Bump the github-action-dependencies group with 5 updates

Bumps the github-action-dependencies group with 5 updates: | Package | From | To | | --- | --- | --- | | [github/codeql-action](https://github.com/github/codeql-action) | `3.24.0` | `3.24.5` | | [actions/setup-java](https://github.com/actions/setup-java) | `4.0.0` | `4.1.0` | | [JasonEtco/create-an-issue](https://github.com/jasonetco/create-an-issue) | `2.9.1` | `2.9.2` | | [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action) | `3.0.0` | `3.1.0` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `4.0.1` | `4.1.0` | Updates `github/codeql-action` from 3.24.0 to 3.24.5 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@e8893c5...47b3d88) Updates `actions/setup-java` from 4.0.0 to 4.1.0 - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](actions/setup-java@v4...v4.1.0) Updates `JasonEtco/create-an-issue` from 2.9.1 to 2.9.2 - [Release notes](https://github.com/jasonetco/create-an-issue/releases) - [Commits](JasonEtco/create-an-issue@e27dddc...1b14a70) Updates `gradle/gradle-build-action` from 3.0.0 to 3.1.0 - [Release notes](https://github.com/gradle/gradle-build-action/releases) - [Commits](gradle/gradle-build-action@3b1b3b9...29c0906) Updates `codecov/codecov-action` from 4.0.1 to 4.1.0 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@e0b68c6...54bcd87) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-action-dependencies - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-action-dependencies - dependency-name: JasonEtco/create-an-issue dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-action-dependencies - dependency-name: gradle/gradle-build-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-action-dependencies - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-action-dependencies ... Signed-off-by: dependabot[bot] <[email protected]>
amazon-ion · Feb 28, 2024 · a353368 · a353368
1 parent 3236b06
commit a353368
Show file tree

Hide file tree

Showing 6 changed files with 11 additions and 11 deletions.
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -41,7 +41,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@e8893c57a1f3a2b659b6b55564fdfdbbd2982911 # v3.24.0
+        uses: github/codeql-action/init@47b3d888fe66b639e431abf22ebca059152f1eea # v3.24.5
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -52,7 +52,7 @@ jobs:
       # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@e8893c57a1f3a2b659b6b55564fdfdbbd2982911 # v3.24.0
+        uses: github/codeql-action/autobuild@47b3d888fe66b639e431abf22ebca059152f1eea # v3.24.5
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 https://git.io/JvXDl
@@ -66,4 +66,4 @@ jobs:
       #   make release
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@e8893c57a1f3a2b659b6b55564fdfdbbd2982911 # v3.24.0
+        uses: github/codeql-action/analyze@47b3d888fe66b639e431abf22ebca059152f1eea # v3.24.5
diff --git a/.github/workflows/ion-java-performance-regression-detector.yml b/.github/workflows/ion-java-performance-regression-detector.yml
@@ -58,7 +58,7 @@ jobs:
 
     steps:
       - name: Set up JDK 11
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@v4.1.0
         with:
           distribution: 'corretto'
           java-version: 11

diff --git a/.github/workflows/ion-test-driver.yml b/.github/workflows/ion-test-driver.yml
@@ -82,7 +82,7 @@ jobs:
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # master
       - name: Open an issue
-        uses: JasonEtco/create-an-issue@e27dddc79c92bc6e4562f268fffa5ed752639abd # v2.9.1
+        uses: JasonEtco/create-an-issue@1b14a70e4d8dc185e5cc76d3bec9eab20257b2c5 # v2.9.2
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           GITHUB_WORKFLOW_URL: https://github.com/${{github.repository}}/actions/runs/${{github.run_id}}

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -25,20 +25,20 @@ jobs:
           submodules: recursive
       - uses: gradle/wrapper-validation-action@699bb18358f12c5b78b37bb0111d3a0e2276e0e2 # v2.1.1
       - name: Use java ${{ matrix.java }}
-        uses: actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93 # v4.0.0
+        uses: actions/setup-java@9704b39bf258b59bc04b50fa2dd55e9ed76b47a8 # v4.1.0
         with:
           distribution: 'corretto'
           java-version: ${{ matrix.java }}
-      - uses: gradle/gradle-build-action@3b1b3b9a2104c2b47fbae53f3938079c00c9bb87 # v3.0.0
+      - uses: gradle/gradle-build-action@29c0906b64b8fc82467890bfb7a0a7ef34bda89e # v3.1.0
         with:
           arguments: build
       - name: Test minified JAR
-        uses: gradle/gradle-build-action@3b1b3b9a2104c2b47fbae53f3938079c00c9bb87 # v3.0.0
+        uses: gradle/gradle-build-action@29c0906b64b8fc82467890bfb7a0a7ef34bda89e # v3.1.0
         with:
           arguments: minifyTest
       - run: ./ion-test-driver-run version
       - if: ${{ matrix.upload_reports }}
-        uses: codecov/codecov-action@e0b68c6749509c5f83f984dd99a76a1c1a231044 # v4.0.1
+        uses: codecov/codecov-action@54bcd8715eee62d40e33596ef5e8f0f48dbbccab # v4.1.0
         with:
           files: build/reports/jacoco/test/jacocoTestReport.xml
       - uses: actions/upload-artifact@1eb3cb2b3e0f29609092a73eb033bb759a334595 # v4.1.0

diff --git a/.github/workflows/publish-release-artifacts.yml b/.github/workflows/publish-release-artifacts.yml
@@ -51,7 +51,7 @@ jobs:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v3.6.0
         with:
           submodules: recursive
-      - uses: gradle/gradle-build-action@3b1b3b9a2104c2b47fbae53f3938079c00c9bb87 # v3.0.0
+      - uses: gradle/gradle-build-action@29c0906b64b8fc82467890bfb7a0a7ef34bda89e # v3.1.0
         with:
           arguments: build cyclonedxBom
       - name: Upload Jar to GitHub release

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -67,6 +67,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@e8893c57a1f3a2b659b6b55564fdfdbbd2982911 # v3.24.0
+        uses: github/codeql-action/upload-sarif@47b3d888fe66b639e431abf22ebca059152f1eea # v3.24.5
         with:
           sarif_file: results.sarif