Merge branch 'main' into grpc-server-address

Author: trask

.fossa.yml

@@ -178,9 +178,6 @@ targets:
     - type: gradle
       path: ./
       target: ':instrumentation:java-util-logging:javaagent'
-    - type: gradle
-      path: ./
-      target: ':instrumentation:javalin-5.0:javaagent'
     - type: gradle
       path: ./
       target: ':instrumentation:jaxrs-client:jaxrs-client-1.1-testing'
@@ -541,6 +538,12 @@ targets:
     - type: gradle
       path: ./
       target: ':instrumentation:internal:internal-url-class-loader:javaagent'
+    - type: gradle
+      path: ./
+      target: ':instrumentation:javalin:javalin-5.0:javaagent'
+    - type: gradle
+      path: ./
+      target: ':instrumentation:javalin:javalin-7.0:javaagent'
     - type: gradle
       path: ./
       target: ':instrumentation:jaxrs:jaxrs-1.0:javaagent'
@@ -925,9 +928,6 @@ targets:
     - type: gradle
       path: ./
       target: ':instrumentation:rxjava:rxjava-2.0:library'
-    - type: gradle
-      path: ./
-      target: ':instrumentation:rxjava:rxjava-3-common:library'
     - type: gradle
       path: ./
       target: ':instrumentation:rxjava:rxjava-3.0:javaagent'
@@ -940,6 +940,9 @@ targets:
     - type: gradle
       path: ./
       target: ':instrumentation:rxjava:rxjava-3.1.1:library'
+    - type: gradle
+      path: ./
+      target: ':instrumentation:rxjava:rxjava-common-3.0:library'
     - type: gradle
       path: ./
       target: ':instrumentation:servlet:servlet-2.2:javaagent'

.github/config/lychee.toml

@@ -10,23 +10,20 @@ max_concurrency = 4
 include_fragments = true
 
 remap = [
-  # workaround for https://github.com/lycheeverse/lychee/issues/1729
-  "https://github.com/(.*?)/(.*?)/blob/(.*?)/(.*#.*)$ https://raw.githubusercontent.com/$1/$2/$3/$4",
   "https://docs.oracle.com/(.*)#.*$ https://docs.oracle.com/$1"
 ]
 
 # excluding links to pull requests and issues is done for performance
 # stackexchange link fails with 403 when accessed by lychee
 exclude = [
-  # workaround for https://github.com/lycheeverse/lychee/issues/1729
-  '^https://github.com/.*#issuecomment-.*$',
   '^https://github.com/open-telemetry/opentelemetry-java-instrumentation/(issues|pull)/\d+$',
   '^http://code.google.com/p/concurrentlinkedhashmap$',
   '^https://softwareengineering.stackexchange.com/questions/29727.*',
   '^https://central.sonatype.com/service/rest/repository/browse/maven-snapshots/io/opentelemetry/$',
   # new artifact, remove after 2.21.0 release
   '^https://central.sonatype.com/artifact/io.opentelemetry.instrumentation/opentelemetry-helidon-4.3$',
-  # flaky link
+  # flaky links
   '^http://www.slf4j.org.*',
-  '^https://logback.qos.ch/.*'
+  '^https://logback.qos.ch/.*',
+  '^https://vaadin.com/$'
 ]

.github/prompts/fix-pr-ci-failures.md

@@ -82,7 +82,7 @@ Do not stop a given execution until you have worked through all phases below.
   - **Test locally before committing**:
     - For markdown lint failures: `mise run lint:markdown`
     - For compilation errors: `./gradlew <failed-task-path>`
-    - For test failures: `./gradlew <failed-test-task>`
+    - For test failures: Run the whole module's test task (e.g., `./gradlew :instrumentation:module-name:javaagent:test`) instead of just the individual failing test, as there are often other tests in the module that also need to be fixed
     - Verify the fix resolves the issue
   - Update the checkbox in CI-PLAN.md
   - Commit each logical fix as a separate commit

.github/renovate.json5

@@ -352,6 +352,17 @@
     },
   ],
   customManagers: [
+    {
+      // keep SHA-pinned raw.githubusercontent.com URLs in mise.toml up to date
+      customType: 'regex',
+      datasourceTemplate: 'github-tags',
+      managerFilePatterns: [
+        '/^mise\\.toml$/',
+      ],
+      matchStrings: [
+        'https://raw\\.githubusercontent\\.com/(?<depName>[^/]+/[^/]+)/(?<currentDigest>[a-f0-9]{40})/.*#\\s*(?<currentValue>v\\S+)',
+      ],
+    },
     {
       customType: 'regex',
       datasourceTemplate: 'java-version',

