +17,17 @@ jobs:
       attestations: write # Required for the attestations step
       contents: write # Required for the release step
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
            fetch-depth: 0
            show-progress: false
-      - uses: actions/setup-java@f2beeb24e141e01a676f977032f5a29d81c9e27e # v5.1.0
+      - uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
         with:
           java-version: ${{ env.JAVA_VERSION }}
           distribution: 'temurin'
           cache: 'maven'
       - name: Cache SonarCloud packages
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
         with:
           path: ~/.sonar/cache
           key: ${{ runner.os }}-sonar
@@ -49,12 +49,12 @@ jobs:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
       - name: Attest
         if: startsWith(github.ref, 'refs/tags/')
-        uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0
+        uses: actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f # v3.2.0
         with:
           subject-path: |
             target/*.jar
             target/*.pom
-      - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
+      - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
         with:
           name: artifacts
           path: target/*.jar

.github/workflows/codeql-analysis.yml

@@ -16,20 +16,20 @@ jobs:
     # dependeabot has on push events only read-only access, but codeql requires write access
     if: ${{ !(github.actor == 'dependabot[bot]' && contains(fromJSON('["push"]'), github.event_name)) }}
     steps:
-    - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       with:
         fetch-depth: 2
         show-progress: false
-    - uses: actions/setup-java@f2beeb24e141e01a676f977032f5a29d81c9e27e # v5.1.0
+    - uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
       with:
         java-version: 25
         distribution: 'temurin'
         cache: 'maven'
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
+      uses: github/codeql-action/init@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0
       with:
         languages: java
     - name: Build
       run: mvn -B install -DskipTests
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
+      uses: github/codeql-action/analyze@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0

.github/workflows/dependency-check.yml

@@ -11,7 +11,7 @@ on:
 
 jobs:
   check-dependencies:
-    uses: skymatic/workflows/.github/workflows/run-dependency-check.yml@1074588008ae3326a2221ea451783280518f0366 # v3.0.1
+    uses: skymatic/workflows/.github/workflows/run-dependency-check.yml@957d3c2c08c56855fdac41e5afb9a7aca8c30dd9 # v3.0.3
     with:
       runner-os: 'ubuntu-latest'
       java-distribution: 'temurin'
@@ -20,4 +20,4 @@ jobs:
       nvd-api-key: ${{ secrets.NVD_API_KEY }}
       ossindex-username: ${{ secrets.OSSINDEX_USERNAME }}
       ossindex-token: ${{ secrets.OSSINDEX_API_TOKEN }}
-      slack-webhook-url: ${{ secrets.SLACK_WEBHOOK_URL }}
+      slack-webhook-url: ${{ secrets.SLACK_WEBHOOK_CRYPTOMATOR_DESKTOP }}

.github/workflows/publish-central.yml

@@ -7,8 +7,8 @@ jobs:
     runs-on: ubuntu-latest
     if: startsWith(github.ref, 'refs/tags/') # only allow publishing tagged versions
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
-      - uses: actions/setup-java@f2beeb24e141e01a676f977032f5a29d81c9e27e # v5.1.0
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+      - uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
         with:
           java-version: 25
           distribution: 'temurin'

.github/workflows/publish-github.yml

@@ -7,8 +7,8 @@ jobs:
     runs-on: ubuntu-latest
     if: startsWith(github.ref, 'refs/tags/') # only allow publishing tagged versions
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
-      - uses: actions/setup-java@f2beeb24e141e01a676f977032f5a29d81c9e27e # v5.1.0
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+      - uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
         with:
           java-version: 25
           distribution: 'temurin'

CHANGELOG.md

@@ -16,7 +16,9 @@ Changes to prior versions can be found on the [Github release page](https://gith
 ### Changed
 * Use JDK 25 for build (bf26d6c9cd15a2489126ee0409a8ec9eca59da0c)
 * Pin external ci actions ([#320](https://github.com/cryptomator/cryptofs/pull/320))
-* Updated com.github.ben-manes.caffeine:caffeine from 3.2.0 to 3.2.3 ([#323](https://github.com/cryptomator/cryptofs/pull/323))
+* Updated dependencies:
+  * `com.github.ben-manes.caffeine:caffeine` from 3.2.0 to 3.2.3 ([#323](https://github.com/cryptomator/cryptofs/pull/323))
+  * `org.cryptomator:cryptolib` from 2.2.1 to 2.2.2
 
 ### Fixed
 * Replacing internal path class `CryptoPath` with strings in `FilesystemEvent`s ([#319](https://github.com/cryptomator/cryptofs/pull/319))

pom.xml

@@ -18,33 +18,33 @@
 		<maven.compiler.release>25</maven.compiler.release>
 
 		<!-- dependencies -->
-		<cryptolib.version>2.2.1</cryptolib.version>
+		<cryptolib.version>2.2.2</cryptolib.version>
 		<jwt.version>4.5.0</jwt.version>
 		<dagger.version>2.55</dagger.version>
 		<caffeine.version>3.2.3</caffeine.version>
 		<slf4j.version>2.0.17</slf4j.version>
 
