diff --git a/.github/workflows/Lockfile.yml b/.github/workflows/Lockfile.yml index c01e8e0ef..87b4b9046 100644 --- a/.github/workflows/Lockfile.yml +++ b/.github/workflows/Lockfile.yml @@ -31,10 +31,10 @@ jobs: uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Verify action checksums - uses: chains-project/maven-lockfile/.github/actions/ghasum@4f87d2df69f7567b2de1edff73def60a79372755 # 5.8.0 + uses: chains-project/maven-lockfile/.github/actions/ghasum@05aeab3f62ea2a58fe670f64317d2f24546cc4ac # 5.8.1 - name: run maven-lockfile - uses: chains-project/maven-lockfile@4f87d2df69f7567b2de1edff73def60a79372755 # 5.8.0 + uses: chains-project/maven-lockfile@05aeab3f62ea2a58fe670f64317d2f24546cc4ac # 5.8.1 with: github-token: ${{ secrets.JRELEASER_GITHUB_TOKEN }} include-maven-plugins: true diff --git a/.github/workflows/LockfilePR.yml b/.github/workflows/LockfilePR.yml index 336a09003..52f966177 100644 --- a/.github/workflows/LockfilePR.yml +++ b/.github/workflows/LockfilePR.yml @@ -29,18 +29,18 @@ jobs: uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Verify action checksums - uses: chains-project/maven-lockfile/.github/actions/ghasum@4f87d2df69f7567b2de1edff73def60a79372755 # 5.8.0 + uses: chains-project/maven-lockfile/.github/actions/ghasum@05aeab3f62ea2a58fe670f64317d2f24546cc4ac # 5.8.1 - name: run maven-lockfile if: ${{ github.event.pull_request.head.repo.full_name == github.repository }} - uses: chains-project/maven-lockfile@4f87d2df69f7567b2de1edff73def60a79372755 # 5.8.0 + uses: chains-project/maven-lockfile@05aeab3f62ea2a58fe670f64317d2f24546cc4ac # 5.8.1 with: github-token: ${{ secrets.JRELEASER_GITHUB_TOKEN }} include-maven-plugins: true - name: run maven-lockfile (fork/external) if: ${{ github.event.pull_request.head.repo.full_name != github.repository }} - uses: chains-project/maven-lockfile@4f87d2df69f7567b2de1edff73def60a79372755 # 5.8.0 + uses: chains-project/maven-lockfile@05aeab3f62ea2a58fe670f64317d2f24546cc4ac # 5.8.1 with: github-token: ${{ secrets.GITHUB_TOKEN }} include-maven-plugins: true diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml index 48e51295a..c51b30599 100644 --- a/.github/workflows/code-qualitiy.yml +++ b/.github/workflows/code-qualitiy.yml @@ -34,7 +34,7 @@ jobs: uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Verify action checksums - uses: chains-project/maven-lockfile/.github/actions/ghasum@4f87d2df69f7567b2de1edff73def60a79372755 # 5.8.0 + uses: chains-project/maven-lockfile/.github/actions/ghasum@05aeab3f62ea2a58fe670f64317d2f24546cc4ac # 5.8.1 - name: Set up JDK 17 uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0 @@ -86,7 +86,7 @@ jobs: uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Verify action checksums - uses: chains-project/maven-lockfile/.github/actions/ghasum@4f87d2df69f7567b2de1edff73def60a79372755 # 5.8.0 + uses: chains-project/maven-lockfile/.github/actions/ghasum@05aeab3f62ea2a58fe670f64317d2f24546cc4ac # 5.8.1 - name: Set up JDK 17 uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 2f1dca042..603def8b3 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -63,7 +63,7 @@ jobs: uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Verify action