.github/scripts/check-package-names.sh

@@ -25,9 +25,6 @@ for dir in $(find instrumentation -name "*.java" | grep library/src/main/java |
   if [[ "$module_name" == "graphql-java-common" ]]; then
     continue
   fi
-  if [[ "$module_name" == "rxjava-3-common" ]]; then
-    continue
-  fi
   if [[ "$module_name" == "servlet-javax-common" ]]; then
     continue
   fi

.github/workflows/codeql.yml

@@ -63,7 +63,7 @@ jobs:
           cache-read-only: ${{ github.event_name == 'pull_request' }}
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3
+        uses: github/codeql-action/init@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
         with:
           languages: ${{ matrix.language }}
           # using "linked" helps to keep up with the linked Kotlin support
@@ -85,6 +85,6 @@ jobs:
           --no-build-cache --no-daemon
 
       - name: Perform CodeQL analysis
-        uses: github/codeql-action/analyze@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3
+        uses: github/codeql-action/analyze@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
         with:
           category: "/language:${{matrix.language}}"

.github/workflows/dependency-review.yml

@@ -19,4 +19,4 @@ jobs:
       - name: 'Checkout Repository'
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: 'Dependency Review'
-        uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # v4.8.2
+        uses: actions/dependency-review-action@05fe4576374b728f0c523d6a13d64c25081e0803 # v4.8.3

.github/workflows/issue-management-stale-action.yml

@@ -21,7 +21,7 @@ jobs:
       # Action #1: Handle issues/PRs awaiting author feedback
       # - After 7 days inactive: Adds "stale" label + warning comment
       # - After 7 more days inactive: Closes
-      - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # v10.1.1
+      - uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # v10.2.0
         with:
           only-labels: "needs author feedback"
           days-before-stale: 7
@@ -40,7 +40,7 @@ jobs:
       # - Targets: Issues with "enhancement" label (but NOT "needs author feedback")
       # - After 365 days inactive: Adds "stale" label + closes immediately (no warning period)
       # - Skips: Issues with "needs author feedback" to avoid conflicts with Action #1
-      - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # v10.1.1
+      - uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # v10.2.0
         with:
           only-labels: "enhancement"
           # Skip issues that need author feedback (handled by the first action with 7+7 day policy)
@@ -58,7 +58,7 @@ jobs:
       # Action #3: Handle stale PRs
       # - After 90 days inactive: Adds "stale" label + warning comment
       # - After 14 more days inactive: Closes
-      - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # v10.1.1
+      - uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # v10.2.0
         with:
           days-before-issue-stale: -1
           days-before-issue-close: -1

.github/workflows/ossf-scorecard.yml

@@ -43,6 +43,6 @@ jobs:
       # Upload the results to GitHub's code scanning dashboard (optional).
       # Commenting out will disable upload of results to your repo's Code Scanning dashboard
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@9e907b5e64f6b83e7804b09294d44122997950d6 # v4.32.3
+        uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
         with:
           sarif_file: results.sarif

.github/workflows/reusable-link-check.yml

@@ -12,20 +12,20 @@ jobs:
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
-          fetch-depth: 0 # needed for merge-base used in lint:links-in-modified-files
+          fetch-depth: 0 # needed for merge-base used in modified-files mode
 
       - uses: jdx/mise-action@6d1e696aa24c1aa1bcc1adea0212707c71ab78a8 # v3.6.1
 
       - name: Link check for pull requests
         if: github.event_name == 'pull_request'
         env:
           GITHUB_TOKEN: ${{ github.token }}
-        run: |
-          mise run lint:local-links
-          mise run lint:links-in-modified-files --base origin/${{ github.base_ref }} --head ${{ github.event.pull_request.head.sha }}
+          GITHUB_HEAD_SHA: ${{ github.event.pull_request.head.sha }}
+          PR_HEAD_REPO: ${{ github.event.pull_request.head.repo.full_name }}
+        run: mise run lint:links
 
       - name: Link check for pushes and scheduled workflows
         if: github.event_name != 'pull_request'
         env:
           GITHUB_TOKEN: ${{ github.token }}
-        run: mise run lint:links
+        run: mise run lint:links --full