Merge branch 'main' into dependabot/gradle/org.testcontainers-postgresql-1.21.3

thpierce · web-flow · commit 86f138c551d7 · 2025-08-13T12:27:32.000-07:00
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -23,7 +23,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@v5
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
diff --git a/.github/workflows/docker-build-corretto-slim.yml b/.github/workflows/docker-build-corretto-slim.yml
@@ -19,7 +19,7 @@ jobs:
   build-corretto:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: gradle/wrapper-validation-action@v1
       - name: Configure AWS Credentials
         uses: aws-actions/configure-aws-credentials@v4
diff --git a/.github/workflows/docker-build-smoke-tests-fake-backend.yml b/.github/workflows/docker-build-smoke-tests-fake-backend.yml
@@ -20,7 +20,7 @@ jobs:
   build-docker:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: actions/setup-java@v4
         with:
           java-version: 17
diff --git a/.github/workflows/e2e-tests-app-with-java-agent.yml b/.github/workflows/e2e-tests-app-with-java-agent.yml
@@ -25,7 +25,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Java Instrumentation repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           fetch-depth: 0
 
@@ -71,15 +71,15 @@ jobs:
         env:
           COMMIT_HASH: ${{ inputs.image_tag }}
 
-      - uses: codecov/codecov-action@v3
+      - uses: codecov/codecov-action@v5
 
   test_Spring_App_With_Java_Agent:
     name: Test Spring App with AWS OTel Java agent
     needs: [ build_Images_For_Testing_Sample_App_With_Java_Agent ]
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - uses: actions/setup-java@v4
         with:
@@ -110,7 +110,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - uses: actions/setup-java@v4
         with:
@@ -141,7 +141,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - uses: actions/setup-java@v4
         with:
diff --git a/.github/workflows/e2e-tests-with-operator.yml b/.github/workflows/e2e-tests-with-operator.yml
@@ -34,7 +34,7 @@ jobs:
   build-sample-app:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           fetch-depth: 0
 
@@ -84,14 +84,14 @@ jobs:
       test-case-batch-value: ${{ steps.set-batches.outputs.batch-values }}
     steps:
       - name: Checkout Testing Framework repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           repository: ${{ env.TESTING_FRAMEWORK_REPO }}
           path: testing-framework
           ref: ${{ inputs.test_ref }}
 
       - name: Checkout Java Instrumentation repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           fetch-depth: 0
           path: aws-otel-java-instrumentation
@@ -126,7 +126,7 @@ jobs:
     steps:
       # required for versioning
       - name: Checkout Java Instrumentation repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           fetch-depth: 0
           path: aws-otel-java-instrumentation
@@ -151,7 +151,7 @@ jobs:
           role-duration-seconds: 14400
 
       - name: Checkout Testing Framework repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           repository: ${{ env.TESTING_FRAMEWORK_REPO }}
           path: testing-framework
diff --git a/.github/workflows/main-build.yml b/.github/workflows/main-build.yml
@@ -22,7 +22,7 @@ jobs:
     name: Test patches applied to dependencies
     runs-on: aws-otel-java-instrumentation_ubuntu-latest_32-core
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: actions/setup-java@v4
         with:
           java-version: 17
@@ -54,7 +54,7 @@ jobs:
       staging_registry: ${{ steps.imageOutput.outputs.stagingRegistry }}
       staging_repository: ${{ steps.imageOutput.outputs.stagingRepository }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           fetch-depth: 0
       - uses: actions/setup-java@v4
@@ -189,7 +189,7 @@ jobs:
     runs-on: ubuntu-latest
     needs: build
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           fetch-depth: 0
       - uses: actions/setup-java@v4
@@ -229,7 +229,7 @@ jobs:
   application-signals-lambda-layer-build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           fetch-depth: 0
       - uses: actions/setup-java@v4
diff --git a/.github/workflows/nightly-upstream-snapshot-build.yml b/.github/workflows/nightly-upstream-snapshot-build.yml
@@ -23,7 +23,7 @@ jobs:
       image_name: ${{ steps.imageOutput.outputs.imageName }}
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           fetch-depth: 0
 
@@ -129,7 +129,7 @@ jobs:
     runs-on: ubuntu-latest
     needs: build
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
         with:
           fetch-depth: 0
       - uses: actions/setup-java@v4
diff --git a/.github/workflows/owasp.yml b/.github/workflows/owasp.yml
@@ -8,8 +8,10 @@
 name: Daily scan
 
 on:
-  schedule:
-    - cron: '0 18 * * *' # scheduled to run at 18:00 UTC every day
+  schedule: # scheduled to run at 14:00, 20:00, 02:00 UTC every day
+    - cron: '0 14 * * *' # 6:00/7:00   PST/PDT (14:00 UTC)
+    - cron: '0 20 * * *' # 12:00/13:00 PST/PDT (20:00 UTC)
+    - cron: '0 02 * * *' # 18:00/19:00 PST/PDT (02:00 UTC)
   workflow_dispatch: # be able to run the workflow on demand
 
 env:
@@ -24,7 +26,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repo for dependency scan
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           fetch-depth: 0
 
