From eae7156c56ac22103f6790f4cf952f3a8196166d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 30 Jun 2023 09:32:34 -0400 Subject: [PATCH 1/3] Bump ossf/scorecard-action from 2.1.3 to 2.2.0 (#403) Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.3 to 2.2.0. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/80e868c13c90f172d68d1f4501dee99e2479f7af...08b4669551908b1024bb425080c797723083c031) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/scorecards-analysis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml index 975383a92b..09795bcfce 100644 --- a/.github/workflows/scorecards-analysis.yml +++ b/.github/workflows/scorecards-analysis.yml @@ -45,7 +45,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@80e868c13c90f172d68d1f4501dee99e2479f7af # 2.1.3 + uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # 2.2.0 with: results_file: results.sarif results_format: sarif From f52319a39b3830c0f3e1e0a339f6211444b666d6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 30 Jun 2023 09:33:09 -0400 Subject: [PATCH 2/3] Bump guava-testlib from 32.0.1-jre to 32.1.0-jre (#404) Bumps [guava-testlib](https://github.com/google/guava) from 32.0.1-jre to 32.1.0-jre. - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) --- updated-dependencies: - dependency-name: com.google.guava:guava-testlib dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 4515b5967b..e971e22ddf 100644 --- a/pom.xml +++ b/pom.xml @@ -512,7 +512,7 @@ com.google.guava guava-testlib - 32.0.1-jre + 32.1.0-jre test From 3a4e2ec3ed295514067f8e2ea82aff8ce7e69c1b Mon Sep 17 00:00:00 2001 From: Gary Gregory Date: Fri, 30 Jun 2023 09:35:47 -0400 Subject: [PATCH 3/3] Bump guava-testlib from 32.0.1-jre to 32.1.0-jre #404 --- src/changes/changes.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/changes/changes.xml b/src/changes/changes.xml index fc9df8603a..f775c14255 100644 --- a/src/changes/changes.xml +++ b/src/changes/changes.xml @@ -356,7 +356,7 @@ Bump pmd from 6.46.0 to 6.52.0 #318, #327, #333, #347. - Bump guava-testlib from 31.1-jre to 32.0.1-jre #394, #395. + Bump guava-testlib from 31.1-jre to 32.1.0-jre #394, #395, #404.