Skip to content

sts: Update to version 4.32.1, fix checkver & autoupdate, update homepage #16516

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Nov 6, 2025
Merged

sts: Update to version 4.32.1, fix checkver & autoupdate, update homepage #16516

merged 3 commits into from
Nov 6, 2025

Conversation

@chaerun
Copy link
Contributor

@chaerun chaerun commented Nov 1, 2025
edited by coderabbitai bot
Loading

Related: #16379

  • Use conventional PR title: <manifest-name[@version]|chore>: <general summary of the pull request>
  • I have read the Contributing Guide

Summary by CodeRabbit

  • Chores
    • Updated to version 4.32.1.
    • Homepage shortened to main tools page.
    • Downloads moved to the cdn.spring.io CDN with updated package naming and paths.
    • Autoupdate templates adjusted; integrity checks strengthened by switching to SHA-256.

@github-actions
Copy link
Contributor

github-actions bot commented Nov 1, 2025

Your changes did not pass all checks.

Please address the issues in the manifest and comment starting with /verify to rerun the checks.

sts

  • Lint
  • Description
  • License
  • Hashes
  • Checkver
  • Autoupdate
  • Autoupdate Hash Extraction

Check the full log for details.

@coderabbitai
Copy link

coderabbitai bot commented Nov 1, 2025
edited
Loading

Walkthrough

Version bump from 4.29.1 to 4.32.1 for the Spring Tools for Eclipse package, migrating 64-bit download URLs from springsource.com to cdn.spring.io with updated artifact naming and configuration parameters including checksums and version detection regex.

Changes

Cohort / File(s) Summary
Spring Tools for Eclipse Scoop bucket configuration
bucket/sts.json		 Version bumped from 4.29.1 to 4.32.1; all 64-bit download URLs migrated from springsource.com to cdn.spring.io; artifact naming updated to spring-tools-for-eclipse-<version>.RELEASE-…-win32.x86_64.zip; checkver regex adjusted from spring-tool-suite-4-... to spring-tools-for-eclipse-...; autoupdate URL template changed to use cdn.spring.io and new artifact path; checksum reference updated from sha1 to sha256 and corresponding hash values replaced.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

  • Verify version strings are consistent across URL templates, filenames, and regex.
  • Confirm cdn.spring.io URLs resolve and point to the expected artifacts.
  • Validate SHA256 hashes against downloaded artifacts.
  • Test the updated checkver regex and autoupdate template to ensure correct version detection.

Poem

🐰 I hopped through JSON fields with glee,
New CDN paths and versions for me,
Hashes checked and regex tuned,
Spring tools gleam—no bytes are marooned,
4.32.1, a crunchy carrot spree 🥕

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)
Check name Status Explanation
Title check ✅ Passed The title clearly summarizes the main changes: version update, checkver/autoupdate fixes, and homepage update.
Description check ✅ Passed The description includes the issue reference, bullet points explaining all key changes, and both required checklist items marked as complete.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

coderabbitai[bot]
coderabbitai bot reviewed Nov 1, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between ff3649f and a240eb1.

📒 Files selected for processing (1)
  • bucket/sts.json (2 hunks)
🧰 Additional context used
🧠 Learnings (3)
📚 Learning: 2025-10-16T15:59:21.258Z 
Learnt from: o-l-a-v
Repo: ScoopInstaller/Extras PR: 16349
File: bucket/fvim.json:45-49
Timestamp: 2025-10-16T15:59:21.258Z
Learning: In Scoop manifests, the `autoupdate.url` and `autoupdate.architecture.<arch>.url` fields must be valid URIs according to the JSON schema (defined with `"format": "uri"`). Variables like `$matchUrlx64` that contain only path segments must be combined with a base URL (e.g., `https://github.com/.../releases/download/`) to form a complete valid URI.

Applied to files:

  • bucket/sts.json
📚 Learning: 2025-09-05T09:41:52.653Z 
Learnt from: Gitoffthelawn
Repo: ScoopInstaller/Extras PR: 16106
File: bucket/czkawka-gui.json:25-25
Timestamp: 2025-09-05T09:41:52.653Z
Learning: For czkawka-gui manifests in Scoop Extras, the correct upstream filename pattern for Windows GUI builds in recent versions uses "gtk46" (without underscore), not "gtk_46" (with underscore). The autoupdate URL should use "windows_czkawka_gui_gtk46.zip" format. This was confirmed by a working 10.0.0 update with valid hash.

Applied to files:

  • bucket/sts.json
📚 Learning: 2025-09-05T09:41:52.653Z 
Learnt from: Gitoffthelawn
Repo: ScoopInstaller/Extras PR: 16106
File: bucket/czkawka-gui.json:25-25
Timestamp: 2025-09-05T09:41:52.653Z
Learning: For czkawka-gui manifests in Scoop Extras, the correct upstream filename pattern for Windows GUI builds uses "gtk46" (without underscore), not "gtk_46" (with underscore). The autoupdate URL should use "windows_czkawka_gui_gtk46.zip" format.

Applied to files:

  • bucket/sts.json
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
  • GitHub Check: WindowsPowerShell
🔇 Additional comments (2)
bucket/sts.json (2)

10-11: URL and hash updates align with PR objectives.

