Commit Graph

135 Commits

Author SHA1 Message Date
Gary Gregory 0a672fcff8 Bump actions/setup-java from 3.13.0 to 4.0.0 2023-11-30 09:49:31 -05:00
Gary Gregory 1a612cbff8 Bump actions/setup-java from 3.13.0 to 4.0.0 2023-11-30 09:45:01 -05:00
Gary Gregory cdf8e2b630 Bump actions/setup-java from 3.13.0 to 4.0.0 2023-11-30 08:30:54 -05:00
dependabot[bot] 70d9f7dd58
Bump github/codeql-action from 2.22.7 to 2.22.8
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.7 to 2.22.8.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](66b90a5db1...407ffafae6)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-24 12:20:28 +00:00
dependabot[bot] 3de773f5ab
Bump github/codeql-action from 2.22.5 to 2.22.7
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.5 to 2.22.7.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](74483a38d3...66b90a5db1)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-11-17 12:10:56 +00:00
Gary Gregory 345d72e8e5
Merge pull request #369 from apache/dependabot/github_actions/ossf/scorecard-action-2.3.1
Bump ossf/scorecard-action from 2.3.0 to 2.3.1
2023-10-27 08:21:05 -04:00
dependabot[bot] 1522c18338
Bump ossf/scorecard-action from 2.3.0 to 2.3.1
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.3.0 to 2.3.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](483ef80eb9...0864cf1902)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-27 12:14:28 +00:00
dependabot[bot] 100d9b9701
Bump github/codeql-action from 2.22.3 to 2.22.5
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.3 to 2.22.5.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](0116bc2df5...74483a38d3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-27 12:14:24 +00:00
Gary Gregory e9774d3d5d
Merge pull request #367 from apache/dependabot/github_actions/actions/checkout-4.1.1
Bump actions/checkout from 4.1.0 to 4.1.1
2023-10-20 08:36:24 -04:00
dependabot[bot] 6a899297bb
Bump actions/checkout from 4.1.0 to 4.1.1
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](8ade135a41...b4ffde65f4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-20 12:02:36 +00:00
dependabot[bot] 239a860791
Bump github/codeql-action from 2.22.2 to 2.22.3
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.2 to 2.22.3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](d90b8d79de...0116bc2df5)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-20 12:02:31 +00:00
Gary Gregory 9e690e46e5 Update comment 2023-10-15 10:13:52 -04:00
Gary Gregory 969ece9162 Add Java 21 build to GitHub 2023-10-14 12:32:08 -04:00
Gary Gregory 63bcf6b6b9
Merge pull request #363 from apache/dependabot/github_actions/github/codeql-action-2.22.2
Bump github/codeql-action from 2.22.0 to 2.22.2
2023-10-13 09:04:03 -04:00
dependabot[bot] 234a3a6d11
Bump ossf/scorecard-action from 2.2.0 to 2.3.0
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](08b4669551...483ef80eb9)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-13 12:35:59 +00:00
dependabot[bot] 31eb6b3141
Bump github/codeql-action from 2.22.0 to 2.22.2
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.0 to 2.22.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](2cb752a87e...d90b8d79de)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-13 12:35:55 +00:00
Gary Gregory 78c0bf08d9 Normalize mvn invocation on GitHub 2023-10-11 07:31:35 -04:00
dependabot[bot] a19c89e5e9
Bump github/codeql-action from 2.21.9 to 2.22.0
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](ddccb87388...2cb752a87e)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-10-06 12:56:37 +00:00
Gary Gregory e4ce1ff28d
Merge pull request #361 from apache/dependabot/github_actions/github/codeql-action-2.21.9
Bump github/codeql-action from 2.21.8 to 2.21.9
2023-09-29 09:45:34 -04:00
dependabot[bot] 7b953b5371
Bump github/codeql-action from 2.21.8 to 2.21.9
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.8 to 2.21.9.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](6a28655e3d...ddccb87388)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-29 12:57:54 +00:00
dependabot[bot] 4c00062d6b
Bump actions/checkout from 4.0.0 to 4.1.0
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](3df4ab11eb...8ade135a41)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-29 12:57:49 +00:00
Gary Gregory b8690ea34d
Merge pull request #357 from apache/dependabot/github_actions/github/codeql-action-2.21.8
Bump github/codeql-action from 2.21.7 to 2.21.8
2023-09-22 08:16:22 -04:00
dependabot[bot] 9eaed4a9bc
Bump actions/setup-java from 3.12.0 to 3.13.0
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3.12.0 to 3.13.0.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](cd89f46ac9...0ab4596768)

