From 1289e546ab25f0cbcbc29b51a9d9440f77c03d5e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 18 Dec 2024 18:07:36 +0100 Subject: [PATCH 1/3] build(deps): bump io.netty:netty-common (#192) Bumps [io.netty:netty-common](https://github.com/netty/netty) from 4.1.115.Final to 4.1.116.Final. - [Commits](https://github.com/netty/netty/compare/netty-4.1.115.Final...netty-4.1.116.Final) --- updated-dependencies: - dependency-name: io.netty:netty-common dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 6ac555f..8a95e2c 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -12,7 +12,7 @@ kotlin-reflect = { module = "org.jetbrains.kotlin:kotlin-reflect" } kotlin-stdlib-jdk8 = { module = "org.jetbrains.kotlin:kotlin-stdlib-jdk8" } kotlinx-coroutines-reactor = { module = "org.jetbrains.kotlinx:kotlinx-coroutines-reactor" } micrometer-registry-prometheus = { module = "io.micrometer:micrometer-registry-prometheus" } -netty-common = "io.netty:netty-common:4.1.115.Final" +netty-common = "io.netty:netty-common:4.1.116.Final" reactor-kotlin-extensions = { module = "io.projectreactor.kotlin:reactor-kotlin-extensions" } reactor-test = { module = "io.projectreactor:reactor-test" } spring-boot-devtools = { module = "org.springframework.boot:spring-boot-devtools" } From cd4c0dcc4ba5a3164b7334bbe06c42591d7f5278 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 19 Dec 2024 15:00:14 +0100 Subject: [PATCH 2/3] build(deps): bump gradle/actions from 4.2.1 to 4.2.2 (#193) Bumps [gradle/actions](https://github.com/gradle/actions) from 4.2.1 to 4.2.2. - [Release notes](https://github.com/gradle/actions/releases) - [Commits](https://github.com/gradle/actions/compare/cc4fc85e6b35bafd578d5ffbc76a5518407e1af0...0bdd871935719febd78681f197cd39af5b6e16a6) --- updated-dependencies: - dependency-name: gradle/actions dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/pipeline.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml index cf79a61..eeeddbe 100644 --- a/.github/workflows/pipeline.yml +++ b/.github/workflows/pipeline.yml @@ -29,7 +29,7 @@ jobs: java-version: "21.0" distribution: "temurin" - name: Setup Gradle - uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4.2.1 + uses: gradle/actions/setup-gradle@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2 - name: Build with Gradle run: ./gradlew build - name: Send status to Slack @@ -48,7 +48,7 @@ jobs: java-version: "21.0" distribution: "temurin" - name: Setup Gradle - uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4.2.1 + uses: gradle/actions/setup-gradle@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2 - name: Run license scanner run: ./gradlew checkLicense - name: Send status to Slack @@ -70,7 +70,7 @@ jobs: java-version: "21.0" distribution: "temurin" - name: Setup Gradle - uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4.2.1 + uses: gradle/actions/setup-gradle@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2 - name: Build container image run: ./gradlew bootBuildImage - name: Run Trivy vulnerability scanner @@ -131,7 +131,7 @@ jobs: path: ~/.sonar/cache key: ${{ runner.os }}-sonar - name: Setup Gradle - uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4.2.1 + uses: gradle/actions/setup-gradle@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2 - name: Scan with SonarQube env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any @@ -170,7 +170,7 @@ jobs: java-version: "21.0" distribution: "temurin" - name: Setup Gradle - uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4.2.1 + uses: gradle/actions/setup-gradle@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2 - name: Build and publish container image run: CONTAINER_REGISTRY_USER=${{ github.actor }} CONTAINER_REGISTRY_PASSWORD=${{ secrets.GITHUB_TOKEN }} ./gradlew bootBuildImage --publishImage - name: Install cosign From 2062bafa45e8a6dee6a5edeefbcdd3dadda95dac Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 2 Jan 2025 09:27:59 +0100 Subject: [PATCH 3/3] build(deps): bump org.springframework.boot from 3.4.0 to 3.4.1 (#194) Bumps [org.springframework.boot](https://github.com/spring-projects/spring-boot) from 3.4.0 to 3.4.1. - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](https://github.com/spring-projects/spring-boot/compare/v3.4.0...v3.4.1) --- updated-dependencies: - dependency-name: org.springframework.boot dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 8a95e2c..d725278 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -2,7 +2,7 @@ # @keep jacoco = "0.8.12" kotlin = "2.0.21" -spring-boot = "3.4.0" +spring-boot = "3.4.1" [libraries] archunit-junit5 = "com.tngtech.archunit:archunit-junit5:1.3.0"