This is an automated email from the ASF dual-hosted git repository.

garydgregory pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/commons-ognl.git


The following commit(s) were added to refs/heads/master by this push:
     new 09b985d  Bump GH CI actions
09b985d is described below

commit 09b985dca887c0f70974b80bec03707d36c0ba5a
Author: Gary Gregory <[email protected]>
AuthorDate: Sat Jul 11 15:22:12 2026 -0400

    Bump GH CI actions
---
 .github/workflows/codeql-analysis.yml     | 10 +++++-----
 .github/workflows/coverage.yml            |  4 ++--
 .github/workflows/scorecards-analysis.yml |  4 ++--
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/codeql-analysis.yml 
b/.github/workflows/codeql-analysis.yml
index deef8ab..16a3165 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -44,10 +44,10 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+      uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
       with:
         persist-credentials: false
-    - uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
+    - uses: actions/cache@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 #v6.1.0
       with:
         path: ~/.m2/repository
         key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
@@ -56,7 +56,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@ddccb873888234080b77e9bc2d4764d5ccaaccf9 
# v2.21.9
+      uses: github/codeql-action/init@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 
# v4.37.0
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a 
config file.
@@ -67,7 +67,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually 
(see below)
     - name: Autobuild
-      uses: 
github/codeql-action/autobuild@ddccb873888234080b77e9bc2d4764d5ccaaccf9 # 
v2.21.9
+      uses: 
github/codeql-action/autobuild@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # 
v4.37.0
 
     # â„šī¸ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -81,4 +81,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: 
github/codeql-action/analyze@ddccb873888234080b77e9bc2d4764d5ccaaccf9 # v2.21.9
+      uses: 
github/codeql-action/analyze@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # v4.37.0
diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml
index fe6b26e..1ac08b8 100644
--- a/.github/workflows/coverage.yml
+++ b/.github/workflows/coverage.yml
@@ -34,10 +34,10 @@ jobs:
         java: [ 8 ]
 
     steps:
-    - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+    - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
       with:
         persist-credentials: false
-    - uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
+    - uses: actions/cache@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 #v6.1.0
       with:
         path: ~/.m2/repository
         key: ${{ runner.os }}-maven-${{ hashFiles('**/pom.xml') }}
diff --git a/.github/workflows/scorecards-analysis.yml 
b/.github/workflows/scorecards-analysis.yml
index f05bf1d..032b18f 100644
--- a/.github/workflows/scorecards-analysis.yml
+++ b/.github/workflows/scorecards-analysis.yml
@@ -43,7 +43,7 @@ jobs:
     steps:
 
       - name: "Checkout code"
-        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # 
v4.1.0
+        uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # 
v7.0.0
         with:
           persist-credentials: false
 
@@ -67,6 +67,6 @@ jobs:
           retention-days: 5
 
       - name: "Upload to code-scanning"
-        uses: 
github/codeql-action/upload-sarif@ddccb873888234080b77e9bc2d4764d5ccaaccf9 # 
v2.21.9
+        uses: 
github/codeql-action/upload-sarif@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # 
v4.37.0
         with:
           sarif_file: results.sarif

Reply via email to