From 11910ed9cf513e813d2e190152f81a50196f3690 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 6 Oct 2022 06:36:36 +0000 Subject: [PATCH 1/4] Bump actions/checkout from 2 to 3.1.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.1.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2...v3.1.0) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/pr-validation.yaml | 4 ++-- .github/workflows/release.yml | 2 +- .github/workflows/woke.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/pr-validation.yaml b/.github/workflows/pr-validation.yaml index af00808..6e50d70 100644 --- a/.github/workflows/pr-validation.yaml +++ b/.github/workflows/pr-validation.yaml @@ -21,12 +21,12 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v2 + uses: actions/checkout@v3.1.0 if: github.actor != 'dependabot[bot]' # See: https://hugo.alliau.me/2021/05/04/migration-to-github-native-dependabot-solutions-for-auto-merge-and-action-secrets/#share-your-secrets-with-dependabot - name: Checkout Repository [Dependabot] - uses: actions/checkout@v2 + uses: actions/checkout@v3.1.0 if: github.actor == 'dependabot[bot]' with: ref: ${{ github.event.pull_request.head.sha }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e47d97b..c31b6de 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -13,7 +13,7 @@ jobs: steps: - name: Check out Git repository - uses: actions/checkout@v2 + uses: actions/checkout@v3.1.0 - name: Install Java and Maven uses: actions/setup-java@v1 diff --git a/.github/workflows/woke.yml b/.github/workflows/woke.yml index 81046f8..a1593ce 100644 --- a/.github/workflows/woke.yml +++ b/.github/workflows/woke.yml @@ -6,7 +6,7 @@ jobs: name: woke runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3.1.0 # For more details, see https://github.com/marketplace/actions/run-woke - uses: get-woke/woke-action@v0 From b69941696cd0a2e296e2acbee20db77e4038e191 Mon Sep 17 00:00:00 2001 From: Matthew Read Date: Sun, 18 Jun 2023 18:28:04 -0400 Subject: [PATCH 2/4] update PR validation workflow generally --- .github/workflows/pr-validation.yaml | 26 ++++++-------------------- 1 file changed, 6 insertions(+), 20 deletions(-) diff --git a/.github/workflows/pr-validation.yaml b/.github/workflows/pr-validation.yaml index 6e50d70..28b2957 100644 --- a/.github/workflows/pr-validation.yaml +++ b/.github/workflows/pr-validation.yaml @@ -7,46 +7,32 @@ on: # yamllint disable-line rule:truthy pull_request: branches: [master] types: [opened, reopened, synchronize] - pull_request_target: - branches: [master] - types: [opened, reopened, synchronize] jobs: pr-validation: name: PR Validation runs-on: ubuntu-latest - if: | - (github.actor != 'dependabot[bot]' && github.event_name != 'pull_request_target') || - (github.actor == 'dependabot[bot]' && github.event_name == 'pull_request_target') steps: - name: Checkout Repository - uses: actions/checkout@v3.1.0 - if: github.actor != 'dependabot[bot]' - - # See: https://hugo.alliau.me/2021/05/04/migration-to-github-native-dependabot-solutions-for-auto-merge-and-action-secrets/#share-your-secrets-with-dependabot - - name: Checkout Repository [Dependabot] - uses: actions/checkout@v3.1.0 - if: github.actor == 'dependabot[bot]' - with: - ref: ${{ github.event.pull_request.head.sha }} + uses: actions/checkout@v3 - name: Set up JDK 8 - uses: actions/setup-java@v2 + uses: actions/setup-java@v3 with: java-version: 8 distribution: temurin check-latest: false - name: Set up Maven - uses: stCarolas/setup-maven@v4 + uses: stCarolas/setup-maven@v4.5 with: - maven-version: 3.8.2 + maven-version: 3.9.2 # actions/setup-java does not support multiple servers at this time # https://github.com/actions/setup-java/issues/85 - name: Setup Nexus authentication and GPG passphrase - uses: whelk-io/maven-settings-xml-action@v20 + uses: whelk-io/maven-settings-xml-action@v21 with: servers: | [ @@ -63,4 +49,4 @@ jobs: ] - name: Build And Verify - run: mvn -B package + run: mvn -B install From 7a1a751c74ad6371d26b7d94a0cc342b701fe4f4 Mon Sep 17 00:00:00 2001 From: Matthew Read Date: Sun, 18 Jun 2023 18:28:47 -0400 Subject: [PATCH 3/4] release --- .github/workflows/release.yml | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c31b6de..49972e5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -13,12 +13,14 @@ jobs: steps: - name: Check out Git repository - uses: actions/checkout@v3.1.0 + uses: actions/checkout@v3 - name: Install Java and Maven - uses: actions/setup-java@v1 + uses: actions/setup-java@v3 with: - java-version: 1.8 + java-version: 8 + release: temurin + check-latest: false - name: Configure git run: | @@ -34,7 +36,7 @@ jobs: rm ./private.key - name: Setup Nexus authentication and GPG passphrase - uses: whelk-io/maven-settings-xml-action@v10 + uses: whelk-io/maven-settings-xml-action@v21 with: profiles: '[ { From 3de2e2bea0c52f5d74c81b8199eb56a9c7bc6883 Mon Sep 17 00:00:00 2001 From: Matthew Read Date: Sun, 18 Jun 2023 18:29:01 -0400 Subject: [PATCH 4/4] woke --- .github/workflows/woke.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/woke.yml b/.github/workflows/woke.yml index a1593ce..b8280bc 100644 --- a/.github/workflows/woke.yml +++ b/.github/workflows/woke.yml @@ -6,7 +6,7 @@ jobs: name: woke runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3.1.0 + - uses: actions/checkout@v3 # For more details, see https://github.com/marketplace/actions/run-woke - uses: get-woke/woke-action@v0