diff --git a/.github/actions/run-gradle/action.yml b/.github/actions/run-gradle/action.yml
index 082e9ecda8..e8c88659c4 100644
--- a/.github/actions/run-gradle/action.yml
+++ b/.github/actions/run-gradle/action.yml
@@ -35,7 +35,7 @@ runs:
toolchainVersion=$(grep -oP '(?<=^toolchainVersion=).*' gradle/gradle-daemon-jvm.properties)
echo "toolchainVersion=${toolchainVersion}" >> $GITHUB_ENV
- name: Set up JDK ${{ env.toolchainVersion }}
- uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0
+ uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0
with:
java-version: ${{ env.toolchainVersion }}
distribution: temurin
@@ -50,7 +50,7 @@ runs:
echo "JAVA_VERSION=${{ inputs.java }}" >> $GITHUB_ENV
fi
- name: Set up JDK
- uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0
+ uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0
with:
java-version: ${{
inputs.java == 'GraalVM' && inputs.graal ||
diff --git a/.github/workflows/actionlint.yml b/.github/workflows/actionlint.yml
index 295bb617a6..f26669af9f 100644
--- a/.github/workflows/actionlint.yml
+++ b/.github/workflows/actionlint.yml
@@ -14,7 +14,7 @@ jobs:
allowed-endpoints: >
api.github.com:443
github.com:443
- - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: actionlint
uses: reviewdog/action-actionlint@053981cb135d7a696bbeec6181d9d5fae6e07dae # v1.57.0
env:
diff --git a/.github/workflows/analysis.yml b/.github/workflows/analysis.yml
index 55707e7f36..20015575f2 100644
--- a/.github/workflows/analysis.yml
+++ b/.github/workflows/analysis.yml
@@ -31,7 +31,7 @@ jobs:
disable-sudo: true
egress-policy: block
allowed-endpoints: ${{ env.ALLOWED_ENDPOINTS }}
- - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Forbidden Apis
uses: ./.github/actions/run-gradle
with:
@@ -50,7 +50,7 @@ jobs:
disable-sudo: true
egress-policy: block
allowed-endpoints: ${{ env.ALLOWED_ENDPOINTS }}
- - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Pmd
uses: ./.github/actions/run-gradle
with:
@@ -69,7 +69,7 @@ jobs:
disable-sudo: true
egress-policy: block
allowed-endpoints: ${{ env.ALLOWED_ENDPOINTS }}
- - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Spotbugs
uses: ./.github/actions/run-gradle
with:
diff --git a/.github/workflows/benchmarks.yml b/.github/workflows/benchmarks.yml
index ab9de78490..4a90c33772 100644
--- a/.github/workflows/benchmarks.yml
+++ b/.github/workflows/benchmarks.yml
@@ -39,7 +39,7 @@ jobs:
raw.githubusercontent.com:443
services.gradle.org:443
www.graalvm.org:443
- - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Compute JMH Benchmark
uses: ./.github/actions/run-gradle
with:
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 971de9b6d6..e948a3ccea 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -58,7 +58,7 @@ jobs:
egress-policy: block
allowed-endpoints: ${{ env.ALLOWED_ENDPOINTS }}
- name: Checkout
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Compile
uses: ./.github/actions/run-gradle
with:
@@ -170,7 +170,7 @@ jobs:
egress-policy: block
allowed-endpoints: ${{ env.ALLOWED_ENDPOINTS }}
- name: Checkout
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Run tests (${{ env.JAVA_VERSION }})
uses: ./.github/actions/run-gradle
with:
@@ -227,7 +227,7 @@ jobs:
storage.googleapis.com:443
uploader.codecov.io:443
- name: Checkout
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: Download Tests Results
@@ -297,7 +297,7 @@ jobs:
- name: Decompress
run: find . -type f -name '*.tar.gz' -exec sh -c 'tar -zxf {} --one-top-level' \;
- name: Publish Test Results
- uses: EnricoMi/publish-unit-test-result-action@82082dac68ad6a19d980f8ce817e108b9f496c2a # v2.17.1
