From 1651ac6948be17e61f82bdaf3ea509d981a77d98 Mon Sep 17 00:00:00 2001
From: Aayush Atharva <24762260+hyperxpro@users.noreply.github.com>
Date: Sun, 15 Mar 2026 15:49:19 +0000
Subject: [PATCH 1/2] Switch to Revapi and Matrix JDK builds for all current
JDK LTS
---
.github/dependabot.yml | 19 ++++
.github/workflows/maven.yml | 60 ++++++++-----
client/pom.xml | 7 ++
.../org/asynchttpclient/BasicHttp2Test.java | 10 ++-
.../multipart/MultipartBasicAuthTest.java | 2 +-
pom.xml | 88 +++++++++++++++----
6 files changed, 143 insertions(+), 43 deletions(-)
create mode 100644 .github/dependabot.yml
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000000..add32073ae
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,19 @@
+version: 2
+updates:
+ - package-ecosystem: "maven"
+ directory: "/"
+ schedule:
+ interval: "monthly"
+ groups:
+ dependencies:
+ patterns:
+ - "*"
+
+ - package-ecosystem: "github-actions"
+ directory: "/"
+ schedule:
+ interval: "monthly"
+ groups:
+ actions:
+ patterns:
+ - "*"
diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index 473f1686ff..bb3f83c9da 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -1,4 +1,4 @@
-# This workflow is designed to build PRs for AHC. Note that it does not actually publish AHC, just builds and test it.
+# This workflow builds and tests PRs for AHC.
# Docs: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
name: Build PR
@@ -17,39 +17,51 @@ on:
default: 'Github Actions'
jobs:
- RunOnLinux:
+ compile-and-check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- - name: Grant Permission
- run: sudo chmod +x ./mvnw
- uses: actions/setup-java@v4
with:
distribution: 'corretto'
java-version: '11'
- - name: Run Tests (force Docker tests)
- run: ./mvnw -B -ntp clean test -Ddocker.tests=true
-
- RunOnMacOs:
- runs-on: macos-latest
- steps:
- - uses: actions/checkout@v4
- name: Grant Permission
- run: sudo chmod +x ./mvnw
- - uses: actions/setup-java@v4
- with:
- distribution: 'corretto'
- java-version: '11'
- - name: Run Tests (force Docker tests)
- run: ./mvnw -B -ntp clean test -Ddocker.tests=true
+ run: chmod +x ./mvnw
+ - name: Compile and API compatibility check
+ run: ./mvnw -B -ntp clean verify -DskipTests -Dgpg.skip=true
- RunOnWindows:
- runs-on: windows-latest
+ test:
+ needs: compile-and-check
+ strategy:
+ fail-fast: false
+ matrix:
+ os: [ubuntu-latest, macos-latest, windows-latest]
+ jdk: [11, 17, 21, 25]
+ include:
+ - jdk: 11
+ distribution: corretto
+ - jdk: 17
+ distribution: corretto
+ - jdk: 21
+ distribution: corretto
+ - jdk: 25
+ distribution: corretto
+ runs-on: ${{ matrix.os }}
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v4
with:
- distribution: 'corretto'
- java-version: '11'
- - name: Run Tests
- run: ./mvnw.cmd -B -ntp clean test
+ distribution: ${{ matrix.distribution }}
+ java-version: ${{ matrix.jdk }}
+ - name: Grant Permission
+ if: runner.os != 'Windows'
+ run: chmod +x ./mvnw
+ - name: Run Tests (Linux)
+ if: runner.os == 'Linux'
+ run: ./mvnw -B -ntp clean test -Ddocker.tests=true
+ - name: Run Tests (macOS)
+ if: runner.os == 'macOS'
+ run: ./mvnw -B -ntp clean test -Dno.docker.tests=true
+ - name: Run Tests (Windows)
+ if: runner.os == 'Windows'
+ run: ./mvnw.cmd -B -ntp clean test "-Dno.docker.tests=true"
diff --git a/client/pom.xml b/client/pom.xml
index 12c24f6665..5d4dede3fd 100644
--- a/client/pom.xml
+++ b/client/pom.xml
@@ -180,6 +180,13 @@
test
+
+ io.netty
+ netty-pkitesting
+ ${netty.version}
+ test
+
+
org.testcontainers
diff --git a/client/src/test/java/org/asynchttpclient/BasicHttp2Test.java b/client/src/test/java/org/asynchttpclient/BasicHttp2Test.java
