Bump the github-actions group across 2 directories with 3 updates

Bumps the github-actions group with 3 updates in the / directory: [gradle/actions](https://github.com/gradle/actions), [github/codeql-action](https://github.com/github/codeql-action) and [actions/setup-java](https://github.com/actions/setup-java). Bumps the github-actions group with 1 update in the /.github/actions/init-integ-test directory: [actions/setup-java](https://github.com/actions/setup-java). Updates `gradle/actions` from 4.2.2 to 4.3.0 - [Release notes](https://github.com/gradle/actions/releases) - [Commits](0bdd871935...94baf225fe) Updates `github/codeql-action` from 3.28.6 to 3.28.8 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](17a820bf2e...dd746615b3) Updates `actions/setup-java` from 4.6.0 to 4.7.0 - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](7a6d8a8234...3a4f6e1af5) Updates `actions/setup-java` from 4.6.0 to 4.7.0 - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](7a6d8a8234...3a4f6e1af5) --- updated-dependencies: - dependency-name: gradle/actions dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
2025-04-20 09:49:19 +08:00 · 2025-02-03 23:26:02 +00:00 · 2025-02-03 23:26:02 +00:00 · b3f52eedda
commit b3f52eedda
parent c94eb9d32c
8 changed files with 11 additions and 11 deletions
--- a/.github/actions/init-integ-test/action.yml
+++ b/.github/actions/init-integ-test/action.yml
@ -4,7 +4,7 @@ runs:
  using: "composite"
  steps: 
    - name: Setup Java
-      uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
+      uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
      with:
        distribution: 'temurin'
        java-version: 11
--- a/.github/workflows/ci-check-and-unit-test.yml
+++ b/.github/workflows/ci-check-and-unit-test.yml
@ -26,7 +26,7 @@ jobs:
        cache-dependency-path: sources/package-lock.json
    - name: Setup Gradle
      # Use a released version to avoid breakages
-      uses: gradle/actions/setup-gradle@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2
+      uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0
      env:
        ALLOWED_GRADLE_WRAPPER_CHECKSUMS: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 # Invalid wrapper jar used for testing
      with:
--- a/.github/workflows/ci-codeql.yml
+++ b/.github/workflows/ci-codeql.yml
@ -35,7 +35,7 @@ jobs:

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@17a820bf2e43b47be2c72b39cc905417bc1ab6d0 # v3.28.6
+      uses: github/codeql-action/init@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8
      with:
        languages: ${{ matrix.language }}
        config: |
@ -43,4 +43,4 @@ jobs:
          - sources/src

    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@17a820bf2e43b47be2c72b39cc905417bc1ab6d0 # v3.28.6
+      uses: github/codeql-action/analyze@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8
--- a/.github/workflows/ci-init-script-check.yml
+++ b/.github/workflows/ci-init-script-check.yml
@ -24,13 +24,13 @@ jobs:
    - name: Checkout sources
      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
    - name: Setup Java
-      uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
+      uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
      with:
        distribution: temurin
        java-version: 11
    - name: Setup Gradle
      # Use a released version to avoid breakages
-      uses: gradle/actions/setup-gradle@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2
+      uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0
      env:
        ALLOWED_GRADLE_WRAPPER_CHECKSUMS: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 # Invalid wrapper jar used for testing
    - name: Run integration tests
--- a/.github/workflows/ci-ossf-scorecard.yml
+++ b/.github/workflows/ci-ossf-scorecard.yml
@ -52,6 +52,6 @@ jobs:

      # Upload the results to GitHub's code scanning dashboard.
      - name: 'Upload to code-scanning'
-        uses: github/codeql-action/upload-sarif@17a820bf2e43b47be2c72b39cc905417bc1ab6d0 # v3.28.6
+        uses: github/codeql-action/upload-sarif@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8
        with:
          sarif_file: results.sarif
--- a/.github/workflows/ci-validate-wrappers.yml
+++ b/.github/workflows/ci-validate-wrappers.yml
@ -12,6 +12,6 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-      - uses: gradle/actions/wrapper-validation@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2
+      - uses: gradle/actions/wrapper-validation@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0
        with:
          allow-checksums: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
--- a/.github/workflows/integ-test-detect-toolchains.yml
+++ b/.github/workflows/integ-test-detect-toolchains.yml
@ -65,12 +65,12 @@ jobs:
      uses: ./.github/actions/init-integ-test

    - name: Setup Java 20
-      uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
+      uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
      with:
        distribution: 'temurin'
        java-version: 20
    - name: Setup Java 16
-      uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
+      uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
      with:
        distribution: 'temurin'
        java-version: 16
--- a/.github/workflows/integ-test-provision-gradle-versions.yml
+++ b/.github/workflows/integ-test-provision-gradle-versions.yml
@ -100,7 +100,7 @@ jobs:
      uses: ./.github/actions/init-integ-test

    - name: Setup Java
-      uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
+      uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
      with:
        distribution: temurin
        java-version: ${{ matrix.java-version }}