+ uses: EnricoMi/publish-unit-test-result-action@170bf24d20d201b842d7a52403b73ed297e6645b # v2.18.0
continue-on-error: true
id: test-results
with:
@@ -348,7 +348,7 @@ jobs:
errorprone.info:443
lightbend.github.io:443
guava.dev:443
- - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Publish Snapshot
uses: ./.github/actions/run-gradle
env:
diff --git a/.github/workflows/codacy.yml b/.github/workflows/codacy.yml
index ea22c47c1a..a571871d39 100644
--- a/.github/workflows/codacy.yml
+++ b/.github/workflows/codacy.yml
@@ -29,7 +29,7 @@ jobs:
registry-1.docker.io:443
*.blob.core.windows.net:443
- name: Checkout code
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Run Codacy Analysis
uses: codacy/codacy-analysis-cli-action@97bf5df3c09e75f5bcd72695998f96ebd701846e # v4.4.5
continue-on-error: true
@@ -47,7 +47,7 @@ jobs:
if: steps.check_files.outputs.files_exists == 'true'
run: jq -c '.runs |= unique_by({tool, invocations, results})' < results.sarif > codacy.sarif
- name: Upload result to GitHub Code Scanning
- uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
+ uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
if: steps.check_files.outputs.files_exists == 'true'
continue-on-error: true
with:
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 62c4ef2a38..e1ccc13336 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -50,17 +50,17 @@ jobs:
uploads.github.com:443
services.gradle.org:443
- name: Checkout repository
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup Gradle
uses: ./.github/actions/run-gradle
with:
java: ${{ env.JAVA_VERSION }}
cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
- name: Initialize CodeQL
- uses: github/codeql-action/init@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
+ uses: github/codeql-action/init@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
with:
languages: java
- name: Autobuild
- uses: github/codeql-action/autobuild@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
+ uses: github/codeql-action/autobuild@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
- name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
+ uses: github/codeql-action/analyze@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
diff --git a/.github/workflows/dependency-check.yml b/.github/workflows/dependency-check.yml
index bf3e6ca102..92c99a0ea4 100644
--- a/.github/workflows/dependency-check.yml
+++ b/.github/workflows/dependency-check.yml
@@ -45,7 +45,7 @@ jobs:
raw.githubusercontent.com:443
services.gradle.org:443
www.cisa.gov:443
- - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Run dependency-check
uses: ./.github/actions/run-gradle
continue-on-error: true
@@ -61,7 +61,7 @@ jobs:
with:
files: build/reports/dependency-check-report.sarif
- name: Upload result to GitHub Code Scanning
- uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
+ uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
if: steps.check_files.outputs.files_exists == 'true'
with:
sarif_file: build/reports/dependency-check-report.sarif
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
index 0d86775b00..720e66d9d0 100644
--- a/.github/workflows/dependency-review.yml
+++ b/.github/workflows/dependency-review.yml
@@ -19,9 +19,9 @@ jobs:
api.github.com:443
github.com:443
- name: Checkout Repository
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Dependency Review
- uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4
+ uses: actions/dependency-review-action@a6993e2c61fd5dc440b409aa1d6904921c5e1894 # v4.3.5
with:
license-check: false
comment-summary-in-pr: on-failure
