diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index cd06b78572..a03669fab5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -59,7 +59,7 @@ jobs: if: github.event_name == 'push' && github.ref != 'refs/heads/main' run: ./gradlew spotlessApply - - uses: stefanzweifel/git-auto-commit-action@8621497c8c39c72f3e2a999a26b4ca1b5058a842 # v5.0.1 + - uses: stefanzweifel/git-auto-commit-action@e348103e9026cc0eee72ae06630dbe30c8bf7a79 # v5.1.0 id: commit_style_fix if: github.event_name == 'push' && github.ref != 'refs/heads/main' with: @@ -75,7 +75,7 @@ jobs: env: HASH: ${{steps.commit_style_fix.outputs.commit_hash}} - - uses: stefanzweifel/git-auto-commit-action@8621497c8c39c72f3e2a999a26b4ca1b5058a842 # v5.0.1 + - uses: stefanzweifel/git-auto-commit-action@e348103e9026cc0eee72ae06630dbe30c8bf7a79 # v5.1.0 id: commit_rev_ignore if: github.event_name == 'push' && github.ref != 'refs/heads/main' with: @@ -94,7 +94,7 @@ jobs: if: ${{ failure() }} run: cat licenses/dependencies-without-allowed-license.json - - uses: stefanzweifel/git-auto-commit-action@8621497c8c39c72f3e2a999a26b4ca1b5058a842 # v5.0.1 + - uses: stefanzweifel/git-auto-commit-action@e348103e9026cc0eee72ae06630dbe30c8bf7a79 # v5.1.0 id: commit_license_change if: github.event_name == 'push' && github.ref != 'refs/heads/main' with: diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 262544a714..a4509815b5 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -54,7 +54,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 + uses: github/codeql-action/init@dd196fa9ce80b6bacc74ca1c32bd5b0ba22efca7 # v3.28.3 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -68,7 +68,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 + uses: github/codeql-action/autobuild@dd196fa9ce80b6bacc74ca1c32bd5b0ba22efca7 # v3.28.3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -81,6 +81,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 + uses: github/codeql-action/analyze@dd196fa9ce80b6bacc74ca1c32bd5b0ba22efca7 # v3.28.3 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 89b0b1825f..d86fce305d 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -66,7 +66,7 @@ jobs: - run: rsync -r sdk/build/docs/javadoc/ doc/javadoc - - uses: stefanzweifel/git-auto-commit-action@8621497c8c39c72f3e2a999a26b4ca1b5058a842 # v5.0.1 + - uses: stefanzweifel/git-auto-commit-action@e348103e9026cc0eee72ae06630dbe30c8bf7a79 # v5.1.0 with: repository: doc commit_message: "Update javadoc" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e6bc347c5d..1a24236931 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -100,7 +100,7 @@ jobs: run: rm -rf reference.txt continue-on-error: true - - uses: stefanzweifel/git-auto-commit-action@8621497c8c39c72f3e2a999a26b4ca1b5058a842 # v5.0.1 + - uses: stefanzweifel/git-auto-commit-action@e348103e9026cc0eee72ae06630dbe30c8bf7a79 # v5.1.0 with: branch: after-release commit_message: "TASK: Updating version in README" @@ -161,7 +161,7 @@ jobs: - run: rsync -r sdk/build/docs/javadoc/ doc/javadoc - - uses: stefanzweifel/git-auto-commit-action@8621497c8c39c72f3e2a999a26b4ca1b5058a842 # v5.0.1 + - uses: stefanzweifel/git-auto-commit-action@e348103e9026cc0eee72ae06630dbe30c8bf7a79 # v5.1.0 with: repository: doc commit_message: "Update