---
updated-dependencies:
- dependency-name: actions/setup-java
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-22 12:05:49 +00:00
dependabot[bot] d4bee3ab4c
Bump github/codeql-action from 2.21.7 to 2.21.8
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.7 to 2.21.8.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](04daf014b5...6a28655e3d)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-22 12:05:43 +00:00
dependabot[bot] a2cafeb472
Bump github/codeql-action from 2.21.5 to 2.21.7
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.5 to 2.21.7.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](00e563ead9...04daf014b5)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-15 12:45:34 +00:00
Gary Gregory f42982469b
Merge pull request #354 from apache/dependabot/github_actions/actions/upload-artifact-3.1.3
Bump actions/upload-artifact from 3.1.2 to 3.1.3
2023-09-08 09:20:45 -04:00
Gary Gregory 76c631af69
Merge pull request #355 from apache/dependabot/github_actions/actions/checkout-4.0.0
Bump actions/checkout from 3.6.0 to 4.0.0
2023-09-08 09:20:33 -04:00
dependabot[bot] 35c186f2f8
Bump actions/checkout from 3.6.0 to 4.0.0
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.6.0 to 4.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](f43a0e5ff2...3df4ab11eb)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-08 12:24:11 +00:00
dependabot[bot] 698ea9bf2c
Bump actions/upload-artifact from 3.1.2 to 3.1.3
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](0b7f8abb15...a8a3f3ad30)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-08 12:24:05 +00:00
dependabot[bot] 26f9d9e89e
Bump actions/cache from 3.3.1 to 3.3.2
Bumps [actions/cache](https://github.com/actions/cache) from 3.3.1 to 3.3.2.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](88522ab9f3...704facf57e)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-08 12:24:01 +00:00
dependabot[bot] 3f4fea3b87
Bump github/codeql-action from 2.21.4 to 2.21.5
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.4 to 2.21.5.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](a09933a12a...00e563ead9)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-09-01 12:31:15 +00:00
dependabot[bot] cd8905a32e
Bump actions/checkout from 3.5.3 to 3.6.0
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.3 to 3.6.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](c85c95e3d7...f43a0e5ff2)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-08-25 12:07:08 +00:00
dependabot[bot] dd3b0a1a3f
Bump github/codeql-action from 2.21.3 to 2.21.4
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.3 to 2.21.4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](5b6282e01c...a09933a12a)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-08-18 12:07:43 +00:00
dependabot[bot] f32d671c32
Bump github/codeql-action from 2.21.2 to 2.21.3
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.2 to 2.21.3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](0ba4244466...5b6282e01c)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-08-11 12:39:11 +00:00
dependabot[bot] ed93e7e45f
Bump github/codeql-action from 2.21.1 to 2.21.2
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.1 to 2.21.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](6ca1aa8c19...0ba4244466)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-08-04 12:15:15 +00:00
Gary Gregory decfc1b77d
Merge pull request #338 from apache/dependabot/github_actions/actions/setup-java-3.12.0
Bump actions/setup-java from 3.11.0 to 3.12.0
2023-07-28 09:05:29 -04:00
dependabot[bot] 3d5e555750
Bump actions/setup-java from 3.11.0 to 3.12.0
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3.11.0 to 3.12.0.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](5ffc13f417...cd89f46ac9)

---
updated-dependencies:
- dependency-name: actions/setup-java
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-07-28 12:54:34 +00:00
dependabot[bot] 40d91aae4d
Bump github/codeql-action from 2.21.0 to 2.21.1
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.0 to 2.21.1.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](1813ca74c3...6ca1aa8c19)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-07-28 12:54:29 +00:00
dependabot[bot] fa4328d758
Bump github/codeql-action from 2.20.3 to 2.21.0
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.20.3 to 2.21.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](46ed16ded9...1813ca74c3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-07-21 12:27:52 +00:00
dependabot[bot] dd90aeff2a
Bump github/codeql-action from 2.20.1 to 2.20.3
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.20.1 to 2.20.3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](f6e388ebf0...46ed16ded9)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-07-07 12:45:00 +00:00
Gary Gregory f596c7e075
Merge pull request #332 from apache/dependabot/github_actions/ossf/scorecard-action-2.2.0
Bump ossf/scorecard-action from 2.1.3 to 2.2.0
2023-06-30 08:34:12 -04:00
dependabot[bot] 18d070c51b
Bump ossf/scorecard-action from 2.1.3 to 2.2.0
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.3 to 2.2.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](80e868c13c...08b4669551)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-06-30 12:26:24 +00:00
dependabot[bot] 74b0b15395
Bump github/codeql-action from 2.1.22 to 2.20.1
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.22 to 2.20.1.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.1.22...f6e388ebf0efc915c6c5b165b019ee61a6746a38)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-06-30 12:26:20 +00:00
StepSecurity Bot 1a6129608f
[StepSecurity] ci: Harden GitHub Actions
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2023-06-24 18:00:38 +00:00
StepSecurity Bot 62f4c6db31
[StepSecurity] ci: Harden GitHub Actions
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2023-06-24 17:51:28 +00:00
dependabot[bot] f4274a80cd Bump actions/checkout from 3.5.2 to 3.5.3
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.2 to 3.5.3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](8e5e7e5ab8...c85c95e3d7)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-06-16 15:00:42 +02:00
dependabot[bot] 3444b63a89 Bump actions/checkout from 3.5.0 to 3.5.2
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.0 to 3.5.2.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](8f4b7f8486...8e5e7e5ab8)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-04-14 15:00:04 +02:00
Gary Gregory 1842b788fd
Merge pull request #317 from apache/dependabot/github_actions/actions/setup-java-3.11.0
Bump actions/setup-java from 3.10.0 to 3.11.0
2023-03-31 09:06:39 -04:00
dependabot[bot] b64dd74baa
Bump actions/setup-java from 3.10.0 to 3.11.0
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3.10.0 to 3.11.0.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/v3.10.0...v3.11.0)

---
updated-dependencies:
- dependency-name: actions/setup-java
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-03-31 12:56:29 +00:00
dependabot[bot] da070b4c93
Bump ossf/scorecard-action from 2.1.2 to 2.1.3
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](e38b1902ae...80e868c13c)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2023-03-31 12:56:25 +00:00