diff --git a/.github/workflows/dependency-submission-pr-submit.yml b/.github/workflows/dependency-submission-pr-submit.yml
index 652a4b55e6..cedca7fa61 100644
--- a/.github/workflows/dependency-submission-pr-submit.yml
+++ b/.github/workflows/dependency-submission-pr-submit.yml
@@ -31,9 +31,9 @@ jobs:
repo.maven.apache.org:443
repo1.maven.org:443
services.gradle.org:443
- - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Set up JDK ${{ env.JAVA_VERSION }}
- uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0
+ uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0
with:
java-version: ${{ env.JAVA_VERSION }}
distribution: temurin
diff --git a/.github/workflows/dependency-submission.yml b/.github/workflows/dependency-submission.yml
index 517adba0b9..d81ce7da8f 100644
--- a/.github/workflows/dependency-submission.yml
+++ b/.github/workflows/dependency-submission.yml
@@ -31,9 +31,9 @@ jobs:
repo.maven.apache.org:443
repo1.maven.org:443
services.gradle.org:443
- - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Set up JDK ${{ env.JAVA_VERSION }}
- uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0
+ uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0
with:
java-version: ${{ env.JAVA_VERSION }}
distribution: temurin
diff --git a/.github/workflows/devskim.yml b/.github/workflows/devskim.yml
index 3860c24240..216bf4edda 100644
--- a/.github/workflows/devskim.yml
+++ b/.github/workflows/devskim.yml
@@ -27,10 +27,10 @@ jobs:
api.github.com:443
github.com:443
- name: Checkout code
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Run DevSkim scanner
uses: microsoft/DevSkim-Action@914fa647b406c387000300b2f09bb28691be2b6d # v1.0.14
- name: Upload DevSkim scan results to GitHub Security tab
- uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
+ uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
with:
sarif_file: devskim-results.sarif
diff --git a/.github/workflows/examples.yml b/.github/workflows/examples.yml
index d670cbc58d..48dce69529 100644
--- a/.github/workflows/examples.yml
+++ b/.github/workflows/examples.yml
@@ -32,7 +32,7 @@ jobs:
repo1.maven.org:443
services.gradle.org:443
www.graalvm.org:443
- - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup Gradle
uses: ./.github/actions/run-gradle
with:
diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml
index 9ab8299e56..2ee5c9e825 100644
--- a/.github/workflows/gitleaks.yml
+++ b/.github/workflows/gitleaks.yml
@@ -23,7 +23,7 @@ jobs:
egress-policy: block
allowed-endpoints: ${{ env.ALLOWED_ENDPOINTS }}
- name: Checkout
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- name: Run gitleaks
diff --git a/.github/workflows/gradle-wrapper-validation.yml b/.github/workflows/gradle-wrapper-validation.yml
index eef82855c3..a623a669eb 100644
--- a/.github/workflows/gradle-wrapper-validation.yml
+++ b/.github/workflows/gradle-wrapper-validation.yml
@@ -17,5 +17,5 @@ jobs:
downloads.gradle-dn.com:443
github.com:443
services.gradle.org:443
- - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- uses: gradle/actions/wrapper-validation@d156388eb19639ec20ade50009f3d199ce1e2808 # v4.1.0
diff --git a/.github/workflows/qodana.yml b/.github/workflows/qodana.yml
index d6b60303c6..9cd2ef193d 100644
--- a/.github/workflows/qodana.yml
+++ b/.github/workflows/qodana.yml
@@ -55,7 +55,7 @@ jobs:
resources.jetbrains.com:443
services.gradle.org:443
- name: Checkout
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Build
uses: ./.github/actions/run-gradle
with:
@@ -63,13 +63,13 @@ jobs:
cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
arguments: check -x test
- name: Qodana - Code Inspection
- uses: JetBrains/qodana-action@84494be4d1a2f64ec1c4bfdf475406e246e34672 # v2024.2.3
