diff --git a/.github/workflows/pr-build.yml b/.github/workflows/pr-build.yml index 5af5ff0..26e6a57 100644 --- a/.github/workflows/pr-build.yml +++ b/.github/workflows/pr-build.yml @@ -9,11 +9,11 @@ on: jobs: build: - runs-on: ubuntu-22.04 + runs-on: ubuntu-24.04 steps: # Set fetch-depth: 0 to fetch commit history and tags for use in version calculation - name: Check out code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: ref: ${{github.event.pull_request.head.ref}} repository: ${{github.event.pull_request.head.repo.full_name}} @@ -24,7 +24,9 @@ jobs: with: args: build dependency-check: - runs-on: ubuntu-22.04 + runs-on: ubuntu-24.04 steps: - name: Dependency Check - uses: hypertrace/github-actions/dependency-check@main \ No newline at end of file + uses: hypertrace/github-actions/dependency-check@main + with: + nvd-api-key: ${{ secrets.NVD_API_KEY }} \ No newline at end of file diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 079bc0a..f6a5dab 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -8,11 +8,11 @@ on: jobs: publish-artifacts: - runs-on: ubuntu-22.04 + runs-on: ubuntu-24.04 steps: # Set fetch-depth: 0 to fetch commit history and tags for use in version calculation - name: Check out code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 @@ -21,6 +21,6 @@ jobs: with: args: publish env: - ORG_GRADLE_PROJECT_artifactory_contextUrl: ${{ secrets.ARTIFACTORY_CONTEXT_URL }} - ORG_GRADLE_PROJECT_artifactory_user: ${{ secrets.ARTIFACTORY_PUBLISH_USER }} - ORG_GRADLE_PROJECT_artifactory_password: ${{ secrets.ARTIFACTORY_PUBLISH_TOKEN }} + ORG_GRADLE_PROJECT_maven_repo_url: ${{ secrets.HAR_REPO_URL }} + ORG_GRADLE_PROJECT_maven_user: ${{ secrets.HAR_PUBLISH_USER }} + ORG_GRADLE_PROJECT_maven_password: ${{ secrets.HAR_PUBLISH_TOKEN }} diff --git a/build.gradle.kts b/build.gradle.kts index 41eb3f0..5d8ea55 100644 --- a/build.gradle.kts +++ b/build.gradle.kts @@ -2,10 +2,10 @@ import org.hypertrace.gradle.publishing.License.APACHE_2_0 plugins { `java-gradle-plugin` - id("org.hypertrace.repository-plugin") version "0.4.0" - id("org.hypertrace.ci-utils-plugin") version "0.3.0" - id("org.hypertrace.publish-plugin") version "1.0.4" - id("org.owasp.dependencycheck") version "8.4.0" + id("org.hypertrace.repository-plugin") version "0.5.0" + id("org.hypertrace.ci-utils-plugin") version "0.4.0" + id("org.hypertrace.publish-plugin") version "1.1.1" + id("org.owasp.dependencycheck") version "12.1.0" } group = "org.hypertrace.gradle.code.style" @@ -16,11 +16,9 @@ java { } dependencies { - api("com.diffplug.spotless:spotless-plugin-gradle:6.25.0") + api("com.diffplug.spotless:spotless-plugin-gradle:7.0.4") constraints { - implementation("com.squareup.okio:okio:3.4.0") - implementation("org.eclipse.jgit:org.eclipse.jgit:6.8.0.202311291450-r") - implementation("org.eclipse.platform:org.eclipse.osgi:3.18.500") + implementation("org.eclipse.jgit:org.eclipse.jgit:7.3.0.202506031305-r") } } diff --git a/owasp-suppressions.xml b/owasp-suppressions.xml index e7982a5..5b627f9 100644 --- a/owasp-suppressions.xml +++ b/owasp-suppressions.xml @@ -1,7 +1,8 @@ - - ^pkg:maven/org\.eclipse\.platform/org\.eclipse\.osgi@.*$ - cpe:/a:eclipse:equinox - + + ^pkg:maven/org\.eclipse\.platform/org\.eclipse\.osgi@.*$ + cpe:/a:eclipse:equinox + cpe:/a:eclipse:platform + \ No newline at end of file diff --git a/settings.gradle.kts b/settings.gradle.kts index ed9cf96..38929fe 100644 --- a/settings.gradle.kts +++ b/settings.gradle.kts @@ -2,14 +2,12 @@ pluginManagement { repositories { mavenLocal() gradlePluginPortal() - maven { - url = uri("https://hypertrace.jfrog.io/artifactory/maven") - } + maven("https://us-maven.pkg.dev/hypertrace-repos/maven") } } plugins { - id("org.hypertrace.version-settings") version "0.2.0" + id("org.hypertrace.version-settings") version "0.3.0" } rootProject.name = "hypertrace-gradle-code-style-plugin" \ No newline at end of file