[GH] (commons-digester): Workflow run "Scorecards supply-chain security" failed!
The GitHub Actions job "Scorecards supply-chain security" on commons-digester.git has failed. Run started by GitHub user asfgit (triggered by asfgit). Head commit for run: 5ae9b66cf06bebecb2f085f036674d2ac4fee02a / Gary Gregory Merge pull request #97 from apache/dependabot/github_actions/github/codeql-action-2.21.9 Bump github/codeql-action from 2.21.8 to 2.21.9 Report URL: https://github.com/apache/commons-digester/actions/runs/6438232648 With regards, GitHub Actions via GitBox
Re: [PR] Bump ossf/scorecard-action from 2.2.0 to 2.3.0 [commons-beanutils]
codecov-commenter commented on PR #187: URL: https://github.com/apache/commons-beanutils/pull/187#issuecomment-1751504443 ## [Codecov](https://app.codecov.io/gh/apache/commons-beanutils/pull/187?src=pr=h1_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) Report > Merging [#187](https://app.codecov.io/gh/apache/commons-beanutils/pull/187?src=pr=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) (773342a) into [master](https://app.codecov.io/gh/apache/commons-beanutils/commit/f0e900be7377c9ecb973e6a30c0f94cef692abb7?el=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) (f0e900b) will **not change** coverage. > The diff coverage is `n/a`. ```diff @@Coverage Diff@@ ## master #187 +/- ## = Coverage 65.08% 65.08% Complexity 1485 1485 = Files 105 105 Lines 5505 5505 Branches 1068 1068 = Hits 3583 3583 Misses 1466 1466 Partials456 456 ``` :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump ossf/scorecard-action from 2.2.0 to 2.3.0 [commons-beanutils]
dependabot[bot] opened a new pull request, #187: URL: https://github.com/apache/commons-beanutils/pull/187 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.2.0 to 2.3.0. Release notes Sourced from https://github.com/ossf/scorecard-action/releases;>ossf/scorecard-action's releases. v2.3.0 What's Changed :seedling: Bump github.com/ossf/scorecard/v4 from v4.11.0 to v4.13.0 by https://github.com/spencerschrock;>@spencerschrock in https://redirect.github.com/ossf/scorecard-action/pull/1270;>ossf/scorecard-action#1270 For a full changelist of what this includes, see the https://github.com/ossf/scorecard/releases/tag/v4.12.0;>v4.12.0 and https://github.com/ossf/scorecard/releases/tag/v4.13.0;>v4.13.0 release notes :sparkles: Send rekor tlog index to webapp when publishing results by https://github.com/spencerschrock;>@spencerschrock in https://redirect.github.com/ossf/scorecard-action/pull/1169;>ossf/scorecard-action#1169 :bug: Prevent url clipping for GHES instances by https://github.com/rajbos;>@rajbos in https://redirect.github.com/ossf/scorecard-action/pull/1225;>ossf/scorecard-action#1225 Documentation :book: Update access rights needed to see the results in code scanning by https://github.com/rajbos;>@rajbos in https://redirect.github.com/ossf/scorecard-action/pull/1229;>ossf/scorecard-action#1229 :book: Add package comments. by https://github.com/spencerschrock;>@spencerschrock in https://redirect.github.com/ossf/scorecard-action/pull/1221;>ossf/scorecard-action#1221 :book: Add SECURITY.md file by https://github.com/david-a-wheeler;>@david-a-wheeler in https://redirect.github.com/ossf/scorecard-action/pull/1250;>ossf/scorecard-action#1250 :book: Fix typo in token input docs by https://github.com/aabouzaid;>@aabouzaid in https://redirect.github.com/ossf/scorecard-action/pull/1258;>ossf/scorecard-action#1258 New Contributors https://github.com/david-a-wheeler;>@david-a-wheeler made their first contribution in https://redirect.github.com/ossf/scorecard-action/pull/1250;>ossf/scorecard-action#1250 https://github.com/aabouzaid;>@aabouzaid made their first contribution in https://redirect.github.com/ossf/scorecard-action/pull/1258;>ossf/scorecard-action#1258 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.2.0...v2.3.0;>https://github.com/ossf/scorecard-action/compare/v2.2.0...v2.3.0 Commits https://github.com/ossf/scorecard-action/commit/483ef80eb98fb506c348f7d62e28055e49fe2398;>483ef80 :seedling: Bump docker tag for v2.3.0 release. (https://redirect.github.com/ossf/scorecard-action/issues/1271;>#1271) https://github.com/ossf/scorecard-action/commit/5d3591303ed947eee0d7a421fcdda0e039ddf8e1;>5d35913 :seedling: Bump github.com/ossf/scorecard/v4 from v4.11.0 to v4.13.0 (https://redirect.github.com/ossf/scorecard-action/issues/1270;>#1270) https://github.com/ossf/scorecard-action/commit/49787a6922d868dab142da9d87a1d8b3b3922046;>49787a6 :seedling: Bump distroless/base from 46c5b9b to a35b652 (https://redirect.github.com/ossf/scorecard-action/issues/1269;>#1269) https://github.com/ossf/scorecard-action/commit/4283c75015ea78a15ba7caf13d686b136db16b0a;>4283c75 :seedling: Bump github/codeql-action from 2.21.8 to 2.21.9 (https://redirect.github.com/ossf/scorecard-action/issues/1268;>#1268) https://github.com/ossf/scorecard-action/commit/709ecd0815982a217ee06fc6ee71f698dc20f14c;>709ecd0 :seedling: Bump golang from 6974950 to c416cee (https://redirect.github.com/ossf/scorecard-action/issues/1266;>#1266) https://github.com/ossf/scorecard-action/commit/25bb02cd479310452820e62d96669712a90684ba;>25bb02c :seedling: Bump actions/checkout from 4.0.0 to 4.1.0 (https://redirect.github.com/ossf/scorecard-action/issues/1267;>#1267) https://github.com/ossf/scorecard-action/commit/b687393d2370bdf6d960ea972ff690c9ed797189;>b687393 :seedling: Bump github/codeql-action from 2.21.5 to 2.21.8 (https://redirect.github.com/ossf/scorecard-action/issues/1265;>#1265) https://github.com/ossf/scorecard-action/commit/6a1c21f537e92adea170a26dd3a42d38f93f1e2f;>6a1c21f :seedling: Bump golang from cffaba7 to 6974950 (https://redirect.github.com/ossf/scorecard-action/issues/1264;>#1264) https://github.com/ossf/scorecard-action/commit/2dee8c185ea0de807198c818714b6f3436856709;>2dee8c1 :seedling: Bump github.com/sigstore/cosign/v2 from 2.1.1 to 2.2.0 (https://redirect.github.com/ossf/scorecard-action/issues/1254;>#1254) https://github.com/ossf/scorecard-action/commit/e79dcb6112482815fc9ea2d659f49eb15403c373;>e79dcb6 :seedling: Upgrade to go 1.20 (https://redirect.github.com/ossf/scorecard-action/issues/1262;>#1262) Additional commits viewable in https://github.com/ossf/scorecard-action/compare/08b4669551908b1024bb425080c797723083c031...483ef80eb98fb506c348f7d62e28055e49fe2398;>compare view
[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-validator]
dependabot[bot] opened a new pull request, #160: URL: https://github.com/apache/commons-validator/pull/160 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.0. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases;>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] No user facing changes. 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907;>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/;>CodeQL code scanning deprecates ML-powered alerts. https://redirect.github.com/github/codeql-action/pull/1910;>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909;>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897;>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889;>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903;>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901;>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884;>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883;>#1883 2.21.7 - 14 Sep 2023 Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882 2.21.6 - 13 Sep 2023 Better error message when there is a failure to determine the merge base of the code to analysis. https://redirect.github.com/github/codeql-action/pull/1860;>#1860 Improve the calculation of default amount of RAM used for query execution on GitHub Enterprise Server. This now reduces in proportion to the runner's total memory to better account for system memory usage, helping to avoid out-of-memory failures on larger runners. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1866;>#1866 Enable improved file coverage information for GitHub Enterprise Server users. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1867;>#1867 Update default CodeQL bundle version to 2.14.4. https://redirect.github.com/github/codeql-action/pull/1873;>#1873 2.21.5 - 28 Aug 2023 Update default CodeQL bundle version to 2.14.3. https://redirect.github.com/github/codeql-action/pull/1845;>#1845 Fixed a bug in CodeQL Action 2.21.3 onwards that affected beta support for https://projectlombok.org/;>Project Lombok when analyzing Java. The environment variable CODEQL_EXTRACTOR_JAVA_RUN_ANNOTATION_PROCESSORS will now be respected if it was manually configured in the workflow. https://redirect.github.com/github/codeql-action/pull/1844;>#1844 Enable support for Kotlin 1.9.20 when running with CodeQL CLI v2.13.4 through v2.14.3.
