Merge remote-tracking branch 'origin/4.0.x'

.github/actions/pre-release/entrypoint.sh

@@ -33,10 +33,9 @@ echo "Pushing release version and recreating v${release_version} tag"
 git add gradle.properties
 git add grails-core/src/test/groovy/grails/util/GrailsUtilTests.java
 git commit -m "Release v${release_version}"
-git push origin $target_branch
 git push origin :refs/tags/v${release_version}
 git tag -fa v${release_version} -m "Release v${release_version}"
-git push origin $target_branch --tags
+git push origin v${release_version}
 
 echo "Closing again the release after updating the tag"
 release_url=`cat $GITHUB_EVENT_PATH | jq '.release.url' | sed -e 's/^"\(.*\)"$/\1/g'`

.github/workflows/gradle.yml

@@ -51,14 +51,10 @@ jobs:
       - name: Publish to repo.grails.org
         if: success() && github.event_name == 'push' && matrix.java == '8'
         env:
-          SECRING_FILE: ${{ secrets.SECRING_FILE }}
-          SIGNING_KEY: ${{ secrets.SIGNING_KEY }}
-          SIGNING_PASSPHRASE: ${{ secrets.SIGNING_PASSPHRASE }}
           ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }}
           ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}
         run: |
-          echo $SECRING_FILE | base64 -d > secring.gpg
-          ./gradlew -Psigning.keyId="$SIGNING_KEY" -Psigning.password="$SIGNING_PASSPHRASE" -Psigning.secretKeyRingFile="secring.gpg" publish
+          ./gradlew publish
       - name: Extract branch name
         if: success() && github.event_name == 'push' && matrix.java == '8'
         id: extract_branch

.github/workflows/rebase.yml

@@ -0,0 +1,19 @@
+name: Automatic Rebase
+on:
+  issue_comment:
+    types: [created]
+jobs:
+  rebase:
+    name: Rebase
+    if: github.event.issue.pull_request != '' && github.event.comment.author_association == 'MEMBER' && contains(github.event.comment.body, '/rebase')
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout the latest code
+        uses: actions/checkout@v2
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          fetch-depth: 0 # otherwise, you will fail to push refs to dest repo
+      - name: Automatic Rebase
+        uses: cirrus-actions/rebase@1.4
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/release-notes.yml

@@ -5,7 +5,7 @@ on:
   push:
     branches:
       - master
-      - '[4-9]+.[1-9]+.x'
+      - '[4-9]+.[0-9]+.x'
 jobs:
   release_notes:
     runs-on: ubuntu-latest
@@ -18,12 +18,13 @@ jobs:
           echo ::set-output name=has_release_drafter::${has_release_drafter}
 
       # If it has release drafter:
-      - uses: release-drafter/release-drafter@v5
+      - uses: release-drafter/release-drafter@v5.13.0
         if: steps.check_release_drafter.outputs.has_release_drafter == 'true'
         env:
           GITHUB_TOKEN: ${{ secrets.GH_TOKEN }}
         with:
           prerelease: true
+          commitish: master
           name: 5.0.0.RC1
           tag: v5.0.0.RC1
           version: 5.0.0.RC1

