Skip to content

Commit d3807c2

Browse files
infeoinfeo
committed
Merge branch 'develop' into release/1.7.0
2 parents 354e458 + a79c14f commit d3807c2

File tree

6 files changed

+24
-16
lines changed

6 files changed

+24
-16
lines changed

.github/workflows/build.yml

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -15,8 +15,8 @@ jobs:
1515
id-token: write # Required for the attestations step
1616
attestations: write # Required for the attestations step
1717
steps:
18-
- uses: actions/checkout@v6
19-
- uses: actions/setup-java@v5
18+
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
19+
- uses: actions/setup-java@f2beeb24e141e01a676f977032f5a29d81c9e27e # v5.1.0
2020
with:
2121
distribution: 'temurin'
2222
java-version: ${{ env.JAVA_VERSION }}
@@ -28,12 +28,12 @@ jobs:
2828
run: mvn -B verify --no-transfer-progress
2929
- name: Attest
3030
if: startsWith(github.ref, 'refs/tags/')
31-
uses: actions/attest-build-provenance@v3
31+
uses: actions/attest-build-provenance@00014ed6ed5efc5b1ab7f7f34a39eb55d41aa4f8 # v3.1.0
3232
with:
3333
subject-path: |
3434
target/*.jar
3535
target/*.pom
36-
- uses: actions/upload-artifact@v6
36+
- uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
3737
with:
3838
name: artifacts
3939
path: target/*.jar
@@ -45,8 +45,8 @@ jobs:
4545
needs: [build]
4646
if: github.repository_owner == 'cryptomator' && (startsWith(github.ref, 'refs/tags/') || contains(github.event.head_commit.message, '[deploy]'))
4747
steps:
48-
- uses: actions/checkout@v6
49-
- uses: actions/setup-java@v5
48+
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
49+
- uses: actions/setup-java@f2beeb24e141e01a676f977032f5a29d81c9e27e # v5.1.0
5050
with:
5151
distribution: 'temurin'
5252
java-version: ${{ env.JAVA_VERSION }}
@@ -79,8 +79,8 @@ jobs:
7979
needs: [build]
8080
if: github.repository_owner == 'cryptomator' && (startsWith(github.ref, 'refs/tags/') || contains(github.event.head_commit.message, '[deploy]'))
8181
steps:
82-
- uses: actions/checkout@v6
83-
- uses: actions/setup-java@v5
82+
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
83+
- uses: actions/setup-java@f2beeb24e141e01a676f977032f5a29d81c9e27e # v5.1.0
8484
with:
8585
java-version: ${{ env.JAVA_VERSION }}
8686
distribution: 'temurin'
@@ -110,7 +110,7 @@ jobs:
110110
if: startsWith(github.ref, 'refs/tags/')
111111
steps:
112112
- name: Create Release
113-
uses: softprops/action-gh-release@v2
113+
uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.5.0
114114
with:
115115
prerelease: true
116116
token: ${{ secrets.CRYPTOBOT_RELEASE_TOKEN }}

.github/workflows/codeql-analysis.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -16,19 +16,19 @@ jobs:
1616
# dependeabot has on push events only read-only access, but codeql requires write access
1717
if: ${{ !(github.actor == 'dependabot[bot]' && contains(fromJSON('["push"]'), github.event_name)) }}
1818
steps:
19-
- uses: actions/checkout@v6
19+
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
2020
with:
2121
fetch-depth: 2
22-
- uses: actions/setup-java@v5
22+
- uses: actions/setup-java@f2beeb24e141e01a676f977032f5a29d81c9e27e # v5.1.0
2323
with:
2424
distribution: 'temurin'
2525
java-version: 25
2626
cache: 'maven'
2727
- name: Initialize CodeQL
28-
uses: github/codeql-action/init@v4
28+
uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
2929
with:
3030
languages: java
3131
- name: Build
3232
run: mvn -B test
3333
- name: Perform CodeQL Analysis
34-
uses: github/codeql-action/analyze@v4
34+
uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9

.github/workflows/dependency-check.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ on:
1111

1212
jobs:
1313
check-dependencies:
14-
uses: skymatic/workflows/.github/workflows/run-dependency-check.yml@v3
14+
uses: skymatic/workflows/.github/workflows/run-dependency-check.yml@2d0c27a7b04c605afe1ca85e37c0e86517defcc9 # v3.0.2
1515
with:
1616
runner-os: 'ubuntu-latest'
1717
java-distribution: 'temurin'

.github/workflows/pullrequest.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -16,8 +16,8 @@ jobs:
1616
name: Compile and Test
1717
runs-on: ubuntu-latest
1818
steps:
19-
- uses: actions/checkout@v6
20-
- uses: actions/setup-java@v5
19+
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
20+
- uses: actions/setup-java@f2beeb24e141e01a676f977032f5a29d81c9e27e # v5.1.0
2121
with:
2222
distribution: ${{ env.JAVA_DIST }}
2323
java-version: ${{ env.JAVA_VERSION }}

CHANGELOG.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@ Changes to prior versions can be found on the [Github release page](https://gith
1414

1515
### Changed
1616
* Require JDK 25
17+
* Pin GitHub action versions used in CI ([#132](https://github.com/cryptomator/integrations-linux/pull/132))
1718
* Updated dependency `com.fasterxml.jackson.core:jackson-databind` from 2.20.0 to 2.20.1
1819

1920
## [1.6.1](https://github.com/cryptomator/integrations-linux/releases/tag/1.6.1) - 2025-09-17

suppression.xml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,10 @@
11
<?xml version="1.0" encoding="UTF-8"?>
22
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
3+
<suppress>
4+
<notes><![CDATA[
5+
file name: flatpak-update-portal-1.1.0.jar
6+
]]></notes>
7+
<packageUrl regex="true">^pkg:maven/org\.purejava/flatpak-update-portal@.*$</packageUrl>
8+
<cpe>cpe:/a:flatpak:flatpak</cpe>
9+
</suppress>
310
</suppressions>

0 commit comments

Comments
 (0)