Merge branch 'main' into diogo/add-dirty-waters-action

LogFlames · web-flow · commit 877272b1bcd8 · 2025-08-18T01:11:45.000+02:00
diff --git a/.github/workflows/Lockfile.yml b/.github/workflows/Lockfile.yml
@@ -28,7 +28,7 @@ jobs:
             sh.jbang.dev:443
 
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Verify action checksums
         uses: ./.github/actions/ghasum
diff --git a/.github/workflows/LockfilePR.yml b/.github/workflows/LockfilePR.yml
@@ -26,7 +26,7 @@ jobs:
             sh.jbang.dev:443
 
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Verify action checksums
         uses: ./.github/actions/ghasum
diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml
@@ -31,7 +31,7 @@ jobs:
             rekor.sigstore.dev:443
 
       - name: Checkout repostiory
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Verify action checksums
         uses: ./.github/actions/ghasum
@@ -83,7 +83,7 @@ jobs:
             tuf-repo-cdn.sigstore.dev:443
 
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Verify action checksums
         uses: ./.github/actions/ghasum
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -60,7 +60,7 @@ jobs:
             uploads.github.com:443
 
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Verify action checksums
         uses: ./.github/actions/ghasum
@@ -73,7 +73,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3.29.5
+        uses: github/codeql-action/init@v3.29.9
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -87,6 +87,6 @@ jobs:
         run: mvn -B  clean package
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3.29.5
+        uses: github/codeql-action/analyze@v3.29.9
         with:
           category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -28,7 +28,7 @@ jobs:
             release-assets.githubusercontent.com:443
 
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Verify action checksums
         uses: ./.github/actions/ghasum
diff --git a/.github/workflows/doc.yml b/.github/workflows/doc.yml
@@ -23,7 +23,7 @@ jobs:
             repo.maven.apache.org:443
 
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
         with:
           repository: ${{ github.event.pull_request.head.repo.full_name }}
           ref: ${{ github.event.pull_request.head.ref }}
diff --git a/.github/workflows/ensure-release-notrunning.yml b/.github/workflows/ensure-release-notrunning.yml
@@ -21,12 +21,13 @@ jobs:
             release-assets.githubusercontent.com:443
 
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Verify action checksums
         uses: ./.github/actions/ghasum
 
       - name: Check for running release action
+        if: ${{ !startsWith(github.head_ref, 'release/') }}
         env:
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         run: |
@@ -38,3 +39,9 @@ jobs:
             echo "✅ No running release workflows detected."
           fi
         shell: bash
+
+      - name: Skip check for release branch
+        if: ${{ startsWith(github.head_ref, 'release/') }}
+        run: |
+          echo "✅ Skipping release workflow check for release branch: ${{ github.head_ref }}"
+        shell: bash
diff --git a/.github/workflows/gha.sum b/.github/workflows/gha.sum
@@ -1,7 +1,7 @@
 version 1
 
-actions/cache@v4.2.3 A/Paejdu47oer1Zf9zbtOgbMTG3OmOiXsgB6oodFIOU=
-actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 g2V9DAwkHBbZHaTOx4M2g/r9wI49KupzyARL47t/rEQ=
+actions/cache@v4.2.4 Wn6UGuh8/0fkcOLI8uEQmhssKaMEfnm77brXOpwKe7A=
+actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 aYx2ZNrV/U9daVa5XJLnuR3depD7lQqzkyRhH4E9bOU=
 actions/dependency-review-action@v4.7.1 hJDiqW4455iVs8gVcWjiEbjhuvh0oXQKy9fN/BGF3LQ=
 actions/setup-go@v5.5.0 vSiNC7HetrtPF3QhZDzPHWyJ1e8pFltzruLjcw65Sok=
 actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93 XE1eqHfEOlHsHx+3cUQA1OGC3jxGBnmx7eTIdEzwSoI=
@@ -10,8 +10,8 @@ actions/setup-python@v5.6.0 MTHBGEHwb+MeIw3xRLiVuM/uyRfuK8hlVXL+Z/yEA8c=
 actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 kZHHfo2NsxevBRTKrZnUpDu0Cxgtj5Vooe4x4rylvg8=
 actions/upload-artifact@v4.6.2 kZHHfo2NsxevBRTKrZnUpDu0Cxgtj5Vooe4x4rylvg8=
 chains-project/dirty-waters-action@v1.11.52 JTXn8ep3K5YnkSpNVyVVe85RAxg2eQ2X+TKP5A6JgyA=
-github/codeql-action@51f77329afa6477de8c49fc9c7046c15b9a4e79d rTbCdqFnyGfvHQ2lm7GsGQdZMcFZ6fFkaW/+6s1LjG4=
-github/codeql-action@v3.29.5 rTbCdqFnyGfvHQ2lm7GsGQdZMcFZ6fFkaW/+6s1LjG4=
+github/codeql-action@df559355d593797519d70b90fc8edd5db049e7a2 1XCn2OqX5BdogKlLzmioh6Onlhz09pYq9eMNW7V1ZS4=
+github/codeql-action@v3.29.9 1XCn2OqX5BdogKlLzmioh6Onlhz09pYq9eMNW7V1ZS4=
 jreleaser/release-action@2.4.2 Ixc/05XDYYHGUvtC6Jt9gB/mpHPIwBX7PR8At1yEWSs=
 ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde NlVzVIaycy3fhYp7tgiwvpWvzSsPa48uTVejF6tHEog=
 stefanzweifel/git-auto-commit-action@v6.0.1 5+Y5J+dG+VvtR13IIYuBHcAdJAcnDBQU/U0sRO3YZZw=
diff --git a/.github/workflows/ghasum.yml b/.github/workflows/ghasum.yml
@@ -23,7 +23,7 @@ jobs:
             release-assets.githubusercontent.com:443
 
