diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index be9682fc1de..2dc740aec99 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -191,6 +191,6 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Generate and submit dependency graph if: github.event_name == 'workflow_dispatch' || github.event_name == 'push' && github.ref == 'refs/heads/main' - uses: gradle/actions/dependency-submission@8379f6a1328ee0e06e2bb424dadb7b159856a326 # v4.4.0 + uses: gradle/actions/dependency-submission@ac638b010cf58a27ee6c972d7336334ccaf61c96 # v4.4.1 with: github-token: ${{ steps.generate_github_token.outputs.token }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 7ac66cb323f..c7be49f319f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -54,7 +54,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@fca7ace96b7d713c7035871441bd52efbe39e27e # v3.28.19 + uses: github/codeql-action/init@39edc492dbe16b1465b0cafca41432d857bdb31a # v3.29.1 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -68,7 +68,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@fca7ace96b7d713c7035871441bd52efbe39e27e # v3.28.19 + uses: github/codeql-action/autobuild@39edc492dbe16b1465b0cafca41432d857bdb31a # v3.29.1 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -81,6 +81,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@fca7ace96b7d713c7035871441bd52efbe39e27e # v3.28.19 + uses: github/codeql-action/analyze@39edc492dbe16b1465b0cafca41432d857bdb31a # v3.29.1 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index 94d4c625bfa..100eb7c9c26 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -36,7 +36,7 @@ jobs: - name: Run Semgrep run: semgrep scan --sarif --output=semgrep.sarif --config=p/auto --config=p/dockerfile --config=p/typescript --config=p/javascript --config=p/java --metrics=off --verbose - name: Upload SARIF file for GitHub Advanced Security Dashboard - uses: github/codeql-action/upload-sarif@97a2bfd2a3d26d458da69e548f7f859d6fca634d # v2.16.1 + uses: github/codeql-action/upload-sarif@b8d3b6e8af63cde30bdc382c0bc28114f4346c88 # v2.28.1 with: sarif_file: semgrep.sarif if: always() diff --git a/build.gradle b/build.gradle index 25efcd2d207..f8dc4194fab 100644 --- a/build.gradle +++ b/build.gradle @@ -66,7 +66,7 @@ allprojects { configurations { taglet { - resolutionStrategy.force("net.sourceforge.plantuml:plantuml:1.2025.3") + resolutionStrategy.force("net.sourceforge.plantuml:plantuml:1.2025.4") } } diff --git a/commercetools/commercetools-monitoring-datadog/build.gradle b/commercetools/commercetools-monitoring-datadog/build.gradle index dca012c238b..0caada3f086 100644 --- a/commercetools/commercetools-monitoring-datadog/build.gradle +++ b/commercetools/commercetools-monitoring-datadog/build.gradle @@ -1,7 +1,7 @@ dependencies { api project(":rmf:rmf-java-base") implementation "com.datadoghq:java-dogstatsd-client:4.4.4" - implementation "com.datadoghq:datadog-api-client:2.35.0" + implementation "com.datadoghq:datadog-api-client:2.38.0" testImplementation project(":commercetools:commercetools-sdk-java-api") } diff --git a/commercetools/commercetools-monitoring-opentelemetry/build.gradle b/commercetools/commercetools-monitoring-opentelemetry/build.gradle index 3ad278b4582..dbf39b99597 100644 --- a/commercetools/commercetools-monitoring-opentelemetry/build.gradle +++ b/commercetools/commercetools-monitoring-opentelemetry/build.gradle @@ -1,7 +1,7 @@ dependencies { api project(":rmf:rmf-java-base") - implementation 'io.opentelemetry:opentelemetry-api:1.50.0' + implementation 'io.opentelemetry:opentelemetry-api:1.51.0' testImplementation project(":commercetools:commercetools-sdk-java-api") } diff --git a/commercetools/commercetools-okhttp-client3/build.gradle b/commercetools/commercetools-okhttp-client3/build.gradle index ed9921475ba..57bcfe776a3 100644 --- a/commercetools/commercetools-okhttp-client3/build.gradle +++ b/commercetools/commercetools-okhttp-client3/build.gradle @@ -12,7 +12,7 @@ jmh { dependencies { api project(":rmf:rmf-java-base") - implementation "com.squareup.okio:okio:3.12.0" + implementation "com.squareup.okio:okio:3.14.0" api "com.squareup.okhttp3:okhttp:3.14.9" version { strictly "[3.0,3.99999]" prefer "3.14.9" diff --git a/commercetools/commercetools-okhttp-client4/build.gradle b/commercetools/commercetools-okhttp-client4/build.gradle index e79e2ff9336..9be09207f5b 100644 --- a/commercetools/commercetools-okhttp-client4/build.gradle +++ b/commercetools/commercetools-okhttp-client4/build.gradle @@ -15,7 +15,7 @@ dependencies { strictly '[4.0,4.99999]' prefer "4.12.0" } - implementation "com.squareup.okio:okio:3.12.0" + implementation "com.squareup.okio:okio:3.14.0" implementation javax.validation } diff --git a/commercetools/commercetools-reactornetty-client/build.gradle b/commercetools/commercetools-reactornetty-client/build.gradle index 7f3261042d8..414c3420d9e 100644 --- a/commercetools/commercetools-reactornetty-client/build.gradle +++ b/commercetools/commercetools-reactornetty-client/build.gradle @@ -2,8 +2,8 @@ dependencies { api project(":rmf:rmf-java-base") - api "io.projectreactor.netty:reactor-netty-http:1.2.6" - api "io.projectreactor.netty:reactor-netty-core:1.2.6" + api "io.projectreactor.netty:reactor-netty-http:1.2.7" + api "io.projectreactor.netty:reactor-netty-core:1.2.7" implementation javax.validation } diff --git a/common-plugins/build.gradle b/common-plugins/build.gradle index 9c63ae7d37a..a2a77f88eba 100644 --- a/common-plugins/build.gradle +++ b/common-plugins/build.gradle @@ -1,7 +1,7 @@ plugins { id 'java-gradle-plugin' id 'idea' - id 'org.jetbrains.kotlin.jvm' version "2.1.21" + id 'org.jetbrains.kotlin.jvm' version "2.2.0" } repositories { diff --git a/common-plugins/javaparser/build.gradle b/common-plugins/javaparser/build.gradle index 117bce3f68b..c9e8ef5e7c7 100644 --- a/common-plugins/javaparser/build.gradle +++ b/common-plugins/javaparser/build.gradle @@ -15,5 +15,5 @@ shadowJar { } dependencies { - implementation 'com.github.javaparser:javaparser-core:3.26.4' + implementation 'com.github.javaparser:javaparser-core:3.27.0' } diff --git a/gradle-scripts/extensions.gradle b/gradle-scripts/extensions.gradle index 5cfd7e1f932..563d299cbdc 100644 --- a/gradle-scripts/extensions.gradle +++ b/gradle-scripts/extensions.gradle @@ -31,10 +31,10 @@ ext { jackson_core = [ version: '2.19.0', - annotations: 'com.fasterxml.jackson.core:jackson-annotations:2.19.0', - databind: 'com.fasterxml.jackson.core:jackson-databind:2.19.0', - core: 'com.fasterxml.jackson.core:jackson-core:2.19.0', - datatype: 'com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.19.0', + annotations: 'com.fasterxml.jackson.core:jackson-annotations:2.19.1', + databind: 'com.fasterxml.jackson.core:jackson-databind:2.19.1', + core: 'com.fasterxml.jackson.core:jackson-core:2.19.1', + datatype: 'com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.19.1', ] google = [ @@ -56,7 +56,7 @@ ext { ] junit = [ - junit: 'org.junit.jupiter:junit-jupiter:5.13.0', + junit: 'org.junit.jupiter:junit-jupiter:5.13.2', jsonassert: 'org.skyscreamer:jsonassert:1.5.3', assertj: 'org.assertj:assertj-core:3.27.3' ] diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index 002b867c48b..ff23a68d70f 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,6 +1,6 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-8.14.1-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.14.2-bin.zip networkTimeout=10000 validateDistributionUrl=true zipStoreBase=GRADLE_USER_HOME diff --git a/package.json b/package.json index ad3142de06b..c9112f836b1 100644 --- a/package.json +++ b/package.json @@ -12,7 +12,7 @@ "packageManager": "yarn@4.9.2", "dependencies": { "husky": "9.1.7", - "lint-staged": "16.1.0" + "lint-staged": "16.1.2" }, "scripts": { "postinstall": "husky install", diff --git a/yarn.lock b/yarn.lock index 45c283c57f1..db7d9e0fada 100644 --- a/yarn.lock +++ b/yarn.lock @@ -82,7 +82,7 @@ __metadata: resolution: "commercetools-sdk-java-v2@workspace:." dependencies: husky: "npm:9.1.7" - lint-staged: "npm:16.1.0" + lint-staged: "npm:16.1.2" languageName: unknown linkType: soft @@ -174,9 +174,9 @@ __metadata: languageName: node linkType: hard -"lint-staged@npm:16.1.0": - version: 16.1.0 - resolution: "lint-staged@npm:16.1.0" +"lint-staged@npm:16.1.2": + version: 16.1.2 + resolution: "lint-staged@npm:16.1.2" dependencies: chalk: "npm:^5.4.1" commander: "npm:^14.0.0" @@ -190,7 +190,7 @@ __metadata: yaml: "npm:^2.8.0" bin: lint-staged: bin/lint-staged.js - checksum: 10c0/5cc33d61ec2c682e488eb3fcea5c153ce486623b80314f2c56af438ad78d73c7fcd3e7c911d273ac740bd34f1e030d35d4fb92d8e476984150c0c59724ac7fa4 + checksum: 10c0/2a299fc0d56e0a64ed0af8caf937e00eac47cb270df2917e2d4b939074eaa63ecd7f16d3b70b7e5e57bff75ffbbbf8aae5768dedf3dfd45e3ca1b9caaf7740cc languageName: node linkType: hard