From 2a4b305dc782782fa7c76d0bae0523609cd54de2 Mon Sep 17 00:00:00 2001 From: lcian Date: Tue, 26 Aug 2025 16:00:58 +0200 Subject: [PATCH 01/22] Disable Gradle configuration cache for enforce-license-compliance workflow --- .github/workflows/enforce-license-compliance.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/enforce-license-compliance.yml b/.github/workflows/enforce-license-compliance.yml index d4026de582..78e4cc7403 100644 --- a/.github/workflows/enforce-license-compliance.yml +++ b/.github/workflows/enforce-license-compliance.yml @@ -19,6 +19,9 @@ jobs: distribution: 'temurin' java-version: '17' + - name: Disable Gradle configuration cache (see https://github.com/fossas/fossa-cli/issues/872) + run: sed -i 's/^org.gradle.configuration-cache=.*/org.gradle.configuration-cache=false/' gradle.properties + - name: 'Enforce License Compliance' uses: getsentry/action-enforce-license-compliance@main with: From 0aa6dec2fa67df2bdf0331dc4fc4285bfbe511c4 Mon Sep 17 00:00:00 2001 From: Lorenzo Cian Date: Tue, 26 Aug 2025 16:03:49 +0200 Subject: [PATCH 02/22] checkout --- .github/workflows/enforce-license-compliance.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/enforce-license-compliance.yml b/.github/workflows/enforce-license-compliance.yml index 78e4cc7403..068b52540b 100644 --- a/.github/workflows/enforce-license-compliance.yml +++ b/.github/workflows/enforce-license-compliance.yml @@ -19,6 +19,9 @@ jobs: distribution: 'temurin' java-version: '17' + - name: Checkout + uses: actions/checkout@v4 + - name: Disable Gradle configuration cache (see https://github.com/fossas/fossa-cli/issues/872) run: sed -i 's/^org.gradle.configuration-cache=.*/org.gradle.configuration-cache=false/' gradle.properties From 510ce0ea9654218c0999fcdbb913e1b4d1766d14 Mon Sep 17 00:00:00 2001 From: Lorenzo Cian Date: Tue, 26 Aug 2025 16:17:09 +0200 Subject: [PATCH 03/22] vendor in getsentry/action-enforce-license-compliance without checkout --- .../workflows/enforce-license-compliance.yml | 84 ++++++++++++++++++- 1 file changed, 80 insertions(+), 4 deletions(-) diff --git a/.github/workflows/enforce-license-compliance.yml b/.github/workflows/enforce-license-compliance.yml index 068b52540b..7df6eee580 100644 --- a/.github/workflows/enforce-license-compliance.yml +++ b/.github/workflows/enforce-license-compliance.yml @@ -25,7 +25,83 @@ jobs: - name: Disable Gradle configuration cache (see https://github.com/fossas/fossa-cli/issues/872) run: sed -i 's/^org.gradle.configuration-cache=.*/org.gradle.configuration-cache=false/' gradle.properties - - name: 'Enforce License Compliance' - uses: getsentry/action-enforce-license-compliance@main - with: - fossa_api_key: ${{ secrets.FOSSA_API_KEY }} + - if: github.repository_owner != 'getsentry' && github.repository_owner != 'codecov' + shell: bash + run: echo "This action should only run on getsentry and codecov repos" && exit 1 + + - name: 'Pick a FOSSA API key and install FOSSA cli' + id: set_key + shell: bash + env: + PREFERRED: ${{ secrets.FOSSA_API_KEY }} + run: | + + # FOSSA has two kinds of API keys (aka tokens), a full-privilege key + # and a low-privilege "push-only" key. The practical difference is that + # the full key provides more feedback on `fossa test` failure. We have + # a full key stored in org-wide GitHub Secrets, but a) we can't access + # it in an action, only in a workflow (hence the input here) and b) it + # isn't available even in a