 		<!-- test dependencies -->
 		<awaitility.version>4.3.0</awaitility.version>
-		<junit.jupiter.version>6.0.0</junit.jupiter.version>
+		<junit.jupiter.version>6.0.3</junit.jupiter.version>
 		<jmh.version>1.37</jmh.version>
-		<mockito.version>5.20.0</mockito.version>
+		<mockito.version>5.21.0</mockito.version>
 		<hamcrest.version>3.0</hamcrest.version>
 		<jimfs.version>1.3.1</jimfs.version>
 
 		<!-- build plugin dependencies -->
-		<mvn-compiler.version>3.14.1</mvn-compiler.version>
-		<mvn-dependency.version>3.9.0</mvn-dependency.version>
+		<mvn-compiler.version>3.15.0</mvn-compiler.version>
+		<mvn-dependency.version>3.10.0</mvn-dependency.version>
 		<mvn-surefire.version>3.5.4</mvn-surefire.version>
-		<mvn-jar.version>3.4.2</mvn-jar.version>
-		<mvn-source.version>3.3.1</mvn-source.version>
+		<mvn-jar.version>3.5.0</mvn-jar.version>
+		<mvn-source.version>3.4.0</mvn-source.version>
 		<mvn-javadoc.version>3.12.0</mvn-javadoc.version>
 		<mvn-gpg.version>3.2.8</mvn-gpg.version>
 
-		<dependency-check.version>12.1.8</dependency-check.version>
+		<dependency-check.version>12.2.0</dependency-check.version>
 		<junit-tree-reporter.version>1.5.1</junit-tree-reporter.version>
 		<jacoco.version>0.8.14</jacoco.version>
-		<central-publishing.version>0.9.0</central-publishing.version>
+		<central-publishing.version>0.10.0</central-publishing.version>
 
 		<!-- Property used by surefire to determine jacoco engine -->
 		<surefire.jacoco.args></surefire.jacoco.args>

src/main/java/org/cryptomator/cryptofs/CryptoFileSystemModule.java

@@ -39,7 +39,7 @@ public Optional<FileStore> provideNativeFileStore(@PathToVault Path pathToVault)
 		try {
 			return Optional.of(Files.getFileStore(pathToVault));
 		} catch (IOException e) {
-			LOG.warn("Failed to get file store for " + pathToVault, e);
+			LOG.warn("Failed to get file store for {}", pathToVault, e);
 			return Optional.empty();
 		}
 	}
@@ -52,7 +52,7 @@ public Consumer<FilesystemEvent> provideFilesystemEventConsumer(CryptoFileSystem
 			try {
 				eventConsumer.accept(event);
 			} catch (RuntimeException e) {
-				LOG.warn("Filesystem event consumer failed with exception when processing event {}", event, e);
+				LOG.warn("Filesystem event consumer failed with exception when processing event {}", event.getClass().getSimpleName(), e);
 			}
 		};
 	}

src/main/java/org/cryptomator/cryptofs/CryptoFileSystems.java

@@ -97,7 +97,7 @@ private String readVaultConfigFile(Path pathToVault, CryptoFileSystemProperties
 			// TODO: remove this check and tell downstream users to check the vault dir structure before creating a CryptoFileSystemImpl
 			@SuppressWarnings("deprecation") var masterkeyFilename = properties.masterkeyFilename();
 			if (masterkeyFilename != null && Files.exists(pathToVault.resolve(masterkeyFilename))) {
-				LOG.warn("Failed to read {}, but found {}}", vaultConfigFile, masterkeyFilename);
+				LOG.warn("Failed to read {}, but found {}", vaultConfigFile, masterkeyFilename);
 				throw new FileSystemNeedsMigrationException(pathToVault);
 			} else {
 				throw e;

src/main/java/org/cryptomator/cryptofs/CryptoPathMapper.java

@@ -105,7 +105,7 @@ public CiphertextFileType getCiphertextFileType(CryptoPath cleartextPath) throws
 					return CiphertextFileType.FILE;
 				} else {
 					eventConsumer.accept(new BrokenFileNodeEvent(cleartextPath, ciphertextPath.getRawPath()));
-					LOG.warn("Did not find valid content inside of {}", ciphertextPath.getRawPath());
+					LOG.warn("Ciphertext directory {} has no clear type. Missing id files for dir, symlink or shortened file.", ciphertextPath.getRawPath());
 					throw new InvalidFileNodeException(cleartextPath.toString(), ciphertextPath.getRawPath().toString());
 				}
 			} else {