Skip to content

Commit 2476a57

Browse files
Bump the github-actions group across 1 directory with 9 updates
Bumps the github-actions group with 9 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `6.0.2` | `7.0.0` | | [actions/setup-java](https://github.com/actions/setup-java) | `5.2.0` | `5.4.0` | | [actions/cache](https://github.com/actions/cache) | `5.0.4` | `6.1.0` | | [actions/attest](https://github.com/actions/attest) | `4.1.0` | `4.1.1` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `7.0.0` | `7.0.1` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.6.1` | `3.0.1` | | [github/codeql-action/init](https://github.com/github/codeql-action) | `4.35.1` | `4.36.2` | | [github/codeql-action/analyze](https://github.com/github/codeql-action) | `4.35.1` | `4.36.2` | | [skymatic/workflows/.github/workflows/run-dependency-check.yml](https://github.com/skymatic/workflows) | `3.0.3` | `3.1.0` | Updates `actions/checkout` from 6.0.2 to 7.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@de0fac2...9c091bb) Updates `actions/setup-java` from 5.2.0 to 5.4.0 - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](actions/setup-java@be666c2...1bcf9fb) Updates `actions/cache` from 5.0.4 to 6.1.0 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@6682284...55cc834) Updates `actions/attest` from 4.1.0 to 4.1.1 - [Release notes](https://github.com/actions/attest/releases) - [Changelog](https://github.com/actions/attest/blob/main/RELEASE.md) - [Commits](actions/attest@59d8942...a1948c3) Updates `actions/upload-artifact` from 7.0.0 to 7.0.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@bbbca2d...043fb46) Updates `softprops/action-gh-release` from 2.6.1 to 3.0.1 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](softprops/action-gh-release@153bb8e...718ea10) Updates `github/codeql-action/init` from 4.35.1 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@c10b806...8aad20d) Updates `github/codeql-action/analyze` from 4.35.1 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@c10b806...8aad20d) Updates `skymatic/workflows/.github/workflows/run-dependency-check.yml` from 3.0.3 to 3.1.0 - [Release notes](https://github.com/skymatic/workflows/releases) - [Commits](skymatic/workflows@957d3c2...8356563) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-java dependency-version: 5.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/cache dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/attest dependency-version: 4.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: softprops/action-gh-release dependency-version: 3.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action/init dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action/analyze dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: skymatic/workflows/.github/workflows/run-dependency-check.yml dependency-version: 3.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
1 parent 64de305 commit 2476a57

3 files changed

Lines changed: 15 additions & 15 deletions

File tree

.github/workflows/build.yml

Lines changed: 10 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -19,17 +19,17 @@ jobs:
1919
outputs:
2020
sha256: ${{ steps.checksums.outputs.sha256 }}
2121
steps:
22-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
22+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
2323
with:
2424
fetch-depth: 0 # deep fetch for better sonarcloud analysis
2525
show-progress: false
26-
- uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
26+
- uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5.4.0
2727
with:
2828
distribution: 'temurin'
2929
java-version: ${{ env.JAVA_VERSION }}
3030
cache: 'maven'
3131
- name: Cache SonarCloud packages
32-
uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4
32+
uses: actions/cache@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 # v6.1.0
3333
with:
3434
path: ~/.sonar/cache
3535
key: ${{ runner.os }}-sonar
@@ -59,12 +59,12 @@ jobs:
5959
} >> $GITHUB_OUTPUT
6060
- name: Attest
6161
if: startsWith(github.ref, 'refs/tags/')
62-
uses: actions/attest@59d89421af93a897026c735860bf21b6eb4f7b26 # v4.1.0
62+
uses: actions/attest@a1948c3f048ba23858d222213b7c278aabede763 # v4.1.1
6363
with:
6464
subject-path: |
6565
target/*.jar
6666
target/*.pom
67-
- uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
67+
- uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
6868
with:
6969
name: artifacts
7070
path: |
@@ -80,8 +80,8 @@ jobs:
8080
needs: [build]
8181
if: github.repository_owner == 'cryptomator' && (startsWith(github.ref, 'refs/tags/') || contains(github.event.head_commit.message, '[deploy]'))
8282
steps:
83-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
84-
- uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
83+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
84+
- uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5.4.0
8585
with:
8686
distribution: 'temurin'
8787
java-version: ${{ env.JAVA_VERSION }}
@@ -116,8 +116,8 @@ jobs:
116116
needs: [build]
117117
if: github.repository_owner == 'cryptomator' && (startsWith(github.ref, 'refs/tags/') || contains(github.event.head_commit.message, '[deploy]'))
118118
steps:
119-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
120-
- uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
119+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
120+
- uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5.4.0
121121
with:
122122
java-version: ${{ env.JAVA_VERSION }}
123123
distribution: 'temurin'
@@ -147,7 +147,7 @@ jobs:
147147
if: startsWith(github.ref, 'refs/tags/')
148148
steps:
149149
- name: Create Release
150-
uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.6.1
150+
uses: softprops/action-gh-release@718ea10b132b3b2eba29c1007bb80653f286566b # v3.0.1
151151
with:
152152
prerelease: true
153153
token: ${{ secrets.CRYPTOBOT_RELEASE_TOKEN }}

.github/workflows/codeql-analysis.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -16,20 +16,20 @@ jobs:
1616
# dependeabot has on push events only read-only access, but codeql requires write access
1717
if: ${{ !(github.actor == 'dependabot[bot]' && contains(fromJSON('["push"]'), github.event_name)) }}
1818
steps:
19-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
19+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
2020
with:
2121
fetch-depth: 2
2222
show-progress: false
23-
- uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
23+
- uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5.4.0
2424
with:
2525
java-version: 25
2626
distribution: 'temurin'
2727
cache: 'maven'
2828
- name: Initialize CodeQL
29-
uses: github/codeql-action/init@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
29+
uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
3030
with:
3131
languages: java
3232
- name: Build
3333
run: ./mvnw -B install -DskipTests
3434
- name: Perform CodeQL Analysis
35-
uses: github/codeql-action/analyze@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
35+
uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2

.github/workflows/dependency-check.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ on:
1111

1212
jobs:
1313
check-dependencies:
14-
uses: skymatic/workflows/.github/workflows/run-dependency-check.yml@957d3c2c08c56855fdac41e5afb9a7aca8c30dd9 # v3.0.3
14+
uses: skymatic/workflows/.github/workflows/run-dependency-check.yml@8356563bf7b8d1c8d693f75ca487e8f57573cec9 # v3.1.0
1515
with:
1616
runner-os: 'ubuntu-latest'
1717
java-distribution: 'temurin'

0 commit comments

Comments
 (0)