[PR] Bump ossf/scorecard-action from 2.2.0 to 2.3.0 [commons-validator]
dependabot[bot] opened a new pull request, #159: URL: https://github.com/apache/commons-validator/pull/159 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.2.0 to 2.3.0. Release notes Sourced from https://github.com/ossf/scorecard-action/releases;>ossf/scorecard-action's releases. v2.3.0 What's Changed :seedling: Bump github.com/ossf/scorecard/v4 from v4.11.0 to v4.13.0 by https://github.com/spencerschrock;>@spencerschrock in https://redirect.github.com/ossf/scorecard-action/pull/1270;>ossf/scorecard-action#1270 For a full changelist of what this includes, see the https://github.com/ossf/scorecard/releases/tag/v4.12.0;>v4.12.0 and https://github.com/ossf/scorecard/releases/tag/v4.13.0;>v4.13.0 release notes :sparkles: Send rekor tlog index to webapp when publishing results by https://github.com/spencerschrock;>@spencerschrock in https://redirect.github.com/ossf/scorecard-action/pull/1169;>ossf/scorecard-action#1169 :bug: Prevent url clipping for GHES instances by https://github.com/rajbos;>@rajbos in https://redirect.github.com/ossf/scorecard-action/pull/1225;>ossf/scorecard-action#1225 Documentation :book: Update access rights needed to see the results in code scanning by https://github.com/rajbos;>@rajbos in https://redirect.github.com/ossf/scorecard-action/pull/1229;>ossf/scorecard-action#1229 :book: Add package comments. by https://github.com/spencerschrock;>@spencerschrock in https://redirect.github.com/ossf/scorecard-action/pull/1221;>ossf/scorecard-action#1221 :book: Add SECURITY.md file by https://github.com/david-a-wheeler;>@david-a-wheeler in https://redirect.github.com/ossf/scorecard-action/pull/1250;>ossf/scorecard-action#1250 :book: Fix typo in token input docs by https://github.com/aabouzaid;>@aabouzaid in https://redirect.github.com/ossf/scorecard-action/pull/1258;>ossf/scorecard-action#1258 New Contributors https://github.com/david-a-wheeler;>@david-a-wheeler made their first contribution in https://redirect.github.com/ossf/scorecard-action/pull/1250;>ossf/scorecard-action#1250 https://github.com/aabouzaid;>@aabouzaid made their first contribution in https://redirect.github.com/ossf/scorecard-action/pull/1258;>ossf/scorecard-action#1258 Full Changelog: https://github.com/ossf/scorecard-action/compare/v2.2.0...v2.3.0;>https://github.com/ossf/scorecard-action/compare/v2.2.0...v2.3.0 Commits https://github.com/ossf/scorecard-action/commit/483ef80eb98fb506c348f7d62e28055e49fe2398;>483ef80 :seedling: Bump docker tag for v2.3.0 release. (https://redirect.github.com/ossf/scorecard-action/issues/1271;>#1271) https://github.com/ossf/scorecard-action/commit/5d3591303ed947eee0d7a421fcdda0e039ddf8e1;>5d35913 :seedling: Bump github.com/ossf/scorecard/v4 from v4.11.0 to v4.13.0 (https://redirect.github.com/ossf/scorecard-action/issues/1270;>#1270) https://github.com/ossf/scorecard-action/commit/49787a6922d868dab142da9d87a1d8b3b3922046;>49787a6 :seedling: Bump distroless/base from 46c5b9b to a35b652 (https://redirect.github.com/ossf/scorecard-action/issues/1269;>#1269) https://github.com/ossf/scorecard-action/commit/4283c75015ea78a15ba7caf13d686b136db16b0a;>4283c75 :seedling: Bump github/codeql-action from 2.21.8 to 2.21.9 (https://redirect.github.com/ossf/scorecard-action/issues/1268;>#1268) https://github.com/ossf/scorecard-action/commit/709ecd0815982a217ee06fc6ee71f698dc20f14c;>709ecd0 :seedling: Bump golang from 6974950 to c416cee (https://redirect.github.com/ossf/scorecard-action/issues/1266;>#1266) https://github.com/ossf/scorecard-action/commit/25bb02cd479310452820e62d96669712a90684ba;>25bb02c :seedling: Bump actions/checkout from 4.0.0 to 4.1.0 (https://redirect.github.com/ossf/scorecard-action/issues/1267;>#1267) https://github.com/ossf/scorecard-action/commit/b687393d2370bdf6d960ea972ff690c9ed797189;>b687393 :seedling: Bump github/codeql-action from 2.21.5 to 2.21.8 (https://redirect.github.com/ossf/scorecard-action/issues/1265;>#1265) https://github.com/ossf/scorecard-action/commit/6a1c21f537e92adea170a26dd3a42d38f93f1e2f;>6a1c21f :seedling: Bump golang from cffaba7 to 6974950 (https://redirect.github.com/ossf/scorecard-action/issues/1264;>#1264) https://github.com/ossf/scorecard-action/commit/2dee8c185ea0de807198c818714b6f3436856709;>2dee8c1 :seedling: Bump github.com/sigstore/cosign/v2 from 2.1.1 to 2.2.0 (https://redirect.github.com/ossf/scorecard-action/issues/1254;>#1254) https://github.com/ossf/scorecard-action/commit/e79dcb6112482815fc9ea2d659f49eb15403c373;>e79dcb6 :seedling: Upgrade to go 1.20 (https://redirect.github.com/ossf/scorecard-action/issues/1262;>#1262) Additional commits viewable in https://github.com/ossf/scorecard-action/compare/08b4669551908b1024bb425080c797723083c031...483ef80eb98fb506c348f7d62e28055e49fe2398;>compare view
Re: [PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-email]
codecov-commenter commented on PR #175: URL: https://github.com/apache/commons-email/pull/175#issuecomment-1751378340 ## [Codecov](https://app.codecov.io/gh/apache/commons-email/pull/175?src=pr=h1_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) Report > Merging [#175](https://app.codecov.io/gh/apache/commons-email/pull/175?src=pr=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) (95d3b80) into [master](https://app.codecov.io/gh/apache/commons-email/commit/72d062a404cad6da027e7829bae6411c71140830?el=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) (72d062a) will **not change** coverage. > The diff coverage is `n/a`. ```diff @@Coverage Diff@@ ## master #175 +/- ## = Coverage 65.87% 65.87% Complexity 305 305 = Files18 18 Lines 1052 1052 Branches138 138 = Hits693 693 Misses 280 280 Partials 79 79 ``` :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump ossf/scorecard-action from 2.2.0 to 2.3.0 [commons-email]
codecov-commenter commented on PR #174: URL: https://github.com/apache/commons-email/pull/174#issuecomment-1751378200 ## [Codecov](https://app.codecov.io/gh/apache/commons-email/pull/174?src=pr=h1_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) Report > Merging [#174](https://app.codecov.io/gh/apache/commons-email/pull/174?src=pr=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) (179adc0) into [master](https://app.codecov.io/gh/apache/commons-email/commit/72d062a404cad6da027e7829bae6411c71140830?el=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) (72d062a) will **not change** coverage. > The diff coverage is `n/a`. ```diff @@Coverage Diff@@ ## master #174 +/- ## = Coverage 65.87% 65.87% Complexity 305 305 = Files18 18 Lines 1052 1052 Branches138 138 = Hits693 693 Misses 280 280 Partials 79 79 ``` :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-email]
dependabot[bot] opened a new pull request, #175: URL: https://github.com/apache/commons-email/pull/175 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.0. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases;>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] No user facing changes. 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907;>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/;>CodeQL code scanning deprecates ML-powered alerts. https://redirect.github.com/github/codeql-action/pull/1910;>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909;>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897;>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889;>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903;>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901;>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884;>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883;>#1883 2.21.7 - 14 Sep 2023 Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882 2.21.6 - 13 Sep 2023 Better error message when there is a failure to determine the merge base of the code to analysis. https://redirect.github.com/github/codeql-action/pull/1860;>#1860 Improve the calculation of default amount of RAM used for query execution on GitHub Enterprise Server. This now reduces in proportion to the runner's total memory to better account for system memory usage, helping to avoid out-of-memory failures on larger runners. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1866;>#1866 Enable improved file coverage information for GitHub Enterprise Server users. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1867;>#1867 Update default CodeQL bundle version to 2.14.4. https://redirect.github.com/github/codeql-action/pull/1873;>#1873 2.21.5 - 28 Aug 2023 Update default CodeQL bundle version to 2.14.3. https://redirect.github.com/github/codeql-action/pull/1845;>#1845 Fixed a bug in CodeQL Action 2.21.3 onwards that affected beta support for https://projectlombok.org/;>Project Lombok when analyzing Java. The environment variable CODEQL_EXTRACTOR_JAVA_RUN_ANNOTATION_PROCESSORS will now be respected if it was manually configured in the workflow. https://redirect.github.com/github/codeql-action/pull/1844;>#1844 Enable support for Kotlin 1.9.20 when running with CodeQL CLI v2.13.4 through v2.14.3.
