Skip to content

Commit

Permalink
dependency updates
Browse files Browse the repository at this point in the history
  • Loading branch information
ben-manes committed Jul 14, 2024
1 parent 5ada041 commit 7d18356
Show file tree
Hide file tree
Showing 37 changed files with 71 additions and 76 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/actionlint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ jobs:
github.com:443
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: actionlint
uses: reviewdog/action-actionlint@afad3b6ab835e5611bda8c8193377e2d5c21413d # v1.51.0
uses: reviewdog/action-actionlint@d99f1ceaf59e7db022a790dc308ccccb68dda71a # v1.53.0
env:
SHELLCHECK_OPTS: -e SC2001 -e SC2035 -e SC2046 -e SC2061 -e SC2086 -e SC2156
with:
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -195,7 +195,7 @@ jobs:
find . -path */jacoco/*.exec -o -path */results/*.xml
| tar czf ${{ env.ARTIFACT_NAME }}.tar.gz --files-from -
- name: Upload test results
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
if: always() && (env.JAVA_VERSION == env.PUBLISH_JDK)
with:
retention-days: 1
Expand Down Expand Up @@ -235,7 +235,7 @@ jobs:
with:
fetch-depth: 0
- name: Download Tests Results
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
- name: Decompress
run: find . -type f -name '*.tar.gz' -exec sh -c 'tar -zxf {} --one-top-level' \;
- name: Combine Jacoco Reports
Expand Down Expand Up @@ -287,11 +287,11 @@ jobs:
${{ env.ALLOWED_ENDPOINTS }}
badgen.net:443
- name: Download Tests
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
- name: Decompress
run: find . -type f -name '*.tar.gz' -exec sh -c 'tar -zxf {} --one-top-level' \;
- name: Publish Test Results
uses: EnricoMi/publish-unit-test-result-action@30eadd5010312f995f0d3b3cff7fe2984f69409e # v2.16.1
uses: EnricoMi/publish-unit-test-result-action@567cc7f8dcea3eba5da355f6ebc95663310d8a07 # v2.17.0
continue-on-error: true
id: test-results
with:
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/codacy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ jobs:
- name: Checkout code
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Run Codacy Analysis
uses: codacy/codacy-analysis-cli-action@master
uses: codacy/codacy-analysis-cli-action@97bf5df3c09e75f5bcd72695998f96ebd701846e # v4.4.5
continue-on-error: true
with:
format: sarif
Expand All @@ -47,7 +47,7 @@ jobs:
if: steps.check_files.outputs.files_exists == 'true'
run: jq -c '.runs |= unique_by({tool, invocations, results})' < results.sarif > codacy.sarif
- name: Upload result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12
if: steps.check_files.outputs.files_exists == 'true'
continue-on-error: true
with:
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
Expand Up @@ -57,10 +57,10 @@ jobs:
java: ${{ env.JAVA_VERSION }}
token: ${{ secrets.GITHUB_TOKEN }}
- name: Initialize CodeQL
uses: github/codeql-action/init@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
uses: github/codeql-action/init@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12
with:
languages: java
- name: Autobuild
uses: github/codeql-action/autobuild@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
uses: github/codeql-action/autobuild@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
uses: github/codeql-action/analyze@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12
2 changes: 1 addition & 1 deletion .github/workflows/dependency-check.yml
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ jobs:
with:
files: build/reports/dependency-check-report.sarif
- name: Upload result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12
if: steps.check_files.outputs.files_exists == 'true'
with:
sarif_file: build/reports/dependency-check-report.sarif
2 changes: 1 addition & 1 deletion .github/workflows/dependency-review.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ jobs:
- name: Checkout Repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Dependency Review
