From 0a945a22aa19251e6298c48d5158bda6e6bf451b Mon Sep 17 00:00:00 2001 From: Yuta Kasai Date: Wed, 26 Mar 2025 22:17:47 +0900 Subject: [PATCH 1/9] NO-ISSUE Grant minimum permission for check-eol-newrelease --- .github/workflows/check-eol-newrelease.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/check-eol-newrelease.yml b/.github/workflows/check-eol-newrelease.yml index 6c179faac..64e17821a 100644 --- a/.github/workflows/check-eol-newrelease.yml +++ b/.github/workflows/check-eol-newrelease.yml @@ -9,6 +9,9 @@ on: jobs: check-eol-newrelease: runs-on: ubuntu-latest + permissions: + contents: read + issues: write steps: - name: Check out code uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 From a51c491f86c82ee611d9a7e4e3bdfdaf7932b699 Mon Sep 17 00:00:00 2001 From: Yuta Kasai Date: Wed, 26 Mar 2025 22:18:13 +0900 Subject: [PATCH 2/9] NO-ISSUE test(should be reverted) --- .github/workflows/check-eol-newrelease.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/check-eol-newrelease.yml b/.github/workflows/check-eol-newrelease.yml index 64e17821a..1f821858c 100644 --- a/.github/workflows/check-eol-newrelease.yml +++ b/.github/workflows/check-eol-newrelease.yml @@ -25,8 +25,8 @@ jobs: languageName: 'Java', eolJsonUrl: 'https://endoflife.date/api/eclipse-temurin.json', eolViewUrl: 'https://endoflife.date/eclipse-temurin', - eolLookbackDays: 100, - newReleaseThresholdDays: 100, + eolLookbackDays: 1000, + newReleaseThresholdDays: 1000, ltsOnly: true, retryCount: 3, retryIntervalSec: 30 From 8eed9dbf94e773d426bc4312feb06a6736505b22 Mon Sep 17 00:00:00 2001 From: Yuta Kasai Date: Wed, 26 Mar 2025 22:21:15 +0900 Subject: [PATCH 3/9] NO-ISSUE Revert "NO-ISSUE test(should be reverted)" This reverts commit a51c491f86c82ee611d9a7e4e3bdfdaf7932b699. --- .github/workflows/check-eol-newrelease.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/check-eol-newrelease.yml b/.github/workflows/check-eol-newrelease.yml index 1f821858c..64e17821a 100644 --- a/.github/workflows/check-eol-newrelease.yml +++ b/.github/workflows/check-eol-newrelease.yml @@ -25,8 +25,8 @@ jobs: languageName: 'Java', eolJsonUrl: 'https://endoflife.date/api/eclipse-temurin.json', eolViewUrl: 'https://endoflife.date/eclipse-temurin', - eolLookbackDays: 1000, - newReleaseThresholdDays: 1000, + eolLookbackDays: 100, + newReleaseThresholdDays: 100, ltsOnly: true, retryCount: 3, retryIntervalSec: 30 From e38ffcf75669c63c44cc672cba3ca31074674b06 Mon Sep 17 00:00:00 2001 From: Yuta Kasai Date: Wed, 26 Mar 2025 22:38:13 +0900 Subject: [PATCH 4/9] NO-ISSUE Grant minimum permission for create-draft-release --- .github/workflows/create-draft-release.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/create-draft-release.yml b/.github/workflows/create-draft-release.yml index 75165a83b..5d4aebf4f 100644 --- a/.github/workflows/create-draft-release.yml +++ b/.github/workflows/create-draft-release.yml @@ -26,6 +26,7 @@ on: jobs: validate-input: runs-on: ubuntu-latest + permissions: {} steps: - name: Validate Acknowledgement if: ${{ github.event.inputs.acknowledge_draft != 'Yes' }} @@ -41,7 +42,8 @@ jobs: create-draft-release: runs-on: ubuntu-latest needs: validate-input - + permissions: + contents: write steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Fetch Latest Release From 7b13ed43720513b4f819727ea25f7c90ae782d37 Mon Sep 17 00:00:00 2001 From: Yuta Kasai Date: Wed, 26 Mar 2025 22:48:13 +0900 Subject: [PATCH 5/9] NO-ISSUE Grant minimum permission for generate-code --- .github/workflows/generate-code.