diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 1b52049975f..e945d01abfb 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -9,3 +9,19 @@ updates: applies-to: version-updates patterns: - "*" + - package-ecosystem: "gradle" + directory: "/" + exclude-paths: + - "buildSrc" + schedule: + interval: "weekly" + groups: + gradle: + applies-to: version-updates + patterns: + - "*" + ignore: + - dependency-name: "gradle-wrapper" + - dependency-name: "com.google.errorprone:error_prone_core" + versions: [ ">= 2.43.0" ] # versions 2.43.x and later require Java 21 + - dependency-name: "com.diffplug.spotless*" # newer versions lead to runtime error, will need to update the common zap plugin first diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e43f66637b0..02e999c0a68 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -24,6 +24,6 @@ jobs: with: distribution: 'temurin' java-version: ${{ matrix.java }} - - uses: gradle/actions/setup-gradle@39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f # v6.0.1 + - uses: gradle/actions/setup-gradle@50e97c2cd7a37755bbfafc9c5b7cafaece252f6e # v6.1.0 - run: ./gradlew assemble - run: ./gradlew check diff --git a/.github/workflows/release-live-docker.yml b/.github/workflows/release-live-docker.yml index 60f153e391b..c1e8dd0db4e 100644 --- a/.github/workflows/release-live-docker.yml +++ b/.github/workflows/release-live-docker.yml @@ -27,20 +27,20 @@ jobs: uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 - name: Login to DockerHub - uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: username: zapbot password: ${{ secrets.ZAPBOT_DOCKER_TOKEN }} - name: Login to GitHub Container Registry - uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push Docker image - uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0 + uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 with: context: docker file: docker/Dockerfile-live diff --git a/.github/workflows/release-main-docker.yml b/.github/workflows/release-main-docker.yml index 4f844f15ab7..73511298d36 100644 --- a/.github/workflows/release-main-docker.yml +++ b/.github/workflows/release-main-docker.yml @@ -30,20 +30,20 @@ jobs: uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 - name: Login to DockerHub - uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: username: zapbot password: ${{ secrets.ZAPBOT_DOCKER_TOKEN }} - name: Login to GitHub Container Registry - uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push stable Docker image - uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0 + uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 with: context: docker file: docker/Dockerfile-stable @@ -66,7 +66,7 @@ jobs: index:org.opencontainers.image.licenses=Apache-2.0 - name: Build and push bare Docker image - uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0 + uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 with: context: docker file: docker/Dockerfile-bare diff --git a/.github/workflows/release-weekly-docker.yml b/.github/workflows/release-weekly-docker.yml index d8cd9b9d112..fbe402e3238 100644 --- a/.github/workflows/release-weekly-docker.yml +++ b/.github/workflows/release-weekly-docker.yml @@ -27,20 +27,20 @@ jobs: uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 - name: Login to DockerHub - uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: username: zapbot password: ${{ secrets.ZAPBOT_DOCKER_TOKEN }} - name: Login to GitHub Container Registry - uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push Docker image - uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0 + uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 with: context: docker file: docker/Dockerfile-weekly diff --git a/.github/workflows/run-integration-tests.yml b/.github/workflows/run-integration-tests.yml index 27bea6faa2e..17a25d20363 100644 --- a/.github/workflows/run-integration-tests.yml +++ b/.github/workflows/run-integration-tests.yml @@ -19,14 +19,14 @@ jobs: uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 - name: Login to GitHub Container Registry - uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push Docker image - uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0 + uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 with: context: docker file: docker/Dockerfile-tests