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
         with:
           token: ${{ secrets.JRELEASER_GITHUB_TOKEN }}
           ref: ${{ github.event.pull_request.head.ref }}
diff --git a/.github/workflows/jreleaser.yml b/.github/workflows/jreleaser.yml
@@ -33,7 +33,7 @@ jobs:
 
       # Setups the environment
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
         with:
           fetch-depth: 0
           token: ${{ secrets.JRELEASER_GITHUB_TOKEN }}
diff --git a/.github/workflows/regenerate-lockfile.yml b/.github/workflows/regenerate-lockfile.yml
@@ -26,7 +26,7 @@ jobs:
             sh.jbang.dev:443
 
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Verify action checksums
         uses: ./.github/actions/ghasum
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -51,7 +51,7 @@ jobs:
             www.bestpractices.dev:443
 
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
         with:
           persist-credentials: false
 
@@ -86,6 +86,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: Upload to code-scanning
-        uses: github/codeql-action/upload-sarif@51f77329afa6477de8c49fc9c7046c15b9a4e79d # v3.29.5
+        uses: github/codeql-action/upload-sarif@df559355d593797519d70b90fc8edd5db049e7a2 # v3.29.9
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/smoke-tests.yml b/.github/workflows/smoke-tests.yml
@@ -35,12 +35,12 @@ jobs:
             tuf-repo-cdn.sigstore.dev:443
 
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Verify action checksums
         uses: ./.github/actions/ghasum
 
