Gary Gregory
|
5d494a6fd6
|
Match comment to pinned commit
|
2022-10-23 15:13:03 -04:00 |
Gary Gregory
|
cafb4d2f43
|
Update for Scorecards 2
|
2022-10-23 15:11:16 -04:00 |
Gary Gregory
|
481d8b1ff3
|
Update comment to match PR bump to 2.0.6
|
2022-10-23 14:12:45 -04:00 |
Gary Gregory
|
1b4e3af81a
|
Merge pull request #277 from apache/dependabot/github_actions/ossf/scorecard-action-2.0.6
Bump ossf/scorecard-action from 1.1.2 to 2.0.6
|
2022-10-23 13:53:53 -04:00 |
dependabot[bot]
|
0829b0d7a1
|
Bump actions/setup-java from 3.5.1 to 3.6.0
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3.5.1 to 3.6.0.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/v3.5.1...v3.6.0)
---
updated-dependencies:
- dependency-name: actions/setup-java
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-10-22 01:18:54 +13:00 |
dependabot[bot]
|
8d72b51dd6
|
Bump ossf/scorecard-action from 1.1.2 to 2.0.6
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 1.1.2 to 2.0.6.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](ce330fde6b...99c53751e0 )
---
updated-dependencies:
- dependency-name: ossf/scorecard-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-10-21 12:01:20 +00:00 |
Gary Gregory
|
93af662ddd
|
Enable doclint for GitHub builds
|
2022-10-15 10:12:52 -04:00 |
dependabot[bot]
|
827a1fcc98
|
Bump actions/cache from 3.0.10 to 3.0.11
Bumps [actions/cache](https://github.com/actions/cache) from 3.0.10 to 3.0.11.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.0.10...v3.0.11)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-10-15 09:23:28 +13:00 |
Sebb
|
7fbe1495fa
|
Don't persist credentials unnecessarily
|
2022-10-08 15:18:47 +01:00 |
Gary Gregory
|
954a6ce6fd
|
Set to level permissions to 'read'
|
2022-10-07 20:07:09 -04:00 |
dependabot[bot]
|
ee2e3c11f6
|
Bump actions/cache from 3.0.9 to 3.0.10
Bumps [actions/cache](https://github.com/actions/cache) from 3.0.9 to 3.0.10.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.0.9...v3.0.10)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-10-07 14:48:32 +00:00 |
dependabot[bot]
|
713f1fdaf3
|
Bump actions/checkout from 3.0.2 to 3.1.0
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.0.2 to 3.1.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3.0.2...93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-10-07 12:01:22 +00:00 |
Gary Gregory
|
69a68b197e
|
GitHub Actions build: no top level permission defined
|
2022-10-06 18:37:28 -04:00 |
Gary Gregory
|
f36e0f590b
|
Bump actions/setup-java from 3 to 3.5.1
|
2022-10-01 14:36:48 -04:00 |
dependabot[bot]
|
84a91755d4
|
Bump actions/cache from 3.0.8 to 3.0.9
Bumps [actions/cache](https://github.com/actions/cache) from 3.0.8 to 3.0.9.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.0.8...v3.0.9)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-09-30 12:01:32 +00:00 |
Gary Gregory
|
4ed942fc8c
|
Use GitHub cache for CodeQL
|
2022-09-22 08:43:18 -04:00 |
Gary Gregory
|
573eab776c
|
Add same scorecards-analysis.yml as Apache Log4j (except for branches)
|
2022-09-12 09:53:37 -07:00 |
Gary Gregory
|
caa9e348ab
|
Bump actions/checkout from 3 to 3.0.2.
|
2022-09-06 09:23:37 -07:00 |
Gary Gregory
|
226628ab02
|
Bump actions/cache from 3.0.7 to 3.0.8
|
2022-08-22 15:20:52 -04:00 |
Gary Gregory
|
2236a52b19
|
Bump actions/cache from 3.0.6 to 3.0.7
|
2022-08-12 07:13:03 -04:00 |
Gary Gregory
|
8077cdcf7f
|
Bump actions/cache from 3.0.5 to 3.0.6
|
2022-08-05 08:33:30 -04:00 |
Gary Gregory
|
b035dae5e8
|
Update GitHub builds to use Temurin
|
2022-07-29 08:38:02 -04:00 |
dependabot[bot]
|
0455edb8eb
|
Bump actions/cache from 3.0.4 to 3.0.5
Bumps [actions/cache](https://github.com/actions/cache) from 3.0.4 to 3.0.5.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3.0.4...v3.0.5)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2022-07-16 10:10:04 +12:00 |
Gary Gregory
|
e8f24e86bb
|
Bump actions/cache 3.0.4 to 3.0.5
|
2022-07-15 08:33:28 -04:00 |
Gary Gregory
|
aca67f4b45
|
Add coverage.yml
|
2022-06-08 12:50:11 -04:00 |
Gary Gregory
|
ce569c148b
|
Bump actions/cache from 3.0.3 to 3.0.4
|
2022-06-07 13:55:26 -04:00 |
Gary Gregory
|
2850581b01
|
Bump actions/cache from 3.0.2 to 3.0.3
|
2022-05-31 16:31:52 -04:00 |
dependabot[bot]
|
40b01dcee8
|
Bump github/codeql-action from 1 to 2 (#231)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v1...v2)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-04-29 10:29:36 -04:00 |
Gary Gregory
|
1914e7daae
|
Bump actions/setup-java from 2 to 3
|
2022-04-15 06:56:32 -04:00 |
Gary Gregory
|
3450f8e62e
|
Bump actions/cache from 3 to 3.0.2
|
2022-04-12 08:13:03 -04:00 |
dependabot[bot]
|
ef6c1a14dc
|
Bump actions/cache from 2.1.7 to 3 (#223)
Bumps [actions/cache](https://github.com/actions/cache) from 2.1.7 to 3.
