From 5b5bd8f5150edebec7256db353d16d1fe8dc9d1c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 26 Feb 2026 23:06:35 +0000 Subject: [PATCH] Bump the github-actions group across 3 directories with 3 updates Bumps the github-actions group with 3 updates in the / directory: [gradle/actions](https://github.com/gradle/actions), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [actions/download-artifact](https://github.com/actions/download-artifact). Bumps the github-actions group with 1 update in the /.github/actions/build-dist directory: [actions/upload-artifact](https://github.com/actions/upload-artifact). Bumps the github-actions group with 1 update in the /.github/actions/init-integ-test directory: [actions/download-artifact](https://github.com/actions/download-artifact). Updates `gradle/actions` from 5.0.1 to 5.0.2 - [Release notes](https://github.com/gradle/actions/releases) - [Commits](https://github.com/gradle/actions/compare/f29f5a9d7b09a7c6b29859002d29d24e1674c884...0723195856401067f7a2779048b490ace7a47d7c) Updates `actions/upload-artifact` from 6.0.0 to 7.0.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/b7c566a772e6b6bfb58ed0dc250532a479d7789f...bbbca2ddaa5d8feaa63e36b76fdaad77386f024f) Updates `actions/download-artifact` from 7.0.0 to 8.0.0 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/37930b1c2abaa49bbe596cd826c3c89aef350131...70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3) Updates `actions/upload-artifact` from 6.0.0 to 7.0.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/b7c566a772e6b6bfb58ed0dc250532a479d7789f...bbbca2ddaa5d8feaa63e36b76fdaad77386f024f) Updates `actions/download-artifact` from 7.0.0 to 8.0.0 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/37930b1c2abaa49bbe596cd826c3c89aef350131...70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3) --- updated-dependencies: - dependency-name: gradle/actions dependency-version: 5.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/download-artifact dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/download-artifact dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/actions/build-dist/action.yml | 2 +- .github/actions/init-integ-test/action.yml | 2 +- .github/workflows/ci-check-and-unit-test.yml | 2 +- .github/workflows/ci-init-script-check.yml | 2 +- .github/workflows/ci-ossf-scorecard.yml | 2 +- .github/workflows/ci-validate-wrappers.yml | 2 +- .github/workflows/integ-test-dependency-graph.yml | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/actions/build-dist/action.yml b/.github/actions/build-dist/action.yml index 55cfa194..df0a7276 100644 --- a/.github/actions/build-dist/action.yml +++ b/.github/actions/build-dist/action.yml @@ -23,7 +23,7 @@ runs: cp -r sources/dist . - name: Upload distribution - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: dist path: dist/ diff --git a/.github/actions/init-integ-test/action.yml b/.github/actions/init-integ-test/action.yml index 36dc23a7..262f703f 100644 --- a/.github/actions/init-integ-test/action.yml +++ b/.github/actions/init-integ-test/action.yml @@ -23,7 +23,7 @@ runs: # Downloads a 'dist' directory artifact that was uploaded in an earlier 'build-dist' step - name: Download dist if: ${{ env.SKIP_DIST != 'true' && !env.ACT }} - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 with: name: dist path: dist/ diff --git a/.github/workflows/ci-check-and-unit-test.yml b/.github/workflows/ci-check-and-unit-test.yml index a0b17519..e0a17e85 100644 --- a/.github/workflows/ci-check-and-unit-test.yml +++ b/.github/workflows/ci-check-and-unit-test.yml @@ -26,7 +26,7 @@ jobs: cache-dependency-path: sources/package-lock.json - name: Setup Gradle # Use a released version to avoid breakages - uses: gradle/actions/setup-gradle@f29f5a9d7b09a7c6b29859002d29d24e1674c884 # v5.0.1 + uses: gradle/actions/setup-gradle@0723195856401067f7a2779048b490ace7a47d7c # v5.0.2 env: ALLOWED_GRADLE_WRAPPER_CHECKSUMS: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 # Invalid wrapper jar used for testing with: diff --git a/.github/workflows/ci-init-script-check.yml b/.github/workflows/ci-init-script-check.yml index 5526025c..70f14c06 100644 --- a/.github/workflows/ci-init-script-check.yml +++ b/.github/workflows/ci-init-script-check.yml @@ -30,7 +30,7 @@ jobs: java-version: 17 - name: Setup Gradle # Use a released version to avoid breakages - uses: gradle/actions/setup-gradle@f29f5a9d7b09a7c6b29859002d29d24e1674c884 # v5.0.1 + uses: gradle/actions/setup-gradle@0723195856401067f7a2779048b490ace7a47d7c # v5.0.2 env: ALLOWED_GRADLE_WRAPPER_CHECKSUMS: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 # Invalid wrapper jar used for testing - name: Run integration tests diff --git a/.github/workflows/ci-ossf-scorecard.yml b/.github/workflows/ci-ossf-scorecard.yml index c8bad931..b0dd67d1 100644 --- a/.github/workflows/ci-ossf-scorecard.yml +++ b/.github/workflows/ci-ossf-scorecard.yml @@ -44,7 +44,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: 'Upload artifact' - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: SARIF file path: results.sarif diff --git a/.github/workflows/ci-validate-wrappers.yml b/.github/workflows/ci-validate-wrappers.yml index d4450a00..9d527a24 100644 --- a/.github/workflows/ci-validate-wrappers.yml +++ b/.github/workflows/ci-validate-wrappers.yml @@ -12,6 +12,6 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - uses: gradle/actions/wrapper-validation@f29f5a9d7b09a7c6b29859002d29d24e1674c884 # v5.0.1 + - uses: gradle/actions/wrapper-validation@0723195856401067f7a2779048b490ace7a47d7c # v5.0.2 with: allow-checksums: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 diff --git a/.github/workflows/integ-test-dependency-graph.yml b/.github/workflows/integ-test-dependency-graph.yml index 8974b411..e193f60d 100644 --- a/.github/workflows/integ-test-dependency-graph.yml +++ b/.github/workflows/integ-test-dependency-graph.yml @@ -178,7 +178,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: Download dependency-graph artifact - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 with: path: downloaded-dependency-graphs pattern: dependency-graph_*dependency-graph-generate-submit-and-upload.json