uses: actions/dependency-review-action@72eb03d02c7872a771aacd928f3123ac62ad6d3a # v4.3.3
uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4
with:
license-check: false
comment-summary-in-pr: on-failure
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/devskim.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,6 @@ jobs:
- name: Run DevSkim scanner
uses: microsoft/DevSkim-Action@914fa647b406c387000300b2f09bb28691be2b6d # v1.0.14
- name: Upload DevSkim scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12
with:
sarif_file: devskim-results.sarif
2 changes: 1 addition & 1 deletion .github/workflows/qodana.yml
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,6 @@ jobs:
with:
upload-result: true
- name: Upload SARIF file for GitHub Advanced Security Dashboard
uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12
with:
sarif_file: ${{ runner.temp }}/qodana/results/qodana.sarif.json
4 changes: 2 additions & 2 deletions .github/workflows/scorecards-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -51,12 +51,12 @@ jobs:
results_file: results.sarif
repo_token: ${{ secrets.SCORECARD_READ_TOKEN }}
- name: Upload artifact
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
with:
name: SARIF file
path: results.sarif
retention-days: 5
- name: Upload to code-scanning
uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12
with:
sarif_file: results.sarif
2 changes: 1 addition & 1 deletion .github/workflows/semgrep.yml
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,7 @@ jobs:
if: steps.check_files.outputs.files_exists == 'true'
run: jq -c '.runs[0].tool.driver.rules |= unique_by(.id)' < results.sarif > semgrep.sarif
- name: Upload SARIF file for GitHub Advanced Security Dashboard
uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12
if: steps.check_files.outputs.files_exists == 'true'
continue-on-error: true
with:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/snyk.yml
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ jobs:
with:
files: snyk.sarif
- name: Upload result to GitHub Code Scanning
uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12
if: steps.check_files.outputs.files_exists == 'true'
with:
sarif_file: snyk.sarif
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/spelling.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ jobs:
github.com:443
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Misspell
uses: reviewdog/action-misspell@30433ca7be17888deb78a32521706fb65defbf3f # v1.21.0
uses: reviewdog/action-misspell@278e1b3c7dd09d2827fa080919a40db73ccafe24 # v1.22.0
with:
reporter: github-check
github_token: ${{ secrets.GITHUB_TOKEN }}
Expand All @@ -34,4 +34,4 @@ jobs:
objects.githubusercontent.com:443
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Typos
uses: crate-ci/typos@c16dc8f5b4a7ad6211464ecf136c69c851e8e83c # v1.22.9
uses: crate-ci/typos@320b5781474d4470a36b7f0626b131e99850e9d2 # v1.23.2
4 changes: 2 additions & 2 deletions .github/workflows/trivy.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,12 +23,12 @@ jobs:
pkg-containers.githubusercontent.com:443
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@7c2007bcb556501da015201bcba5aa14069b74e2 # v0.23.0
uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0
with:
scan-type: fs
format: sarif
output: trivy-results.sarif
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12
with:
sarif_file: trivy-results.sarif
3 changes: 1 addition & 2 deletions caffeine/build.gradle.kts
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ sourceSets {
val compileJavaPoetJava by tasks.existing
val javaAgent: Configuration by configurations.creating
val collections4Sources: Configuration by configurations.creating
var javaPoetImplementation: Configuration = configurations["javaPoetImplementation"]
val javaPoetImplementation: Configuration = configurations["javaPoetImplementation"]