checksums - uses: chains-project/maven-lockfile/.github/actions/ghasum@4f87d2df69f7567b2de1edff73def60a79372755 # 5.8.0 + uses: chains-project/maven-lockfile/.github/actions/ghasum@05aeab3f62ea2a58fe670f64317d2f24546cc4ac # 5.8.1 - name: Set up JDK 17 uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0 diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index e864c60fd..4467547aa 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -31,7 +31,7 @@ jobs: uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Verify action checksums - uses: chains-project/maven-lockfile/.github/actions/ghasum@4f87d2df69f7567b2de1edff73def60a79372755 # 5.8.0 + uses: chains-project/maven-lockfile/.github/actions/ghasum@05aeab3f62ea2a58fe670f64317d2f24546cc4ac # 5.8.1 - name: Dependency review uses: actions/dependency-review-action@40c09b7dc99638e5ddb0bfd91c1673effc064d8a # v4.8.1 diff --git a/.github/workflows/doc.yml b/.github/workflows/doc.yml index 9bd477651..dfb2243e4 100644 --- a/.github/workflows/doc.yml +++ b/.github/workflows/doc.yml @@ -30,7 +30,7 @@ jobs: token: ${{ secrets.GITHUB_TOKEN }} - name: Verify action checksums - uses: chains-project/maven-lockfile/.github/actions/ghasum@4f87d2df69f7567b2de1edff73def60a79372755 # 5.8.0 + uses: chains-project/maven-lockfile/.github/actions/ghasum@05aeab3f62ea2a58fe670f64317d2f24546cc4ac # 5.8.1 - name: Generate action.yml run: mvn generate-resources resources:copy-resources -q diff --git a/.github/workflows/ensure-release-notrunning.yml b/.github/workflows/ensure-release-notrunning.yml index 2fadbe85f..72fe6383b 100644 --- a/.github/workflows/ensure-release-notrunning.yml +++ b/.github/workflows/ensure-release-notrunning.yml @@ -24,7 +24,7 @@ jobs: uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Verify action checksums - uses: chains-project/maven-lockfile/.github/actions/ghasum@4f87d2df69f7567b2de1edff73def60a79372755 # 5.8.0 + uses: chains-project/maven-lockfile/.github/actions/ghasum@05aeab3f62ea2a58fe670f64317d2f24546cc4ac # 5.8.1 - name: Check for running release action if: ${{ !startsWith(github.head_ref, 'release/') && !startsWith(github.head_ref, 'beta-release/') }} diff --git a/.github/workflows/gha.sum b/.github/workflows/gha.sum index 98f3a4d43..0cf826df2 100755 --- a/.github/workflows/gha.sum +++ b/.github/workflows/gha.sum @@ -7,11 +7,10 @@ actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 0qLZUqMcil7hZ8idJYYxI/ actions/setup-java@387ac29b308b003ca37ba93a6cab5eb57c8f5f93 XE1eqHfEOlHsHx+3cUQA1OGC3jxGBnmx7eTIdEzwSoI= actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 Cn0rDfuNlsG0naRPXRAUwU3fAQ9P+sxzfPvU5EcNOQ8= actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 ZTERhL1FNPaoitPyTgsnA9lbOffV5BJ3FsNYFciQmGU= -chains-project/maven-lockfile@4f87d2df69f7567b2de1edff73def60a79372755 SOTV1SObAPR5+9TPRSxHKp02x8E2xcLShXGDT+/a4Sc= +chains-project/maven-lockfile@05aeab3f62ea2a58fe670f64317d2f24546cc4ac ClCU/HHFzymvZoicI8yqwKzF9y+J8JZ90jh3zug2dJM= github/codeql-action@4e94bd11f71e507f7f87df81788dff88d1dacbfb 0kPivh6lMtOcCoSnlU9zjrGksJBXXQRZhbr9G+jZKww= google/osv-scanner-action@e92b5d07338d4f0ba0981dffed17c48976ca4730 