Skip to content

Commit 6ba5843

Browse files
chore(deps): update weekly update (#13381)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
1 parent 08a0de3 commit 6ba5843

9 files changed

+19
-19
lines changed

.github/workflows/build-common.yml

+6-6
Original file line numberDiff line numberDiff line change
@@ -205,7 +205,7 @@ jobs:
205205
fi
206206
207207
- name: Upload agent jar
208-
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
208+
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
209209
with:
210210
name: opentelemetry-javaagent.jar
211211
path: javaagent/build/libs/opentelemetry-javaagent-*-SNAPSHOT.jar
@@ -216,7 +216,7 @@ jobs:
216216
mkdir sboms
217217
cp javaagent/build/spdx/*.spdx.json sboms
218218
219-
- uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
219+
- uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
220220
name: Upload SBOMs
221221
with:
222222
name: opentelemetry-java-instrumentation-SBOM.zip
@@ -272,7 +272,7 @@ jobs:
272272

273273
# vaadin tests use pnpm
274274
- name: Cache pnpm modules
275-
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0
275+
uses: actions/cache@0c907a75c2c80ebcb7f088228285e798b750cf8f # v4.2.1
276276
with:
277277
path: ~/.pnpm-store
278278
key: ${{ runner.os }}-test-cache-pnpm-modules
@@ -347,15 +347,15 @@ jobs:
347347
348348
- name: Upload deadlock detector artifacts if any
349349
if: failure()
350-
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
350+
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
351351
with:
352352
name: deadlock-detector-test-${{ matrix.test-java-version }}-${{ matrix.vm }}-${{ matrix.test-partition }}
353353
path: /tmp/deadlock-detector-*
354354
if-no-files-found: ignore
355355

356356
- name: Upload jvm crash dump files if any
357357
if: failure()
358-
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
358+
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
359359
with:
360360
name: javacore-test-${{ matrix.test-java-version }}-${{ matrix.test-partition }}
361361
path: |
@@ -419,7 +419,7 @@ jobs:
419419

420420
- name: Upload jvm crash dump files if any
421421
if: failure()
422-
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
422+
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
423423
with:
424424
name: javacore-smoke-test-${{ matrix.smoke-test-suite }}-${{ matrix.os }}
425425
# we expect crash dumps either in root director or in smoke-tests

.github/workflows/codeql.yml

+2-2
Original file line numberDiff line numberDiff line change
@@ -50,7 +50,7 @@ jobs:
5050
cache-read-only: ${{ github.event_name == 'pull_request' }}
5151

5252
- name: Initialize CodeQL
53-
uses: github/codeql-action/init@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9
53+
uses: github/codeql-action/init@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
5454
with:
5555
languages: java, actions
5656
# using "latest" helps to keep up with the latest Kotlin support
@@ -65,4 +65,4 @@ jobs:
6565
run: ./gradlew assemble -x javadoc -x :instrumentation:quarkus-resteasy-reactive:quarkus3-testing:quarkusGenerateCodeDev -x :instrumentation:quarkus-resteasy-reactive:quarkus2-testing:quarkusGenerateCodeDev --no-build-cache --no-daemon
6666

6767
- name: Perform CodeQL analysis
68-
uses: github/codeql-action/analyze@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9
68+
uses: github/codeql-action/analyze@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10

.github/workflows/ossf-scorecard.yml

+3-3
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@ jobs:
2323
with:
2424
persist-credentials: false
2525

26-
- uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
26+
- uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1
2727
with:
2828
results_file: results.sarif
2929
results_format: sarif
@@ -33,7 +33,7 @@ jobs:
3333
# uploads of run results in SARIF format to the repository Actions tab.
3434
# https://docs.github.com/en/actions/advanced-guides/storing-workflow-data-as-artifacts
3535
- name: "Upload artifact"
36-
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
36+
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
3737
with:
3838
name: SARIF file
3939
path: results.sarif
@@ -42,6 +42,6 @@ jobs:
4242
# Upload the results to GitHub's code scanning dashboard (optional).
4343
# Commenting out will disable upload of results to your repo's Code Scanning dashboard
4444
- name: "Upload to code-scanning"
45-
uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9
45+
uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
4646
with:
4747
sarif_file: results.sarif