- [Release notes](https://github.com/actions/cache/releases)
- [Commits](https://github.com/actions/cache/compare/v2.1.7...v3)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-03-25 07:56:52 -07:00 |
dependabot[bot]
|
9dcd49f628
|
Bump actions/checkout from 2 to 3 (#220)
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-03-04 09:13:52 -05:00 |
Gary Gregory
|
a470131a5c
|
Add CodeQL GitHub workflow.
|
2022-02-03 06:54:39 -05:00 |
Gary Gregory
|
a2d67314ae
|
Run dependabot once a week.
|
2021-12-29 12:00:28 -05:00 |
dependabot[bot]
|
70b89c9ff0
|
Bump actions/checkout from 2.3.5 to 2.4.0
Bumps [actions/checkout](https://github.com/actions/checkout) from 2.3.5 to 2.4.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2.3.5...v2.4.0)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-11-24 14:06:04 +13:00 |
dependabot[bot]
|
ebbd432f68
|
Bump actions/cache from 2.1.6 to 2.1.7
Bumps [actions/cache](https://github.com/actions/cache) from 2.1.6 to 2.1.7.
- [Release notes](https://github.com/actions/cache/releases)
- [Commits](https://github.com/actions/cache/compare/v2.1.6...v2.1.7)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-11-24 13:59:52 +13:00 |
dependabot[bot]
|
ef2a7fabf9
|
Bump actions/checkout from 2.3.4 to 2.3.5 (#188)
Bumps [actions/checkout](https://github.com/actions/checkout) from 2.3.4 to 2.3.5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2.3.4...v2.3.5)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2021-10-20 18:03:50 -04:00 |
Gary Gregory
|
b5fa6a5ea9
|
Update GitHub build from Java 16 to 17.
Update GitHub build from Java 17-EA to 18-EA but comment it (not there
yet).
|
2021-09-28 11:05:46 -04:00 |
Gary Gregory
|
19cd322dba
|
AdoptOpenJDK is moving to the Eclipse Foundation and rebranding as
Eclipse Temurin.
|
2021-08-29 00:25:02 -04:00 |
dependabot[bot]
|
7b99bdcc2d
|
Bump actions/cache from 2.1.4 to 2.1.6 (#153)
Bumps [actions/cache](https://github.com/actions/cache) from 2.1.4 to 2.1.6.
- [Release notes](https://github.com/actions/cache/releases)
- [Commits](https://github.com/actions/cache/compare/v2.1.4...v2.1.6)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2021-06-24 20:31:26 -04:00 |
Gary Gregory
|
bfdcad2a4f
|
Update `actions/setup-java` to v2.
|
2021-04-19 09:13:34 -04:00 |
Gary Gregory
|
a7117b8d40
|
Replace GitHub build for Java 15 with Java 16 and drop Java 16-ea.
|
2021-03-17 15:43:49 -04:00 |
dependabot[bot]
|
e995b1890f
|
Bump actions/cache from v2 to v2.1.4 (#132)
Bumps [actions/cache](https://github.com/actions/cache) from v2 to v2.1.4.
- [Release notes](https://github.com/actions/cache/releases)
- [Commits](https://github.com/actions/cache/compare/v2...26968a09c0ea4f3e233fdddbafd1166051a095f6)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2021-02-19 09:08:52 -05:00 |
Gary Gregory
|
8e953c0c17
|
Add Java 17-EA to the GitHub build.
|
2020-12-29 19:08:54 -05:00 |
dependabot[bot]
|
ea3e743813
|
Bump actions/checkout from v2.3.2 to v2.3.4 (#121)
Bumps [actions/checkout](https://github.com/actions/checkout) from v2.3.2 to v2.3.4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2.3.2...5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2020-12-12 11:44:10 -05:00 |
dependabot[bot]
|
dadd649bbd
|
Bump actions/setup-java from v1.4.2 to v1.4.3 (#113)
Bumps [actions/setup-java](https://github.com/actions/setup-java) from v1.4.2 to v1.4.3.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/v1.4.2...d202f5dbf7256730fb690ec59f6381650114feb2)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2020-12-12 11:42:52 -05:00 |
Alex Herbert
|
84aabf0009
|
Revert "Test on Java LTS 14 and remove Java 15"
This reverts commit f7e34671c3 .
|
2020-10-03 07:47:46 +01:00 |
Alex Herbert
|
f7e34671c3
|
Test on Java LTS 14 and remove Java 15
Java 15 is replaced by the experimental java 16-ea
|
2020-10-02 22:21:41 +01:00 |
Alex Herbert
|
9fff4990c3
|
Run default goal in github actions
|
2020-10-02 22:19:30 +01:00 |
Gary Gregory
|
d467e41a8f
|
Replace Java 14 with Java 15 as the latest Java version to test. Use
Jaav 16 EA as the EA version to test.
|
2020-09-19 15:43:59 -04:00 |