workflow when run in a PR from a fork. If + # for any reason it's missing we fall back to a push-only key attached + # to a low-privilege account, which is safe (enough) to expose publicly + # here in this file and gives us at least basic pass/fail. + # + # See also: https://docs.fossa.com/docs/api-reference#api-tokens + FALLBACK="9fc50c40b136c68873ad05aec573cf3e" + echo "key=${PREFERRED:-$FALLBACK}" >> "$GITHUB_OUTPUT" + # Install specific version of fossa-cli to guarantee stability of parsing fossa job outputs + VERSION="v3.8.20" + curl -H 'Cache-Control: no-cache' "https://raw.githubusercontent.com/fossas/fossa-cli/$VERSION/install-latest.sh" | bash -s -- "$VERSION" + + - name: 'Run `fossa analyze`' + id: analyze + continue-on-error: true + env: + FOSSA_API_KEY: ${{ steps.set_key.outputs.key }} + GITHUB_PR_SHA: ${{ github.event.pull_request.head.sha || github.sha }} + GITHUB_PR_REF: ${{ github.event.pull_request.head.ref || github.ref }} + shell: bash + run: | + exec &> >(tee -a "analyze_logs.txt") + fossa analyze --branch "$GITHUB_PR_REF" --revision "$GITHUB_PR_SHA" + + # We only want to run license compliance test if `fossa test` succeeds. This is to unblock CI + # on FOSSA outages. + - if: steps.analyze.outcome == 'success' + name: 'Run `fossa test`' + id: test + continue-on-error: true + env: + FOSSA_API_KEY: ${{ steps.set_key.outputs.key }} + GITHUB_PR_SHA: ${{ github.event.pull_request.head.sha || github.sha }} + shell: bash + run: | + exec &> >(tee -a "test_logs.txt") + # Set timeout to 5 minutes (default of 60 minutes is waaaay too long to block CI) + fossa test --timeout 300 --revision "$GITHUB_PR_SHA" + + - if: steps.analyze.outcome == 'failure' || steps.test.outcome == 'failure' + name: 'Send error to Sentry on `fossa-cli` errors' + shell: bash + env: + SENTRY_DSN: https://decbca863c554db095624ede8a83310c@o1.ingest.sentry.io/4505031352713216 + run: | + if [[ ${{ steps.analyze.outcome }} == 'failure' ]]; then + curl -sL https://sentry.io/get-cli/ | sh + # Environment variables will automatically be sent, so we just want some minimal information + error_msg=$(cat analyze_logs.txt | grep -zoP '(?<=>>> Relevant errors\n\n Error\n\n ).*?(?=\n)' || echo 'unknown error message') + sentry-cli send-event -m "analyze: $error_msg" -t repo:$GITHUB_REPOSITORY -e url:$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID --logfile analyze_logs.txt + exit 0 + fi + if grep -q "The scan has revealed issues. Number of issues found:" test_logs.txt; then + echo + echo "🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 " + echo + echo "Eep! It seems that this PR introduces a license violation. Did you add any libraries? Do they use the GPL or some weird license? Am I a confused bot? If you need a hand, cc: @getsentry/dev-infra in a comment. 🙏" + echo + echo "🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 " + exit 1 + fi + curl -sL https://sentry.io/get-cli/ | sh + error_msg=$(cat test_logs.txt | grep -zoP '(?<=>>> Relevant errors\n\n Error\n\n ).*?(?=\n)' || echo 'unknown error message') + sentry-cli send-event -m "test: $error_msg" -t repo:$GITHUB_REPOSITORY -e url:$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID --logfile test_logs.txt From f3d0d52dfe77ec6fa4581612b0f5f8ecd690b37c Mon Sep 17 00:00:00 2001 From: Lorenzo Cian Date: Tue, 26 Aug 2025 16:28:04 +0200 Subject: [PATCH 04/22] update test timeout to 30 mins --- .github/workflows/enforce-license-compliance.