.github/workflows/owasp-dependency-check-daily.yml

+1-1
Original file line numberDiff line numberDiff line change
@@ -38,7 +38,7 @@ jobs:
3838

3939
- name: Upload report
4040
if: always()
41-
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
41+
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
4242
with:
4343
path: javaagent/build/reports
4444

.github/workflows/publish-petclinic-benchmark-image.yml

+1-1
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,7 @@ jobs:
3232
run: echo "TS=$(date +'%Y%m%d%H%M%S')" >> $GITHUB_ENV
3333

3434
- name: Push to GitHub packages
35-
uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6.13.0
35+
uses: docker/build-push-action@0adf9959216b96bec444f325f1e493d4aa344497 # v6.14.0
3636
with:
3737
push: true
3838
file: benchmark-overhead/Dockerfile.petclinic

.github/workflows/release.yml

+1-1
Original file line numberDiff line numberDiff line change
@@ -120,7 +120,7 @@ jobs:
120120
cp javaagent/build/spdx/*.spdx.json sboms
121121
zip opentelemetry-java-instrumentation-SBOM.zip sboms/*
122122
123-
- uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
123+
- uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
124124
name: Upload SBOMs
125125
with:
126126
name: opentelemetry-java-instrumentation-SBOM

.github/workflows/reusable-test-indy.yml

+1-1
Original file line numberDiff line numberDiff line change
@@ -52,7 +52,7 @@ jobs:
5252

5353
# vaadin tests use pnpm
5454
- name: Cache pnpm modules
55-
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0
55+
uses: actions/cache@0c907a75c2c80ebcb7f088228285e798b750cf8f # v4.2.1
5656
with:
5757
path: ~/.pnpm-store
5858
key: ${{ runner.os }}-test-latest-cache-pnpm-modules

.github/workflows/reusable-test-latest-deps.yml

+3-3
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ jobs:
4646
4747
# vaadin tests use pnpm
4848
- name: Cache pnpm modules
49-
uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0
49+
uses: actions/cache@0c907a75c2c80ebcb7f088228285e798b750cf8f # v4.2.1
5050
with:
5151
path: ~/.pnpm-store
5252
key: ${{ runner.os }}-test-latest-cache-pnpm-modules
@@ -114,15 +114,15 @@ jobs:
114114
115115
- name: Upload deadlock detector artifacts if any
116116
if: failure()
117-
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
117+
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
118118
with:
119119
name: deadlock-detector-test-latest-${{ matrix.test-java-version }}-${{ matrix.vm }}-${{ matrix.test-partition }}
120120
path: /tmp/deadlock-detector-*
121121
if-no-files-found: ignore
122122

123123
- name: Upload jvm crash dump files if any
124124
if: failure()
125-
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
125+
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
126126
with:
127127
name: javacore-test-latest-${{ matrix.test-java-version }}-${{ matrix.test-partition }}
128128
path: |

benchmark-overhead/Dockerfile.petclinic

+1-1
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ RUN git checkout 8aa4d49
1313
RUN ./mvnw package -Dmaven.test.skip=true
1414
RUN cp target/spring-petclinic-rest*.jar /app/spring-petclinic-rest.jar
1515

16-
FROM bellsoft/liberica-openjdk-alpine:21.0.6@sha256:fab34f9e4ff5676582c2ed7d23f9a3a63cf7da0b2f9b5285885b849a88862aaf
16+
FROM bellsoft/liberica-openjdk-alpine:21.0.6@sha256:5f23f8082baea518a1657b420dbe19c181483255209b70af836543d6068fed8c
1717
COPY --from=app-build /app/spring-petclinic-rest.jar /app/spring-petclinic-rest.jar
1818
WORKDIR /app
1919
EXPOSE 9966

0 commit comments

Comments
 (0)