.github/workflows/release.yml

@@ -36,18 +36,20 @@ jobs:
         uses: ./.github/actions/pre-release
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
-      - name: Publish, Upload to Bintray
+      - name: Publish to Sonatype OSSRH
         env:
-          BINTRAY_USER: ${{ secrets.BINTRAY_USER }}
-          BINTRAY_KEY: ${{ secrets.BINTRAY_KEY }}
           SONATYPE_USERNAME: ${{ secrets.SONATYPE_USERNAME }}
           SONATYPE_PASSWORD: ${{ secrets.SONATYPE_PASSWORD }}
+          SONATYPE_STAGING_PROFILE_ID: ${{ secrets.SONATYPE_STAGING_PROFILE_ID }}
           ARTIFACTORY_USERNAME: ${{ secrets.ARTIFACTORY_USERNAME }}
           ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}
+          SIGNING_KEY: ${{ secrets.SIGNING_KEY }}
           SIGNING_PASSPHRASE: ${{ secrets.SIGNING_PASSPHRASE }}
+          SECRING_FILE: ${{ secrets.SECRING_FILE }}
         run: |
+          echo $SECRING_FILE | base64 -d > secring.gpg
           echo "Publishing Artifacts"
-          (set -x; ./gradlew bintrayUpload --no-daemon)
+          (set -x; ./gradlew -Psigning.secretKeyRingFile="${GITHUB_WORKSPACE}/secring.gpg" publishToSonatype closeAndReleaseSonatypeStagingRepository --no-daemon)
           (set -x; ./gradlew assemble --no-daemon)
       - name: Export Gradle Properties
         uses: micronaut-projects/github-actions/export-gradle-properties@master
@@ -58,21 +60,6 @@ jobs:
           token: ${{ secrets.GITHUB_TOKEN }}
         env:
           SNAPSHOT_SUFFIX: -SNAPSHOT
-      - name: Create Message for the Maven Central Sync
-        if: success()
-        id: maven_sync_message
-        run: |
-          echo ::set-output name=value::{\"release_version\":\"$RELEASE_VERSION\"}
-        env:
-          RELEASE_VERSION: ${{ steps.release_version.outputs.release_version }}
-      - name: Invoke the Maven Central Sync workflow
-        if: success()
-        uses: benc-uk/workflow-dispatch@v1.1
-        with:
-          workflow: Maven Central Sync
-          ref: master
-          token: ${{ secrets.GH_TOKEN }}
-          inputs: ${{ steps.maven_sync_message.outputs.value }}
       - name: Upload artifacts to the Github release
         uses: Roang-zero1/github-upload-release-artifacts-action@master
         with:

build.gradle

@@ -2,11 +2,11 @@ buildscript {
     repositories {
         maven { url "https://repo.grails.org/grails/core" }
         jcenter()
-        maven { url 'https://dl.bintray.com/vermeulen-mp/gradle-plugins' }
+        maven { url "https://plugins.gradle.org/m2/" }
     }
     dependencies {
         classpath "commons-io:commons-io:2.8.0"
-        classpath "com.jfrog.bintray.gradle:gradle-bintray-plugin:1.8.5"
+        classpath "io.github.gradle-nexus:publish-plugin:1.0.0"
         classpath "com.netflix.nebula:gradle-extra-configurations-plugin:2.2.0"
         classpath "com.github.adrianbk:gradle-travisci-trigger-plugin:1.0.0"
         classpath "com.bmuschko:gradle-nexus-plugin:$gradleNexusPluginVersion"
@@ -21,12 +21,13 @@ import groovyx.net.http.RESTClient
 import static groovyx.net.http.ContentType.*
 
 apply plugin: 'idea'
+
 ext {
     isJava8Compatible = org.gradle.api.JavaVersion.current().isJava8Compatible()
-    bintrayPublish = false
     grailsVersion = project.projectVersion
     groovyVersion = System.getenv('CI_GROOVY_VERSION') ?: project.groovyVersion
     isBuildSnapshot = grailsVersion.endsWith("-SNAPSHOT")
+    isReleaseVersion = !isBuildSnapshot
     isTravisBuild = System.getenv().get("TRAVIS") == 'true'
     springLoadedCommonOptions = "-Xverify:none -Dspringloaded.synchronize=true -Djdk.reflect.allowGetCallerClass=true"
     dependencyVersions = [
@@ -164,8 +165,6 @@ ext {
     homeConfDir = file("conf")
     homeLibDir = file("lib")
     homeSrcDir = file("src")
-
-
 }
 
 // Groovy is added as a dependency to both the 'groovy' and 'compile'
@@ -174,6 +173,11 @@ ext {
 // artifacts' POMs.
 ext.jointBuildGroovyJarProperty = System.getProperty('groovy.jar')
 ext.groovyDependency = null
+
+ext."signing.keyId" = System.getenv("SIGNING_KEY") ?: project.hasProperty("signing.keyId") ? project.getProperty('signing.keyId') : null
+ext."signing.password" = System.getenv("SIGNING_PASSPHRASE") ?: project.hasProperty("signing.password") ? project.getProperty('signing.password') : null
+ext."signing.secretKeyRingFile" = project.hasProperty("signing.secretKeyRingFile") ? project.getProperty('signing.secretKeyRingFile') : null
+
 if (jointBuildGroovyJarProperty) {
     def jointBuildGroovyJar = file(jointBuildGroovyJarProperty)
     if (jointBuildGroovyJar.exists()) {
@@ -188,6 +192,24 @@ if (jointBuildGroovyJarProperty) {
     }
 }
 
+if (isReleaseVersion) {
+    apply plugin: 'maven-publish'
+    apply plugin: "io.github.gradle-nexus.publish-plugin"
+
+    nexusPublishing {
+        repositories {
+            sonatype {
+                def ossUser = System.getenv("SONATYPE_USERNAME") ?: project.hasProperty("sonatypeOssUsername") ? project.sonatypeOssUsername : ''
+                def ossPass = System.getenv("SONATYPE_PASSWORD") ?: project.hasProperty("sonatypeOssPassword") ? project.sonatypeOssPassword : ''
+                def ossStagingProfileId = System.getenv("SONATYPE_STAGING_PROFILE_ID") ?: project.hasProperty("sonatypeOssStagingProfileId") ? project.sonatypeOssStagingProfileId : ''
+                username = ossUser
+                password = ossPass
+                stagingProfileId = ossStagingProfileId
+            }
+        }
+    }
+}
+
 allprojects {
     repositories {
         mavenLocal()
@@ -302,7 +324,7 @@ subprojects { project ->
     if(!isTestSuite) {
         apply plugin: 'com.bmuschko.nexus'
         apply plugin: 'maven-publish'
-        apply plugin: 'com.jfrog.bintray'
+        apply plugin: 'signing'
     }
     apply plugin: 'eclipse'
     apply plugin: 'idea'
@@ -322,20 +344,17 @@ subprojects { project ->
 
         publishing {
 
-            repositories {
-                maven {
-                    credentials {
-                        def u = System.getenv("ARTIFACTORY_USERNAME") ?: project.hasProperty("artifactoryPublishUsername") ? project.artifactoryPublishUsername : ''
-                        def p = System.getenv("ARTIFACTORY_PASSWORD") ?: project.hasProperty("artifactoryPublishPassword") ? project.artifactoryPublishPassword : ''
-                        username = u
-                        password = p
-                    }
-                    if (isBuildSnapshot) {
-                        url  "https://repo.grails.org/grails/libs-snapshots-local"
-                    } else {
-                        url  "https://repo.grails.org/grails/libs-releases-local"
+            if (isBuildSnapshot) {
+                repositories {
+                    maven {
+                        credentials {
+                            def u = System.getenv("ARTIFACTORY_USERNAME") ?: project.hasProperty("artifactoryPublishUsername") ? project.artifactoryPublishUsername : ''
+                            def p = System.getenv("ARTIFACTORY_PASSWORD") ?: project.hasProperty("artifactoryPublishPassword") ? project.artifactoryPublishPassword : ''
+                            username = u
+                            password = p
+                        }
+                        url "https://repo.grails.org/grails/libs-snapshots-local"
                     }
-
                 }
             }
 
@@ -360,39 +379,21 @@ subprojects { project ->
             }
         }
 
-        bintray {
-            user = System.getenv("BINTRAY_USER") ?: project.hasProperty("bintrayUser") ? project.bintrayUser : ''
-            key = System.getenv("BINTRAY_KEY") ?: project.hasProperty("bintrayKey") ? project.bintrayKey : ''
-            publications = ['maven']
-            publish = true
-            dryRun = false
-            pkg {
-                repo = 'grails-core'
-                userOrg = 'grails'
-                name = 'grails-core'
-                desc = 'Grails Framework'
-                websiteUrl = 'http://grails.org'
-                issueTrackerUrl = 'https://github.com/grails/grails-core/issues'
-                vcsUrl = 'https://github.com/grails/grails-core'
-                licenses = ['Apache-2.0']
-                publicDownloadNumbers = true
-                version {
-                    name = project.version
-                    gpg {
-                        sign = true
-                        passphrase = System.getenv("SIGNING_PASSPHRASE") ?: project.hasProperty("signingPassphrase") ? project.signingPassphrase : ''
-                    }
-                    mavenCentralSync {
-                        sync = false
-                        def ossUser = System.getenv("SONATYPE_USERNAME") ?: project.hasProperty("sonatypeOssUsername") ? project.sonatypeOssUsername : ''
-                        def ossPass = System.getenv("SONATYPE_PASSWORD") ?: project.hasProperty("sonatypeOssPassword") ? project.sonatypeOssPassword : ''
-                        user = ossUser
-                        password = ossPass
-                    }
-
-                }
+        afterEvaluate {
+            signing {
+                required { isReleaseVersion && gradle.taskGraph.hasTask("publish") }
+                sign publishing.publications.maven
             }
         }
+
+        tasks.withType(Sign) {
+            onlyIf { isReleaseVersion }
+        }
+
+        //do not generate extra load on Nexus with new staging repository if signing fails
+        tasks.withType(io.github.gradlenexus.publishplugin.InitializeNexusStagingRepository).configureEach {
+            shouldRunAfter(tasks.withType(Sign))
+        }
     }
 
     if(project.name == 'grails-dependencies') return
@@ -558,41 +559,6 @@ task clean(type: Delete, group: 'build') {
            homeSrcDir
 }
 
