Add Sha256sum to validate the maven binary used for the building the project

[bmscomp]

🤔 What's changed?

No breaking changes and brought over this pull request, the only thing is adding an entry on the maven-wrapper.properties distributionSha256Sum

⚡️ What's your motivation?

To be able to validate the content of the downloaded binary with a given sha256sum and to be sure that nothing is missing or it or not corrupted

🏷️ What kind of change is this?

It's about adding a new entry for distributionSha256Sum on maven-wrapper.properties

• 🏦 Refactoring/debt/DX (improvement to code design, tooling, documentation etc. without changing behaviour)
• 🐛 Bug fix (non-breaking change which fixes a defect)
• ⚡ New feature (non-breaking change which adds new behaviour)
• 💥 Breaking change (incompatible changes to the API)

♻️ Anything particular you want feedback on?

📋 Checklist:

• I agree to respect and uphold the Cucumber Community Code of Conduct
• I've changed the behaviour of the code
  • I have added/updated tests to cover my changes.
• My change requires a change to the documentation.
  • I have updated the documentation accordingly.
• Users should know about my change
  • I have added an entry to the "Unreleased" section of the CHANGELOG, linking to this pull request.

---

This text was originally generated from a template, then edited by hand. You can modify the template here.

[mpkorstanje]

Cheers. Could you also add the wrapperSha256Sum?

[codecov]

Codecov Report

All modified lines are covered by tests ✅

Comparison is base (79b04be) 84.99% compared to head (7f760cd) 84.99%.

Additional details and impacted files

@@            Coverage Diff            @@
##               main    #2809   +/-   ##
=========================================
  Coverage     84.99%   84.99%           
  Complexity     2727     2727           
=========================================
  Files           331      331           
  Lines          9542     9542           
  Branches        915      915           
=========================================
  Hits           8110     8110           
  Misses         1108     1108           
  Partials        324      324           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[bmscomp]

@mpkorstanje I'll give it and try and check the ci after that

[bmscomp]

@mpkorstanje I think there is an issue with the maven wrapper validation in Maven, better to roll back the last change the time that will be fixed on maven

Get-FileHash : The term 'Get-FileHash' is not recognized as the name of a cmdlet, function, script file, or operable 
program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again.
At line:1 char:13
+ &{ $hash = (Get-FileHash "D:\a\cucumber-jvm\cucumber-jvm\.mvn\wrapper ...
+             ~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (Get-FileHash:String) [], CommandNotFoundException
    + FullyQualifiedErrorId : CommandNotFoundException
 
Error: Failed to validate Maven wrapper SHA-256, your Maven wrapper might be compromised.

[mpkorstanje]

Where did you find the hash for maven-wrapper.jar?

[mpkorstanje]

Ah. No, nevermind. It is the Windows builds that fail.

[bmscomp]

@mpkorstanje it's the failure is related to windows build, it can be an issue of maven on windows or an issue of github actions when it comes to use a windows operating system to build

[mpkorstanje]

Reading these two

• Seems like Get-FileHash of powershell on windows-latest is not working actions/runner-images#225
• Powershell Framework is broken (again) under Powershell Core PowerShell/PowerShell#18108

It looks like Powershel broke it.

[mpkorstanje]

Good enough for now. Cheers!