@@ -41,7 +43,7 @@ jobs:
           aws-region: ${{ env.AWS_DEFAULT_REGION }}
 
       - name: Get NVD API key for dependency scan
-        uses: aws-actions/aws-secretsmanager-get-secrets@v1
+        uses: aws-actions/aws-secretsmanager-get-secrets@v2
         id: nvd_api_key
         with:
           secret-ids: ${{ secrets.NVD_API_KEY_SECRET_ARN }}
@@ -97,15 +99,15 @@ jobs:
         id: high_scan_v2
         uses: ./.github/actions/image_scan
         with:
-          image-ref: "public.ecr.aws/aws-observability/adot-autoinstrumentation-java:v2.11.1"
+          image-ref: "public.ecr.aws/aws-observability/adot-autoinstrumentation-java:v2.11.2"
           severity: 'CRITICAL,HIGH'
 
       - name: Perform low image scan on v2
         if: always()
         id: low_scan_v2
         uses: ./.github/actions/image_scan
         with:
-          image-ref: "public.ecr.aws/aws-observability/adot-autoinstrumentation-java:v2.11.1"
+          image-ref: "public.ecr.aws/aws-observability/adot-autoinstrumentation-java:v2.11.2"
           severity: 'MEDIUM,LOW,UNKNOWN'
 
       - name: Configure AWS Credentials for emitting metrics
diff --git a/.github/workflows/patch-release-build.yml b/.github/workflows/patch-release-build.yml
@@ -37,14 +37,14 @@ jobs:
         name: Check out release branch
         # Will fail if there is no release branch yet or succeed otherwise
         continue-on-error: true
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           ref: ${{ steps.parse-release-branch.outputs.release-branch-name }}
       - id: checkout-release-tag
         name: Check out release tag
         # If there is already a release branch, the previous step succeeds and we don't run this or the next one.
         if: ${{ steps.checkout-release-branch.outcome == 'failure' }}
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           ref: ${{ steps.parse-release-branch.outputs.release-tag-name }}
       - name: Create release branch
@@ -57,7 +57,7 @@ jobs:
     needs: prepare-release-branch
     steps:
       - name: Checkout release branch
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           ref: ${{ needs.prepare-release-branch.outputs.release-branch-name }}
 
diff --git a/.github/workflows/pr-build.yml b/.github/workflows/pr-build.yml
@@ -12,7 +12,7 @@ jobs:
     name: Test patches applied to dependencies
     runs-on: aws-otel-java-instrumentation_ubuntu-latest_32-core
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - uses: actions/setup-java@v4
         with:
@@ -54,7 +54,7 @@ jobs:
           # https://github.com/open-telemetry/opentelemetry-java/issues/4560
           - os: ${{ startsWith(github.event.pull_request.base.ref, 'release/v') && 'windows-latest' || '' }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
 
       - uses: actions/setup-java@v4
         with:
@@ -158,13 +158,13 @@ jobs:
         if: ${{ matrix.os != 'ubuntu-latest' && (hashFiles('.github/patches/opentelemetry-java*.patch') == '' || matrix.os != 'windows-latest' ) }} # build on windows as well unless a patch exists
         with:
           arguments: build --stacktrace -PenableCoverage=true
-      - uses: codecov/codecov-action@v3
+      - uses: codecov/codecov-action@v5
 
   build-lambda:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Repo @ SHA - ${{ github.sha }}
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Setup Java
         uses: actions/setup-java@v4
diff --git a/.github/workflows/release-build.yml b/.github/workflows/release-build.yml
@@ -24,7 +24,7 @@ jobs:
     environment: Release
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
       - uses: actions/setup-java@v4
         with:
           java-version: 17
diff --git a/.github/workflows/release-lambda.yml b/.github/workflows/release-lambda.yml
@@ -40,7 +40,7 @@ jobs:
           echo "aws_regions_json=${MATRIX}" >> $GITHUB_OUTPUT
 
       - name: Checkout Repo @ SHA - ${{ github.sha }}
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - uses: actions/setup-java@v4
         with:
@@ -154,7 +154,7 @@ jobs:
     needs: publish-prod
     steps:
       - name: Checkout Repo @ SHA - ${{ github.sha }}
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
       - uses: hashicorp/setup-terraform@v2
       - name: download layerARNs
         uses: actions/download-artifact@v5
diff --git a/.github/workflows/release-udp-exporter.yml b/.github/workflows/release-udp-exporter.yml
@@ -26,7 +26,7 @@ jobs:
     needs: validate-udp-exporter-e2e-test
     steps:
       - name: Checkout Repo @ SHA - ${{ github.sha }}
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up Java
         uses: actions/setup-java@v4
diff --git a/.github/workflows/soak-testing.yml b/.github/workflows/soak-testing.yml
@@ -63,7 +63,7 @@ jobs:
         run: |
           echo "TEST_DURATION_MINUTES=${{ github.event.inputs.test_duration_minutes || env.DEFAULT_TEST_DURATION_MINUTES }}" | tee --append $GITHUB_ENV;
       - name: Clone This Repo @ ${{ env.TARGET_SHA }}
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           ref: ${{ env.TARGET_SHA }}
 
@@ -110,7 +110,7 @@ jobs:
           aws ecr-public get-login-password |
           docker login --username AWS --password-stdin public.ecr.aws
       - name: Build Sample App locally directly to the Docker daemon
-        uses: burrunan/gradle-cache-action@v1
+        uses: burrunan/gradle-cache-action@v2
         with:
           arguments: jibDockerBuild
         env:
diff --git a/.github/workflows/udp-exporter-e2e-test.yml b/.github/workflows/udp-exporter-e2e-test.yml
@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Repo @ SHA - ${{ github.sha }}
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Set up Java
         uses: actions/setup-java@v4
diff --git a/tools/cp-utility/Cargo.lock b/tools/cp-utility/Cargo.lock
diff --git a/tools/cp-utility/Cargo.toml b/tools/cp-utility/Cargo.toml