[PR] Bump ossf/scorecard-action from 2.2.0 to 2.3.0 [commons-email]
dependabot[bot] opened a new pull request, #174: URL: https://github.com/apache/commons-email/pull/174 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.2.0 to 2.3.0. Commits https://github.com/ossf/scorecard-action/commit/483ef80eb98fb506c348f7d62e28055e49fe2398;>483ef80 :seedling: Bump docker tag for v2.3.0 release. (https://redirect.github.com/ossf/scorecard-action/issues/1271;>#1271) https://github.com/ossf/scorecard-action/commit/5d3591303ed947eee0d7a421fcdda0e039ddf8e1;>5d35913 :seedling: Bump github.com/ossf/scorecard/v4 from v4.11.0 to v4.13.0 (https://redirect.github.com/ossf/scorecard-action/issues/1270;>#1270) https://github.com/ossf/scorecard-action/commit/49787a6922d868dab142da9d87a1d8b3b3922046;>49787a6 :seedling: Bump distroless/base from 46c5b9b to a35b652 (https://redirect.github.com/ossf/scorecard-action/issues/1269;>#1269) https://github.com/ossf/scorecard-action/commit/4283c75015ea78a15ba7caf13d686b136db16b0a;>4283c75 :seedling: Bump github/codeql-action from 2.21.8 to 2.21.9 (https://redirect.github.com/ossf/scorecard-action/issues/1268;>#1268) https://github.com/ossf/scorecard-action/commit/709ecd0815982a217ee06fc6ee71f698dc20f14c;>709ecd0 :seedling: Bump golang from 6974950 to c416cee (https://redirect.github.com/ossf/scorecard-action/issues/1266;>#1266) https://github.com/ossf/scorecard-action/commit/25bb02cd479310452820e62d96669712a90684ba;>25bb02c :seedling: Bump actions/checkout from 4.0.0 to 4.1.0 (https://redirect.github.com/ossf/scorecard-action/issues/1267;>#1267) https://github.com/ossf/scorecard-action/commit/b687393d2370bdf6d960ea972ff690c9ed797189;>b687393 :seedling: Bump github/codeql-action from 2.21.5 to 2.21.8 (https://redirect.github.com/ossf/scorecard-action/issues/1265;>#1265) https://github.com/ossf/scorecard-action/commit/6a1c21f537e92adea170a26dd3a42d38f93f1e2f;>6a1c21f :seedling: Bump golang from cffaba7 to 6974950 (https://redirect.github.com/ossf/scorecard-action/issues/1264;>#1264) https://github.com/ossf/scorecard-action/commit/2dee8c185ea0de807198c818714b6f3436856709;>2dee8c1 :seedling: Bump github.com/sigstore/cosign/v2 from 2.1.1 to 2.2.0 (https://redirect.github.com/ossf/scorecard-action/issues/1254;>#1254) https://github.com/ossf/scorecard-action/commit/e79dcb6112482815fc9ea2d659f49eb15403c373;>e79dcb6 :seedling: Upgrade to go 1.20 (https://redirect.github.com/ossf/scorecard-action/issues/1262;>#1262) Additional commits viewable in https://github.com/ossf/scorecard-action/compare/08b4669551908b1024bb425080c797723083c031...483ef80eb98fb506c348f7d62e28055e49fe2398;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action=github_actions=2.2.0=2.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump ossf/scorecard-action from 2.2.0 to 2.3.0 [commons-text]
codecov-commenter commented on PR #465: URL: https://github.com/apache/commons-text/pull/465#issuecomment-1751359631 ## [Codecov](https://app.codecov.io/gh/apache/commons-text/pull/465?src=pr=h1_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) Report > Merging [#465](https://app.codecov.io/gh/apache/commons-text/pull/465?src=pr=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) (cc8f904) into [master](https://app.codecov.io/gh/apache/commons-text/commit/5d0b7d00ea8b91376accae3aace6ffac21316713?el=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) (5d0b7d0) will **not change** coverage. > The diff coverage is `n/a`. ```diff @@Coverage Diff@@ ## master #465 +/- ## = Coverage 97.11% 97.11% Complexity 2342 2342 = Files86 86 Lines 5791 5791 Branches938 938 = Hits 5624 5624 Misses 88 88 Partials 79 79 ``` :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-text]
codecov-commenter commented on PR #464: URL: https://github.com/apache/commons-text/pull/464#issuecomment-1751359306 ## [Codecov](https://app.codecov.io/gh/apache/commons-text/pull/464?src=pr=h1_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) Report > Merging [#464](https://app.codecov.io/gh/apache/commons-text/pull/464?src=pr=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) (bbc7761) into [master](https://app.codecov.io/gh/apache/commons-text/commit/5d0b7d00ea8b91376accae3aace6ffac21316713?el=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) (5d0b7d0) will **not change** coverage. > The diff coverage is `n/a`. ```diff @@Coverage Diff@@ ## master #464 +/- ## = Coverage 97.11% 97.11% Complexity 2342 2342 = Files86 86 Lines 5791 5791 Branches938 938 = Hits 5624 5624 Misses 88 88 Partials 79 79 ``` :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump ossf/scorecard-action from 2.2.0 to 2.3.0 [commons-text]
dependabot[bot] opened a new pull request, #465: URL: https://github.com/apache/commons-text/pull/465 Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.2.0 to 2.3.0. Commits https://github.com/ossf/scorecard-action/commit/483ef80eb98fb506c348f7d62e28055e49fe2398;>483ef80 :seedling: Bump docker tag for v2.3.0 release. (https://redirect.github.com/ossf/scorecard-action/issues/1271;>#1271) https://github.com/ossf/scorecard-action/commit/5d3591303ed947eee0d7a421fcdda0e039ddf8e1;>5d35913 :seedling: Bump github.com/ossf/scorecard/v4 from v4.11.0 to v4.13.0 (https://redirect.github.com/ossf/scorecard-action/issues/1270;>#1270) https://github.com/ossf/scorecard-action/commit/49787a6922d868dab142da9d87a1d8b3b3922046;>49787a6 :seedling: Bump distroless/base from 46c5b9b to a35b652 (https://redirect.github.com/ossf/scorecard-action/issues/1269;>#1269) https://github.com/ossf/scorecard-action/commit/4283c75015ea78a15ba7caf13d686b136db16b0a;>4283c75 :seedling: Bump github/codeql-action from 2.21.8 to 2.21.9 (https://redirect.github.com/ossf/scorecard-action/issues/1268;>#1268) https://github.com/ossf/scorecard-action/commit/709ecd0815982a217ee06fc6ee71f698dc20f14c;>709ecd0 :seedling: Bump golang from 6974950 to c416cee (https://redirect.github.com/ossf/scorecard-action/issues/1266;>#1266) https://github.com/ossf/scorecard-action/commit/25bb02cd479310452820e62d96669712a90684ba;>25bb02c :seedling: Bump actions/checkout from 4.0.0 to 4.1.0 (https://redirect.github.com/ossf/scorecard-action/issues/1267;>#1267) https://github.com/ossf/scorecard-action/commit/b687393d2370bdf6d960ea972ff690c9ed797189;>b687393 :seedling: Bump github/codeql-action from 2.21.5 to 2.21.8 (https://redirect.github.com/ossf/scorecard-action/issues/1265;>#1265) https://github.com/ossf/scorecard-action/commit/6a1c21f537e92adea170a26dd3a42d38f93f1e2f;>6a1c21f :seedling: Bump golang from cffaba7 to 6974950 (https://redirect.github.com/ossf/scorecard-action/issues/1264;>#1264) https://github.com/ossf/scorecard-action/commit/2dee8c185ea0de807198c818714b6f3436856709;>2dee8c1 :seedling: Bump github.com/sigstore/cosign/v2 from 2.1.1 to 2.2.0 (https://redirect.github.com/ossf/scorecard-action/issues/1254;>#1254) https://github.com/ossf/scorecard-action/commit/e79dcb6112482815fc9ea2d659f49eb15403c373;>e79dcb6 :seedling: Upgrade to go 1.20 (https://redirect.github.com/ossf/scorecard-action/issues/1262;>#1262) Additional commits viewable in https://github.com/ossf/scorecard-action/compare/08b4669551908b1024bb425080c797723083c031...483ef80eb98fb506c348f7d62e28055e49fe2398;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ossf/scorecard-action=github_actions=2.2.0=2.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-text]
dependabot[bot] opened a new pull request, #464: URL: https://github.com/apache/commons-text/pull/464 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.0. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases;>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] No user facing changes. 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907;>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/;>CodeQL code scanning deprecates ML-powered alerts. https://redirect.github.com/github/codeql-action/pull/1910;>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909;>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897;>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889;>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903;>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901;>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884;>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883;>#1883 2.21.7 - 14 Sep 2023 Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882 2.21.6 - 13 Sep 2023 Better error message when there is a failure to determine the merge base of the code to analysis. https://redirect.github.com/github/codeql-action/pull/1860;>#1860 Improve the calculation of default amount of RAM used for query execution on GitHub Enterprise Server. This now reduces in proportion to the runner's total memory to better account for system memory usage, helping to avoid out-of-memory failures on larger runners. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1866;>#1866 Enable improved file coverage information for GitHub Enterprise Server users. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1867;>#1867 Update default CodeQL bundle version to 2.14.4. https://redirect.github.com/github/codeql-action/pull/1873;>#1873 2.21.5 - 28 Aug 2023 Update default CodeQL bundle version to 2.14.3. https://redirect.github.com/github/codeql-action/pull/1845;>#1845 Fixed a bug in CodeQL Action 2.21.3 onwards that affected beta support for https://projectlombok.org/;>Project Lombok when analyzing Java. The environment variable CODEQL_EXTRACTOR_JAVA_RUN_ANNOTATION_PROCESSORS will now be respected if it was manually configured in the workflow. https://redirect.github.com/github/codeql-action/pull/1844;>#1844 Enable support for Kotlin 1.9.20 when running with CodeQL CLI v2.13.4 through v2.14.3.
[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-rdf]
dependabot[bot] opened a new pull request, #163: URL: https://github.com/apache/commons-rdf/pull/163 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.0. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases;>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] No user facing changes. 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907;>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/;>CodeQL code scanning deprecates ML-powered alerts. https://redirect.github.com/github/codeql-action/pull/1910;>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909;>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897;>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889;>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903;>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901;>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884;>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883;>#1883 2.21.7 - 14 Sep 2023 Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882 2.21.6 - 13 Sep 2023 Better error message when there is a failure to determine the merge base of the code to analysis. https://redirect.github.com/github/codeql-action/pull/1860;>#1860 Improve the calculation of default amount of RAM used for query execution on GitHub Enterprise Server. This now reduces in proportion to the runner's total memory to better account for system memory usage, helping to avoid out-of-memory failures on larger runners. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1866;>#1866 Enable improved file coverage information for GitHub Enterprise Server users. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1867;>#1867 Update default CodeQL bundle version to 2.14.4. https://redirect.github.com/github/codeql-action/pull/1873;>#1873 2.21.5 - 28 Aug 2023 Update default CodeQL bundle version to 2.14.3. https://redirect.github.com/github/codeql-action/pull/1845;>#1845 Fixed a bug in CodeQL Action 2.21.3 onwards that affected beta support for https://projectlombok.org/;>Project Lombok when analyzing Java. The environment variable CODEQL_EXTRACTOR_JAVA_RUN_ANNOTATION_PROCESSORS will now be respected if it was manually configured in the workflow. https://redirect.github.com/github/codeql-action/pull/1844;>#1844 Enable support for Kotlin 1.9.20 when running with CodeQL CLI v2.13.4 through v2.14.3.
[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-fileupload]
dependabot[bot] opened a new pull request, #247: URL: https://github.com/apache/commons-fileupload/pull/247 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.0. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases;>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] No user facing changes. 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907;>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/;>CodeQL code scanning deprecates ML-powered alerts. https://redirect.github.com/github/codeql-action/pull/1910;>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909;>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897;>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889;>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903;>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901;>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884;>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883;>#1883 2.21.7 - 14 Sep 2023 Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882 2.21.6 - 13 Sep 2023 Better error message when there is a failure to determine the merge base of the code to analysis. https://redirect.github.com/github/codeql-action/pull/1860;>#1860 Improve the calculation of default amount of RAM used for query execution on GitHub Enterprise Server. This now reduces in proportion to the runner's total memory to better account for system memory usage, helping to avoid out-of-memory failures on larger runners. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1866;>#1866 Enable improved file coverage information for GitHub Enterprise Server users. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1867;>#1867 Update default CodeQL bundle version to 2.14.4. https://redirect.github.com/github/codeql-action/pull/1873;>#1873 2.21.5 - 28 Aug 2023 Update default CodeQL bundle version to 2.14.3. https://redirect.github.com/github/codeql-action/pull/1845;>#1845 Fixed a bug in CodeQL Action 2.21.3 onwards that affected beta support for https://projectlombok.org/;>Project Lombok when analyzing Java. The environment variable CODEQL_EXTRACTOR_JAVA_RUN_ANNOTATION_PROCESSORS will now be respected if it was manually configured in the workflow. https://redirect.github.com/github/codeql-action/pull/1844;>#1844 Enable support for Kotlin 1.9.20 when running with CodeQL CLI v2.13.4 through v2.14.3.
[GH] (commons-vfs): Workflow run "Java CI" is working again!