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/enforce-license-compliance.yml b/.github/workflows/enforce-license-compliance.yml index 7df6eee580..5ba45df67a 100644 --- a/.github/workflows/enforce-license-compliance.yml +++ b/.github/workflows/enforce-license-compliance.yml @@ -77,8 +77,8 @@ jobs: shell: bash run: | exec &> >(tee -a "test_logs.txt") - # Set timeout to 5 minutes (default of 60 minutes is waaaay too long to block CI) - fossa test --timeout 300 --revision "$GITHUB_PR_SHA" + # Set timeout to 30 minutes + fossa test --timeout 1800 --revision "$GITHUB_PR_SHA" - if: steps.analyze.outcome == 'failure' || steps.test.outcome == 'failure' name: 'Send error to Sentry on `fossa-cli` errors' From c7194e3fec8ae9244a01f9f5549425ce435fccab Mon Sep 17 00:00:00 2001 From: lcian Date: Tue, 26 Aug 2025 16:45:08 +0200 Subject: [PATCH 05/22] try adding a fossa-deps.yml for vendored deps --- fossa-deps.yml | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 fossa-deps.yml diff --git a/fossa-deps.yml b/fossa-deps.yml new file mode 100644 index 0000000000..eb008dc2b0 --- /dev/null +++ b/fossa-deps.yml @@ -0,0 +1,3 @@ +vendored-dependencies: +- name: gson + path: sentry/src/main/java/io/sentry/vendor/gson From bcdfdb2a753d6fce773125cb6a3157cbd544fd47 Mon Sep 17 00:00:00 2001 From: Lorenzo Cian Date: Tue, 26 Aug 2025 17:03:18 +0200 Subject: [PATCH 06/22] add random to fossa-deps.yml --- fossa-deps.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/fossa-deps.yml b/fossa-deps.yml index eb008dc2b0..a00436d6b6 100644 --- a/fossa-deps.yml +++ b/fossa-deps.yml @@ -1,3 +1,5 @@ vendored-dependencies: - name: gson path: sentry/src/main/java/io/sentry/vendor/gson +- name: Random + path: sentry/src/main/java/io/sentry/util/Random.java From 48aeb24e5aaedcb2327103dac609acb53fc56068 Mon Sep 17 00:00:00 2001 From: Lorenzo Cian Date: Tue, 26 Aug 2025 17:15:01 +0200 Subject: [PATCH 07/22] add the whole util dir instead --- fossa-deps.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/fossa-deps.yml b/fossa-deps.yml index a00436d6b6..7058bf1f97 100644 --- a/fossa-deps.yml +++ b/fossa-deps.yml @@ -2,4 +2,4 @@ vendored-dependencies: - name: gson path: sentry/src/main/java/io/sentry/vendor/gson - name: Random - path: sentry/src/main/java/io/sentry/util/Random.java + path: sentry/src/main/java/io/sentry/util From 44585be9ae1e320645ace1a0f6a3ea79c4e2463f Mon Sep 17 00:00:00 2001 From: Lorenzo Cian Date: Tue, 26 Aug 2025 17:36:13 +0200 Subject: [PATCH 08/22] debug --- .github/workflows/enforce-license-compliance.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/enforce-license-compliance.yml b/.github/workflows/enforce-license-compliance.yml index 5ba45df67a..8853978bde 100644 --- a/.github/workflows/enforce-license-compliance.yml +++ b/.github/workflows/enforce-license-compliance.yml @@ -63,7 +63,7 @@ jobs: shell: bash run: | exec &> >(tee -a "analyze_logs.txt") - fossa analyze --branch "$GITHUB_PR_REF" --revision "$GITHUB_PR_SHA" + fossa analyze --branch "$GITHUB_PR_REF" --revision "$GITHUB_PR_SHA" --debug # We only want to run license compliance test if `fossa test` succeeds. This is to unblock CI # on FOSSA outages. From 68c703a42ea1a243895255dad4fbd5ec07209a1d Mon Sep 17 00:00:00 2001 From: lcian Date: Tue, 26 Aug 2025 17:46:18 +0200 Subject: [PATCH 09/22] classpath exception? --- sentry/src/main/java/io/sentry/util/Random.java | 6 ------ 1 file changed, 6 deletions(-) diff --git