dependencies {
api(libs.checker.annotations)
Expand All @@ -39,7 +39,6 @@ dependencies {
testImplementation(libs.jctools)
testImplementation(libs.fastutil)
testImplementation(libs.lincheck)
testImplementation(libs.guava.testlib)
testImplementation(libs.commons.lang3)
testImplementation(libs.bundles.slf4j.test)
testImplementation(libs.commons.collections4)
Expand Down
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
[versions]
caffeine = "3.1.8"
junit = "5.11.0-M2"
reactor = "3.6.7"
truth = "1.4.3"
reactor = "3.6.8"
truth = "1.4.4"
versions = "0.51.0"

[libraries]
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
distributionUrl=https\://services.gradle.org/distributions/gradle-8.9-rc-1-bin.zip
distributionUrl=https\://services.gradle.org/distributions/gradle-8.9-bin.zip
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
zipStoreBase=GRADLE_USER_HOME
Expand Down
2 changes: 1 addition & 1 deletion examples/graal-native/gradle/libs.versions.toml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
caffeine = "3.1.8"
graal = "0.10.2"
junit = "5.11.0-M2"
truth = "1.4.3"
truth = "1.4.4"
versions = "0.51.0"

[libraries]
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
distributionUrl=https\://services.gradle.org/distributions/gradle-8.9-rc-1-bin.zip
distributionUrl=https\://services.gradle.org/distributions/gradle-8.9-bin.zip
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
zipStoreBase=GRADLE_USER_HOME
Expand Down
2 changes: 1 addition & 1 deletion examples/hibernate/gradle/libs.versions.toml
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ hibernate = "6.5.2.Final"
junit = "5.11.0-M2"
log4j2 = "3.0.0-beta2"
slf4j = "2.0.7"
truth = "1.4.3"
truth = "1.4.4"
versions = "0.51.0"

[libraries]
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
distributionUrl=https\://services.gradle.org/distributions/gradle-8.9-rc-1-bin.zip
distributionUrl=https\://services.gradle.org/distributions/gradle-8.9-bin.zip
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
zipStoreBase=GRADLE_USER_HOME
Expand Down
5 changes: 5 additions & 0 deletions examples/indexable/gradle.properties
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
org.gradle.configuration-cache=true
org.gradle.configureondemand=true
org.gradle.parallel=true
org.gradle.caching=true
org.gradle.daemon=true
2 changes: 1 addition & 1 deletion examples/indexable/gradle/libs.versions.toml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
caffeine = "3.1.8"
guava = "33.2.1-jre"
junit-jupiter = "5.11.0-M2"
truth = "1.4.3"
truth = "1.4.4"
versions = "0.51.0"

[libraries]
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
distributionUrl=https\://services.gradle.org/distributions/gradle-8.9-rc-1-bin.zip
distributionUrl=https\://services.gradle.org/distributions/gradle-8.9-bin.zip
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
zipStoreBase=GRADLE_USER_HOME
Expand Down
2 changes: 1 addition & 1 deletion examples/resilience-failsafe/gradle/libs.versions.toml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
caffeine = "3.1.8"
failsafe = "3.3.2"
junit = "5.11.0-M2"
truth = "1.4.3"
truth = "1.4.4"
versions = "0.51.0"

[libraries]
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
distributionUrl=https\://services.gradle.org/distributions/gradle-8.9-rc-1-bin.zip
distributionUrl=https\://services.gradle.org/distributions/gradle-8.9-bin.zip
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
zipStoreBase=GRADLE_USER_HOME
Expand Down
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
distributionUrl=https\://services.gradle.org/distributions/gradle-8.9-rc-1-bin.zip
distributionUrl=https\://services.gradle.org/distributions/gradle-8.9-bin.zip
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
zipStoreBase=GRADLE_USER_HOME
Expand Down
12 changes: 6 additions & 6 deletions gradle/libs.versions.toml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ commons-text = "1.12.0"
concurrentlinkedhashmap = "1.4.2"
config = "1.4.3"
coveralls = "2.12.2"
dependency-check = "10.0.1"
dependency-check = "10.0.2"
eclipse-collections = "12.0.0.M3"
ehcache3 = "3.10.8"
errorprone = "2.28.0"
Expand All @@ -41,8 +41,8 @@ hamcrest = "2.2"
hazelcast = "5.3.7"
httpclient = "4.5.14"
idea = "1.1.8"
jackrabbit = "1.64.0"
jackson = "2.17.1"
jackrabbit = "1.66.0"
jackson = "2.17.2"
jacoco = "0.8.12"
jakarta-inject = "2.0.1"
jamm = "0.4.0"
Expand All @@ -59,7 +59,7 @@ jmh-plugin = "0.7.2"
jmh-report = "0.9.6"
joor = "0.9.15"
json-bind = "1.0"
jsoup = "1.17.2"
jsoup = "1.18.1"
junit-testng = "1.0.5"
junit4 = "4.13.2"
junit5 = "5.11.0-M2"
Expand All @@ -86,11 +86,11 @@ snakeyaml = "2.2"
sonarqube = "5.1.0.4882"
spotbugs = "4.8.6"
spotbugs-contrib = "7.6.4"
spotbugs-plugin = "6.0.18"
spotbugs-plugin = "6.0.19"
stream = "2.9.8"
tcache = "2.0.1"
testng = "7.10.2"
truth = "1.4.3"
truth = "1.4.4"
univocity-parsers = "2.9.1"
versions = "0.51.0"
xz = "1.9"
Expand Down
2 changes: 1 addition & 1 deletion gradle/plugins/build.gradle.kts
Original file line number Diff line number Diff line change
Expand Up @@ -61,7 +61,7 @@ tasks.withType<DependencyUpdatesTask> {
componentSelection {
val ignoredGroups = listOf("com.beust", "org.apache.logging.log4j",
"org.jetbrains.kotlin", "org.gradle.kotlin.kotlin-dsl")
val stable = setOf("com.fasterxml.jackson", "com.squareup.okhttp3")
val stable = setOf("com.fasterxml.jackson", "com.google.protobuf", "com.squareup.okhttp3")
val isNonStable = "^[0-9,.v-]+(-r)?$".toRegex()
all {
if ((candidate.group in ignoredGroups) && (candidate.version != currentVersion)) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ plugins {
}