+ uses: JetBrains/qodana-action@4f04143e8d52028fee27c2a219c8856035094962 # v2024.2.5
env:
QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}
with:
upload-result: true
github-token: ${{ secrets.GITHUB_TOKEN }}
- name: Upload SARIF file for GitHub Advanced Security Dashboard
- uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
+ uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
with:
sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index ae39e7dcb4..d280ae22bc 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -18,7 +18,7 @@ jobs:
with:
disable-sudo: true
egress-policy: audit
- - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Releasing
uses: ./.github/actions/run-gradle
env:
diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml
index 20f2dceaa1..6681abf338 100644
--- a/.github/workflows/scorecards-analysis.yml
+++ b/.github/workflows/scorecards-analysis.yml
@@ -41,7 +41,7 @@ jobs:
tuf-repo-cdn.sigstore.dev:443
www.bestpractices.dev:443
- name: Checkout code
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Run analysis
@@ -58,6 +58,6 @@ jobs:
path: results.sarif
retention-days: 5
- name: Upload to code-scanning
- uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
+ uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
with:
sarif_file: results.sarif
diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
index 34ff10e2cc..620f951946 100644
--- a/.github/workflows/semgrep.yml
+++ b/.github/workflows/semgrep.yml
@@ -17,7 +17,7 @@ jobs:
# Incompatible with Harden Runner
image: returntocorp/semgrep
steps:
- - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- run: semgrep scan --sarif --output=results.sarif
env:
SEMGREP_RULES: >-
@@ -34,7 +34,7 @@ jobs:
if: steps.check_files.outputs.files_exists == 'true'
run: jq -c '.runs[0].tool.driver.rules |= unique_by(.id)' < results.sarif > semgrep.sarif
- name: Upload SARIF file for GitHub Advanced Security Dashboard
- uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
+ uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
if: steps.check_files.outputs.files_exists == 'true'
continue-on-error: true
with:
diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml
index 30f820cba7..c6d6dc9560 100644
--- a/.github/workflows/snyk.yml
+++ b/.github/workflows/snyk.yml
@@ -25,7 +25,7 @@ jobs:
if: github.event.repository.fork == false
steps:
- name: Checkout repository
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup Gradle
uses: ./.github/actions/run-gradle
with:
@@ -42,7 +42,7 @@ jobs:
with:
files: snyk.sarif
- name: Upload result to GitHub Code Scanning
- uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
+ uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
if: steps.check_files.outputs.files_exists == 'true'
with:
sarif_file: snyk.sarif
diff --git a/.github/workflows/spelling.yml b/.github/workflows/spelling.yml
index e050487d69..ff6a506952 100644
--- a/.github/workflows/spelling.yml
+++ b/.github/workflows/spelling.yml
@@ -14,7 +14,7 @@ jobs:
allowed-endpoints: >
api.github.com:443
github.com:443
- - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Misspell
uses: reviewdog/action-misspell@ef8b22c1cca06c8d306fc6be302c3dab0f6ca12f # v1.23.0
with:
@@ -32,6 +32,6 @@ jobs:
allowed-endpoints: >
github.com:443
objects.githubusercontent.com:443
- - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Typos
- uses: crate-ci/typos@6802cc60d4e7f78b9d5454f6cf3935c042d5e1e3 # v1.26.0
+ uses: crate-ci/typos@0d9e0c2c1bd7f770f6eb90f87780848ca02fc12c # v1.26.8
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
index 0cfea287fd..532cc2259b 100644