a/sentry/src/main/java/io/sentry/util/Random.java b/sentry/src/main/java/io/sentry/util/Random.java index cbd81824df..8ee05aee9d 100644 --- a/sentry/src/main/java/io/sentry/util/Random.java +++ b/sentry/src/main/java/io/sentry/util/Random.java @@ -2,12 +2,6 @@ * Copyright (c) 1995, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * - * This code is free software; you can redistribute it and/or modify it - * under the terms of the GNU General Public License version 2 only, as - * published by the Free Software Foundation. Oracle designates this - * particular file as subject to the "Classpath" exception as provided - * by Oracle in the LICENSE file that accompanied this code. - * * This code is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License From 532c048353d965fadcc9f559a4065ad0457b7c23 Mon Sep 17 00:00:00 2001 From: Lorenzo Cian Date: Wed, 27 Aug 2025 08:56:19 +0200 Subject: [PATCH 10/22] use new inputs for the action instead of vendoring code --- .../workflows/enforce-license-compliance.yml | 87 ++----------------- 1 file changed, 7 insertions(+), 80 deletions(-) diff --git a/.github/workflows/enforce-license-compliance.yml b/.github/workflows/enforce-license-compliance.yml index 8853978bde..b88d2346a1 100644 --- a/.github/workflows/enforce-license-compliance.yml +++ b/.github/workflows/enforce-license-compliance.yml @@ -22,86 +22,13 @@ jobs: - name: Checkout uses: actions/checkout@v4 + # TODO: remove this when upstream is fixed - name: Disable Gradle configuration cache (see https://github.com/fossas/fossa-cli/issues/872) run: sed -i 's/^org.gradle.configuration-cache=.*/org.gradle.configuration-cache=false/' gradle.properties - - if: github.repository_owner != 'getsentry' && github.repository_owner != 'codecov' - shell: bash - run: echo "This action should only run on getsentry and codecov repos" && exit 1 - - - name: 'Pick a FOSSA API key and install FOSSA cli' - id: set_key - shell: bash - env: - PREFERRED: ${{ secrets.FOSSA_API_KEY }} - run: | - - # FOSSA has two kinds of API keys (aka tokens), a full-privilege key - # and a low-privilege "push-only" key. The practical difference is that - # the full key provides more feedback on `fossa test` failure. We have - # a full key stored in org-wide GitHub Secrets, but a) we can't access - # it in an action, only in a workflow (hence the input here) and b) it - # isn't available even in a workflow when run in a PR from a fork. If - # for any reason it's missing we fall back to a push-only key attached - # to a low-privilege account, which is safe (enough) to expose publicly - # here in this file and gives us at least basic pass/fail. - # - # See also: https://docs.fossa.com/docs/api-reference#api-tokens - FALLBACK="9fc50c40b136c68873ad05aec573cf3e" - echo "key=${PREFERRED:-$FALLBACK}" >> "$GITHUB_OUTPUT" - # Install specific version of fossa-cli to guarantee stability of parsing fossa job outputs - VERSION="v3.8.20" - curl -H 'Cache-Control: no-cache' "https://raw.githubusercontent.com/fossas/fossa-cli/$VERSION/install-latest.sh" | bash -s -- "$VERSION" - - - name: 'Run `fossa analyze`' - id: analyze - continue-on-error: true - env: - FOSSA_API_KEY: ${{ steps.set_key.outputs.key }} - GITHUB_PR_SHA: ${{ github.event.pull_request.head.sha || github.sha }} - GITHUB_PR_REF: ${{ github.event.pull_request.head.ref || github.ref }} - shell: bash - run: | - exec &> >(tee -a "analyze_logs.txt") - fossa analyze --branch "$GITHUB_PR_REF" --revision "$GITHUB_PR_SHA" --debug - - # We only want to run license compliance test if `fossa test` succeeds. This is to unblock CI - # on FOSSA outages. - - if: steps.analyze.outcome == 'success' - name: 'Run `fossa test`' - id: test - continue-on-error: true - env: - FOSSA_API_KEY: ${{ steps.set_key.outputs.key }} - GITHUB_PR_SHA: ${{ github.event.pull_request.head.sha || github.sha }} - shell: bash - run: | - exec &> >(tee -a "test_logs.txt") - # Set timeout to 30 minutes - fossa test --timeout 1800 --revision "$GITHUB_PR_SHA" - - - if: steps.analyze.outcome == 'failure' || steps.test.outcome == 'failure' - name: 'Send error to Sentry on `fossa-cli` errors' - shell: bash - env: - SENTRY_DSN: https://decbca863c554db095624ede8a83310c@o1.ingest.sentry.io/4505031352713216 - run: | - if [[ ${{ steps.analyze.outcome }} == 'failure' ]]; then - curl -sL https://sentry.io/get-cli/ | sh - # Environment variables will automatically be sent, so we just want some minimal information - error_msg=$(cat analyze_logs.txt | grep -zoP '(?<=>>> Relevant errors\n\n Error\n\n ).*?(?=\n)' || echo 'unknown error message') - sentry-cli send-event -m "analyze: $error_msg" -t repo:$GITHUB_REPOSITORY -e url:$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID --logfile analyze_logs.txt - exit 0 - fi - if grep -q "The scan has revealed issues. Number of issues found:" test_logs.txt; then - echo - echo "🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 " - echo - echo "Eep! It seems that this PR introduces a license violation. Did you add any libraries? Do they use the GPL or some weird license? Am I a confused bot? If you need a hand, cc: @getsentry/dev-infra in a comment. 🙏" - echo - echo "🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 🛑 " - exit 1 - fi - curl -sL https://sentry.io/get-cli/ | sh - error_msg=$(cat test_logs.txt | grep -zoP '(?<=>>> Relevant errors\n\n Error\n\n ).*?(?=\n)' || echo 'unknown error message') - sentry-cli send-event -m "test: $error_msg" -t repo:$GITHUB_REPOSITORY -e url:$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID --logfile test_logs.txt + - name: 'Enforce License Compliance' + uses: getsentry/action-enforce-license-compliance@main + with: + skip_checkout: 'true' + fossa_test_timeout_seconds: 900 + fossa_api_key: ${{ secrets.FOSSA_API_KEY }} From 865fdd97dfb43a480cbb1e714a5fc5e73200496a Mon Sep 17 00:00:00 2001 From: Lorenzo Cian Date: Wed, 27 Aug 2025 08:56:52 +0200 Subject: [PATCH 11/22] restore Random --- sentry/src/main/java/io/sentry/util/Random.java | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/sentry/src/main/java/io/sentry/util/Random.java b/sentry/src/main/java/io/sentry/util/Random.java index 8ee05aee9d..f9b1a8ea70 100644 --- a/sentry/src/main/java/io/sentry/util/Random.java +++ b/sentry/src/main/java/io/sentry/util/Random.java @@ -2,6 +2,13 @@ * Copyright (c) 1995, 2013, Oracle and/or its affiliates. All rights reserved. * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. * + * This code is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 2 only, as + * published by the Free Software Foundation. Oracle designates this + * particular file as subject to the "Classpath" exception as provided + * by Oracle in the LICENSE file that accompanied this code. + * + * * This code is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License From b5fa77253745c9342c6180be5f38c658bf768bb6 Mon Sep 17 00:00:00 