From 31316d419bde836bf92e8d1b32e3d324827028e6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 18 Apr 2024 21:28:24 +0000 Subject: [PATCH 1/5] Bump gradle/gradle-build-action from 3.1.0 to 3.3.1 Bumps [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action) from 3.1.0 to 3.3.1. - [Release notes](https://github.com/gradle/gradle-build-action/releases) - [Commits](https://github.com/gradle/gradle-build-action/compare/29c0906b64b8fc82467890bfb7a0a7ef34bda89e...e2097ccd7e8ed48671dc068ac4efa86d25745b39) --- updated-dependencies: - dependency-name: gradle/gradle-build-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/build-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 2305d555..d1b47b16 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -15,7 +15,7 @@ jobs: with: distribution: temurin java-version: 8 - - uses: gradle/gradle-build-action@29c0906b64b8fc82467890bfb7a0a7ef34bda89e + - uses: gradle/gradle-build-action@e2097ccd7e8ed48671dc068ac4efa86d25745b39 with: arguments: assemble apiDiff check jacocoTestReport --continue --console=plain - uses: codecov/codecov-action@54bcd8715eee62d40e33596ef5e8f0f48dbbccab From 966205b1a0823be69aeb0a99d2774d8d9efa3476 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 18 Apr 2024 21:28:29 +0000 Subject: [PATCH 2/5] Bump gradle/wrapper-validation-action from 2.1.1 to 3.3.1 Bumps [gradle/wrapper-validation-action](https://github.com/gradle/wrapper-validation-action) from 2.1.1 to 3.3.1. - [Release notes](https://github.com/gradle/wrapper-validation-action/releases) - [Commits](https://github.com/gradle/wrapper-validation-action/compare/699bb18358f12c5b78b37bb0111d3a0e2276e0e2...5188e9b5527a0a094cee21e2fe9a8ca44b4629af) --- updated-dependencies: - dependency-name: gradle/wrapper-validation-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/gradle-wrapper-validation.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/gradle-wrapper-validation.yml b/.github/workflows/gradle-wrapper-validation.yml index 12ad22c1..2d07cf29 100644 --- a/.github/workflows/gradle-wrapper-validation.yml +++ b/.github/workflows/gradle-wrapper-validation.yml @@ -7,4 +7,4 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - uses: gradle/wrapper-validation-action@699bb18358f12c5b78b37bb0111d3a0e2276e0e2 # pin@2.1.1 + - uses: gradle/wrapper-validation-action@5188e9b5527a0a094cee21e2fe9a8ca44b4629af # pin@3.3.1 From bc442ee3d628408ea4cabdaa927967b61279c7cd Mon Sep 17 00:00:00 2001 From: Jim Anderson Date: Mon, 22 Apr 2024 09:19:14 -0500 Subject: [PATCH 3/5] Ignore test-only dependency snyk issue --- .snyk | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.snyk b/.snyk index 5b4a12b7..100add11 100644 --- a/.snyk +++ b/.snyk @@ -14,5 +14,9 @@ ignore: - '*': reason: 'test-only dependency, no update available' expires: 2024-12-31T00:00:00.000Z + SNYK-JAVA-ORGBOUNCYCASTLE-6277380: + - '*': + reason: 'test-only dependency, no update available' + expires: 2024-12-31T00:00:00.000Z patch: {} From d43a66e6ad35bf47674edc3d41f14b752c5c6bdd Mon Sep 17 00:00:00 2001 From: Jim Anderson Date: Mon, 22 Apr 2024 09:22:17 -0500 Subject: [PATCH 4/5] ignore snyk bouncy castle issue 6613080 --- .snyk | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.snyk b/.snyk index 100add11..cf6ee013 100644 --- a/.snyk +++ b/.snyk @@ -18,5 +18,8 @@ ignore: - '*': reason: 'test-only dependency, no update available' expires: 2024-12-31T00:00:00.000Z - + SNYK-JAVA-ORGBOUNCYCASTLE-6613080: + - '*': + reason: 'test-only dependency, no update available' + expires: 2024-12-31T00:00:00.000Z patch: {} From 3220fbaf74dc5e4e10c41323c70544cc8182ea01 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 22 Apr 2024 15:26:37 +0000 Subject: [PATCH 5/5] Bump codecov/codecov-action from 4.1.0 to 4.3.0 Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.1.0 to 4.3.0. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/54bcd8715eee62d40e33596ef5e8f0f48dbbccab...84508663e988701840491b86de86b666e8a86bed) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/build-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 2305d555..8369b196 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -18,7 +18,7 @@ jobs: - uses: gradle/gradle-build-action@29c0906b64b8fc82467890bfb7a0a7ef34bda89e with: arguments: assemble apiDiff check jacocoTestReport --continue --console=plain - - uses: codecov/codecov-action@54bcd8715eee62d40e33596ef5e8f0f48dbbccab + - uses: codecov/codecov-action@84508663e988701840491b86de86b666e8a86bed with: flags: unittests - uses: actions/upload-artifact@v4