The GitHub Actions job "Java CI" on commons-vfs.git has succeeded. Run started by GitHub user garydgregory (triggered by garydgregory). Head commit for run: b8facee10a2eb3c758cff2320ea261c99ec0bc0c / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump github/codeql-action from 2.21.9 to 2.22.0 (#434) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/ddccb873888234080b77e9bc2d4764d5ccaaccf9...2cb752a87e96af96708ab57187ab6372ee1973ab) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Report URL: https://github.com/apache/commons-vfs/actions/runs/6431371835 With regards, GitHub Actions via GitBox
Re: [PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-jxpath]
codecov-commenter commented on PR #86: URL: https://github.com/apache/commons-jxpath/pull/86#issuecomment-1751214648 ## [Codecov](https://app.codecov.io/gh/apache/commons-jxpath/pull/86?src=pr=h1_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) Report > Merging [#86](https://app.codecov.io/gh/apache/commons-jxpath/pull/86?src=pr=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) (000a6a9) into [master](https://app.codecov.io/gh/apache/commons-jxpath/commit/43db6dc49149cedb57ad2fbc9958e2a70f616baa?el=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) (43db6dc) will **not change** coverage. > The diff coverage is `n/a`. ```diff @@Coverage Diff@@ ## master #86 +/- ## = Coverage 69.20% 69.20% Complexity 3122 3122 = Files 152 152 Lines 9575 9575 Branches 2005 2005 = Hits 6626 6626 Misses 2155 2155 Partials794 794 ``` :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-jxpath]
dependabot[bot] opened a new pull request, #86: URL: https://github.com/apache/commons-jxpath/pull/86 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.0. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases;>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] No user facing changes. 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907;>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/;>CodeQL code scanning deprecates ML-powered alerts. https://redirect.github.com/github/codeql-action/pull/1910;>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909;>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897;>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889;>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903;>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901;>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884;>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883;>#1883 2.21.7 - 14 Sep 2023 Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882 2.21.6 - 13 Sep 2023 Better error message when there is a failure to determine the merge base of the code to analysis. https://redirect.github.com/github/codeql-action/pull/1860;>#1860 Improve the calculation of default amount of RAM used for query execution on GitHub Enterprise Server. This now reduces in proportion to the runner's total memory to better account for system memory usage, helping to avoid out-of-memory failures on larger runners. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1866;>#1866 Enable improved file coverage information for GitHub Enterprise Server users. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1867;>#1867 Update default CodeQL bundle version to 2.14.4. https://redirect.github.com/github/codeql-action/pull/1873;>#1873 2.21.5 - 28 Aug 2023 Update default CodeQL bundle version to 2.14.3. https://redirect.github.com/github/codeql-action/pull/1845;>#1845 Fixed a bug in CodeQL Action 2.21.3 onwards that affected beta support for https://projectlombok.org/;>Project Lombok when analyzing Java. The environment variable CODEQL_EXTRACTOR_JAVA_RUN_ANNOTATION_PROCESSORS will now be respected if it was manually configured in the workflow. https://redirect.github.com/github/codeql-action/pull/1844;>#1844 Enable support for Kotlin 1.9.20 when running with CodeQL CLI v2.13.4 through v2.14.3.
[GH] (commons-vfs): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-vfs.git has failed. Run started by GitHub user garydgregory (triggered by garydgregory). Head commit for run: b8facee10a2eb3c758cff2320ea261c99ec0bc0c / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump github/codeql-action from 2.21.9 to 2.22.0 (#434) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/ddccb873888234080b77e9bc2d4764d5ccaaccf9...2cb752a87e96af96708ab57187ab6372ee1973ab) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Report URL: https://github.com/apache/commons-vfs/actions/runs/6431371835 With regards, GitHub Actions via GitBox
Re: [PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-imaging]
codecov-commenter commented on PR #324: URL: https://github.com/apache/commons-imaging/pull/324#issuecomment-1751140428 ## [Codecov](https://app.codecov.io/gh/apache/commons-imaging/pull/324?src=pr=h1_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) Report > Merging [#324](https://app.codecov.io/gh/apache/commons-imaging/pull/324?src=pr=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) (75a9453) into [master](https://app.codecov.io/gh/apache/commons-imaging/commit/38b4dae24dcc7abb97bd29c3fe5529b5f1ce9fb6?el=desc_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) (38b4dae) will **not change** coverage. > The diff coverage is `n/a`. ```diff @@Coverage Diff@@ ## master #324 +/- ## = Coverage 70.89% 70.89% Complexity 3432 3432 = Files 334 334 Lines 1696816968 Branches 2607 2607 = Hits 1203012030 Misses 3919 3919 Partials 1019 1019 ``` :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral_source=github_content=comment_campaign=pr+comments_term=apache) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-imaging]
dependabot[bot] opened a new pull request, #324: URL: https://github.com/apache/commons-imaging/pull/324 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.0. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases;>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] No user facing changes. 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907;>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/;>CodeQL code scanning deprecates ML-powered alerts. https://redirect.github.com/github/codeql-action/pull/1910;>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909;>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897;>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889;>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903;>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901;>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884;>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883;>#1883 2.21.7 - 14 Sep 2023 Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882 2.21.6 - 13 Sep 2023 Better error message when there is a failure to determine the merge base of the code to analysis. https://redirect.github.com/github/codeql-action/pull/1860;>#1860 Improve the calculation of default amount of RAM used for query execution on GitHub Enterprise Server. This now reduces in proportion to the runner's total memory to better account for system memory usage, helping to avoid out-of-memory failures on larger runners. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1866;>#1866 Enable improved file coverage information for GitHub Enterprise Server users. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1867;>#1867 Update default CodeQL bundle version to 2.14.4. https://redirect.github.com/github/codeql-action/pull/1873;>#1873 2.21.5 - 28 Aug 2023 Update default CodeQL bundle version to 2.14.3. https://redirect.github.com/github/codeql-action/pull/1845;>#1845 Fixed a bug in CodeQL Action 2.21.3 onwards that affected beta support for https://projectlombok.org/;>Project Lombok when analyzing Java. The environment variable CODEQL_EXTRACTOR_JAVA_RUN_ANNOTATION_PROCESSORS will now be respected if it was manually configured in the workflow. https://redirect.github.com/github/codeql-action/pull/1844;>#1844 Enable support for Kotlin 1.9.20 when running with CodeQL CLI v2.13.4 through v2.14.3.
[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-exec]
dependabot[bot] opened a new pull request, #128: URL: https://github.com/apache/commons-exec/pull/128 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.0. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases;>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] No user facing changes. 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907;>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/;>CodeQL code scanning deprecates ML-powered alerts. https://redirect.github.com/github/codeql-action/pull/1910;>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909;>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897;>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889;>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903;>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901;>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884;>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883;>#1883 2.21.7 - 14 Sep 2023 Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882 2.21.6 - 13 Sep 2023 Better error message when there is a failure to determine the merge base of the code to analysis. https://redirect.github.com/github/codeql-action/pull/1860;>#1860 Improve the calculation of default amount of RAM used for query execution on GitHub Enterprise Server. This now reduces in proportion to the runner's total memory to better account for system memory usage, helping to avoid out-of-memory failures on larger runners. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1866;>#1866 Enable improved file coverage information for GitHub Enterprise Server users. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1867;>#1867 Update default CodeQL bundle version to 2.14.4. https://redirect.github.com/github/codeql-action/pull/1873;>#1873 2.21.5 - 28 Aug 2023 Update default CodeQL bundle version to 2.14.3. https://redirect.github.com/github/codeql-action/pull/1845;>#1845 Fixed a bug in CodeQL Action 2.21.3 onwards that affected beta support for https://projectlombok.org/;>Project Lombok when analyzing Java. The environment variable CODEQL_EXTRACTOR_JAVA_RUN_ANNOTATION_PROCESSORS will now be respected if it was manually configured in the workflow. https://redirect.github.com/github/codeql-action/pull/1844;>#1844 Enable support for Kotlin 1.9.20 when running with CodeQL CLI v2.13.4 through v2.14.3.
[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-daemon]
dependabot[bot] opened a new pull request, #115: URL: https://github.com/apache/commons-daemon/pull/115 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.0. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases;>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] No user facing changes. 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907;>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/;>CodeQL code scanning deprecates ML-powered alerts. https://redirect.github.com/github/codeql-action/pull/1910;>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909;>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897;>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889;>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903;>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901;>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884;>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883;>#1883 2.21.7 - 14 Sep 2023 Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882 2.21.6 - 13 Sep 2023 Better error message when there is a failure to determine the merge base of the code to analysis. https://redirect.github.com/github/codeql-action/pull/1860;>#1860 Improve the calculation of default amount of RAM used for query execution on GitHub Enterprise Server. This now reduces in proportion to the runner's total memory to better account for system memory usage, helping to avoid out-of-memory failures on larger runners. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1866;>#1866 Enable improved file coverage information for GitHub Enterprise Server users. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1867;>#1867 Update default CodeQL bundle version to 2.14.4. https://redirect.github.com/github/codeql-action/pull/1873;>#1873 2.21.5 - 28 Aug 2023 Update default CodeQL bundle version to 2.14.3. https://redirect.github.com/github/codeql-action/pull/1845;>#1845 Fixed a bug in CodeQL Action 2.21.3 onwards that affected beta support for https://projectlombok.org/;>Project Lombok when analyzing Java. The environment variable CODEQL_EXTRACTOR_JAVA_RUN_ANNOTATION_PROCESSORS will now be respected if it was manually configured in the workflow. https://redirect.github.com/github/codeql-action/pull/1844;>#1844 Enable support for Kotlin 1.9.20 when running with CodeQL CLI v2.13.4 through v2.14.3.