configurations.jmh {
extendsFrom(configurations.testImplementation.get())
extendsFrom(configurations["testImplementation"])
exclude(module = "jazzer-junit")
exclude(module = "slf4j-test")
}
Expand Down Expand Up @@ -95,7 +95,7 @@ tasks.named("jmhReport").configure {
}

idea.module {
scopes["PROVIDED"]!!["plus"]!!.add(configurations.jmh.get())
scopes["PROVIDED"]!!["plus"]!!.add(configurations["jmh"])
}

eclipse.classpath.file.whenMerged {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -31,9 +31,8 @@ tasks.withType<JavaCompile>().configureEach {
languageVersion = maxOf(javaVersion, JavaLanguageVersion.of(17))
}

options.compilerArgs.add("-Xlint:all,-auxiliaryclass,-exports,-processing,"
+ "-removal,-requires-automatic,-requires-transitive-automatic")
options.compilerArgs.addAll(listOf("-Xmaxerrs", "500", "-Xmaxwarns", "500"))
options.compilerArgs.addAll(listOf( "-Xlint:all", "-Xlint:-auxiliaryclass", "-Xlint:-classfile",
"-Xlint:-exports", "-Xlint:-processing", "-Xlint:-removal", "-Xlint:-requires-automatic"))
if (javaVersion.canCompileOrRun(21)) {
options.compilerArgs.add("-proc:full")
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ dependencies {
testImplementation(libs.hamcrest)
testImplementation(libs.awaitility)
testImplementation(libs.bundles.junit)
testImplementation(libs.guava.testlib)
testImplementation(libs.bundles.osgi.test.compile)

testImplementation(platform(libs.asm.bom))
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,8 @@ tasks.named<DependencyUpdatesTask>("dependencyUpdates").configure {
componentSelection {
all {
val ignoredGroups = listOf("com.beust", "org.apache.logging.log4j")
val stable = setOf("com.hazelcast", "javax.json.bind",
"org.jetbrains.kotlin", "org.osgi", "org.slf4j")
val stable = setOf("com.google.protobuf", "com.hazelcast",
"javax.json.bind", "org.jetbrains.kotlin", "org.osgi", "org.slf4j")
if ((candidate.group in stable) && isNonStable(candidate.version)) {
reject("Release candidate")
} else if ((candidate.module == "commons-io") && candidate.version.startsWith("2003")) {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -22,10 +22,10 @@ tasks.withType<JacocoReport>().configureEach {
}

tasks.withType<Test>().configureEach {
if (environment["JDK_EA"] == "true") {
if (System.getenv("JDK_EA") == "true") {
systemProperty("net.bytebuddy.experimental", true)
configure<JacocoTaskExtension> {
enabled = false
isEnabled = false
}
}
}
2 changes: 1 addition & 1 deletion gradle/wrapper/gradle-wrapper.properties
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
distributionUrl=https\://services.gradle.org/distributions/gradle-8.9-rc-1-bin.zip
distributionUrl=https\://services.gradle.org/distributions/gradle-8.9-bin.zip
distributionBase=GRADLE_USER_HOME
distributionPath=wrapper/dists
zipStoreBase=GRADLE_USER_HOME
Expand Down
Loading

0 comments on commit 7d18356

Please sign in to comment.