--- a/.github/workflows/trivy.yml
+++ b/.github/workflows/trivy.yml
@@ -22,7 +22,7 @@ jobs:
github.com:443
objects.githubusercontent.com:443
pkg-containers.githubusercontent.com:443
- - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # v0.28.0
with:
@@ -30,6 +30,6 @@ jobs:
format: sarif
output: trivy-results.sarif
- name: Upload Trivy scan results to GitHub Security tab
- uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13
+ uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
with:
sarif_file: trivy-results.sarif
diff --git a/caffeine/src/jmh/java/com/github/benmanes/caffeine/cache/EvictionBenchmark.java b/caffeine/src/jmh/java/com/github/benmanes/caffeine/cache/EvictionBenchmark.java
index f5716c89b4..69dd58d4a4 100644
--- a/caffeine/src/jmh/java/com/github/benmanes/caffeine/cache/EvictionBenchmark.java
+++ b/caffeine/src/jmh/java/com/github/benmanes/caffeine/cache/EvictionBenchmark.java
@@ -35,7 +35,7 @@
*/
@State(Scope.Benchmark)
@SuppressWarnings({"CanonicalAnnotationSyntax", "LexicographicalAnnotationAttributeListing",
- "PMD.JUnit4TestShouldUseAfterAnnotation"})
+ "PMD.UnitTestShouldUseAfterAnnotation"})
public class EvictionBenchmark {
@Param({
diff --git a/caffeine/src/jmh/java/com/github/benmanes/caffeine/cache/GetPutBenchmark.java b/caffeine/src/jmh/java/com/github/benmanes/caffeine/cache/GetPutBenchmark.java
index 780f5ec0a8..af9e927fc6 100644
--- a/caffeine/src/jmh/java/com/github/benmanes/caffeine/cache/GetPutBenchmark.java
+++ b/caffeine/src/jmh/java/com/github/benmanes/caffeine/cache/GetPutBenchmark.java
@@ -43,7 +43,7 @@
*/
@State(Scope.Group)
@SuppressWarnings({"CanonicalAnnotationSyntax", "LexicographicalAnnotationAttributeListing",
- "MemberName", "PMD.JUnit4TestShouldUseAfterAnnotation", "PMD.MethodNamingConventions"})
+ "MemberName", "PMD.UnitTestShouldUseAfterAnnotation", "PMD.MethodNamingConventions"})
public class GetPutBenchmark {
private static final int SIZE = (2 << 14);
private static final int MASK = SIZE - 1;
diff --git a/caffeine/src/jmh/java/com/github/benmanes/caffeine/cache/PutRemoveBenchmark.java b/caffeine/src/jmh/java/com/github/benmanes/caffeine/cache/PutRemoveBenchmark.java
index c37e9cd470..54f181f088 100644
--- a/caffeine/src/jmh/java/com/github/benmanes/caffeine/cache/PutRemoveBenchmark.java
+++ b/caffeine/src/jmh/java/com/github/benmanes/caffeine/cache/PutRemoveBenchmark.java
@@ -48,7 +48,7 @@
*/
@State(Scope.Group)
@SuppressWarnings({"CanonicalAnnotationSyntax", "LexicographicalAnnotationAttributeListing",
- "PMD.JUnit4TestShouldUseAfterAnnotation", "PMD.MethodNamingConventions"})
+ "PMD.UnitTestShouldUseAfterAnnotation", "PMD.MethodNamingConventions"})
public class PutRemoveBenchmark {
private static final int SIZE = (2 << 14);
private static final int MASK = SIZE - 1;
diff --git a/caffeine/src/test/java/com/github/benmanes/caffeine/cache/CaffeineSpecGuavaTest.java b/caffeine/src/test/java/com/github/benmanes/caffeine/cache/CaffeineSpecGuavaTest.java
index b5aca04003..7fb6033717 100644
--- a/caffeine/src/test/java/com/github/benmanes/caffeine/cache/CaffeineSpecGuavaTest.java
+++ b/caffeine/src/test/java/com/github/benmanes/caffeine/cache/CaffeineSpecGuavaTest.java
@@ -34,7 +34,7 @@
* @author Adam Winer
*/
@SuppressWarnings({"PMD.DetachedTestCase",
- "PMD.JUnit4TestShouldUseTestAnnotation", "PreferJavaTimeOverload"})
+ "PMD.UnitTestShouldUseTestAnnotation", "PreferJavaTimeOverload"})
public class CaffeineSpecGuavaTest extends TestCase {
public void testParse_empty() {
diff --git a/examples/coalescing-bulkloader-reactor/gradle/libs.versions.toml b/examples/coalescing-bulkloader-reactor/gradle/libs.versions.toml