Re: [PR] Bump org.mockito:mockito-core from 4.11.0 to 5.5.0 [commons-configuration]
dependabot[bot] closed pull request #314: Bump org.mockito:mockito-core from 4.11.0 to 5.5.0 URL: https://github.com/apache/commons-configuration/pull/314 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump org.mockito:mockito-core from 4.11.0 to 5.6.0 [commons-configuration]
dependabot[bot] opened a new pull request, #323: URL: https://github.com/apache/commons-configuration/pull/323 Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 4.11.0 to 5.6.0. Release notes Sourced from https://github.com/mockito/mockito/releases;>org.mockito:mockito-core's releases. v5.6.0 Changelog generated by https://github.com/shipkit/shipkit-changelog;>Shipkit Changelog Gradle Plugin 5.6.0 2023-10-06 - https://github.com/mockito/mockito/compare/v5.5.0...v5.6.0;>22 commit(s) by Andreas Turban, Stefan M, StevenCurran, Yevhen Lazhyntsev, dependabot[bot] Use spdx identifier for license name [(https://redirect.github.com/mockito/mockito/issues/3134;>#3134)](https://redirect.github.com/mockito/mockito/pull/3134;>mockito/mockito#3134) Fixes https://redirect.github.com/mockito/mockito/issues/1382;>#1382 Jupiter Captor annotation support [(https://redirect.github.com/mockito/mockito/issues/3133;>#3133)](https://redirect.github.com/mockito/mockito/pull/3133;>mockito/mockito#3133) Bump com.gradle.enterprise from 3.15 to 3.15.1 [(https://redirect.github.com/mockito/mockito/issues/3132;>#3132)](https://redirect.github.com/mockito/mockito/pull/3132;>mockito/mockito#3132) Bump com.google.googlejavaformat:google-java-format from 1.18.0 to 1.18.1 [(https://redirect.github.com/mockito/mockito/issues/3131;>#3131)](https://redirect.github.com/mockito/mockito/pull/3131;>mockito/mockito#3131) Make MockUtil.getMockMaker() public Mockito API [(https://redirect.github.com/mockito/mockito/issues/3129;>#3129)](https://redirect.github.com/mockito/mockito/pull/3129;>mockito/mockito#3129) Make MockUtil.getMockMaker() public or public Mockito API [(https://redirect.github.com/mockito/mockito/issues/3128;>#3128)](https://redirect.github.com/mockito/mockito/issues/3128;>mockito/mockito#3128) Bump com.google.googlejavaformat:google-java-format from 1.17.0 to 1.18.0 [(https://redirect.github.com/mockito/mockito/issues/3126;>#3126)](https://redirect.github.com/mockito/mockito/pull/3126;>mockito/mockito#3126) Bump com.diffplug.spotless from 6.21.0 to 6.22.0 [(https://redirect.github.com/mockito/mockito/issues/3125;>#3125)](https://redirect.github.com/mockito/mockito/pull/3125;>mockito/mockito#3125) Bump versions.errorprone from 2.21.1 to 2.22.0 [(https://redirect.github.com/mockito/mockito/issues/3122;>#3122)](https://redirect.github.com/mockito/mockito/pull/3122;>mockito/mockito#3122) Bump versions.bytebuddy from 1.14.7 to 1.14.8 [(https://redirect.github.com/mockito/mockito/issues/3117;>#3117)](https://redirect.github.com/mockito/mockito/pull/3117;>mockito/mockito#3117) Bump com.gradle.enterprise from 3.14.1 to 3.15 [(https://redirect.github.com/mockito/mockito/issues/3115;>#3115)](https://redirect.github.com/mockito/mockito/pull/3115;>mockito/mockito#3115) Bump org.eclipse.platform:org.eclipse.osgi from 3.18.400 to 3.18.500 [(https://redirect.github.com/mockito/mockito/issues/3113;>#3113)](https://redirect.github.com/mockito/mockito/pull/3113;>mockito/mockito#3113) Bump com.github.ben-manes.versions from 0.47.0 to 0.48.0 [(https://redirect.github.com/mockito/mockito/issues/3110;>#3110)](https://redirect.github.com/mockito/mockito/pull/3110;>mockito/mockito#3110) Bump actions/checkout from 3 to 4 [(https://redirect.github.com/mockito/mockito/issues/3108;>#3108)](https://redirect.github.com/mockito/mockito/pull/3108;>mockito/mockito#3108) Bump com.diffplug.spotless from 6.20.0 to 6.21.0 [(https://redirect.github.com/mockito/mockito/issues/3106;>#3106)](https://redirect.github.com/mockito/mockito/pull/3106;>mockito/mockito#3106) Bump versions.bytebuddy from 1.14.6 to 1.14.7 [(https://redirect.github.com/mockito/mockito/issues/3105;>#3105)](https://redirect.github.com/mockito/mockito/pull/3105;>mockito/mockito#3105) Update Javadoc for ArgumentCaptor [(https://redirect.github.com/mockito/mockito/issues/3103;>#3103)](https://redirect.github.com/mockito/mockito/pull/3103;>mockito/mockito#3103) Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.0 to 1.9.10 [(https://redirect.github.com/mockito/mockito/issues/3102;>#3102)](https://redirect.github.com/mockito/mockito/pull/3102;>mockito/mockito#3102) Bump org.jetbrains.kotlin:kotlin-stdlib from 1.9.0 to 1.9.10 [(https://redirect.github.com/mockito/mockito/issues/3101;>#3101)](https://redirect.github.com/mockito/mockito/pull/3101;>mockito/mockito#3101) Bump org.codehaus.groovy:groovy from 3.0.18 to 3.0.19 [(https://redirect.github.com/mockito/mockito/issues/3100;>#3100)](https://redirect.github.com/mockito/mockito/pull/3100;>mockito/mockito#3100) Resolve more Gradle Tasks lazily [(https://redirect.github.com/mockito/mockito/issues/3099;>#3099)](https://redirect.github.com/mockito/mockito/pull/3099;>mockito/mockito#3099) Added JavaFlightRecorder options for Tests
[GH] (commons-configuration): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-configuration.git has failed. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: 982b92ae1ca8476e3babe1bda1077373f5fc0bfe / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump org.mockito:mockito-core from 4.11.0 to 5.6.0 Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 4.11.0 to 5.6.0. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v4.11.0...v5.6.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-configuration/actions/runs/6434350081 With regards, GitHub Actions via GitBox
[GH] (commons-configuration): Workflow run "Coverage" failed!
The GitHub Actions job "Coverage" on commons-configuration.git has failed. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: 982b92ae1ca8476e3babe1bda1077373f5fc0bfe / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump org.mockito:mockito-core from 4.11.0 to 5.6.0 Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 4.11.0 to 5.6.0. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v4.11.0...v5.6.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-configuration/actions/runs/6434350083 With regards, GitHub Actions via GitBox
[GH] (commons-configuration): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-configuration.git has failed. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: 982b92ae1ca8476e3babe1bda1077373f5fc0bfe / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump org.mockito:mockito-core from 4.11.0 to 5.6.0 Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 4.11.0 to 5.6.0. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v4.11.0...v5.6.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-configuration/actions/runs/6434349933 With regards, GitHub Actions via GitBox
[GH] (commons-configuration): Workflow run "Coverage" failed!
The GitHub Actions job "Coverage" on commons-configuration.git has failed. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: 982b92ae1ca8476e3babe1bda1077373f5fc0bfe / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump org.mockito:mockito-core from 4.11.0 to 5.6.0 Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 4.11.0 to 5.6.0. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v4.11.0...v5.6.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-configuration/actions/runs/6434349935 With regards, GitHub Actions via GitBox
Re: [PR] Bump org.mockito:mockito-core from 4.11.0 to 5.5.0 [commons-configuration]
dependabot[bot] commented on PR #314: URL: https://github.com/apache/commons-configuration/pull/314#issuecomment-1751102863 Superseded by #323. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-lang]
dependabot[bot] opened a new pull request, #1118: URL: https://github.com/apache/commons-lang/pull/1118 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.0. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases;>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] No user facing changes. 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907;>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/;>CodeQL code scanning deprecates ML-powered alerts. https://redirect.github.com/github/codeql-action/pull/1910;>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909;>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897;>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889;>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903;>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901;>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884;>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883;>#1883 2.21.7 - 14 Sep 2023 Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882 2.21.6 - 13 Sep 2023 Better error message when there is a failure to determine the merge base of the code to analysis. https://redirect.github.com/github/codeql-action/pull/1860;>#1860 Improve the calculation of default amount of RAM used for query execution on GitHub Enterprise Server. This now reduces in proportion to the runner's total memory to better account for system memory usage, helping to avoid out-of-memory failures on larger runners. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1866;>#1866 Enable improved file coverage information for GitHub Enterprise Server users. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1867;>#1867 Update default CodeQL bundle version to 2.14.4. https://redirect.github.com/github/codeql-action/pull/1873;>#1873 2.21.5 - 28 Aug 2023 Update default CodeQL bundle version to 2.14.3. https://redirect.github.com/github/codeql-action/pull/1845;>#1845 Fixed a bug in CodeQL Action 2.21.3 onwards that affected beta support for https://projectlombok.org/;>Project Lombok when analyzing Java. The environment variable CODEQL_EXTRACTOR_JAVA_RUN_ANNOTATION_PROCESSORS will now be respected if it was manually configured in the workflow. https://redirect.github.com/github/codeql-action/pull/1844;>#1844 Enable support for Kotlin 1.9.20 when running with CodeQL CLI v2.13.4 through v2.14.3.
[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-codec]
dependabot[bot] opened a new pull request, #211: URL: https://github.com/apache/commons-codec/pull/211 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.0. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases;>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] No user facing changes. 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907;>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/;>CodeQL code scanning deprecates ML-powered alerts. https://redirect.github.com/github/codeql-action/pull/1910;>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909;>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897;>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889;>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903;>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901;>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884;>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883;>#1883 2.21.7 - 14 Sep 2023 Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882 2.21.6 - 13 Sep 2023 Better error message when there is a failure to determine the merge base of the code to analysis. https://redirect.github.com/github/codeql-action/pull/1860;>#1860 Improve the calculation of default amount of RAM used for query execution on GitHub Enterprise Server. This now reduces in proportion to the runner's total memory to better account for system memory usage, helping to avoid out-of-memory failures on larger runners. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1866;>#1866 Enable improved file coverage information for GitHub Enterprise Server users. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1867;>#1867 Update default CodeQL bundle version to 2.14.4. https://redirect.github.com/github/codeql-action/pull/1873;>#1873 2.21.5 - 28 Aug 2023 Update default CodeQL bundle version to 2.14.3. https://redirect.github.com/github/codeql-action/pull/1845;>#1845 Fixed a bug in CodeQL Action 2.21.3 onwards that affected beta support for https://projectlombok.org/;>Project Lombok when analyzing Java. The environment variable CODEQL_EXTRACTOR_JAVA_RUN_ANNOTATION_PROCESSORS will now be respected if it was manually configured in the workflow. https://redirect.github.com/github/codeql-action/pull/1844;>#1844 Enable support for Kotlin 1.9.20 when running with CodeQL CLI v2.13.4 through v2.14.3.
[GH] (commons-lang): Workflow run "Java CI" is working again!
