(struts-intellij-plugin) branch main updated: ci: pin Marketplace ZIP Signer to 0.1.43 (#88)

Wed, 10 Jun 2026 22:18:24 -0700 

This is an automated email from the ASF dual-hosted git repository.

lukaszlenart pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/struts-intellij-plugin.git


The following commit(s) were added to refs/heads/main by this push:
     new 2849715  ci: pin Marketplace ZIP Signer to 0.1.43 (#88)
2849715 is described below

commit 284971588774b65f39169fee3a7e2960d42de881
Author: Lukasz Lenart <[email protected]>
AuthorDate: Thu Jun 11 07:18:13 2026 +0200

    ci: pin Marketplace ZIP Signer to 0.1.43 (#88)
    
    The nightly/release workflows intermittently fail at signPlugin with
    "No Marketplace ZIP Signer executable found" even though zipSigner() is
    declared. With no version pinned, a stale Gradle cache restored by
    gradle/actions (e.g. saved by a non-signing build.yml run) can leave the
    signing configuration empty. Pinning the version makes the signer
    dependency deterministically resolvable.
    
    Co-authored-by: Claude Opus 4.8 <[email protected]>
---
 CHANGELOG.md     | 4 ++++
 build.gradle.kts | 7 ++++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index e1db375..f40aa83 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -4,6 +4,10 @@
 
 ## [Unreleased]
 
+### Fixed
+
+- Pin Marketplace ZIP Signer to `0.1.43` so `signPlugin` is deterministically 
resolvable and no longer fails with "No Marketplace ZIP Signer executable 
found" on a stale Gradle cache in the nightly/release workflows
+
 ## [261.19017.1] - 2026-04-28
 
 ### Added
diff --git a/build.gradle.kts b/build.gradle.kts
index b5ecaf6..7740235 100644
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -65,7 +65,12 @@ dependencies {
         bundledPlugin("com.intellij.modules.json")
 
         pluginVerifier()
-        zipSigner()
+        // Pin the Marketplace ZIP Signer version so the signing dependency is 
always
+        // deterministically resolvable. Without a version, a stale Gradle 
cache restored
+        // by gradle/actions (e.g. saved by a non-signing build.yml run) can 
leave the
+        // signing configuration empty, causing signPlugin to fail with
+        // "No Marketplace ZIP Signer executable found" in the nightly/release 
workflows.
+        zipSigner("0.1.43")
 
         testFramework(TestFrameworkType.Platform)
         testFramework(TestFrameworkType.Plugin.Java)

Reply via email to