index ab9f5daf76..fbb72a7b9e 100644
--- a/examples/coalescing-bulkloader-reactor/gradle/libs.versions.toml
+++ b/examples/coalescing-bulkloader-reactor/gradle/libs.versions.toml
@@ -1,6 +1,6 @@
[versions]
caffeine = "3.1.8"
-junit = "5.11.2"
+junit = "5.11.3"
reactor = "3.6.11"
truth = "1.4.4"
versions = "0.51.0"
diff --git a/examples/graal-native/gradle/libs.versions.toml b/examples/graal-native/gradle/libs.versions.toml
index 20e5a29a99..7f855f3b86 100644
--- a/examples/graal-native/gradle/libs.versions.toml
+++ b/examples/graal-native/gradle/libs.versions.toml
@@ -1,7 +1,7 @@
[versions]
caffeine = "3.1.8"
graal = "0.10.3"
-junit = "5.11.2"
+junit = "5.11.3"
truth = "1.4.4"
versions = "0.51.0"
diff --git a/examples/hibernate/gradle/libs.versions.toml b/examples/hibernate/gradle/libs.versions.toml
index 211320f56e..3c59bb80ba 100644
--- a/examples/hibernate/gradle/libs.versions.toml
+++ b/examples/hibernate/gradle/libs.versions.toml
@@ -2,7 +2,7 @@
caffeine = "3.1.8"
h2 = "2.3.232"
hibernate = "7.0.0.Beta1"
-junit = "5.11.2"
+junit = "5.11.3"
log4j2 = "3.0.0-beta2"
truth = "1.4.4"
versions = "0.51.0"
diff --git a/examples/indexable/gradle/libs.versions.toml b/examples/indexable/gradle/libs.versions.toml
index 8aa75b3ece..6c6db0b921 100644
--- a/examples/indexable/gradle/libs.versions.toml
+++ b/examples/indexable/gradle/libs.versions.toml
@@ -1,7 +1,7 @@
[versions]
caffeine = "3.1.8"
guava = "33.3.1-jre"
-junit-jupiter = "5.11.2"
+junit-jupiter = "5.11.3"
truth = "1.4.4"
versions = "0.51.0"
diff --git a/examples/resilience-failsafe/gradle/libs.versions.toml b/examples/resilience-failsafe/gradle/libs.versions.toml
index 505733fd59..08d4da8973 100644
--- a/examples/resilience-failsafe/gradle/libs.versions.toml
+++ b/examples/resilience-failsafe/gradle/libs.versions.toml
@@ -1,7 +1,7 @@
[versions]
caffeine = "3.1.8"
failsafe = "3.3.2"
-junit = "5.11.2"
+junit = "5.11.3"
truth = "1.4.4"
versions = "0.51.0"
diff --git a/examples/write-behind-rxjava/gradle/libs.versions.toml b/examples/write-behind-rxjava/gradle/libs.versions.toml
index a3ae624dc6..8bdf05709b 100644
--- a/examples/write-behind-rxjava/gradle/libs.versions.toml
+++ b/examples/write-behind-rxjava/gradle/libs.versions.toml
@@ -1,7 +1,7 @@
[versions]
awaitility = "4.2.2"
caffeine = "3.1.8"
-junit = "5.11.2"
+junit = "5.11.3"
rxjava = "3.1.9"
versions = "0.51.0"
diff --git a/gradle/config/pmd/rulesSets-test.xml b/gradle/config/pmd/rulesSets-test.xml
index 2709913655..9c8d7291d7 100644
--- a/gradle/config/pmd/rulesSets-test.xml
+++ b/gradle/config/pmd/rulesSets-test.xml
@@ -14,9 +14,9 @@
-
-
-
+
+
+
diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
index 32bf4e126b..8a312f2b38 100644
--- a/gradle/libs.versions.toml
+++ b/gradle/libs.versions.toml
@@ -19,10 +19,10 @@ commons-text = "1.12.0"
concurrentlinkedhashmap = "1.4.2"
config = "1.4.3"
coveralls = "2.12.2"
-dependency-check = "10.0.4"
+dependency-check = "11.0.0"
eclipse-collections = "12.0.0.M3"
ehcache3 = "3.10.8"
-errorprone = "2.34.0"
+errorprone = "2.35.1"
errorprone-plugin = "4.1.0"
errorprone-support = "0.18.0"
expiring-map = "0.5.11"
@@ -78,8 +78,8 @@ osgi-promise = "1.3.0"
pax-exam = "4.13.5"
pax-url = "2.6.14"
picocli = "4.7.6"
-pmd = "7.6.0"
-protobuf = "4.28.2"
+pmd = "7.7.0"
+protobuf = "4.28.3"
slf4j = "2.0.16"
slf4j-test = "3.0.1"
snakeyaml = "2.3"
diff --git a/simulator/build.gradle.kts b/simulator/build.gradle.kts
index cc5684009b..e5847d57ce 100644
--- a/simulator/build.gradle.kts
+++ b/simulator/build.gradle.kts
@@ -83,11 +83,13 @@ tasks.register("rewrite")
tasks.withType().configureEach {
dependsOn(tasks.processResources, tasks.compileJava)
classpath(sourceSets["main"].runtimeClasspath)
- inputs.properties(caffeineSystemProperties())
- systemProperties(caffeineSystemProperties())
outputs.upToDateWhen { false }
outputs.cacheIf { false }
jvmArgs(defaultJvmArgs())
+
+ doFirst {
+ systemProperties(caffeineSystemProperties())
+ }
}
eclipse.classpath.file.beforeMerged {
diff --git a/simulator/src/main/java/com/github/benmanes/caffeine/cache/simulator/policy/irr/FrdPolicy.java b/simulator/src/main/java/com/github/benmanes/caffeine/cache/simulator/policy/irr/FrdPolicy.java
index a915981bf0..28118dae60 100644
--- a/simulator/src/main/java/com/github/benmanes/caffeine/cache/simulator/policy/irr/FrdPolicy.java
+++ b/simulator/src/main/java/com/github/benmanes/caffeine/cache/simulator/policy/irr/FrdPolicy.java
@@ -260,7 +260,7 @@ public boolean isInStack(StackType stackType) {
throw new IllegalArgumentException();
}
- @SuppressWarnings("PMD.TooFewBranchesForASwitchStatement")
+ @SuppressWarnings("PMD.TooFewBranchesForSwitch")
public void moveToTop(StackType stackType) {
if (isInStack(stackType)) {
removeFrom(stackType);
@@ -289,7 +289,7 @@ public void moveToTop(StackType stackType) {
throw new IllegalArgumentException();
}
- @SuppressWarnings("PMD.TooFewBranchesForASwitchStatement")
+ @SuppressWarnings("PMD.TooFewBranchesForSwitch")
public void removeFrom(StackType stackType) {
checkState(isInStack(stackType));
diff --git a/simulator/src/main/java/com/github/benmanes/caffeine/cache/simulator/policy/irr/HillClimberFrdPolicy.java b/simulator/src/main/java/com/github/benmanes/caffeine/cache/simulator/policy/irr/HillClimberFrdPolicy.java
index 3d3db9bcf9..2a5a5ca4ae 100644
--- a/simulator/src/main/java/com/github/benmanes/caffeine/cache/simulator/policy/irr/HillClimberFrdPolicy.java
+++ b/simulator/src/main/java/com/github/benmanes/caffeine/cache/simulator/policy/irr/HillClimberFrdPolicy.java
@@ -356,7 +356,7 @@ public boolean isInStack(StackType stackType) {
throw new IllegalArgumentException();
}
- @SuppressWarnings("PMD.TooFewBranchesForASwitchStatement")
+ @SuppressWarnings("PMD.TooFewBranchesForSwitch")
public void moveToTop(StackType stackType) {
if (isInStack(stackType)) {
removeFrom(stackType);
@@ -385,7 +385,7 @@ public void moveToTop(StackType stackType) {
throw new IllegalArgumentException();
}
- @SuppressWarnings("PMD.TooFewBranchesForASwitchStatement")
+ @SuppressWarnings("PMD.TooFewBranchesForSwitch")
public void removeFrom(StackType stackType) {
checkState(isInStack(stackType));
diff --git a/simulator/src/main/java/com/github/benmanes/caffeine/cache/simulator/policy/irr/IndicatorFrdPolicy.java b/simulator/src/main/java/com/github/benmanes/caffeine/cache/simulator/policy/irr/IndicatorFrdPolicy.java
index a205df24d3..a33f5ceb56 100644
--- a/simulator/src/main/java/com/github/benmanes/caffeine/cache/simulator/policy/irr/IndicatorFrdPolicy.java
+++ b/simulator/src/main/java/com/github/benmanes/caffeine/cache/simulator/policy/irr/IndicatorFrdPolicy.java
@@ -325,7 +325,7 @@ public boolean isInStack(StackType stackType) {
throw new IllegalArgumentException();
}
- @SuppressWarnings("PMD.TooFewBranchesForASwitchStatement")
+ @SuppressWarnings("PMD.TooFewBranchesForSwitch")
public void moveToTop(StackType stackType) {
if (isInStack(stackType)) {
removeFrom(stackType);
@@ -354,7 +354,7 @@ public void moveToTop(StackType stackType) {
throw new IllegalArgumentException();
}
- @SuppressWarnings("PMD.TooFewBranchesForASwitchStatement")
+ @SuppressWarnings("PMD.TooFewBranchesForSwitch")
public void removeFrom(StackType stackType) {
checkState(isInStack(stackType));