diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 86d2e1e1b633..4bf5250878f8 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -63,7 +63,7 @@ jobs: cache-read-only: ${{ github.event_name == 'pull_request' }} - name: Initialize CodeQL - uses: github/codeql-action/init@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6 + uses: github/codeql-action/init@755f44910c12a3d7ca0d8c6e42c048b3362f7cec # v3.30.8 with: languages: ${{ matrix.language }} # using "linked" helps to keep up with the linked Kotlin support @@ -84,6 +84,6 @@ jobs: --no-build-cache --no-daemon - name: Perform CodeQL analysis - uses: github/codeql-action/analyze@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6 + uses: github/codeql-action/analyze@755f44910c12a3d7ca0d8c6e42c048b3362f7cec # v3.30.8 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 70fb3b9a3e3f..c3cc0624c45b 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -19,4 +19,4 @@ jobs: - name: 'Checkout Repository' uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: 'Dependency Review' - uses: actions/dependency-review-action@56339e523c0409420f6c2c9a2f4292bbb3c07dd3 # v4.8.0 + uses: actions/dependency-review-action@40c09b7dc99638e5ddb0bfd91c1673effc064d8a # v4.8.1 diff --git a/.github/workflows/ossf-scorecard.yml b/.github/workflows/ossf-scorecard.yml index f34bc4899356..e99a4c1e0aed 100644 --- a/.github/workflows/ossf-scorecard.yml +++ b/.github/workflows/ossf-scorecard.yml @@ -42,6 +42,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.30.6 + uses: github/codeql-action/upload-sarif@755f44910c12a3d7ca0d8c6e42c048b3362f7cec # v3.30.8 with: sarif_file: results.sarif diff --git a/benchmark-overhead/Dockerfile.petclinic b/benchmark-overhead/Dockerfile.petclinic index 470b1a895ce5..b59226ad4acc 100644 --- a/benchmark-overhead/Dockerfile.petclinic +++ b/benchmark-overhead/Dockerfile.petclinic @@ -1,4 +1,4 @@ -FROM eclipse-temurin:11.0.28_6-jdk@sha256:f6eb706417f377c64613258e3c6389e28da6dca2f5bf40274726acc7efc09dc6 as app-build +FROM eclipse-temurin:11.0.28_6-jdk@sha256:28d7b8bf8420d0a6fcb5eb5c0fbe0cb51e8a71635c2eabbba1b13fcd83c63ac7 as app-build # This is the base image that will contain a built version of the spring-petclinic-rest # application. Installing the dependencies and maven compiling the application is time diff --git a/smoke-tests/images/early-jdk8/Dockerfile b/smoke-tests/images/early-jdk8/Dockerfile index 6a242ed29497..4b1424408d63 100644 --- a/smoke-tests/images/early-jdk8/Dockerfile +++ b/smoke-tests/images/early-jdk8/Dockerfile @@ -1,5 +1,5 @@ # https://github.com/zulu-openjdk/zulu-openjdk/blob/master/ubuntu/8u412-8.78/Dockerfile -FROM ubuntu:noble-20250925@sha256:728785b59223d755e3e5c5af178fab1be7031f3522c5ccd7a0b32b80d8248123 +FROM ubuntu:noble-20251001@sha256:c088e23bdf7b8b339bd38150d130d17e5f6ee016f3c422755bdb1da919c2ff32 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8'