javadoc" diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index afcfe97139..06ce718609 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -59,7 +59,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 + uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 with: name: SARIF file path: results.sarif @@ -67,6 +67,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 + uses: github/codeql-action/upload-sarif@dd196fa9ce80b6bacc74ca1c32bd5b0ba22efca7 # v3.28.3 with: sarif_file: results.sarif diff --git a/build.gradle b/build.gradle index 41dec0e1d3..fb512c7931 100644 --- a/build.gradle +++ b/build.gradle @@ -66,7 +66,7 @@ allprojects { configurations { taglet { - resolutionStrategy.force("net.sourceforge.plantuml:plantuml:1.2024.8") + resolutionStrategy.force("net.sourceforge.plantuml:plantuml:1.2025.0") } } diff --git a/commercetools/commercetools-async-http-client/build.gradle b/commercetools/commercetools-async-http-client/build.gradle index 75e53993b0..ed33673ac3 100644 --- a/commercetools/commercetools-async-http-client/build.gradle +++ b/commercetools/commercetools-async-http-client/build.gradle @@ -3,10 +3,10 @@ dependencies { api project(":rmf:rmf-java-base") api "org.asynchttpclient:async-http-client:2.12.4" api commons.io version commons.io_version - api "io.netty:netty-codec:4.1.116.Final" - api "io.netty:netty-codec-http:4.1.116.Final" - api "io.netty:netty-codec-socks:4.1.116.Final" - api "io.netty:netty-handler-proxy:4.1.116.Final" - api "io.netty:netty-handler:4.1.116.Final" + api "io.netty:netty-codec:4.1.117.Final" + api "io.netty:netty-codec-http:4.1.117.Final" + api "io.netty:netty-codec-socks:4.1.117.Final" + api "io.netty:netty-handler-proxy:4.1.117.Final" + api "io.netty:netty-handler:4.1.117.Final" implementation javax.validation } diff --git a/commercetools/commercetools-monitoring-opentelemetry/build.gradle b/commercetools/commercetools-monitoring-opentelemetry/build.gradle index 5582527940..bc6b16d634 100644 --- a/commercetools/commercetools-monitoring-opentelemetry/build.gradle +++ b/commercetools/commercetools-monitoring-opentelemetry/build.gradle @@ -1,7 +1,7 @@ dependencies { api project(":rmf:rmf-java-base") - implementation 'io.opentelemetry:opentelemetry-api:1.45.0' + implementation 'io.opentelemetry:opentelemetry-api:1.46.0' testImplementation project(":commercetools:commercetools-sdk-java-api") } diff --git a/commercetools/commercetools-okhttp-client3/build.gradle b/commercetools/commercetools-okhttp-client3/build.gradle index 51b09e7baa..3a1dae2ce0 100644 --- a/commercetools/commercetools-okhttp-client3/build.gradle +++ b/commercetools/commercetools-okhttp-client3/build.gradle @@ -12,7 +12,7 @@ jmh { dependencies { api project(":rmf:rmf-java-base") - implementation "com.squareup.okio:okio:3.9.1" + implementation "com.squareup.okio:okio:3.10.2" api "com.squareup.okhttp3:okhttp:3.14.9" version { strictly "[3.0,4.0[" prefer "3.14.9" diff --git a/commercetools/commercetools-okhttp-client4/build.gradle b/commercetools/commercetools-okhttp-client4/build.gradle index fdb63d78df..9ee7818c4c 100644 --- a/commercetools/commercetools-okhttp-client4/build.gradle +++ b/commercetools/commercetools-okhttp-client4/build.gradle @@ -15,7 +15,7 @@ dependencies { strictly '[4.0,5.0[' prefer "4.12.0" } - implementation "com.squareup.okio:okio:3.9.1" + implementation "com.squareup.okio:okio:3.10.2" implementation javax.validation } diff --git a/commercetools/commercetools-reactornetty-client/build.gradle b/commercetools/commercetools-reactornetty-client/build.gradle index 91407439de..cb20e0c38e 100644 --- a/commercetools/commercetools-reactornetty-client/build.gradle +++ b/commercetools/commercetools-reactornetty-client/build.gradle @@ -2,8 +2,8 @@ dependencies { api project(":rmf:rmf-java-base") - api "io.projectreactor.netty:reactor-netty-http:1.2.1" - api "io.projectreactor.netty:reactor-netty-core:1.2.1" + api "io.projectreactor.netty:reactor-netty-http:1.2.2" + api "io.projectreactor.netty:reactor-netty-core:1.2.2" implementation javax.validation } diff --git a/commercetools/commercetools-sdk-compat-v1/build.gradle b/commercetools/commercetools-sdk-compat-v1/build.gradle index 69e51d9ef9..f107a97151 100644 --- a/commercetools/commercetools-sdk-compat-v1/build.gradle +++ b/commercetools/commercetools-sdk-compat-v1/build.gradle @@ -21,8 +21,8 @@ dependencies { api project(':commercetools:commercetools-sdk-java-api') api ctsdkv1.client version ctsdkv1.version api ctsdkv1.models version ctsdkv1.version - api "io.netty:netty-codec:4.1.116.Final" - api "io.netty:netty-codec-http:4.1.116.Final" + api "io.netty:netty-codec:4.1.117.Final" + api "io.netty:netty-codec-http:4.1.117.Final" jmhImplementation project(':commercetools:commercetools-async-http-client') jmhImplementation project(':commercetools:commercetools-apachehttp-client') diff --git a/gradle-scripts/extensions.gradle b/gradle-scripts/extensions.gradle index 74019be77b..0138ad87d8 100644 --- a/gradle-scripts/extensions.gradle +++ b/gradle-scripts/extensions.gradle @@ -54,7 +54,7 @@ ext { junit: 'org.junit.jupiter:junit-jupiter:5.11.4', dataprovider: 'com.tngtech.junit.dataprovider:junit-jupiter-dataprovider:2.10', jsonassert: 'org.skyscreamer:jsonassert:1.5.3', - assertj: 'org.assertj:assertj-core:3.27.2' + assertj: 'org.assertj:assertj-core:3.27.3' ] mockito = [ diff --git a/package.json b/package.json index 214bc21769..1c45072c5a 100644 --- a/package.json +++ b/package.json @@ -12,7 +12,7 @@ "packageManager": "yarn@4.6.0", "dependencies": { "husky": "9.1.7", - "lint-staged": "15.3.0" + "lint-staged": "15.4.2" }, "scripts": { "postinstall": "husky install", diff --git a/yarn.lock b/yarn.lock index d3d76897d2..56acda079a 100644 --- a/yarn.lock +++ b/yarn.lock @@ -37,7 +37,7 @@ __metadata: languageName: node linkType: hard -"chalk@npm:~5.4.1": +"chalk@npm:^5.4.1": version: 5.4.1 resolution: "chalk@npm:5.4.1" checksum: 10c0/b23e88132c702f4855ca6d25cb5538b1114343e41472d5263ee8a37cccfccd9c4216d111e1097c6a27830407a1dc81fecdf2a56f2c63033d4dbbd88c10b0dcef @@ -70,10 +70,10 @@ __metadata: languageName: node linkType: hard -"commander@npm:~12.1.0": - version: 12.1.0 - resolution: "commander@npm:12.1.0" - checksum: 10c0/6e1996680c083b3b897bfc1cfe1c58dfbcd9842fd43e1aaf8a795fbc237f65efcc860a3ef457b318e73f29a4f4a28f6403c3d653d021d960e4632dd45bde54a9 +"commander@npm:^13.1.0": + version: 13.1.0 + resolution: "commander@npm:13.1.0" + checksum: 10c0/7b8c5544bba704fbe84b7cab2e043df8586d5c114a4c5b607f83ae5060708940ed0b5bd5838cf8ce27539cde265c1cbd59ce3c8c6b017ed3eec8943e3a415164 