From 03c6709281e30759eed93ae25d26d5c14919a2c1 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 17 Nov 2025 00:29:07 +0000 Subject: [PATCH] chore(deps): update weekly update --- .github/workflows/codeql.yml | 4 ++-- .github/workflows/dependency-review.yml | 2 +- .github/workflows/ossf-scorecard.yml | 2 +- .github/workflows/reusable-link-check.yml | 2 +- benchmark-overhead/Dockerfile.petclinic | 2 +- smoke-tests/images/early-jdk8/Dockerfile | 2 +- .../images/fake-backend/src/docker/backend/windows.dockerfile | 2 +- smoke-tests/images/servlet/src/jetty.windows.dockerfile | 2 +- smoke-tests/images/servlet/src/liberty.windows.dockerfile | 2 +- smoke-tests/images/servlet/src/payara.windows.dockerfile | 2 +- smoke-tests/images/servlet/src/tomcat.windows.dockerfile | 2 +- smoke-tests/images/servlet/src/tomee.windows.dockerfile | 2 +- smoke-tests/images/servlet/src/wildfly.windows.dockerfile | 2 +- 13 files changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 6a920ced7447..efa2ce923c19 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -63,7 +63,7 @@ jobs: cache-read-only: ${{ github.event_name == 'pull_request' }} - name: Initialize CodeQL - uses: github/codeql-action/init@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 + uses: github/codeql-action/init@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 with: languages: ${{ matrix.language }} # using "linked" helps to keep up with the linked Kotlin support @@ -84,6 +84,6 @@ jobs: --no-build-cache --no-daemon - name: Perform CodeQL analysis - uses: github/codeql-action/analyze@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 + uses: github/codeql-action/analyze@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index c3cc0624c45b..dadc6fd4370f 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -19,4 +19,4 @@ jobs: - name: 'Checkout Repository' uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: 'Dependency Review' - uses: actions/dependency-review-action@40c09b7dc99638e5ddb0bfd91c1673effc064d8a # v4.8.1 + uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # v4.8.2 diff --git a/.github/workflows/ossf-scorecard.yml b/.github/workflows/ossf-scorecard.yml index 3074fdb6eddf..230f84dea2f5 100644 --- a/.github/workflows/ossf-scorecard.yml +++ b/.github/workflows/ossf-scorecard.yml @@ -43,6 +43,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v4.31.2 + uses: github/codeql-action/upload-sarif@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 with: sarif_file: results.sarif diff --git a/.github/workflows/reusable-link-check.yml b/.github/workflows/reusable-link-check.yml index 9f2aed221616..75d4ebeeda18 100644 --- a/.github/workflows/reusable-link-check.yml +++ b/.github/workflows/reusable-link-check.yml @@ -14,7 +14,7 @@ jobs: with: fetch-depth: 0 # needed for merge-base used in lint:links-in-modified-files - - uses: jdx/mise-action@be3be2260bc02bc3fbf94c5e2fed8b7964baf074 # v3.4.0 + - uses: jdx/mise-action@9dc7d5dd454262207dea3ab5a06a3df6afc8ff26 # v3.4.1 - name: Link check - relative links (all files) if: github.event_name == 'pull_request' diff --git a/benchmark-overhead/Dockerfile.petclinic b/benchmark-overhead/Dockerfile.petclinic index 0ced48bea4c5..d69e561ba2a6 100644 --- a/benchmark-overhead/Dockerfile.petclinic +++ b/benchmark-overhead/Dockerfile.petclinic @@ -1,4 +1,4 @@ -FROM eclipse-temurin:11.0.29_7-jdk@sha256:7a7110c39048dcdea4dec1629503459ef6d428a60aeede5a0dda102bf0f29173 as app-build +FROM eclipse-temurin:11.0.29_7-jdk@sha256:189ce1c8831fa5bdd801127dad99f68a17615f81f4aa839b1a4aae693261929a as app-build # This is the base image that will contain a built version of the spring-petclinic-rest # application. Installing the dependencies and maven compiling the application is time diff --git a/smoke-tests/images/early-jdk8/Dockerfile b/smoke-tests/images/early-jdk8/Dockerfile index 7bcc65fa8e65..0f1d04279063 100644 --- a/smoke-tests/images/early-jdk8/Dockerfile +++ b/smoke-tests/images/early-jdk8/Dockerfile @@ -1,5 +1,5 @@ # https://github.com/zulu-openjdk/zulu-openjdk/blob/master/ubuntu/8u412-8.78/Dockerfile -FROM ubuntu:noble-20251001@sha256:66460d557b25769b102175144d538d88219c077c678a49af4afca6fbfc1b5252 +FROM ubuntu:noble-20251013@sha256:c35e29c9450151419d9448b0fd75374fec4fff364a27f176fb458d472dfc9e54 ENV LANG='en_US.UTF-8' LANGUAGE='en_US:en' LC_ALL='en_US.UTF-8' diff --git a/smoke-tests/images/fake-backend/src/docker/backend/windows.dockerfile b/smoke-tests/images/fake-backend/src/docker/backend/windows.dockerfile index f6b620fdf8c6..7d1d286c6083 100644 --- a/smoke-tests/images/fake-backend/src/docker/backend/windows.dockerfile +++ b/smoke-tests/images/fake-backend/src/docker/backend/windows.dockerfile @@ -1,3 +1,3 @@ -FROM eclipse-temurin:21.0.9_10-jdk-windowsservercore-ltsc2022@sha256:a8d16dafa7d7976a7c0b723ab1b3d0a27d7024dcb9f4cd543591a5d66a62fecb +FROM eclipse-temurin:21.0.9_10-jdk-windowsservercore-ltsc2022@sha256:45a3d356d018942a497b877633f19db401828ecb2a1de3cda635b98d08bfbaeb COPY fake-backend.jar /fake-backend.jar CMD ["java", "-jar", "/fake-backend.jar"] diff --git a/smoke-tests/images/servlet/src/jetty.windows.dockerfile b/smoke-tests/images/servlet/src/jetty.windows.dockerfile index 2963f16fe64d..6b94ad9ae625 100644 --- a/smoke-tests/images/servlet/src/jetty.windows.dockerfile +++ b/smoke-tests/images/servlet/src/jetty.windows.dockerfile @@ -1,7 +1,7 @@ ARG jdkImage # Unzip in a separate container so that zip file layer is not part of final image -FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:f51004008a2017ce3905fe7e1985d5aff62e596c4ab4111caad6d3cf33aa5cf1 as builder +FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:3a2a2fdfbae2f720f6fe26f2d7680146712ce330f605b02a61d624889735c72e as builder ARG sourceVersion ADD https://repo1.maven.org/maven2/org/eclipse/jetty/jetty-home/${sourceVersion}/jetty-home-${sourceVersion}.zip /server.zip diff --git a/smoke-tests/images/servlet/src/liberty.windows.dockerfile b/smoke-tests/images/servlet/src/liberty.windows.dockerfile index 38ca6b8addeb..5e1d8326ee82 100644 --- a/smoke-tests/images/servlet/src/liberty.windows.dockerfile +++ b/smoke-tests/images/servlet/src/liberty.windows.dockerfile @@ -1,7 +1,7 @@ ARG jdkImage # Unzip in a separate container so that zip file layer is not part of final image -FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:f51004008a2017ce3905fe7e1985d5aff62e596c4ab4111caad6d3cf33aa5cf1 as builder +FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:3a2a2fdfbae2f720f6fe26f2d7680146712ce330f605b02a61d624889735c72e as builder ARG version ARG release diff --git a/smoke-tests/images/servlet/src/payara.windows.dockerfile b/smoke-tests/images/servlet/src/payara.windows.dockerfile index acb71ed5dc5d..2d967bf3c463 100644 --- a/smoke-tests/images/servlet/src/payara.windows.dockerfile +++ b/smoke-tests/images/servlet/src/payara.windows.dockerfile @@ -1,7 +1,7 @@ ARG jdkImage # Unzip in a separate container so that zip file layer is not part of final image -FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:f51004008a2017ce3905fe7e1985d5aff62e596c4ab4111caad6d3cf33aa5cf1 as builder +FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:3a2a2fdfbae2f720f6fe26f2d7680146712ce330f605b02a61d624889735c72e as builder ARG version ADD https://nexus.payara.fish/repository/payara-community/fish/payara/distributions/payara/${version}/payara-${version}.zip /server.zip diff --git a/smoke-tests/images/servlet/src/tomcat.windows.dockerfile b/smoke-tests/images/servlet/src/tomcat.windows.dockerfile index 3823418c5625..7c253c1280c8 100644 --- a/smoke-tests/images/servlet/src/tomcat.windows.dockerfile +++ b/smoke-tests/images/servlet/src/tomcat.windows.dockerfile @@ -1,7 +1,7 @@ ARG jdkImage # Unzip in a separate container so that zip file layer is not part of final image -FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:f51004008a2017ce3905fe7e1985d5aff62e596c4ab4111caad6d3cf33aa5cf1 as builder +FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:3a2a2fdfbae2f720f6fe26f2d7680146712ce330f605b02a61d624889735c72e as builder ARG majorVersion ARG version diff --git a/smoke-tests/images/servlet/src/tomee.windows.dockerfile b/smoke-tests/images/servlet/src/tomee.windows.dockerfile index a665045ebf14..e1cf812a39f0 100644 --- a/smoke-tests/images/servlet/src/tomee.windows.dockerfile +++ b/smoke-tests/images/servlet/src/tomee.windows.dockerfile @@ -1,7 +1,7 @@ ARG jdkImage # Unzip in a separate container so that zip file layer is not part of final image -FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:f51004008a2017ce3905fe7e1985d5aff62e596c4ab4111caad6d3cf33aa5cf1 as builder +FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:3a2a2fdfbae2f720f6fe26f2d7680146712ce330f605b02a61d624889735c72e as builder ARG version ADD https://archive.apache.org/dist/tomee/tomee-${version}/apache-tomee-${version}-webprofile.zip /server.zip diff --git a/smoke-tests/images/servlet/src/wildfly.windows.dockerfile b/smoke-tests/images/servlet/src/wildfly.windows.dockerfile index 369f49cacf22..d95b17981969 100644 --- a/smoke-tests/images/servlet/src/wildfly.windows.dockerfile +++ b/smoke-tests/images/servlet/src/wildfly.windows.dockerfile @@ -1,7 +1,7 @@ ARG jdkImage # Unzip in a separate container so that zip file layer is not part of final image -FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:f51004008a2017ce3905fe7e1985d5aff62e596c4ab4111caad6d3cf33aa5cf1 as builder +FROM mcr.microsoft.com/windows/servercore:ltsc2022@sha256:3a2a2fdfbae2f720f6fe26f2d7680146712ce330f605b02a61d624889735c72e as builder ARG version ARG baseDownloadUrl