diff --git a/.github/actions/maven-publish/action.yml b/.github/actions/maven-publish/action.yml index 643b49e..6f32628 100644 --- a/.github/actions/maven-publish/action.yml +++ b/.github/actions/maven-publish/action.yml @@ -17,7 +17,7 @@ runs: steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Setup Java shell: bash diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 82c11aa..517f759 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -10,22 +10,22 @@ jobs: gradle: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - uses: actions/setup-java@v5 with: distribution: temurin java-version: 8 - name: Set up Gradle - uses: gradle/actions/setup-gradle@06832c7b30a0129d7fb559bcc6e43d26f6374244 # v4.3.1 + uses: gradle/actions/setup-gradle@39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f # v6.0.1 - name: Test and Assemble and ApiDiff with Gradle run: ./gradlew assemble apiDiff check jacocoTestReport --continue --console=plain - - uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 + - uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de with: flags: unittests - - uses: actions/upload-artifact@v4 + - uses: actions/upload-artifact@v7 with: name: Reports path: lib/build/reports diff --git a/.github/workflows/gradle-wrapper-validation.yml b/.github/workflows/gradle-wrapper-validation.yml index c32831c..7f9542d 100644 --- a/.github/workflows/gradle-wrapper-validation.yml +++ b/.github/workflows/gradle-wrapper-validation.yml @@ -6,5 +6,5 @@ jobs: name: "validation/gradlew" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 - - uses: gradle/actions/wrapper-validation@v4 + - uses: actions/checkout@v6 + - uses: gradle/actions/wrapper-validation@39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f # pin@v6.0.1 diff --git a/.github/workflows/java-release.yml b/.github/workflows/java-release.yml index 5d95d5d..89e7b9c 100644 --- a/.github/workflows/java-release.yml +++ b/.github/workflows/java-release.yml @@ -30,7 +30,7 @@ jobs: steps: # Checkout the code - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: fetch-depth: 0 diff --git a/.github/workflows/rl-secure.yml b/.github/workflows/rl-secure.yml index ea3ec62..018cbac 100644 --- a/.github/workflows/rl-secure.yml +++ b/.github/workflows/rl-secure.yml @@ -32,7 +32,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: fetch-depth: 0 @@ -43,7 +43,7 @@ jobs: java-version: ${{ inputs.java-version }} - name: Set up Gradle - uses: gradle/actions/setup-gradle@06832c7b30a0129d7fb559bcc6e43d26f6374244 # v4.3.1 + uses: gradle/actions/setup-gradle@39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f # v6.0.1 - name: Test and Assemble and ApiDiff with Gradle run: ./gradlew assemble apiDiff check jacocoTestReport --continue --console=plain diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml deleted file mode 100644 index e69de29..0000000 diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml index fffc935..90a7c52 100644 --- a/.github/workflows/snyk.yml +++ b/.github/workflows/snyk.yml @@ -30,10 +30,10 @@ jobs: - if: github.actor == 'dependabot[bot]' || github.event_name == 'merge_group' run: exit 0 # Skip unnecessary test runs for dependabot and merge queues. Artifically flag as successful, as this is a required check for branch protection. - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: ref: ${{ github.event.pull_request.head.sha || github.ref }} - - uses: snyk/actions/gradle-jdk11@b98d498629f1c368650224d6d212bf7dfa89e4bf # pin@0.4.0 + - uses: snyk/actions/gradle-jdk11@9adf32b1121593767fc3c057af55b55db032dc04 # pin@1.0.0 env: SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}