The GitHub Actions job "Java CI" on commons-lang.git has succeeded. Run started by GitHub user asfgit (triggered by garydgregory). Head commit for run: e2426182c81d371e3c1ea3410156528e7c7944b3 / Gary Gregory Javadoc Report URL: https://github.com/apache/commons-lang/actions/runs/6432434044 With regards, GitHub Actions via GitBox
[GH] (commons-lang): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-lang.git has failed. Run started by GitHub user asfgit (triggered by asfgit). Head commit for run: e2426182c81d371e3c1ea3410156528e7c7944b3 / Gary Gregory Javadoc Report URL: https://github.com/apache/commons-lang/actions/runs/6432434044 With regards, GitHub Actions via GitBox
[Math] Change on branch "master": Commons » commons-math - Build # 601 - Still Failing!
Commons » commons-math - Build # 601 - Still Failing: Check console output at https://ci-builds.apache.org/job/Commons/job/commons-math/601/ to view the results.
Re: [PR] Bump com.puppycrawl.tools:checkstyle from 10.12.3 to 10.12.4 [commons-parent]
dependabot[bot] commented on PR #316: URL: https://github.com/apache/commons-parent/pull/316#issuecomment-1750649664 OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting `@dependabot ignore this major version` or `@dependabot ignore this minor version`. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-csv]
dependabot[bot] opened a new pull request, #362: URL: https://github.com/apache/commons-csv/pull/362 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.0. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases;>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] No user facing changes. 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907;>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/;>CodeQL code scanning deprecates ML-powered alerts. https://redirect.github.com/github/codeql-action/pull/1910;>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909;>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897;>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889;>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903;>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901;>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884;>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883;>#1883 2.21.7 - 14 Sep 2023 Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882 2.21.6 - 13 Sep 2023 Better error message when there is a failure to determine the merge base of the code to analysis. https://redirect.github.com/github/codeql-action/pull/1860;>#1860 Improve the calculation of default amount of RAM used for query execution on GitHub Enterprise Server. This now reduces in proportion to the runner's total memory to better account for system memory usage, helping to avoid out-of-memory failures on larger runners. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1866;>#1866 Enable improved file coverage information for GitHub Enterprise Server users. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1867;>#1867 Update default CodeQL bundle version to 2.14.4. https://redirect.github.com/github/codeql-action/pull/1873;>#1873 2.21.5 - 28 Aug 2023 Update default CodeQL bundle version to 2.14.3. https://redirect.github.com/github/codeql-action/pull/1845;>#1845 Fixed a bug in CodeQL Action 2.21.3 onwards that affected beta support for https://projectlombok.org/;>Project Lombok when analyzing Java. The environment variable CODEQL_EXTRACTOR_JAVA_RUN_ANNOTATION_PROCESSORS will now be respected if it was manually configured in the workflow. https://redirect.github.com/github/codeql-action/pull/1844;>#1844 Enable support for Kotlin 1.9.20 when running with CodeQL CLI v2.13.4 through v2.14.3.
[Math] Change on branch "master": Commons » commons-math - Build # 600 - Still Failing!
Commons » commons-math - Build # 600 - Still Failing: Check console output at https://ci-builds.apache.org/job/Commons/job/commons-math/600/ to view the results.
[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-jexl]
dependabot[bot] opened a new pull request, #201: URL: https://github.com/apache/commons-jexl/pull/201 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.0. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases;>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] No user facing changes. 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907;>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/;>CodeQL code scanning deprecates ML-powered alerts. https://redirect.github.com/github/codeql-action/pull/1910;>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909;>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897;>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889;>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903;>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901;>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884;>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883;>#1883 2.21.7 - 14 Sep 2023 Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882 2.21.6 - 13 Sep 2023 Better error message when there is a failure to determine the merge base of the code to analysis. https://redirect.github.com/github/codeql-action/pull/1860;>#1860 Improve the calculation of default amount of RAM used for query execution on GitHub Enterprise Server. This now reduces in proportion to the runner's total memory to better account for system memory usage, helping to avoid out-of-memory failures on larger runners. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1866;>#1866 Enable improved file coverage information for GitHub Enterprise Server users. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1867;>#1867 Update default CodeQL bundle version to 2.14.4. https://redirect.github.com/github/codeql-action/pull/1873;>#1873 2.21.5 - 28 Aug 2023 Update default CodeQL bundle version to 2.14.3. https://redirect.github.com/github/codeql-action/pull/1845;>#1845 Fixed a bug in CodeQL Action 2.21.3 onwards that affected beta support for https://projectlombok.org/;>Project Lombok when analyzing Java. The environment variable CODEQL_EXTRACTOR_JAVA_RUN_ANNOTATION_PROCESSORS will now be respected if it was manually configured in the workflow. https://redirect.github.com/github/codeql-action/pull/1844;>#1844 Enable support for Kotlin 1.9.20 when running with CodeQL CLI v2.13.4 through v2.14.3.
[GH] (commons-net): Workflow run "Java CI" is working again!
The GitHub Actions job "Java CI" on commons-net.git has succeeded. Run started by GitHub user asfgit (triggered by asfgit). Head commit for run: dd8d4ce022c2aa3ced88dfa9a21da96fce4a63aa / Gary Gregory Revert "Bump commons-parent from 62 to 63" This reverts commit 44e7c97080978052f388ac2ba9c388ef148dd2ff. Report URL: https://github.com/apache/commons-net/actions/runs/6431642018 With regards, GitHub Actions via GitBox
[GH] (commons-net): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-net.git has failed. Run started by GitHub user asfgit (triggered by asfgit). Head commit for run: 7f977bcf04ebcf817c8b56e030136a3ae3f4d4cf / Gary Gregory Add slot for the next release. Report URL: https://github.com/apache/commons-net/actions/runs/6431576559 With regards, GitHub Actions via GitBox
svn commit: r1084343 - /websites/production/commons/content/proper/commons-parent/
Author: ggregory Date: Fri Oct 6 12:29:57 2023 New Revision: 1084343 Log: Site checkin for project Apache Commons Parent Added: websites/production/commons/content/proper/commons-parent/japicmp.html websites/production/commons/content/proper/commons-parent/org.apache.commons_commons-parent-63.spdx.json Removed: websites/production/commons/content/proper/commons-parent/org.apache.commons_commons-parent-62.spdx.json Modified: websites/production/commons/content/proper/commons-parent/changes-report.html websites/production/commons/content/proper/commons-parent/ci-management.html websites/production/commons/content/proper/commons-parent/dependency-convergence.html websites/production/commons/content/proper/commons-parent/dependency-info.html websites/production/commons/content/proper/commons-parent/dependency-management.html websites/production/commons/content/proper/commons-parent/distribution-management.html websites/production/commons/content/proper/commons-parent/index.html websites/production/commons/content/proper/commons-parent/issue-management.html websites/production/commons/content/proper/commons-parent/jira-report.html websites/production/commons/content/proper/commons-parent/mailing-lists.html websites/production/commons/content/proper/commons-parent/project-info.html websites/production/commons/content/proper/commons-parent/project-reports.html websites/production/commons/content/proper/commons-parent/rat-report.html websites/production/commons/content/proper/commons-parent/scm.html websites/production/commons/content/proper/commons-parent/summary.html websites/production/commons/content/proper/commons-parent/surefire-report.html Modified: websites/production/commons/content/proper/commons-parent/changes-report.html == --- websites/production/commons/content/proper/commons-parent/changes-report.html (original) +++ websites/production/commons/content/proper/commons-parent/changes-report.html Fri Oct 6 12:29:57 2023 @@ -1,6 +1,6 @@ http://www.w3.org/1999/xhtml; xml:lang="en" lang="en"> @@ -8,7 +8,7 @@ - + Apache Commons Apache Commons Parent Release Notes @@ -37,8 +37,8 @@ https://commons.apache.org/proper/commons-parent/;>Apache Commons Parent - Last Published: 06 September 2023 -| Version: 62 + Last Published: 06 October 2023 +| Version: 63 @@ -70,7 +70,7 @@ Project Information - + Project Reports @@ -90,6 +90,10 @@ Rat Report + + +japicmp + @@ -143,11 +147,11 @@ Commons Build Plugin - + Commons Release Plugin - + Site Publication @@ -210,178 +214,220 @@ Date Description +63 +2023-10-02 +Version 63: Maintenance and update dependencies + 62 2023-09-02 Version 62: Maintenance and update dependencies - + 61 2023-08-26 Version 61: Maintenance and update dependencies - + 60 2023-08-20 Version 60: Maintenance and update dependencies - + 59 2023-07-22 Version 59: Maintenance and update dependencies - + 58 2023-05-20 Version 58: Maintenance and update dependencies - + 57 2023-04-22 Version 57: Maintenance and update dependencies - + 56 2022-12-30 Version 56: Maintenance and update dependencies - + 55 2022-12-07 Version 55: Maintenance and update dependencies - + 54 2022-09-18 Version 54: SBOMs, drop JDepend, replace FindBugs with SpotBugs, dependency bumps. - + 53 2022-03-31 WARNING: checkstyle version has been updated; there are breaking changes which may require updates to checkstyle.xml files - + 52 2020-07-30 Add support for Java 15. - + 51 2020-06-23 Fix incompatibilty issues with Java 7 Add support for Java 13. Update various plugin versions. - + 50 2019-12-17 Update site generation. Updates to commons-skin:4.2, fixes custom footer copyright notice and removes redundant site.xml head element. Removes jacoco aggregate reports and changes conditional japicmp plugin to require Java 8 and activate via opt-in
[GH] (commons-net): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-net.git has failed. Run started by GitHub user asfgit (triggered by asfgit). Head commit for run: 44e7c97080978052f388ac2ba9c388ef148dd2ff / Gary Gregory Bump commons-parent from 62 to 63 Report URL: https://github.com/apache/commons-net/actions/runs/6431615259 With regards, GitHub Actions via GitBox
[PR] Bump org.ow2.asm:asm-util from 9.5 to 9.6 [commons-pool]
dependabot[bot] opened a new pull request, #252: URL: https://github.com/apache/commons-pool/pull/252 Bumps org.ow2.asm:asm-util from 9.5 to 9.6. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.ow2.asm:asm-util=maven=9.5=9.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-pool]
dependabot[bot] opened a new pull request, #251: URL: https://github.com/apache/commons-pool/pull/251 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.0. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases;>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] No user facing changes. 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907;>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/;>CodeQL code scanning deprecates ML-powered alerts. https://redirect.github.com/github/codeql-action/pull/1910;>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909;>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897;>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889;>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903;>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901;>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884;>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883;>#1883 2.21.7 - 14 Sep 2023 Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882 2.21.6 - 13 Sep 2023 Better error message when there is a failure to determine the merge base of the code to analysis. https://redirect.github.com/github/codeql-action/pull/1860;>#1860 Improve the calculation of default amount of RAM used for query execution on GitHub Enterprise Server. This now reduces in proportion to the runner's total memory to better account for system memory usage, helping to avoid out-of-memory failures on larger runners. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1866;>#1866 Enable improved file coverage information for GitHub Enterprise Server users. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1867;>#1867 Update default CodeQL bundle version to 2.14.4. https://redirect.github.com/github/codeql-action/pull/1873;>#1873 2.21.5 - 28 Aug 2023 Update default CodeQL bundle version to 2.14.3. https://redirect.github.com/github/codeql-action/pull/1845;>#1845 Fixed a bug in CodeQL Action 2.21.3 onwards that affected beta support for https://projectlombok.org/;>Project Lombok when analyzing Java. The environment variable CODEQL_EXTRACTOR_JAVA_RUN_ANNOTATION_PROCESSORS will now be respected if it was manually configured in the workflow. https://redirect.github.com/github/codeql-action/pull/1844;>#1844 Enable support for Kotlin 1.9.20 when running with CodeQL CLI v2.13.4 through v2.14.3.
[PR] Bump org.ow2.asm:asm from 9.5 to 9.6 [commons-jexl]
dependabot[bot] opened a new pull request, #200: URL: https://github.com/apache/commons-jexl/pull/200 Bumps org.ow2.asm:asm from 9.5 to 9.6. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.ow2.asm:asm=maven=9.5=9.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GH] (commons-parent): Workflow run "Java CI" is working again!
The GitHub Actions job "Java CI" on commons-parent.git has succeeded. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: a44a3482116a90fccc233bc585028fa4cd33545e / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump com.puppycrawl.tools:checkstyle from 10.12.3 to 10.12.4 Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 10.12.3 to 10.12.4. - [Release notes](https://github.com/checkstyle/checkstyle/releases) - [Commits](https://github.com/checkstyle/checkstyle/compare/checkstyle-10.12.3...checkstyle-10.12.4) --- updated-dependencies: - dependency-name: com.puppycrawl.tools:checkstyle dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-parent/actions/runs/6431296690 With regards, GitHub Actions via GitBox
[GH] (commons-parent): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-parent.git has failed. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: 4ee184d5f9f226eb418a37043bdfbf29dcdd8082 / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump biz.aQute.bnd:biz.aQute.bndlib from 6.4.1 to 7.0.0 Bumps [biz.aQute.bnd:biz.aQute.bndlib](https://github.com/bndtools/bnd) from 6.4.1 to 7.0.0. - [Release notes](https://github.com/bndtools/bnd/releases) - [Changelog](https://github.com/bndtools/bnd/blob/master/docs/ADDING_RELEASE_DOCS.md) - [Commits](https://github.com/bndtools/bnd/compare/6.4.1...7.0.0) --- updated-dependencies: - dependency-name: biz.aQute.bnd:biz.aQute.bndlib dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-parent/actions/runs/6431294888 With regards, GitHub Actions via GitBox
[GH] (commons-parent): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-parent.git has failed. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: 4ee184d5f9f226eb418a37043bdfbf29dcdd8082 / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump biz.aQute.bnd:biz.aQute.bndlib from 6.4.1 to 7.0.0 Bumps [biz.aQute.bnd:biz.aQute.bndlib](https://github.com/bndtools/bnd) from 6.4.1 to 7.0.0. - [Release notes](https://github.com/bndtools/bnd/releases) - [Changelog](https://github.com/bndtools/bnd/blob/master/docs/ADDING_RELEASE_DOCS.md) - [Commits](https://github.com/bndtools/bnd/compare/6.4.1...7.0.0) --- updated-dependencies: - dependency-name: biz.aQute.bnd:biz.aQute.bndlib dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-parent/actions/runs/6431294767 With regards, GitHub Actions via GitBox
[PR] Bump com.puppycrawl.tools:checkstyle from 10.12.3 to 10.12.4 [commons-parent]
dependabot[bot] opened a new pull request, #316: URL: https://github.com/apache/commons-parent/pull/316 Bumps [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) from 10.12.3 to 10.12.4. Release notes Sourced from https://github.com/checkstyle/checkstyle/releases;>com.puppycrawl.tools:checkstyle's releases. checkstyle-10.12.4 Checkstyle 10.12.4 - https://checkstyle.org/releasenotes.html#Release_10.12.4;>https://checkstyle.org/releasenotes.html#Release_10.12.4 Bug fixes: https://redirect.github.com/checkstyle/checkstyle/issues/13745;>#13745 - MissingDeprecated shows unclear message on not closed html tag Commits https://github.com/checkstyle/checkstyle/commit/9921e5350146ba8469f9adbdbc07492fd8eddf7a;>9921e53 [maven-release-plugin] prepare release checkstyle-10.12.4 https://github.com/checkstyle/checkstyle/commit/4f5e01f9fb331deb0eb1c43a1dedf402c29a37bb;>4f5e01f doc: release notes for 10.12.4 https://github.com/checkstyle/checkstyle/commit/35da727b92bbc24d331cdba1578d65c8444b9b43;>35da727 Issue https://redirect.github.com/checkstyle/checkstyle/issues/13745;>#13745: MissingDeprecated shows unclear message on not closed html tag https://github.com/checkstyle/checkstyle/commit/83788d6ff5fb659f8590906557c46b79a018f21e;>83788d6 Issue https://redirect.github.com/checkstyle/checkstyle/issues/13809;>#13809: Kill mutation in pitest-api profile https://github.com/checkstyle/checkstyle/commit/56af76110fd2b6acee4e47db63b7bd4511dc6c15;>56af761 Issue https://redirect.github.com/checkstyle/checkstyle/issues/13672;>#13672: Kill mutation using utility class https://github.com/checkstyle/checkstyle/commit/351bbc1ecf4cdcf158b5295c2b2f1c602cdbfc8a;>351bbc1 Issue https://redirect.github.com/checkstyle/checkstyle/issues/13672;>#13672: Kill mutation in Common Profile https://github.com/checkstyle/checkstyle/commit/afd0c2d992d56ece05342521d1ca4da312831625;>afd0c2d dependency: bump commons-io:commons-io from 2.13.0 to 2.14.0 https://github.com/checkstyle/checkstyle/commit/a69c482f5be6e5f9b5c192b76cd3019e081c0363;>a69c482 Issue https://redirect.github.com/checkstyle/checkstyle/issues/13666;>#13666: final fix for ordering of properties in modules https://github.com/checkstyle/checkstyle/commit/2ab52c61a6634c2c01cb7b5750867902d12c58df;>2ab52c6 Issue https://redirect.github.com/checkstyle/checkstyle/issues/13345;>#13345: Enable Test Cases for MethodNameCheckExamplesTest https://github.com/checkstyle/checkstyle/commit/ee804d013a168e2902a7256b08b17da8c5baa70a;>ee804d0 Issue https://redirect.github.com/checkstyle/checkstyle/issues/13672;>#13672: Kill mutation for ImportControlLoader Additional commits viewable in https://github.com/checkstyle/checkstyle/compare/checkstyle-10.12.3...checkstyle-10.12.4;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.puppycrawl.tools:checkstyle=maven=10.12.3=10.12.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific
[PR] Bump biz.aQute.bnd:biz.aQute.bndlib from 6.4.1 to 7.0.0 [commons-parent]
dependabot[bot] opened a new pull request, #315: URL: https://github.com/apache/commons-parent/pull/315 Bumps [biz.aQute.bnd:biz.aQute.bndlib](https://github.com/bndtools/bnd) from 6.4.1 to 7.0.0. Commits https://github.com/bndtools/bnd/commit/b82dc867a7920edfcf32cb2cfa408795f4af6aea;>b82dc86 build: Build Release 7.0.0 https://github.com/bndtools/bnd/commit/7fddd3ee8a3f80a26321e5c7d1895c2b1b66c43a;>7fddd3e build: Build Release 7.0.0.RC3 https://github.com/bndtools/bnd/commit/5f700d220c86687c2243494c803b8996f9dc125e;>5f700d2 Handle the internal refactoring packages moving bundles https://github.com/bndtools/bnd/commit/b764ee87b3135848574820e3ba9ff2265c8d615b;>b764ee8 build: Build Release 7.0.0.RC2 https://github.com/bndtools/bnd/commit/1b4ca76fb8b5794aeaf5a6001ec9bb8f0ae8e66f;>1b4ca76 Removes Require-Capability for osgi.service AnyService https://github.com/bndtools/bnd/commit/d185adeb2be9b300dc2171970cc2c149ab9277dd;>d185ade Fix MojoExecutionException in m2e plugin when using maven-jar-plugin 3.x https://github.com/bndtools/bnd/commit/709285cfa06c1c5265e69bd22697ca70bbd280b6;>709285c build: Build Release 7.0.0.RC1 https://github.com/bndtools/bnd/commit/7d05252afba47a32747e161e32a4149f42efab59;>7d05252 Merge pull request https://redirect.github.com/bndtools/bnd/issues/5765;>#5765 from DataInMotion/5761 https://github.com/bndtools/bnd/commit/40e21c37b3f1faa74a54181026468e9dd4d0a7b4;>40e21c3 Merge pull request https://redirect.github.com/bndtools/bnd/issues/5769;>#5769 from bndtools/dependabot/github_actions/actions/uplo... https://github.com/bndtools/bnd/commit/daca980a43f13c198922cbf88fe10e2c957cb0d7;>daca980 build(deps): Bump actions/upload-artifact from 3.1.2 to 3.1.3 Additional commits viewable in https://github.com/bndtools/bnd/compare/6.4.1...7.0.0;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=biz.aQute.bnd:biz.aQute.bndlib=maven=6.4.1=7.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
svn commit: r1084342 - in /websites/production/commons/content/proper/commons-net: ./ apidocs/ apidocs/legal/ apidocs/org/apache/commons/net/ apidocs/org/apache/commons/net/bsd/ apidocs/org/apache/com
Author: ggregory Date: Fri Oct 6 11:58:26 2023 New Revision: 1084342 Log: Site checkin for project Apache Commons Net [This commit notification would consist of 417 parts, which exceeds the limit of 50 ones, so it was shortened to the summary.]
[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-parent]
dependabot[bot] opened a new pull request, #314: URL: https://github.com/apache/commons-parent/pull/314 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.0. Commits https://github.com/github/codeql-action/commit/2cb752a87e96af96708ab57187ab6372ee1973ab;>2cb752a Merge pull request https://redirect.github.com/github/codeql-action/issues/1924;>#1924 from github/update-v2.22.0-3f7850a17 https://github.com/github/codeql-action/commit/e50f53baa18da7571fefe4e56edeba46be9f183b;>e50f53b Add changelog note for tracing Go 1.21 https://github.com/github/codeql-action/commit/0a65c007f6b702f7d53f89a44248406aae709942;>0a65c00 Update changelog for v2.22.0 https://github.com/github/codeql-action/commit/3f7850a17964ee76fbc058c4cf3360bfd6840486;>3f7850a Improve downloading log message (https://redirect.github.com/github/codeql-action/issues/1920;>#1920) https://github.com/github/codeql-action/commit/27235304e07da3d62be5a72ef5df0f30d8a4e137;>2723530 Merge pull request https://redirect.github.com/github/codeql-action/issues/1923;>#1923 from github/henrymercer/fix-resolve-environment-aliases https://github.com/github/codeql-action/commit/8f0e8b0890952ad94f9d4f1a44170b0f27723054;>8f0e8b0 Tweak language parsing to improve clarity https://github.com/github/codeql-action/commit/f243294ab74b285a547a838884ca660a740ce2a6;>f243294 Extend PR check to test resolve-environment works with language alias https://github.com/github/codeql-action/commit/1ea6a10947dbce58fd4e0ff685cdec23e7f50145;>1ea6a10 Merge pull request https://redirect.github.com/github/codeql-action/issues/1909;>#1909 from github/mbg/go-1.21-workaround https://github.com/github/codeql-action/commit/e26ed57a228512338332f937ef0f121a739d548c;>e26ed57 Defer language aliasing to CLI when appropriate https://github.com/github/codeql-action/commit/0ac7669167fa236dc2e1eec93d82674b1a265327;>0ac7669 Fix using resolve-environment Action with language aliases Additional commits viewable in https://github.com/github/codeql-action/compare/ddccb873888234080b77e9bc2d4764d5ccaaccf9...2cb752a87e96af96708ab57187ab6372ee1973ab;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action=github_actions=2.21.9=2.22.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump github/codeql-action from 2.21.8 to 2.21.9 [commons-skin]
dependabot[bot] closed pull request #83: Bump github/codeql-action from 2.21.8 to 2.21.9 URL: https://github.com/apache/commons-skin/pull/83 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump github/codeql-action from 2.21.8 to 2.22.0 [commons-skin]
dependabot[bot] opened a new pull request, #85: URL: https://github.com/apache/commons-skin/pull/85 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.8 to 2.22.0. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md;>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases;>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907;>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/;>CodeQL code scanning deprecates ML-powered alerts. https://redirect.github.com/github/codeql-action/pull/1910;>#1910 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897;>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889;>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903;>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901;>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884;>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883;>#1883 2.21.7 - 14 Sep 2023 Update default CodeQL bundle version to 2.14.5. https://redirect.github.com/github/codeql-action/pull/1882;>#1882 2.21.6 - 13 Sep 2023 Better error message when there is a failure to determine the merge base of the code to analysis. https://redirect.github.com/github/codeql-action/pull/1860;>#1860 Improve the calculation of default amount of RAM used for query execution on GitHub Enterprise Server. This now reduces in proportion to the runner's total memory to better account for system memory usage, helping to avoid out-of-memory failures on larger runners. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1866;>#1866 Enable improved file coverage information for GitHub Enterprise Server users. This feature is already available to GitHub.com users. https://redirect.github.com/github/codeql-action/pull/1867;>#1867 Update default CodeQL bundle version to 2.14.4. https://redirect.github.com/github/codeql-action/pull/1873;>#1873 2.21.5 - 28 Aug 2023 Update default CodeQL bundle version to 2.14.3. https://redirect.github.com/github/codeql-action/pull/1845;>#1845 Fixed a bug in CodeQL Action 2.21.3 onwards that affected beta support for https://projectlombok.org/;>Project Lombok when analyzing Java. The environment variable CODEQL_EXTRACTOR_JAVA_RUN_ANNOTATION_PROCESSORS will now be respected if it was manually configured in the workflow. https://redirect.github.com/github/codeql-action/pull/1844;>#1844 Enable support for Kotlin 1.9.20 when running with CodeQL CLI v2.13.4 through v2.14.3. https://redirect.github.com/github/codeql-action/pull/1853;>#1853 2.21.4 - 14 Aug 2023 Update default CodeQL bundle version to 2.14.2.
[GH] (commons-vfs): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-vfs.git has failed. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: 5661c39a808d2b5c368ac90b7e2713194703efe9 / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump github/codeql-action from 2.21.9 to 2.22.0 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/ddccb873888234080b77e9bc2d4764d5ccaaccf9...2cb752a87e96af96708ab57187ab6372ee1973ab) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-vfs/actions/runs/6430803621 With regards, GitHub Actions via GitBox
Re: [PR] Bump github/codeql-action from 2.21.8 to 2.21.9 [commons-skin]
dependabot[bot] commented on PR #83: URL: https://github.com/apache/commons-skin/pull/83#issuecomment-1750454314 Superseded by #85. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GH] (commons-vfs): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-vfs.git has failed. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: 5661c39a808d2b5c368ac90b7e2713194703efe9 / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump github/codeql-action from 2.21.9 to 2.22.0 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/ddccb873888234080b77e9bc2d4764d5ccaaccf9...2cb752a87e96af96708ab57187ab6372ee1973ab) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-vfs/actions/runs/6430803518 With regards, GitHub Actions via GitBox
[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-crypto]
dependabot[bot] opened a new pull request, #252: URL: https://github.com/apache/commons-crypto/pull/252 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.0. Commits https://github.com/github/codeql-action/commit/2cb752a87e96af96708ab57187ab6372ee1973ab;>2cb752a Merge pull request https://redirect.github.com/github/codeql-action/issues/1924;>#1924 from github/update-v2.22.0-3f7850a17 https://github.com/github/codeql-action/commit/e50f53baa18da7571fefe4e56edeba46be9f183b;>e50f53b Add changelog note for tracing Go 1.21 https://github.com/github/codeql-action/commit/0a65c007f6b702f7d53f89a44248406aae709942;>0a65c00 Update changelog for v2.22.0 https://github.com/github/codeql-action/commit/3f7850a17964ee76fbc058c4cf3360bfd6840486;>3f7850a Improve downloading log message (https://redirect.github.com/github/codeql-action/issues/1920;>#1920) https://github.com/github/codeql-action/commit/27235304e07da3d62be5a72ef5df0f30d8a4e137;>2723530 Merge pull request https://redirect.github.com/github/codeql-action/issues/1923;>#1923 from github/henrymercer/fix-resolve-environment-aliases https://github.com/github/codeql-action/commit/8f0e8b0890952ad94f9d4f1a44170b0f27723054;>8f0e8b0 Tweak language parsing to improve clarity https://github.com/github/codeql-action/commit/f243294ab74b285a547a838884ca660a740ce2a6;>f243294 Extend PR check to test resolve-environment works with language alias https://github.com/github/codeql-action/commit/1ea6a10947dbce58fd4e0ff685cdec23e7f50145;>1ea6a10 Merge pull request https://redirect.github.com/github/codeql-action/issues/1909;>#1909 from github/mbg/go-1.21-workaround https://github.com/github/codeql-action/commit/e26ed57a228512338332f937ef0f121a739d548c;>e26ed57 Defer language aliasing to CLI when appropriate https://github.com/github/codeql-action/commit/0ac7669167fa236dc2e1eec93d82674b1a265327;>0ac7669 Fix using resolve-environment Action with language aliases Additional commits viewable in https://github.com/github/codeql-action/compare/ddccb873888234080b77e9bc2d4764d5ccaaccf9...2cb752a87e96af96708ab57187ab6372ee1973ab;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action=github_actions=2.21.9=2.22.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump github/codeql-action from 2.21.9 to 2.22.0 [commons-vfs]
dependabot[bot] opened a new pull request, #434: URL: https://github.com/apache/commons-vfs/pull/434 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.9 to 2.22.0. Commits https://github.com/github/codeql-action/commit/2cb752a87e96af96708ab57187ab6372ee1973ab;>2cb752a Merge pull request https://redirect.github.com/github/codeql-action/issues/1924;>#1924 from github/update-v2.22.0-3f7850a17 https://github.com/github/codeql-action/commit/e50f53baa18da7571fefe4e56edeba46be9f183b;>e50f53b Add changelog note for tracing Go 1.21 https://github.com/github/codeql-action/commit/0a65c007f6b702f7d53f89a44248406aae709942;>0a65c00 Update changelog for v2.22.0 https://github.com/github/codeql-action/commit/3f7850a17964ee76fbc058c4cf3360bfd6840486;>3f7850a Improve downloading log message (https://redirect.github.com/github/codeql-action/issues/1920;>#1920) https://github.com/github/codeql-action/commit/27235304e07da3d62be5a72ef5df0f30d8a4e137;>2723530 Merge pull request https://redirect.github.com/github/codeql-action/issues/1923;>#1923 from github/henrymercer/fix-resolve-environment-aliases https://github.com/github/codeql-action/commit/8f0e8b0890952ad94f9d4f1a44170b0f27723054;>8f0e8b0 Tweak language parsing to improve clarity https://github.com/github/codeql-action/commit/f243294ab74b285a547a838884ca660a740ce2a6;>f243294 Extend PR check to test resolve-environment works with language alias https://github.com/github/codeql-action/commit/1ea6a10947dbce58fd4e0ff685cdec23e7f50145;>1ea6a10 Merge pull request https://redirect.github.com/github/codeql-action/issues/1909;>#1909 from github/mbg/go-1.21-workaround https://github.com/github/codeql-action/commit/e26ed57a228512338332f937ef0f121a739d548c;>e26ed57 Defer language aliasing to CLI when appropriate https://github.com/github/codeql-action/commit/0ac7669167fa236dc2e1eec93d82674b1a265327;>0ac7669 Fix using resolve-environment Action with language aliases Additional commits viewable in https://github.com/github/codeql-action/compare/ddccb873888234080b77e9bc2d4764d5ccaaccf9...2cb752a87e96af96708ab57187ab6372ee1973ab;>compare view [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action=github_actions=2.21.9=2.22.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org