Tags: calvinvette/coursier
Tags
Add option to pass file with dependencies to fetch (coursier#2604) * feat. add option to fetch dependencies from files * add short for dependencyFile option * use ValidationNel for file dependencies, add more tests * fix typos in docs, use intercept in tests * Tweaking Don't gather, but also don't more or less swallow, exceptions when reading dependency files. Plus NIT formatting or favor NIO over scala.io.Source * fixup Co-authored-by: Alexandre Archambault <alexandre.archambault@gmail.com>
10000
Merge pull request coursier#2576 from adpi2/cve-2022-37866 CVE-2022-37866 prevent path-traversal with bogus module coordinates
Bump coursier/cache-action from 6.3 to 6.4 (coursier#2567) Bumps [coursier/cache-action](https://github.com/coursier/cache-action) from 6.3 to 6.4. - [Release notes](https://github.com/coursier/cache-action/releases) - [Commits](coursier/cache-action@v6.3...v6.4) --- updated-dependencies: - dependency-name: coursier/cache-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Merge pull request coursier#2561 from alexarchambault/tweak-minimized… …-exclusions Tweak minimized exclusions
Merge pull request coursier#2541 from alexarchambault/proxy-config Accept proxy params via Scala CLI conf file
Deduplicate strings in `JsonElem` (coursier#2533) I ran into an issue where `coursier fetch --json-output-file ...` was failing with `java.lang.OutOfMemoryError`. This failure persisted even with heap sizes of 8 GB. Analysis of a heap dump showed that 66% of the heap consisted of duplicate strings. In my particular case, 9% of the heap was taken up by 149,403 copies of the string `"org.scala-lang:scala-library:2.12.12"`, and another 9% was copies of the string `"org.scala-lang:scala-library:2.12.8"`. It appeared that most of these strings were held by the `reconciledVersionStr` and `requestedVersionStr` fields of `JsonElem`. This PR adds `intern` calls to the allocations of `reconciledVersion`, `reconciledVersionStr`, and `requestedVersionStr` on `JsonElem`, causing these string allocations to be effectively deduplicated in to the JVM string pool. After this change, my same fetch command was able to complete running with a much smaller heap, `-Xmx256m`. This PR also adds `lazy` to `reconciledVersionStr`, as the eager evaluation of `reconciledVersionStr` effectively forced `reconciledVersion` to be non-lazy as well. * Use `Symbol(…).name` rather than `String#intern`
PreviousNext