65YdECo8eNRxRcyvKGn+sBH7rWVINaUc0x5wPyV9Q3w= jreleaser/release-action@ad73772277e63d9f2bbf4f24a7bb1300388334d7 uCAaYYuyjM4iq8qflqOt5SzivqVnl3ZXt7vI9BWpHAo= ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a oHo5wLG0ePY4IIiiNfo0MU1uYrDKDkeV7MpBTJ39dQg= stefanzweifel/git-auto-commit-action@28e16e81777b558cc906c8750092100bbb34c5e3 g4PCgPHeeaVpSPTRcoBKth4QnrZGGQXwBEoEAsAXivs= -stefanzweifel/git-auto-commit-action@778341af668090896ca464160c2def5d1d1a3eb0 5+Y5J+dG+VvtR13IIYuBHcAdJAcnDBQU/U0sRO3YZZw= step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a fJwkMDFdylV4NgARDISD6NU03D0clX66qStzE3+HeJQ= diff --git a/.github/workflows/ghasum.yml b/.github/workflows/ghasum.yml index 2f7b2c893..0981d2193 100644 --- a/.github/workflows/ghasum.yml +++ b/.github/workflows/ghasum.yml @@ -30,7 +30,7 @@ jobs: repository: ${{ github.event.pull_request.head.repo.full_name }} - name: Update gha.sum - uses: chains-project/maven-lockfile/.github/actions/ghasum@4f87d2df69f7567b2de1edff73def60a79372755 # 5.8.0 + uses: chains-project/maven-lockfile/.github/actions/ghasum@05aeab3f62ea2a58fe670f64317d2f24546cc4ac # 5.8.1 with: mode: update diff --git a/.github/workflows/jreleaser-beta.yml b/.github/workflows/jreleaser-beta.yml index 2dca7102d..8f3d689e3 100644 --- a/.github/workflows/jreleaser-beta.yml +++ b/.github/workflows/jreleaser-beta.yml @@ -34,7 +34,7 @@ jobs: token: ${{ secrets.JRELEASER_GITHUB_TOKEN }} - name: Verify action checksums - uses: chains-project/maven-lockfile/.github/actions/ghasum@4f87d2df69f7567b2de1edff73def60a79372755 # 5.8.0 + uses: chains-project/maven-lockfile/.github/actions/ghasum@05aeab3f62ea2a58fe670f64317d2f24546cc4ac # 5.8.1 - name: Set up JDK 17 uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0 @@ -69,7 +69,7 @@ jobs: shell: bash - name: run maven-lockfile (validate lockfile) - uses: chains-project/maven-lockfile@4f87d2df69f7567b2de1edff73def60a79372755 # 5.8.0 + uses: chains-project/maven-lockfile@05aeab3f62ea2a58fe670f64317d2f24546cc4ac # 5.8.1 with: github-token: ${{ secrets.GITHUB_TOKEN }} include-maven-plugins: true diff --git a/.github/workflows/jreleaser.yml b/.github/workflows/jreleaser.yml index 709af05c8..a63432a99 100644 --- a/.github/workflows/jreleaser.yml +++ b/.github/workflows/jreleaser.yml @@ -42,7 +42,7 @@ jobs: token: ${{ secrets.JRELEASER_GITHUB_TOKEN }} - name: Verify action checksums - uses: chains-project/maven-lockfile/.github/actions/ghasum@4f87d2df69f7567b2de1edff73def60a79372755 # 5.8.0 + uses: chains-project/maven-lockfile/.github/actions/ghasum@05aeab3f62ea2a58fe670f64317d2f24546cc4ac # 5.8.1 - name: Set up JDK 17 uses: actions/setup-java@dded0888837ed1f317902acf8a20df0ad188d165 # v5.0.0 @@ -82,7 +82,7 @@ jobs: run: echo "NEXT_VERSION=$(semver next ${{ github.event.inputs.version }} $CURRENT_VERSION)" >> $GITHUB_ENV - name: run maven-lockfile (validate lockfile) - uses: chains-project/maven-lockfile@4f87d2df69f7567b2de1edff73def60a79372755 # 5.8.0 + uses: chains-project/maven-lockfile@05aeab3f62ea2a58fe670f64317d2f24546cc4ac # 5.8.1 with: github-token: ${{ secrets.GITHUB_TOKEN }} include-maven-plugins: true diff --git a/.github/workflows/osv-scanner-pr.yml b/.github/workflows/osv-scanner-pr.yml index db9e2ab8f..825d3ed43 100644 --- a/.github/workflows/osv-scanner-pr.yml +++ b/.github/workflows/osv-scanner-pr.yml @@ -40,7 +40,7 @@ jobs: fetch-depth: 0 - name: Verify action checksums - uses: chains-project/maven-lockfile/.github/actions/ghasum@4f87d2df69f7567b2de1edff73def60a79372755 # 5.8.0 + uses: chains-project/maven-lockfile/.github/actions/ghasum@05aeab3f62ea2a58fe670f64317d2f24546cc4ac # 5.8.1 - name: "Checkout target branch" run: | diff --git a/.github/workflows/osv-scanner-scheduled.yml b/.github/workflows/osv-scanner-scheduled.yml index d9147c75d..ff01a5a83 100644 --- a/.github/workflows/osv-scanner-scheduled.yml +++ b/.github/workflows/osv-scanner-scheduled.yml @@ -38,7 +38,7 @@ jobs: persist-credentials: false - name: Verify action checksums - uses: chains-project/maven-lockfile/.github/actions/ghasum@4f87d2df69f7567b2de1edff73def60a79372755 # 5.8.0 + uses: chains-project/maven-lockfile/.github/actions/ghasum@05aeab3f62ea2a58fe670f64317d2f24546cc4ac # 5.8.1 - name: Run scanner uses: google/osv-scanner-action/osv-scanner-action@e92b5d07338d4f0ba0981dffed17c48976ca4730 # v2.2.3 diff --git a/.github/workflows/regenerate-lockfile.yml b/.github/workflows/regenerate-lockfile.yml index b3b6c9c01..0b154da06 100644 --- a/.github/workflows/regenerate-lockfile.yml +++ b/.github/workflows/regenerate-lockfile.yml @@ -29,9 +29,9 @@ jobs: uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Verify action checksums - uses: chains-project/maven-lockfile/.github/actions/ghasum@4f87d2df69f7567b2de1edff73def60a79372755 # 5.8.0 + uses: chains-project/maven-lockfile/.github/actions/ghasum@05aeab3f62ea2a58fe670f64317d2f24546cc4ac # 5.8.1 - name: run maven-lockfile - uses: chains-project/maven-lockfile@4f87d2df69f7567b2de1edff73def60a79372755 # 5.8.0 + uses: chains-project/maven-lockfile@05aeab3f62ea2a58fe670f64317d2f24546cc4ac # 5.8.1 with: github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/smoke-tests.yml b/.github/workflows/smoke-tests.yml index 364eca88d..3ea58648e 100644 --- a/.github/workflows/smoke-tests.yml +++ b/.github/workflows/smoke-tests.yml @@ -39,7 +39,7 @@ jobs: uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Verify action checksums - uses: chains-project/maven-lockfile/.github/actions/ghasum@4f87d2df69f7567b2de1edff73def60a79372755 # 5.8.0 + uses: chains-project/maven-lockfile/.github/actions/ghasum@05aeab3f62ea2a58fe670f64317d2f24546cc4ac # 5.8.1 - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: diff --git a/lockfile.json b/lockfile.json index a3df2fc18..679152e9e 100644 --- a/lockfile.json +++ b/lockfile.json @@ -135,7 +135,7 @@ "allowPomValidationFailure": false, "includeEnvironment": true, "reduced": false, - "mavenLockfileVersion": "5.8.0", + "mavenLockfileVersion": "5.8.1", "checksumMode": "local", "checksumAlgorithm": "SHA-256" } diff --git a/maven_plugin/lockfile.json b/maven_plugin/lockfile.json index d595249c8..35dde99f2 100644 --- a/maven_plugin/lockfile.json +++ b/maven_plugin/lockfile.json @@ -2665,7 +2665,7 @@ "allowPomValidationFailure": false, "includeEnvironment": true, "reduced": false, - "mavenLockfileVersion": "5.8.0", + "mavenLockfileVersion": "5.8.1", "checksumMode": "local", "checksumAlgorithm": "SHA-256" }