From 536f3faea24b02fbf5a4c9e7f5205a34f446619c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Sep 2025 03:27:32 +0000 Subject: [PATCH] [dependabot] Bump the actions group across 1 directory with 4 updates Bumps the actions group with 4 updates in the / directory: [actions/cache](https://github.com/actions/cache), [github/codeql-action](https://github.com/github/codeql-action), [actions/dependency-review-action](https://github.com/actions/dependency-review-action) and [actions/setup-python](https://github.com/actions/setup-python). Updates `actions/cache` from 4.2.4 to 4.3.0 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/0400d5f644dc74513175e3cd8d07132dd4860809...0057852bfaa89a56745cba8c7296529d2fc39830) Updates `github/codeql-action` from 3.29.11 to 3.30.5 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/3c3833e0f8c1c83d449a7478aa59c036a9165498...3599b3baa15b485a2e49ef411a7a4bb2452e7f93) Updates `actions/dependency-review-action` from 4.7.2 to 4.8.0 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](https://github.com/actions/dependency-review-action/compare/bc41886e18ea39df68b1b1245f4184881938e050...56339e523c0409420f6c2c9a2f4292bbb3c07dd3) Updates `actions/setup-python` from 5.6.0 to 6.0.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/a26af69be951a213d495a4c3e4e4022e16d87065...e797f83bcb11b83ae66e0230d6156d7c80228e7c) --- updated-dependencies: - dependency-name: actions/cache dependency-version: 4.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: github/codeql-action dependency-version: 3.30.5 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/dependency-review-action dependency-version: 4.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/setup-python dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] --- .github/workflows/build-and-test.yml | 2 +- .github/workflows/codacy.yml | 2 +- .github/workflows/dash-scheduled.yml | 2 +- .github/workflows/dash.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/docs.yml | 4 ++-- .github/workflows/eclipse-snapshots.yml | 2 +- .github/workflows/integration-tests.yml | 2 +- .github/workflows/javadocs.yml | 2 +- .github/workflows/license-headers.yml | 2 +- .github/workflows/scorecard.yml | 2 +- .github/workflows/unit-tests.yml | 2 +- 12 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index a59327319ad..df58950c768 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -61,7 +61,7 @@ jobs: with: distribution: 'temurin' java-version: '11' - - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4.2.4 + - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: key: ${{ hashFiles('**/pom.xml') }}-compile-${{ inputs.scala-version }} path: | diff --git a/.github/workflows/codacy.yml b/.github/workflows/codacy.yml index 90dc68ad439..d3db69a4b47 100644 --- a/.github/workflows/codacy.yml +++ b/.github/workflows/codacy.yml @@ -72,7 +72,7 @@ jobs: # Upload the SARIF file generated in the previous step - name: Upload SARIF results file - uses: github/codeql-action/upload-sarif@3c3833e0f8c1c83d449a7478aa59c036a9165498 # v3.29.11 + uses: github/codeql-action/upload-sarif@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5 with: sarif_file: results.sarif category: codacy-${{ matrix.tool }} diff --git a/.github/workflows/dash-scheduled.yml b/.github/workflows/dash-scheduled.yml index 6102fe18101..25ca4286293 100644 --- a/.github/workflows/dash-scheduled.yml +++ b/.github/workflows/dash-scheduled.yml @@ -24,7 +24,7 @@ jobs: with: distribution: 'temurin' java-version: '11' - - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4.2.4 + - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: key: ${{ hashFiles('**/pom.xml') }}-dash-scheduled-${{ matrix.version }} path: | diff --git a/.github/workflows/dash.yml b/.github/workflows/dash.yml index 54159880d6f..ba8ff860299 100644 --- a/.github/workflows/dash.yml +++ b/.github/workflows/dash.yml @@ -51,7 +51,7 @@ jobs: with: distribution: 'temurin' java-version: '11' - - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4.2.4 + - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 if: steps.pom_changes.outputs.pom_changed == 'true' with: key: ${{ hashFiles('**/pom.xml') }}-dash-${{ inputs.scala-version }} diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index d93ee9d9d7c..279f10e6a15 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -19,4 +19,4 @@ jobs: - name: 'Checkout Repository' uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: 'Dependency Review' - uses: actions/dependency-review-action@bc41886e18ea39df68b1b1245f4184881938e050 # v4.7.2 + uses: actions/dependency-review-action@56339e523c0409420f6c2c9a2f4292bbb3c07dd3 # v4.8.0 diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 0b4ae8c9e94..9333c186759 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -24,11 +24,11 @@ jobs: with: distribution: 'temurin' java-version: '11' - - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4.2.4 + - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: key: ${{ hashFiles('**/pom.xml') }}-docs path: ~/.m2/repository/ - - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 + - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 with: python-version: '3.10' cache: 'pip' diff --git a/.github/workflows/eclipse-snapshots.yml b/.github/workflows/eclipse-snapshots.yml index 851bc52da36..52484477ee9 100644 --- a/.github/workflows/eclipse-snapshots.yml +++ b/.github/workflows/eclipse-snapshots.yml @@ -26,7 +26,7 @@ jobs: with: distribution: 'temurin' java-version: '11' - - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4.2.4 + - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: key: ${{ hashFiles('**/pom.xml') }}-eclipse-snapshots-${{ matrix.version }} path: | diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index b4ba919027b..f212f07933f 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -23,7 +23,7 @@ jobs: with: distribution: 'temurin' java-version: '11' - - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4.2.4 + - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: key: ${{ hashFiles('**/pom.xml') }}-it-${{ inputs.scala-version }} path: ~/.m2/repository/ diff --git a/.github/workflows/javadocs.yml b/.github/workflows/javadocs.yml index c5e7abfe859..54bdb77379e 100644 --- a/.github/workflows/javadocs.yml +++ b/.github/workflows/javadocs.yml @@ -32,7 +32,7 @@ jobs: with: distribution: 'temurin' java-version: '11' - - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4.2.4 + - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: key: ${{ hashFiles('**/pom.xml') }}-javadocs-${{ inputs.scala-version }} path: ~/.m2/repository/ diff --git a/.github/workflows/license-headers.yml b/.github/workflows/license-headers.yml index 88d1cdf2d8f..5dc3cb9fd95 100644 --- a/.github/workflows/license-headers.yml +++ b/.github/workflows/license-headers.yml @@ -24,7 +24,7 @@ jobs: with: distribution: 'temurin' java-version: '11' - - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4.2.4 + - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: key: ${{ hashFiles('**/pom.xml') }}-license-header-check path: ~/.m2/repository/ diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index eaffa25e180..0a89f66cc44 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -67,6 +67,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@3c3833e0f8c1c83d449a7478aa59c036a9165498 # v3.29.11 + uses: github/codeql-action/upload-sarif@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5 with: sarif_file: results.sarif diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml index c0ad895920b..c3a9651bb9b 100644 --- a/.github/workflows/unit-tests.yml +++ b/.github/workflows/unit-tests.yml @@ -34,7 +34,7 @@ jobs: env: MOD_SELECTOR: "${{ inputs.module-selector }}" run: echo "MOD_SELECTOR=$(echo $MOD_SELECTOR | sed 's/[^a-zA-Z0-9_.-]/-/g' | head -c 256)" >> $GITHUB_ENV - - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4.2.4 + - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: key: ${{ hashFiles('**/pom.xml') }}-unit-tests-${{ inputs.scala-version }}-${{ env.MOD_SELECTOR }} path: ~/.m2/repository/