index b3daaa9589..c6fa880b1f 100644
--- a/client/src/test/java/org/asynchttpclient/BasicHttp2Test.java
+++ b/client/src/test/java/org/asynchttpclient/BasicHttp2Test.java
@@ -45,7 +45,8 @@
import io.netty.handler.ssl.ApplicationProtocolNames;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslContextBuilder;
-import io.netty.handler.ssl.util.SelfSignedCertificate;
+import io.netty.pkitesting.CertificateBuilder;
+import io.netty.pkitesting.X509Bundle;
import io.netty.util.concurrent.GlobalEventExecutor;
import org.asynchttpclient.test.EventCollectingHandler;
import org.junit.jupiter.api.AfterEach;
@@ -335,9 +336,12 @@ public void exceptionCaught(ChannelHandlerContext ctx, Throwable cause) {
@BeforeEach
public void startServer() throws Exception {
- SelfSignedCertificate ssc = new SelfSignedCertificate();
+ X509Bundle bundle = new CertificateBuilder()
+ .subject("CN=localhost")
+ .setIsCertificateAuthority(true)
+ .buildSelfSigned();
- serverSslCtx = SslContextBuilder.forServer(ssc.certificate(), ssc.privateKey())
+ serverSslCtx = SslContextBuilder.forServer(bundle.toKeyManagerFactory())
.applicationProtocolConfig(new ApplicationProtocolConfig(
ApplicationProtocolConfig.Protocol.ALPN,
ApplicationProtocolConfig.SelectorFailureBehavior.NO_ADVERTISE,
diff --git a/client/src/test/java/org/asynchttpclient/request/body/multipart/MultipartBasicAuthTest.java b/client/src/test/java/org/asynchttpclient/request/body/multipart/MultipartBasicAuthTest.java
index 1941ea5494..73fdcaa70d 100644
--- a/client/src/test/java/org/asynchttpclient/request/body/multipart/MultipartBasicAuthTest.java
+++ b/client/src/test/java/org/asynchttpclient/request/body/multipart/MultipartBasicAuthTest.java
@@ -62,7 +62,7 @@ public AbstractHandler configureHandler() throws Exception {
}
private void expectHttpResponse(Function f, int expectedResponseCode) throws Throwable {
- File file = createTempFile(1024 * 1024);
+ File file = createTempFile(1024);
try (AsyncHttpClient client = asyncHttpClient()) {
Response response = f.apply(client.preparePut(getTargetUrl()).addBodyPart(new FilePart("test", file, APPLICATION_OCTET_STREAM.toString(), UTF_8)))
diff --git a/pom.xml b/pom.xml
index 16a0e1c55b..3efe9e26e9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -429,26 +429,50 @@
- com.github.siom79.japicmp
- japicmp-maven-plugin
- 0.23.1
+ org.revapi
+ revapi-maven-plugin
+ 0.15.0
+
+
+ org.revapi
+ revapi-java
+ 0.28.1
+
+
-
- RELEASE
- ${project.version}
-
-
- true
- true
- true
- false
- public
-
+
+ org.asynchttpclient:async-http-client:RELEASE
+
+
+ ${project.groupId}:${project.artifactId}:${project.version}
+
+
+
+
- cmp
+ check
verify
@@ -456,4 +480,38 @@
+
+
+
+ errorprone-jdk25
+
+ [25,)
+
+
+
+
+ org.apache.maven.plugins
+ maven-compiler-plugin
+
+
+ --should-stop=ifError=FLOW
+
+
+
+ com.google.errorprone
+ error_prone_core
+ 2.48.0
+
+
+ com.uber.nullaway
+ nullaway
+ 0.13.1
+
+
+
+
+
+
+
+
From c00040a9e4fd77e57ffdba2c53632a9b4b754ff9 Mon Sep 17 00:00:00 2001
From: Aayush Atharva <24762260+hyperxpro@users.noreply.github.com>
Date: Sun, 15 Mar 2026 21:25:16 +0530
Subject: [PATCH 2/2] Potential fix for code scanning alert no. 32: Workflow
does not contain permissions
Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>
---
.github/workflows/maven.yml | 2 ++
1 file changed, 2 insertions(+)
diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index bb3f83c9da..d8394509c0 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -2,6 +2,8 @@
# Docs: https://help.github.com/actions/language-and-framework-guides/building-and-testing-java-with-maven
name: Build PR
+permissions:
+ contents: read
on:
push: