[
https://issues.apache.org/jira/browse/GROOVY-12005?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18080163#comment-18080163
]
ASF GitHub Bot commented on GROOVY-12005:
-----------------------------------------
codecov-commenter commented on PR #2530:
URL: https://github.com/apache/groovy/pull/2530#issuecomment-4425735824
##
[Codecov](https://app.codecov.io/gh/apache/groovy/pull/2530?dropdown=coverage&src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache)
Report
:x: Patch coverage is `13.33333%` with `52 lines` in your changes missing
coverage. Please review.
:white_check_mark: Project coverage is 68.1446%. Comparing base
([`d84d955`](https://app.codecov.io/gh/apache/groovy/commit/d84d9556db50d65e2d3344b81b6a909d451d1ec7?dropdown=coverage&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache))
to head
([`1a5f8cf`](https://app.codecov.io/gh/apache/groovy/commit/1a5f8cf42e80e5caad4aa672f092350bdad26bb7?dropdown=coverage&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache)).
:warning: Report is 3 commits behind head on master.
| [Files with missing
lines](https://app.codecov.io/gh/apache/groovy/pull/2530?dropdown=coverage&src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache)
| Patch % | Lines |
|---|---|---|
|
[...groovy/grape/ivy/StrictCachedGrapesResolver.groovy](https://app.codecov.io/gh/apache/groovy/pull/2530?src=pr&el=tree&filepath=subprojects%2Fgroovy-grape-ivy%2Fsrc%2Fmain%2Fgroovy%2Fgroovy%2Fgrape%2Fivy%2FStrictCachedGrapesResolver.groovy&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#diff-c3VicHJvamVjdHMvZ3Jvb3Z5LWdyYXBlLWl2eS9zcmMvbWFpbi9ncm9vdnkvZ3Jvb3Z5L2dyYXBlL2l2eS9TdHJpY3RDYWNoZWRHcmFwZXNSZXNvbHZlci5ncm9vdnk=)
| 3.2258% | [30 Missing :warning:
](https://app.codecov.io/gh/apache/groovy/pull/2530?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache)
|
|
[...y/src/main/groovy/groovy/grape/ivy/GrapeIvy.groovy](https://app.codecov.io/gh/apache/groovy/pull/2530?src=pr&el=tree&filepath=subprojects%2Fgroovy-grape-ivy%2Fsrc%2Fmain%2Fgroovy%2Fgroovy%2Fgrape%2Fivy%2FGrapeIvy.groovy&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#diff-c3VicHJvamVjdHMvZ3Jvb3Z5LWdyYXBlLWl2eS9zcmMvbWFpbi9ncm9vdnkvZ3Jvb3Z5L2dyYXBlL2l2eS9HcmFwZUl2eS5ncm9vdnk=)
| 25.0000% | [18 Missing and 3 partials :warning:
](https://app.codecov.io/gh/apache/groovy/pull/2530?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache)
|
|
[...oovy/groovy/grape/ivy/StrictLocalM2Resolver.groovy](https://app.codecov.io/gh/apache/groovy/pull/2530?src=pr&el=tree&filepath=subprojects%2Fgroovy-grape-ivy%2Fsrc%2Fmain%2Fgroovy%2Fgroovy%2Fgrape%2Fivy%2FStrictLocalM2Resolver.groovy&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#diff-c3VicHJvamVjdHMvZ3Jvb3Z5LWdyYXBlLWl2eS9zcmMvbWFpbi9ncm9vdnkvZ3Jvb3Z5L2dyYXBlL2l2eS9TdHJpY3RMb2NhbE0yUmVzb2x2ZXIuZ3Jvb3Z5)
| 0.0000% | [1 Missing :warning:
](https://app.codecov.io/gh/apache/groovy/pull/2530?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache)
|
<details><summary>Additional details and impacted files</summary>
[](https://app.codecov.io/gh/apache/groovy/pull/2530?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache)
```diff
@@ Coverage Diff @@
## master #2530 +/- ##
==================================================
- Coverage 68.1657% 68.1446% -0.0211%
- Complexity 32716 32720 +4
==================================================
Files 1499 1499
Lines 125104 125153 +49
Branches 22549 22564 +15
==================================================
+ Hits 85278 85285 +7
- Misses 32339 32381 +42
Partials 7487 7487
```
| [Files with missing
lines](https://app.codecov.io/gh/apache/groovy/pull/2530?dropdown=coverage&src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache)
| Coverage Δ | |
|---|---|---|
|
[...oovy/groovy/grape/ivy/StrictLocalM2Resolver.groovy](https://app.codecov.io/gh/apache/groovy/pull/2530?src=pr&el=tree&filepath=subprojects%2Fgroovy-grape-ivy%2Fsrc%2Fmain%2Fgroovy%2Fgroovy%2Fgrape%2Fivy%2FStrictLocalM2Resolver.groovy&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#diff-c3VicHJvamVjdHMvZ3Jvb3Z5LWdyYXBlLWl2eS9zcmMvbWFpbi9ncm9vdnkvZ3Jvb3Z5L2dyYXBlL2l2eS9TdHJpY3RMb2NhbE0yUmVzb2x2ZXIuZ3Jvb3Z5)
| `2.7027% <0.0000%> (+0.1386%)` | :arrow_up: |
|
[...y/src/main/groovy/groovy/grape/ivy/GrapeIvy.groovy](https://app.codecov.io/gh/apache/groovy/pull/2530?src=pr&el=tree&filepath=subprojects%2Fgroovy-grape-ivy%2Fsrc%2Fmain%2Fgroovy%2Fgroovy%2Fgrape%2Fivy%2FGrapeIvy.groovy&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#diff-c3VicHJvamVjdHMvZ3Jvb3Z5LWdyYXBlLWl2eS9zcmMvbWFpbi9ncm9vdnkvZ3Jvb3Z5L2dyYXBlL2l2eS9HcmFwZUl2eS5ncm9vdnk=)
| `30.2326% <25.0000%> (-1.0003%)` | :arrow_down: |
|
[...groovy/grape/ivy/StrictCachedGrapesResolver.groovy](https://app.codecov.io/gh/apache/groovy/pull/2530?src=pr&el=tree&filepath=subprojects%2Fgroovy-grape-ivy%2Fsrc%2Fmain%2Fgroovy%2Fgroovy%2Fgrape%2Fivy%2FStrictCachedGrapesResolver.groovy&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#diff-c3VicHJvamVjdHMvZ3Jvb3Z5LWdyYXBlLWl2eS9zcmMvbWFpbi9ncm9vdnkvZ3Jvb3Z5L2dyYXBlL2l2eS9TdHJpY3RDYWNoZWRHcmFwZXNSZXNvbHZlci5ncm9vdnk=)
| `7.6923% <3.2258%> (-5.3512%)` | :arrow_down: |
... and [5 files with indirect coverage
changes](https://app.codecov.io/gh/apache/groovy/pull/2530/indirect-changes?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache)
</details>
<details><summary> :rocket: New features to boost your workflow: </summary>
- :snowflake: [Test
Analytics](https://docs.codecov.com/docs/test-analytics): Detect flaky tests,
report on failures, and find test suite problems.
- :package: [JS Bundle
Analysis](https://docs.codecov.com/docs/javascript-bundle-analysis): Save
yourself from yourself by tracking and limiting bundle sizes in JS merges.
</details>
> Harden Grape against cache corruption and CDN throttling
> --------------------------------------------------------
>
> Key: GROOVY-12005
> URL: https://issues.apache.org/jira/browse/GROOVY-12005
> Project: Groovy
> Issue Type: Improvement
> Components: Grape
> Reporter: Paul King
> Assignee: Paul King
> Priority: Major
>
> h2. Grape robustness measures
> Two complementary cache-validation guards plus a CDN compatibility fix,
> addressing
> hard-to-diagnose @Grab failures caused by half-populated caches and
> Cloudflare's
> recent filtering of the JDK URLConnection default User-Agent.
> h3. Cache resilience
> * New {{StrictLocalM2Resolver}} (extends {{IBiblioResolver}}) — rejects a
> {{localm2}} entry when its POM has no JAR alongside (typical
> {{staged-releases}} lineage). Resolution falls through to {{ibiblio}}
> instead of failing with "download failed". Default-on; opt-out
> {{-Dgroovy.grape.strict-localm2=false}}.
> * New {{StrictCachedGrapesResolver}} (extends {{FileSystemResolver}},
> {{descriptor="required"}}) — refuses to synthesise stub descriptors from
> artifact-only state, and refuses cached ivy descriptors lacking the
> companion {{.original}} POM (which signals a previously-synthesised stub).
> Self-heals existing corruption by forcing fall-through. Default-on; opt-out
> {{-Dgroovy.grape.strict-cached-grapes=false}}.
> h3. CDN compatibility
> * {{GrapeIvy}} static initializer sets {{http.agent}} to a Maven-shaped
> User-Agent {{Apache-Maven/x.y.z (Java X; OS X)}}, since Maven Central
> (Fastly) returns HTTP 404 to the JDK default {{Java/<version>}}.
> Covers CLI and standalone script use.
> * Build plugin {{org.apache.groovy-tested}} sets the same value as a JVM
> arg for test JVMs (static init runs too late for already-warm test JVMs).
> * {{ForkedJvmExtension}} always inherits {{http.agent}} into child JVMs.
> h3. Diagnostics & generality
> * {{GrapeIvy.getDependencies}} now appends an actionable hint when a failure
> matches the half-populated {{localm2}} pattern, naming the artifact, the
> cache paths to clean, and the {{mvn dependency:get}} command.
> * Test plugin generically forwards any {{groovy.grape.*}} system or project
> property to test JVMs (covers strict-localm2, strict-cached-grapes, plus
> any future flag).
> h3. Test infrastructure
> * CI workflow pre-warms {{~/.m2/repository}} via {{mvn dependency:get}}
> for every {{@Grab}} coord discovered in test sources (Maven uses
> Apache HttpClient and isn't filtered by Cloudflare). Bridge copies
> the warm cache into each test task's isolated temp at task start.
> * {{actions/cache}} extended to persist {{~/.m2/repository}} alongside
> {{~/.groovy/grapes}} between runs.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