-def bintrayUser = System.getenv("BINTRAY_USER") ?: project.hasProperty("bintrayUser") ? project.bintrayUser : ''
-def bintrayKey = System.getenv("BINTRAY_KEY") ?: project.hasProperty("bintrayKey") ? project.bintrayKey : ''
-def ossUser = System.getenv("SONATYPE_USERNAME") ?: project.hasProperty("sonatypeOssUsername") ? project.sonatypeOssUsername : ''
-def ossPass = System.getenv("SONATYPE_PASSWORD") ?: project.hasProperty("sonatypeOssPassword") ? project.sonatypeOssPassword : ''
-
-task synchronizeWithMavenCentral() {
-    description = "Syncs with Maven Central/Sonatype"
-    doLast {
-        println """
-Synchronizing with Maven central. This may take a few minutes ...
-If this fails, log on to http://oss.sonatype.org/ using the centralUser credentials
-and progress through process manually -> Close -> Publish ... under staging repositories
-"""
-        try {
-            // doesn't exist.. try sync
-            def client = new RESTClient('https://api.bintray.com/maven_central_sync/grails/grails-core/')
-            client.headers['Authorization'] = 'Basic ' + "$bintrayUser:$bintrayKey".getBytes('iso-8859-1').encodeBase64()
-            def body = /{}/
-            def resp = client.post(
-                    path: "grails-core/versions/$grailsVersion",
-                    body: body,
-                    requestContentType: JSON
-            )
-            assert resp.status == 200
-            println resp.data.status
-            println resp.data.messages.join('\n')
-        } catch (groovyx.net.http.HttpResponseException e) {
-            println "Error: $e"
-            println "Message: $e.message"
-            println "Body: $e.response.data"
-            throw e
-        }
-    }
-}
-
 // From this point on we need the subprojects to be fully configured, so force their full evaluation
 subprojects.each {
     if (it.tasks.findByName('install') && it.tasks.findByName('publishToMavenLocal')) {

gradle.properties

@@ -23,7 +23,7 @@ jlineVersion=2.14.6
 jnaVersion=4.5.2
 junitVersion=4.13
 legacyConvertersVersion=4.0.0
-methvinDirectoryWatcherVersion=0.3.0
+methvinDirectoryWatcherVersion=0.15.0
 micronautCacheVersion=2.2.0
 micronautRuntimeGroovyVersion=2.2.0
 micronautSpringVersion=3.0.0

grails-bom/build.gradle

@@ -1,5 +1,4 @@
 apply plugin: 'maven-publish'
-apply plugin: 'com.jfrog.bintray'
 
 publishing {
     publications {

grails-bootstrap/build.gradle

@@ -3,7 +3,7 @@ import org.apache.tools.ant.filters.ReplaceTokens
 dependencies {
     api ( "org.codehaus.groovy:groovy-xml:$groovyVersion" )
     api ( "org.codehaus.groovy:groovy-templates:$groovyVersion" )
-    api "org.yaml:snakeyaml:1.23"
+    api "org.yaml:snakeyaml:1.28"
 
     compileOnly("io.methvin:directory-watcher:$methvinDirectoryWatcherVersion")
     compileOnly("org.fusesource.jansi:jansi:$jansiVersion")

grails-codecs/build.gradle

@@ -1,3 +1,3 @@
 dependencies {
-    api 'commons-codec:commons-codec:1.10'
+    api 'commons-codec:commons-codec:1.15'
 }

grails-core/src/main/groovy/grails/boot/GrailsApp.groovy

@@ -442,8 +442,8 @@ class GrailsApp extends SpringApplication {
 
     protected printRunStatus(ConfigurableApplicationContext applicationContext) {
         try {
-            def protocol = System.getProperty('server.ssl.key-store') ? 'https' : 'http'
             GrailsApplication app = applicationContext.getBean(GrailsApplication)
+            String protocol = app.config.getProperty('server.ssl.key-store') ? 'https' : 'http'
             applicationContext.publishEvent(
                     new ApplicationPreparedEvent(
                             this,