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/generate-code.yml b/.github/workflows/generate-code.yml index 4df341193..7ed4d9eaa 100644 --- a/.github/workflows/generate-code.yml +++ b/.github/workflows/generate-code.yml @@ -10,7 +10,9 @@ on: jobs: build: runs-on: ubuntu-latest - + permissions: + contents: write + pull-requests: write steps: - name: Setup uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 From e4eb2c1e9a1b99b1d9d8ce8d3c3c02778d75b2d7 Mon Sep 17 00:00:00 2001 From: Yuta Kasai Date: Wed, 26 Mar 2025 22:52:09 +0900 Subject: [PATCH 6/9] NO-ISSUE Grant minimum permission for test --- .github/workflows/gradle.yml | 2 ++ .github/workflows/pom-validation.yml | 2 ++ 2 files changed, 4 insertions(+) diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml index bd7e9d607..e24c76512 100644 --- a/.github/workflows/gradle.yml +++ b/.github/workflows/gradle.yml @@ -19,6 +19,8 @@ jobs: name: test (JDK ${{ matrix.java }}) runs-on: ubuntu-latest timeout-minutes: 30 + permissions: + contents: read strategy: fail-fast: false matrix: diff --git a/.github/workflows/pom-validation.yml b/.github/workflows/pom-validation.yml index 7f38438b3..25e74f652 100644 --- a/.github/workflows/pom-validation.yml +++ b/.github/workflows/pom-validation.yml @@ -5,6 +5,8 @@ jobs: name: test (JDK ${{ matrix.java }}) runs-on: ubuntu-latest timeout-minutes: 10 + permissions: + contents: read strategy: fail-fast: false matrix: From bd1155ab19d86a83629251ab65f8e4e67744fb52 Mon Sep 17 00:00:00 2001 From: Yuta Kasai Date: Wed, 26 Mar 2025 22:55:43 +0900 Subject: [PATCH 7/9] NO-ISSUE Grant minimum permission for publish --- .github/workflows/publish.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 4f4a7bc2b..fd42bd13e 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -12,6 +12,9 @@ on: jobs: publish: runs-on: ubuntu-latest + permissions: + contents: read + issues: write steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: From 87e0997f17e83ef2f6012005f956b526e2eb2965 Mon Sep 17 00:00:00 2001 From: Yuta Kasai Date: Wed, 26 Mar 2025 23:26:51 +0900 Subject: [PATCH 8/9] NO-ISSUE update line-openapi --- line-openapi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/line-openapi b/line-openapi index 9dec0f842..cc542e3cf 160000 --- a/line-openapi +++ b/line-openapi @@ -1 +1 @@ -Subproject commit 9dec0f8428ed1f422e718ed4e51b917d92fb9046 +Subproject commit cc542e3cf99e2f0be68507ef5d5fde47d9fae5f9 From a3e5826d23562245097e03400e940f81367db2cc Mon Sep 17 00:00:00 2001 From: Yuta Kasai Date: Thu, 27 Mar 2025 08:44:33 +0900 Subject: [PATCH 9/9] NO-ISSUE Run cronjob only in original repo --- .github/workflows/check-eol-newrelease.yml | 1 + .github/workflows/close-issue.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/check-eol-newrelease.yml b/.github/workflows/check-eol-newrelease.yml index 64e17821a..568751951 100644 --- a/.github/workflows/check-eol-newrelease.yml +++ b/.github/workflows/check-eol-newrelease.yml @@ -12,6 +12,7 @@ jobs: permissions: contents: read issues: write + if: github.repository == 'line/line-bot-sdk-java' steps: - name: Check out code uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 diff --git a/.github/workflows/close-issue.yml b/.github/workflows/close-issue.yml index 31e4ad3a3..62a119848 100644 --- a/.github/workflows/close-issue.yml +++ b/.github/workflows/close-issue.yml @@ -11,6 +11,7 @@ jobs: permissions: issues: write pull-requests: write + if: github.repository == 'line/line-bot-sdk-java' steps: - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # v9.1.0 with: