Skip to content

chore(deps): bump org.cyclonedx.bom from 1.8.1 to 1.10.0 #535

chore(deps): bump org.cyclonedx.bom from 1.8.1 to 1.10.0

chore(deps): bump org.cyclonedx.bom from 1.8.1 to 1.10.0 #535

Workflow file for this run

name: CI
on:
## Event: Merge group checks
merge_group: {}
## Event: Push on `main` or `stable`
push:
branches:
- main
- stable
tags:
- "v*"
## Event: PR
pull_request:
types:
- opened
- closed
- reopened
- synchronize
env:
CI: true
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }}
permissions:
contents: read
jobs:
## Build: Gradle Plugin
build-plugin:
name: "Build"
uses: elide-dev/build-infra/.github/workflows/jvm.gradle.yml@main
secrets:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }}
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
permissions:
checks: write
pull-requests: read
id-token: write
contents: write
actions: read
strategy:
fail-fast: false
matrix:
platform: [Linux, Windows, macOS]
gradleLabel: ["Gradle 8.5", "Gradle 8.4", "Gradle 8.3", "Gradle 8.2", "Gradle 8.1", "Gradle Latest"]
java: ["17", "21"]
include:
- platform: Linux
runner: ubuntu-latest
gradleLabel: "Gradle 8.5"
gradle: "8.5"
tasks: koverXmlReport sonar
main: true
labs: false
java: 21
- platform: Windows
runner: windows-latest
gradleLabel: "Gradle 8.5"
gradle: "8.5"
main: false
labs: false
java: 21
- platform: macOS
runner: macos-latest
gradleLabel: "Gradle 8.5"
gradle: "8.5"
main: false
labs: false
java: 21
- platform: Linux
runner: ubuntu-latest
gradleLabel: "Gradle 8.4"
gradle: "8.4"
main: false
labs: false
java: 21
- platform: Windows
runner: windows-latest
gradleLabel: "Gradle 8.4"
gradle: "8.4"
main: false
labs: false
java: 21
- platform: macOS
runner: macos-latest
gradleLabel: "Gradle 8.4"
gradle: "8.4"
main: false
labs: false
java: 21
- platform: Linux
runner: ubuntu-latest
gradleLabel: "Gradle 8.3"
gradle: "8.3"
main: false
labs: false
java: 17
- platform: Windows
runner: windows-latest
gradleLabel: "Gradle 8.3"
gradle: "8.3"
main: false
labs: false
java: 17
- platform: macOS
runner: macos-latest
gradleLabel: "Gradle 8.3"
gradle: "8.3"
main: false
labs: false
java: 17
- platform: Linux
runner: ubuntu-latest
gradle: "8.2"
gradleLabel: "Gradle 8.2"
main: false
labs: false
java: 17
- platform: Windows
runner: windows-latest
gradleLabel: "Gradle 8.2"
gradle: "8.2"
main: false
labs: false
java: 17
- platform: macOS
runner: macos-latest
gradleLabel: "Gradle 8.2"
gradle: "8.2"
main: false
labs: false
java: 17
- platform: Linux
runner: ubuntu-latest
gradleLabel: "Gradle 8.1"
gradle: "8.1"
main: false
labs: false
java: 17
- platform: Windows
runner: windows-latest
gradleLabel: "Gradle 8.1"
gradle: "8.1"
main: false
labs: false
java: 17
- platform: macOS
runner: macos-latest
gradleLabel: "Gradle 8.1"
gradle: "8.1"
main: false
labs: false
java: 17
- platform: Windows
runner: windows-latest
gradleLabel: "Gradle Latest"
gradle: "release-candidate"
main: false
labs: true
java: 17
- platform: macOS
runner: macos-latest
gradleLabel: "Gradle Latest"
gradle: "release-candidate"
main: false
labs: true
java: 17
- platform: Linux
runner: ubuntu-latest
gradleLabel: "Gradle Latest"
gradle: "release-candidate"
main: false
labs: true
java: 17
with:
label: "Plugin"
runner: "${{ matrix.runner }}"
action: "build test ${{ matrix.tasks }}"
flags: "--scan"
artifact: "buildless-plugin-gradle"
checks: ${{ fromJson(matrix.main) }}
gradle: ${{ matrix.gradle }}
labs: ${{ fromJson(matrix.labs) }}
coverage_report: "build/reports/kover/report.xml"
provenance: "${{ fromJson(matrix.main) }}"
coverage: "${{ fromJson(matrix.main) }}"
artifacts: "${{ fromJson(matrix.main) }}"
jvm: ${{ matrix.java }}
## Checks: API Breakage
check-api:
name: "Check"
needs: ["build-plugin"]
uses: ./.github/workflows/module.apicheck.yml
secrets:
BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }}
permissions:
checks: write
contents: read
## Checks: CodeQL
check-codeql:
name: "Check"
needs: ["build-plugin"]
uses: ./.github/workflows/module.codeql.yml
secrets:
BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }}
permissions:
checks: write
pull-requests: read
id-token: write
contents: read
actions: read
security-events: write
## Checks: Detekt
check-detekt:
name: "Check"
needs: ["build-plugin"]
uses: ./.github/workflows/module.detekt.yml
secrets:
BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }}
permissions:
checks: write
pull-requests: read
id-token: write
contents: read
actions: read
security-events: write
## Checks: Qodana
check-qodana:
name: "Check"
needs: ["build-plugin"]
uses: ./.github/workflows/module.qodana.yml
secrets:
QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }}
BUILDLESS_APIKEY: ${{ secrets.BUILDLESS_APIKEY }}
permissions:
checks: write
pull-requests: read
id-token: write
contents: read
actions: read
security-events: write
## Checks: Dependency Review
dependency-review:
name: "Dependency Review"
needs: ["build-plugin"]
if: github.event_name == 'pull_request'
runs-on: ubuntu-latest
continue-on-error: true
steps:
- name: Harden Runner
uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
with:
egress-policy: audit
- name: "Setup: Checkout"
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3
- name: "Analysis: Dependency Review"
uses: actions/dependency-review-action@5bbc3ba658137598168acb2ab73b21c432dd411b # v3