languageName: node linkType: hard @@ -82,7 +82,7 @@ __metadata: resolution: "commercetools-sdk-java-v2@workspace:." dependencies: husky: "npm:9.1.7" - lint-staged: "npm:15.3.0" + lint-staged: "npm:15.4.2" languageName: unknown linkType: soft @@ -97,7 +97,7 @@ __metadata: languageName: node linkType: hard -"debug@npm:~4.4.0": +"debug@npm:^4.4.0": version: 4.4.0 resolution: "debug@npm:4.4.0" dependencies: @@ -130,7 +130,7 @@ __metadata: languageName: node linkType: hard -"execa@npm:~8.0.1": +"execa@npm:^8.0.1": version: 8.0.1 resolution: "execa@npm:8.0.1" dependencies: @@ -223,34 +223,34 @@ __metadata: languageName: node linkType: hard -"lilconfig@npm:~3.1.3": +"lilconfig@npm:^3.1.3": version: 3.1.3 resolution: "lilconfig@npm:3.1.3" checksum: 10c0/f5604e7240c5c275743561442fbc5abf2a84ad94da0f5adc71d25e31fa8483048de3dcedcb7a44112a942fed305fd75841cdf6c9681c7f640c63f1049e9a5dcc languageName: node linkType: hard -"lint-staged@npm:15.3.0": - version: 15.3.0 - resolution: "lint-staged@npm:15.3.0" +"lint-staged@npm:15.4.2": + version: 15.4.2 + resolution: "lint-staged@npm:15.4.2" dependencies: - chalk: "npm:~5.4.1" - commander: "npm:~12.1.0" - debug: "npm:~4.4.0" - execa: "npm:~8.0.1" - lilconfig: "npm:~3.1.3" - listr2: "npm:~8.2.5" - micromatch: "npm:~4.0.8" - pidtree: "npm:~0.6.0" - string-argv: "npm:~0.3.2" - yaml: "npm:~2.6.1" + chalk: "npm:^5.4.1" + commander: "npm:^13.1.0" + debug: "npm:^4.4.0" + execa: "npm:^8.0.1" + lilconfig: "npm:^3.1.3" + listr2: "npm:^8.2.5" + micromatch: "npm:^4.0.8" + pidtree: "npm:^0.6.0" + string-argv: "npm:^0.3.2" + yaml: "npm:^2.7.0" bin: lint-staged: bin/lint-staged.js - checksum: 10c0/1ddf9488c523c0b65c85b755428d4ad74fac3aa6ccb2e28e9bff5b8d86503158fe241d20d5433a11146872050b43580644901a5ef4c924b1ad7017c224a07339 + checksum: 10c0/08dd28149241788f7ca628a64c9c1817a9dfbe19517ba0317fdf96a1109f6d624948864edfeaf2936561bb49c65aeb32d5ddc75fb15afa2b6527024ef01a546b languageName: node linkType: hard -"listr2@npm:~8.2.5": +"listr2@npm:^8.2.5": version: 8.2.5 resolution: "listr2@npm:8.2.5" dependencies: @@ -284,7 +284,7 @@ __metadata: languageName: node linkType: hard -"micromatch@npm:~4.0.8": +"micromatch@npm:^4.0.8": version: 4.0.8 resolution: "micromatch@npm:4.0.8" dependencies: @@ -363,7 +363,7 @@ __metadata: languageName: node linkType: hard -"pidtree@npm:~0.6.0": +"pidtree@npm:^0.6.0": version: 0.6.0 resolution: "pidtree@npm:0.6.0" bin: @@ -432,7 +432,7 @@ __metadata: languageName: node linkType: hard -"string-argv@npm:~0.3.2": +"string-argv@npm:^0.3.2": version: 0.3.2 resolution: "string-argv@npm:0.3.2" checksum: 10c0/75c02a83759ad1722e040b86823909d9a2fc75d15dd71ec4b537c3560746e33b5f5a07f7332d1e3f88319909f82190843aa2f0a0d8c8d591ec08e93d5b8dec82 @@ -497,11 +497,11 @@ __metadata: languageName: node linkType: hard -"yaml@npm:~2.6.1": - version: 2.6.1 - resolution: "yaml@npm:2.6.1" +"yaml@npm:^2.7.0": + version: 2.7.0 + resolution: "yaml@npm:2.7.0" bin: yaml: bin.mjs - checksum: 10c0/aebf07f61c72b38c74d2b60c3a3ccf89ee4da45bcd94b2bfb7899ba07a5257625a7c9f717c65a6fc511563d48001e01deb1d9e55f0133f3e2edf86039c8c1be7 + checksum: 10c0/886a7d2abbd70704b79f1d2d05fe9fb0aa63aefb86e1cb9991837dced65193d300f5554747a872b4b10ae9a12bc5d5327e4d04205f70336e863e35e89d8f4ea9 languageName: node linkType: hard