-      - uses: actions/cache@v4.2.3
+      - uses: actions/cache@v4.2.4
         with:
           path: /root/.jbang
           key: $-jbang-$
diff --git a/action.yml b/action.yml
@@ -31,7 +31,7 @@ runs:
   using: "composite"
   steps:
     - name: checkout repository
-      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       with:
         fetch-depth: 0
         ref: ${{ github.event.pull_request.head.ref }}
diff --git a/maven_plugin/lockfile.json b/maven_plugin/lockfile.json
@@ -2226,27 +2226,27 @@
     {
       "groupId": "org.instancio",
       "artifactId": "instancio-junit",
-      "version": "5.5.0",
+      "version": "5.5.1",
       "checksumAlgorithm": "SHA-256",
-      "checksum": "214b065995d660a01b6dedcc1b4426ec09243e93b99e66ce1fe1368d59b4ca9c",
+      "checksum": "4c067058038a6f5f0139c7680b21e0e4d90d540899839bc6273283c3d4250229",
       "scope": "test",
-      "resolved": "https://repo.maven.apache.org/maven2/org/instancio/instancio-junit/5.5.0/instancio-junit-5.5.0.jar",
-      "selectedVersion": "5.5.0",
+      "resolved": "https://repo.maven.apache.org/maven2/org/instancio/instancio-junit/5.5.1/instancio-junit-5.5.1.jar",
+      "selectedVersion": "5.5.1",
       "included": true,
-      "id": "org.instancio:instancio-junit:5.5.0",
+      "id": "org.instancio:instancio-junit:5.5.1",
       "children": [
         {
           "groupId": "org.instancio",
           "artifactId": "instancio-core",
-          "version": "5.5.0",
+          "version": "5.5.1",
           "checksumAlgorithm": "SHA-256",
-          "checksum": "a9e37036c4d91141285a77dedff4744bf904526378d7d8079fb6e28a14278575",
+          "checksum": "cf941a74d3fe7bd822233385b30342129ea300e9e7d15edcd99ab6c10eda2f8d",
           "scope": "test",
-          "resolved": "https://repo.maven.apache.org/maven2/org/instancio/instancio-core/5.5.0/instancio-core-5.5.0.jar",
-          "selectedVersion": "5.5.0",
+          "resolved": "https://repo.maven.apache.org/maven2/org/instancio/instancio-core/5.5.1/instancio-core-5.5.1.jar",
+          "selectedVersion": "5.5.1",
           "included": true,
-          "id": "org.instancio:instancio-core:5.5.0",
-          "parent": "org.instancio:instancio-junit:5.5.0",
+          "id": "org.instancio:instancio-core:5.5.1",
+          "parent": "org.instancio:instancio-junit:5.5.1",
           "children": [
             {
               "groupId": "org.slf4j",
@@ -2259,7 +2259,7 @@
               "selectedVersion": "1.7.36",
               "included": false,
               "id": "org.slf4j:slf4j-api:2.0.17",
-              "parent": "org.instancio:instancio-core:5.5.0",
+              "parent": "org.instancio:instancio-core:5.5.1",
               "children": []
             }
           ]
diff --git a/maven_plugin/pom.xml b/maven_plugin/pom.xml
@@ -113,7 +113,7 @@
     <dependency>
       <groupId>org.instancio</groupId>
       <artifactId>instancio-junit</artifactId>
-      <version>5.5.0</version>
+      <version>5.5.1</version>
       <scope>test</scope>
     </dependency>
     <dependency>
diff --git a/template/action.yml b/template/action.yml
@@ -31,7 +31,7 @@ runs:
   using: "composite"
   steps:
     - name: checkout repository
-      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       with:
         fetch-depth: 0
         ref: ${{ github.event.pull_request.head.ref }}

-Original file line number
+Diff line change
@@ @@ -1,7 +1,7 @@ @@
 version 1
 -actions/[email protected].3 A/Paejdu47oer1Zf9zbtOgbMTG3OmOiXsgB6oodFIOU=
 -actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 g2V9DAwkHBbZHaTOx4M2g/r9wI49KupzyARL47t/rEQ=
 +actions/[email protected].4 Wn6UGuh8/0fkcOLI8uEQmhssKaMEfnm77brXOpwKe7A=
 +actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 aYx2ZNrV/U9daVa5XJLnuR3depD7lQqzkyRhH4E9bOU=
 actions/[email protected] hJDiqW4455iVs8gVcWjiEbjhuvh0oXQKy9fN/BGF3LQ=
 actions/[email protected] vSiNC7HetrtPF3QhZDzPHWyJ1e8pFltzruLjcw65Sok=
 actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93 XE1eqHfEOlHsHx+3cUQA1OGC3jxGBnmx7eTIdEzwSoI=
 actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 kZHHfo2NsxevBRTKrZnUpDu0Cxgtj5Vooe4x4rylvg8=
 actions/[email protected] kZHHfo2NsxevBRTKrZnUpDu0Cxgtj5Vooe4x4rylvg8=
 chains-project/[email protected] JTXn8ep3K5YnkSpNVyVVe85RAxg2eQ2X+TKP5A6JgyA=
 -github/codeql-action@51f77329afa6477de8c49fc9c7046c15b9a4e79d rTbCdqFnyGfvHQ2lm7GsGQdZMcFZ6fFkaW/+6s1LjG4=
 -github/[email protected].5 rTbCdqFnyGfvHQ2lm7GsGQdZMcFZ6fFkaW/+6s1LjG4=
 +github/codeql-action@df559355d593797519d70b90fc8edd5db049e7a2 1XCn2OqX5BdogKlLzmioh6Onlhz09pYq9eMNW7V1ZS4=
 +github/[email protected].9 1XCn2OqX5BdogKlLzmioh6Onlhz09pYq9eMNW7V1ZS4=
 jreleaser/[email protected] Ixc/05XDYYHGUvtC6Jt9gB/mpHPIwBX7PR8At1yEWSs=
 ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde NlVzVIaycy3fhYp7tgiwvpWvzSsPa48uTVejF6tHEog=
 stefanzweifel/[email protected] 5+Y5J+dG+VvtR13IIYuBHcAdJAcnDBQU/U0sRO3YZZw=