diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml index cbef29ff4fd..03342758fba 100644 --- a/.github/workflows/benchmark.yml +++ b/.github/workflows/benchmark.yml @@ -16,7 +16,7 @@ jobs: - name: Checkout uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 - - uses: gradle/wrapper-validation-action@216d1ad2b3710bf005dc39237337b9673fd8fcd5 # v3.3.2 + - uses: gradle/wrapper-validation-action@88425854a36845f9c881450d9660b5fd46bee142 # v3.4.2 - name: Setup Java uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4 diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e897caf229f..0088e78dd24 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -44,7 +44,7 @@ jobs: # https://help.github.com/en/actions/reference/events-that-trigger-workflows#triggering-new-workflows-using-a-personal-access-token # https://github.community/t/action-does-not-trigger-another-on-push-tag-action/17148/8 token: ${{ steps.generate_github_token.outputs.token }} - - uses: gradle/wrapper-validation-action@216d1ad2b3710bf005dc39237337b9673fd8fcd5 # v3.3.2 + - uses: gradle/wrapper-validation-action@88425854a36845f9c881450d9660b5fd46bee142 # v3.4.2 - name: Setup Java uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4 @@ -137,7 +137,7 @@ jobs: run: ./gradlew codeCoverageReport - name: Send code coverage report to Codecov.io - uses: codecov/codecov-action@125fc84a9a348dbcf27191600683ec096ec9021c # v4.4.1 + uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0 with: token: ${{ secrets.CODECOV_TOKEN }} docs: @@ -159,7 +159,7 @@ jobs: with: token: ${{ steps.generate_github_token.outputs.token }} - - uses: gradle/wrapper-validation-action@216d1ad2b3710bf005dc39237337b9673fd8fcd5 # v3.3.2 + - uses: gradle/wrapper-validation-action@88425854a36845f9c881450d9660b5fd46bee142 # v3.4.2 - name: Setup Java uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4 @@ -187,6 +187,6 @@ jobs: uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 - name: Generate and submit dependency graph if: github.event_name == 'workflow_dispatch' || github.event_name == 'push' && github.ref == 'refs/heads/main' - uses: gradle/actions/dependency-submission@db19848a5fa7950289d3668fb053140cf3028d43 # v3.3.2 + uses: gradle/actions/dependency-submission@dbbdc275be76ac10734476cc723d82dfe7ec6eda # v3.4.2 with: github-token: ${{ steps.generate_github_token.outputs.token }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 8bbee077ed3..c1c6085aa50 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -50,11 +50,11 @@ jobs: - name: Checkout repository uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 - - uses: gradle/wrapper-validation-action@216d1ad2b3710bf005dc39237337b9673fd8fcd5 # v3.3.2 + - uses: gradle/wrapper-validation-action@88425854a36845f9c881450d9660b5fd46bee142 # v3.4.2 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 + uses: github/codeql-action/init@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -68,7 +68,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 + uses: github/codeql-action/autobuild@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -81,6 +81,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 + uses: github/codeql-action/analyze@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/create-pr.yml b/.github/workflows/create-pr.yml index ff532e432f1..b4a9ef3ef71 100644 --- a/.github/workflows/create-pr.yml +++ b/.github/workflows/create-pr.yml @@ -36,7 +36,7 @@ jobs: with: token: ${{ steps.generate_github_token.outputs.token }} - - uses: gradle/wrapper-validation-action@216d1ad2b3710bf005dc39237337b9673fd8fcd5 # v3.3.2 + - uses: gradle/wrapper-validation-action@88425854a36845f9c881450d9660b5fd46bee142 # v3.4.2 - uses: jenschude/auto-create-pr-action@a5369414c74963e6ec065dab49066d3711b8c1db # v0.3.2 if: github.ref_name == 'gen-sdk-updates' diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index a1ef3c28730..408eaba3e6d 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -54,7 +54,7 @@ jobs: distribution: 'temurin' java-version: '17' - - uses: gradle/wrapper-validation-action@216d1ad2b3710bf005dc39237337b9673fd8fcd5 # v3.3.2 + - uses: gradle/wrapper-validation-action@88425854a36845f9c881450d9660b5fd46bee142 # v3.4.2 - name: Setup Graphviz uses: ts-graphviz/setup-graphviz@b1de5da23ed0a6d14e0aeee8ed52fdd87af2363c # v2.0.2 diff --git a/.github/workflows/release-snapshot.yml b/.github/workflows/release-snapshot.yml index 55209967cd9..f24e6d91ddc 100644 --- a/.github/workflows/release-snapshot.yml +++ b/.github/workflows/release-snapshot.yml @@ -26,7 +26,7 @@ jobs: with: token: ${{ steps.generate_github_token.outputs.token }} - - uses: gradle/wrapper-validation-action@216d1ad2b3710bf005dc39237337b9673fd8fcd5 # v3.3.2 + - uses: gradle/wrapper-validation-action@88425854a36845f9c881450d9660b5fd46bee142 # v3.4.2 - name: Setup Java uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index be091be7ee5..28d13e8d710 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,7 +19,7 @@ jobs: - name: Checkout uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 - - uses: gradle/wrapper-validation-action@216d1ad2b3710bf005dc39237337b9673fd8fcd5 # v3.3.2 + - uses: gradle/wrapper-validation-action@88425854a36845f9c881450d9660b5fd46bee142 # v3.4.2 - name: Setup Java uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4 @@ -74,7 +74,7 @@ jobs: ref: main token: ${{ steps.generate_github_token.outputs.token }} - - uses: gradle/wrapper-validation-action@216d1ad2b3710bf005dc39237337b9673fd8fcd5 # v3.3.2 + - uses: gradle/wrapper-validation-action@88425854a36845f9c881450d9660b5fd46bee142 # v3.4.2 - run: ./gradlew -Pversion=${{ github.ref_name }} writeVersionToExamples writeVersionToReadme setVersion nextMinorVersion snapshotVersion diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 8e9bad25282..eea50a84f05 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -32,7 +32,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: persist-credentials: false @@ -67,6 +67,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 + uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 with: sarif_file: results.sarif diff --git a/buildSrc/build.gradle b/buildSrc/build.gradle index c67d731b37f..e9ee786d0c1 100644 --- a/buildSrc/build.gradle +++ b/buildSrc/build.gradle @@ -13,7 +13,7 @@ java { } dependencies { - implementation "com.github.javaparser:javaparser-symbol-solver-core:3.26.0" + implementation "com.github.javaparser:javaparser-symbol-solver-core:3.26.1" implementation "com.google.code.gson:gson:2.11.0" implementation 'com.squareup:javapoet:1.13.0' } diff --git a/commercetools/commercetools-graphql-api/build.gradle b/commercetools/commercetools-graphql-api/build.gradle index 4d526103fe4..465aefd5833 100644 --- a/commercetools/commercetools-graphql-api/build.gradle +++ b/commercetools/commercetools-graphql-api/build.gradle @@ -1,7 +1,7 @@ import com.commercetools.sdk.plugins.GraphQLPlugin plugins { - id "com.netflix.dgs.codegen" version "6.2.1" + id "com.netflix.dgs.codegen" version "6.2.2" } apply plugin:'com.netflix.dgs.codegen' @@ -16,7 +16,7 @@ dependencies { api jackson_core.databind api jackson_core.core api jackson_core.datatype - api 'com.netflix.graphql.dgs.codegen:graphql-dgs-codegen-shared-core:6.2.1' + api 'com.netflix.graphql.dgs.codegen:graphql-dgs-codegen-shared-core:6.2.2' } diff --git a/commercetools/commercetools-monitoring-opentelemetry/build.gradle b/commercetools/commercetools-monitoring-opentelemetry/build.gradle index b8171cbc952..95eddb118f1 100644 --- a/commercetools/commercetools-monitoring-opentelemetry/build.gradle +++ b/commercetools/commercetools-monitoring-opentelemetry/build.gradle @@ -1,7 +1,7 @@ dependencies { api project(":rmf:rmf-java-base") - implementation 'io.opentelemetry:opentelemetry-api:1.38.0' + implementation 'io.opentelemetry:opentelemetry-api:1.39.0' testImplementation project(":commercetools:commercetools-sdk-java-api") } diff --git a/commercetools/commercetools-reactornetty-client/build.gradle b/commercetools/commercetools-reactornetty-client/build.gradle index d8b56b74df6..772dd253b86 100644 --- a/commercetools/commercetools-reactornetty-client/build.gradle +++ b/commercetools/commercetools-reactornetty-client/build.gradle @@ -2,8 +2,8 @@ dependencies { api project(":rmf:rmf-java-base") - api "io.projectreactor.netty:reactor-netty-http:1.1.19" - api "io.projectreactor.netty:reactor-netty-core:1.1.19" + api "io.projectreactor.netty:reactor-netty-http:1.1.20" + api "io.projectreactor.netty:reactor-netty-core:1.1.20" implementation javax.validation } diff --git a/gradle-scripts/extensions.gradle b/gradle-scripts/extensions.gradle index a1b321c7fc8..4b69f5d1a4f 100644 --- a/gradle-scripts/extensions.gradle +++ b/gradle-scripts/extensions.gradle @@ -54,9 +54,9 @@ ext { ] junit = [ - junit: 'org.junit.jupiter:junit-jupiter:5.10.2', + junit: 'org.junit.jupiter:junit-jupiter:5.10.3', dataprovider: 'com.tngtech.junit.dataprovider:junit-jupiter-dataprovider:2.10', - jsonassert: 'org.skyscreamer:jsonassert:1.5.1', + jsonassert: 'org.skyscreamer:jsonassert:1.5.3', assertj: 'org.assertj:assertj-core:3.26.0' ] diff --git a/package.json b/package.json index b0ade09c064..fba1fa80ce3 100644 --- a/package.json +++ b/package.json @@ -9,10 +9,10 @@ "node": ">=14.15", "npm": ">=5" }, - "packageManager": "yarn@4.2.2", + "packageManager": "yarn@4.3.1", "dependencies": { "husky": "9.0.11", - "lint-staged": "15.2.5" + "lint-staged": "15.2.7" }, "scripts": { "postinstall": "husky install", diff --git a/yarn.lock b/yarn.lock index 32e9beadbec..ed0845d85df 100644 --- a/yarn.lock +++ b/yarn.lock @@ -80,7 +80,7 @@ __metadata: resolution: "commercetools-sdk-java-v2@workspace:." dependencies: husky: "npm:9.0.11" - lint-staged: "npm:15.2.5" + lint-staged: "npm:15.2.7" languageName: unknown linkType: soft @@ -221,9 +221,9 @@ __metadata: languageName: node linkType: hard -"lint-staged@npm:15.2.5": - version: 15.2.5 - resolution: "lint-staged@npm:15.2.5" +"lint-staged@npm:15.2.7": + version: 15.2.7 + resolution: "lint-staged@npm:15.2.7" dependencies: chalk: "npm:~5.3.0" commander: "npm:~12.1.0" @@ -237,7 +237,7 @@ __metadata: yaml: "npm:~2.4.2" bin: lint-staged: bin/lint-staged.js - checksum: 10c0/89c54489783510f86df15756659facade82e849c0cbfb564fe047b82be91c5d2b1b5608a4bfc5237bd7b9fd0e1206e66aa3e4f8cad3ac51e37a098b8492c2fa6 + checksum: 10c0/c14399f9782ae222a1748144254f24b5b9afc816dc8840bd02d50f523c6582796ff18410767eb1a73cf1a83bc6e492dea7b1c4f0912bf3e434c068221f13c878 languageName: node linkType: hard