2001 From: Lorenzo Cian Date: Wed, 27 Aug 2025 08:57:09 +0200 Subject: [PATCH 12/22] restore --- sentry/src/main/java/io/sentry/util/Random.java | 1 - 1 file changed, 1 deletion(-) diff --git a/sentry/src/main/java/io/sentry/util/Random.java b/sentry/src/main/java/io/sentry/util/Random.java index f9b1a8ea70..cbd81824df 100644 --- a/sentry/src/main/java/io/sentry/util/Random.java +++ b/sentry/src/main/java/io/sentry/util/Random.java @@ -8,7 +8,6 @@ * particular file as subject to the "Classpath" exception as provided * by Oracle in the LICENSE file that accompanied this code. * - * * This code is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License From 21ea6121421c0ddd5f7c9b0ff6a0b119c5ae2502 Mon Sep 17 00:00:00 2001 From: Lorenzo Cian Date: Wed, 27 Aug 2025 14:08:13 +0200 Subject: [PATCH 13/22] increase timeout to 20 minutes --- .github/workflows/enforce-license-compliance.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/enforce-license-compliance.yml b/.github/workflows/enforce-license-compliance.yml index b88d2346a1..c085f8b965 100644 --- a/.github/workflows/enforce-license-compliance.yml +++ b/.github/workflows/enforce-license-compliance.yml @@ -30,5 +30,5 @@ jobs: uses: getsentry/action-enforce-license-compliance@main with: skip_checkout: 'true' - fossa_test_timeout_seconds: 900 + fossa_test_timeout_seconds: 1200 fossa_api_key: ${{ secrets.FOSSA_API_KEY }} From 1cef98dd4415fddc488ffc68bbff8aa57b548afc Mon Sep 17 00:00:00 2001 From: Lorenzo Cian Date: Wed, 27 Aug 2025 20:34:12 +0200 Subject: [PATCH 14/22] timeout to one hour --- .github/workflows/enforce-license-compliance.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/enforce-license-compliance.yml b/.github/workflows/enforce-license-compliance.yml index c085f8b965..ac18aa8f04 100644 --- a/.github/workflows/enforce-license-compliance.yml +++ b/.github/workflows/enforce-license-compliance.yml @@ -30,5 +30,5 @@ jobs: uses: getsentry/action-enforce-license-compliance@main with: skip_checkout: 'true' - fossa_test_timeout_seconds: 1200 + fossa_test_timeout_seconds: 3600 fossa_api_key: ${{ secrets.FOSSA_API_KEY }} From b98edae04bf64398946e99ad9ccd34ec0cc9822b Mon Sep 17 00:00:00 2001 From: lcian Date: Thu, 28 Aug 2025 14:10:30 +0200 Subject: [PATCH 15/22] add fossa.yml --- .fossa.yml | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 .fossa.yml diff --git a/.fossa.yml b/.fossa.yml new file mode 100644 index 0000000000..d4ee8ca10a --- /dev/null +++ b/.fossa.yml @@ -0,0 +1,4 @@ +version: 3 +targets: + exclude: + - type: setuptools From 06452d65cc3acba2ff712b3ea7d1465d614817ce Mon Sep 17 00:00:00 2001 From: lcian Date: Thu, 28 Aug 2025 15:37:25 +0200 Subject: [PATCH 16/22] empty commit to trigger ci From 8dc92695c09389f93aa4eea9f1620c7f601d4557 Mon Sep 17 00:00:00 2001 From: Lorenzo Cian Date: Fri, 29 Aug 2025 09:10:01 +0200 Subject: [PATCH 17/22] lower timeout --- .github/workflows/enforce-license-compliance.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/enforce-license-compliance.yml b/.github/workflows/enforce-license-compliance.yml index ac18aa8f04..dac16fceaa 100644 --- a/.github/workflows/enforce-license-compliance.yml +++ b/.github/workflows/enforce-license-compliance.yml @@ -30,5 +30,5 @@ jobs: uses: getsentry/action-enforce-license-compliance@main with: skip_checkout: 'true' - fossa_test_timeout_seconds: 3600 + fossa_test_timeout_seconds: 60 fossa_api_key: ${{ secrets.FOSSA_API_KEY }} From 74500298be8a8d35d8aa5d47da4d309c68596b9f Mon Sep 17 00:00:00 2001 From: Lorenzo Cian Date: Fri, 29 Aug 2025 09:35:14 +0200 Subject: [PATCH 18/22] continue on error --- .github/workflows/enforce-license-compliance.