From 4a6d6653cdbad1b329ac29e468f758f9012a6502 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 Feb 2026 06:40:56 +0000 Subject: [PATCH] Bump the github-action-dependencies group across 1 directory with 6 updates Bumps the github-action-dependencies group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/setup-java](https://github.com/actions/setup-java) | `5.0.0` | `5.2.0` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.3.2` | `2.5.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.11.1` | `3.12.0` | | [docker/metadata-action](https://github.com/docker/metadata-action) | `5.8.0` | `5.10.0` | | [docker/login-action](https://github.com/docker/login-action) | `3.5.0` | `3.7.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `6.18.0` | `6.19.2` | Updates `actions/setup-java` from 5.0.0 to 5.2.0 - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](https://github.com/actions/setup-java/compare/v5.0.0...v5.2.0) Updates `softprops/action-gh-release` from 2.3.2 to 2.5.0 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/v2.3.2...v2.5.0) Updates `docker/setup-buildx-action` from 3.11.1 to 3.12.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/v3.11.1...v3.12.0) Updates `docker/metadata-action` from 5.8.0 to 5.10.0 - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](https://github.com/docker/metadata-action/compare/v5.8.0...v5.10.0) Updates `docker/login-action` from 3.5.0 to 3.7.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v3.5.0...v3.7.0) Updates `docker/build-push-action` from 6.18.0 to 6.19.2 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v6.18.0...v6.19.2) --- updated-dependencies: - dependency-name: actions/setup-java dependency-version: 5.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-action-dependencies - dependency-name: softprops/action-gh-release dependency-version: 2.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-action-dependencies - dependency-name: docker/setup-buildx-action dependency-version: 3.12.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-action-dependencies - dependency-name: docker/metadata-action dependency-version: 5.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-action-dependencies - dependency-name: docker/login-action dependency-version: 3.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-action-dependencies - dependency-name: docker/build-push-action dependency-version: 6.19.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-action-dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/build.yml | 4 ++-- .github/workflows/codeql.yml | 2 +- .github/workflows/release.yml | 14 +++++++------- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 64baa9247..8fbe0f00d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -32,7 +32,7 @@ jobs: - name: checkout code uses: actions/checkout@v5.0.0 - name: setup java - uses: actions/setup-java@v5.0.0 + uses: actions/setup-java@v5.2.0 with: distribution: 'temurin' java-version: ${{matrix.jdk}} @@ -58,7 +58,7 @@ jobs: - name: checkout code uses: actions/checkout@v5.0.0 - name: setup java - uses: actions/setup-java@v5.0.0 + uses: actions/setup-java@v5.2.0 with: distribution: 'temurin' java-version: 11 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 679cc193b..e46d2c716 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -21,7 +21,7 @@ jobs: with: languages: 'java' - name: setup java - uses: actions/setup-java@v5.0.0 + uses: actions/setup-java@v5.2.0 with: java-version: '11' java-package: jdk diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b6691acd8..9e489c2d6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -61,7 +61,7 @@ jobs: with: ref: ${{inputs.branch}} - name: setup java - uses: actions/setup-java@v5.0.0 + uses: actions/setup-java@v5.2.0 with: distribution: 'temurin' java-version: '11' @@ -84,17 +84,17 @@ jobs: id: create_release # Allow testing without creating a release if: github.event_name != 'pull_request' && (github.event.ref == 'refs/heads/develop' || startsWith(github.event.ref, 'refs/tags')) - uses: softprops/action-gh-release@v2.3.2 + uses: softprops/action-gh-release@v2.5.0 with: files: cwms-data-api/build/libs/cwms-data-api-${{env.VERSION}}.war tag_name: ${{env.VERSION}} generate_release_notes: true token: ${{ secrets.token != null && secrets.token || secrets.GITHUB_TOKEN }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3.11.1 + uses: docker/setup-buildx-action@v3.12.0 - name: Docker meta id: meta - uses: docker/metadata-action@v5.8.0 + uses: docker/metadata-action@v5.10.0 with: # this is triggered by the schedule so we want to actually use the checked out information # and not the context from the workflow itself. @@ -110,20 +110,20 @@ jobs: type=schedule,pattern=${{inputs.branch}}-{{date 'YYYY.MM.DD-hhmmss'}} - name: Log in to the Container registry id: login-ghcr - uses: docker/login-action@v3.5.0 + uses: docker/login-action@v3.7.0 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.token != null && secrets.token || secrets.GITHUB_TOKEN }} - name: Login to HEC Public Registry - uses: docker/login-action@v3.5.0 + uses: docker/login-action@v3.7.0 id: login-hec with: registry: ${{ secrets.registry != null && secrets.registry ||secrets.HEC_PUB_REGISTRY }} username: ${{ secrets.registry_user != null && secrets.registry_user || secrets.ALT_REG_USER }} password: ${{ secrets.registry_password != null && secrets.registry_password || secrets.ALT_REG_PASSWORD }} - name: Build and push - uses: docker/build-push-action@v6.18.0 + uses: docker/build-push-action@v6.19.2 with: context: "." # This is not conditional on pull_request as we want access to these if we are manually running it.