The download URL has been successfully migrated from springsource.com to cdn.spring.io/spring-tools, and the artifact naming now uses spring-tools-for-eclipse prefix as required. The hash has been updated to match the new version and artifact.

33-35: Upstream provides .sha256 hash files — no action required.

Verification confirms the Spring Tools CDN provides .sha256 hash files for release artifacts. The curl request to the cdn.spring.io URL returned HTTP 200 with a valid SHA256 hash. The autoupdate configuration change is valid and functional.

@chaerun
Copy link
Contributor Author

chaerun commented Nov 4, 2025

/verify

@github-actions
Copy link
Contributor

github-actions bot commented Nov 4, 2025

All changes look good.

Wait for review from human collaborators.

sts

  • Lint
  • Description
  • License
  • Hashes
  • Checkver
  • Autoupdate
  • Autoupdate Hash Extraction

Check the full log for details.

@z-Fng z-Fng mentioned this pull request Nov 6, 2025
Open
@z-Fng z-Fng changed the title [email protected]: fix checkver regex & autoupdate base URL sts: Update to version 4.32.1, fix checkver & autoupdate Nov 6, 2025
@z-Fng
Copy link
Member

z-Fng commented Nov 6, 2025

/verify

@github-actions
Copy link
Contributor

github-actions bot commented Nov 6, 2025

All changes look good.

Wait for review from human collaborators.

sts

  • Lint
  • Description
  • License
  • Hashes
  • Checkver
  • Autoupdate
  • Autoupdate Hash Extraction

Check the full log for details.

z-Fng
z-Fng approved these changes Nov 6, 2025
View reviewed changes
Copy link
Member

@z-Fng z-Fng left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@z-Fng z-Fng changed the title sts: Update to version 4.32.1, fix checkver & autoupdate sts: Update to version 4.32.1, fix checkver & autoupdate, update homepage Nov 6, 2025
coderabbitai[bot]
coderabbitai bot reviewed Nov 6, 2025
View reviewed changes
Copy link

@coderabbitai coderabbitai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between a240eb1 and 1856d9f.

📒 Files selected for processing (1)
  • bucket/sts.json (2 hunks)
🧰 Additional context used
🧠 Learnings (3)
📚 Learning: 2025-10-16T15:59:21.258Z 
Learnt from: o-l-a-v
Repo: ScoopInstaller/Extras PR: 16349
File: bucket/fvim.json:45-49
Timestamp: 2025-10-16T15:59:21.258Z
Learning: In Scoop manifests, the `autoupdate.url` and `autoupdate.architecture.<arch>.url` fields must be valid URIs according to the JSON schema (defined with `"format": "uri"`). Variables like `$matchUrlx64` that contain only path segments must be combined with a base URL (e.g., `https://github.com/.../releases/download/`) to form a complete valid URI.

Applied to files:

  • bucket/sts.json
📚 Learning: 2025-09-05T09:41:52.653Z 
Learnt from: Gitoffthelawn
Repo: ScoopInstaller/Extras PR: 16106
File: bucket/czkawka-gui.json:25-25
Timestamp: 2025-09-05T09:41:52.653Z
Learning: For czkawka-gui manifests in Scoop Extras, the correct upstream filename pattern for Windows GUI builds in recent versions uses "gtk46" (without underscore), not "gtk_46" (with underscore). The autoupdate URL should use "windows_czkawka_gui_gtk46.zip" format. This was confirmed by a working 10.0.0 update with valid hash.

Applied to files:

  • bucket/sts.json
📚 Learning: 2025-09-05T09:41:52.653Z 
Learnt from: Gitoffthelawn
Repo: ScoopInstaller/Extras PR: 16106
File: bucket/czkawka-gui.json:25-25
Timestamp: 2025-09-05T09:41:52.653Z
Learning: For czkawka-gui manifests in Scoop Extras, the correct upstream filename pattern for Windows GUI builds uses "gtk46" (without underscore), not "gtk_46" (with underscore). The autoupdate URL should use "windows_czkawka_gui_gtk46.zip" format.

Applied to files:

  • bucket/sts.json
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)
  • GitHub Check: WindowsPowerShell
🔇 Additional comments (2)
bucket/sts.json (2)

4-4: Verify homepage URL change maintains accessibility to STS product information.

The homepage was changed from https://spring.io/tools/sts (product-specific) to https://spring.io/tools (general tools landing page). Confirm that users landing on the homepage can still find relevant information about Spring Tools for Eclipse and its download/documentation links.

10-12: Verify hash computation matches upstream published hash.

The hash on line 11 was updated to use SHA256. Confirm by:

  1. Downloading the artifact from the URL on line 10
  2. Computing its SHA256 checksum
  3. Verifying it matches: d266f169a95edbc2e74fe89c346bfda2e6f8cc6790e2d2ef0d2908fbc7a9d8d0

This prevents silent corruption or downgrade attacks.

@z-Fng z-Fng merged commit d206da3 into ScoopInstaller:master Nov 6, 2025
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@coderabbitai coderabbitai[bot] coderabbitai[bot] left review comments

@z-Fng z-Fng z-Fng approved these changes

Assignees

No one assigned

Labels

review-needed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@chaerun @z-Fng