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/enforce-license-compliance.yml b/.github/workflows/enforce-license-compliance.yml index dac16fceaa..5f4d198bc6 100644 --- a/.github/workflows/enforce-license-compliance.yml +++ b/.github/workflows/enforce-license-compliance.yml @@ -30,5 +30,7 @@ jobs: uses: getsentry/action-enforce-license-compliance@main with: skip_checkout: 'true' - fossa_test_timeout_seconds: 60 + fossa_test_timeout_seconds: 3600 fossa_api_key: ${{ secrets.FOSSA_API_KEY }} + continue-on-error: 'true' + From a2d64c1943d3d8a500c115d6c5c787f67881381f Mon Sep 17 00:00:00 2001 From: Lorenzo Cian Date: Fri, 29 Aug 2025 09:54:00 +0200 Subject: [PATCH 19/22] oops --- .github/workflows/enforce-license-compliance.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/enforce-license-compliance.yml b/.github/workflows/enforce-license-compliance.yml index 5f4d198bc6..326c1517ed 100644 --- a/.github/workflows/enforce-license-compliance.yml +++ b/.github/workflows/enforce-license-compliance.yml @@ -9,6 +9,8 @@ on: jobs: enforce-license-compliance: runs-on: ubuntu-latest + continue-on-error: 'true' + steps: - name: Setup Gradle uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 @@ -32,5 +34,3 @@ jobs: skip_checkout: 'true' fossa_test_timeout_seconds: 3600 fossa_api_key: ${{ secrets.FOSSA_API_KEY }} - continue-on-error: 'true' - From 10e78777a8cb84bd9bb5bb04fdcb89c3b073c4a0 Mon Sep 17 00:00:00 2001 From: Lorenzo Cian Date: Fri, 29 Aug 2025 10:26:16 +0200 Subject: [PATCH 20/22] bump --- .github/workflows/enforce-license-compliance.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/enforce-license-compliance.yml b/.github/workflows/enforce-license-compliance.yml index 326c1517ed..7b5652538b 100644 --- a/.github/workflows/enforce-license-compliance.yml +++ b/.github/workflows/enforce-license-compliance.yml @@ -9,7 +9,6 @@ on: jobs: enforce-license-compliance: runs-on: ubuntu-latest - continue-on-error: 'true' steps: - name: Setup Gradle From d166362bf0cfb91ae154334e6e264d19754a6651 Mon Sep 17 00:00:00 2001 From: Lorenzo Cian Date: Mon, 1 Sep 2025 15:23:04 +0200 Subject: [PATCH 21/22] Delete fossa-deps.yml --- fossa-deps.yml | 5 ----- 1 file changed, 5 deletions(-) delete mode 100644 fossa-deps.yml diff --git a/fossa-deps.yml b/fossa-deps.yml deleted file mode 100644 index 7058bf1f97..0000000000 --- a/fossa-deps.yml +++ /dev/null @@ -1,5 +0,0 @@ -vendored-dependencies: -- name: gson - path: sentry/src/main/java/io/sentry/vendor/gson -- name: Random - path: sentry/src/main/java/io/sentry/util From ccbd7690e9a12dceccc7a84174bb0903bbea3703 Mon Sep 17 00:00:00 2001 From: Lorenzo Cian Date: Mon, 1 Sep 2025 18:23:53 +0200 Subject: [PATCH 22/22] Update enforce-license-compliance.yml --- .github/workflows/enforce-license-compliance.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/enforce-license-compliance.yml b/.github/workflows/enforce-license-compliance.yml index 7b5652538b..ac18aa8f04 100644 --- a/.github/workflows/enforce-license-compliance.yml +++ b/.github/workflows/enforce-license-compliance.yml @@ -9,7 +9,6 @@ on: jobs: enforce-license-compliance: runs-on: ubuntu-latest - steps: - name: Setup Gradle uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3