diff --git a/.github/dependabot.yml b/.github/dependabot.yml
new file mode 100644
index 0000000..b257aaa
--- /dev/null
+++ b/.github/dependabot.yml
@@ -0,0 +1,22 @@
+version: 2
+updates:
+ - package-ecosystem: "maven"
+ directory: "/"
+ schedule:
+ interval: "monthly"
+ day: "monday"
+ time: "06:00"
+ timezone: "UTC"
+ groups:
+ maven-dependencies:
+ patterns:
+ - "*"
+
+ - package-ecosystem: "github-actions"
+ directory: "/" # even for `.github/workflows`
+ schedule:
+ interval: "monthly"
+ groups:
+ github-actions:
+ patterns:
+ - "*"
\ No newline at end of file
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 9565363..cd281ec 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -7,7 +7,7 @@ jobs:
runs-on: ubuntu-latest
if: "!contains(github.event.head_commit.message, '[ci skip]') && !contains(github.event.head_commit.message, '[skip ci]')"
steps:
- - uses: actions/checkout@v3
+ - uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: actions/setup-java@v3
@@ -37,12 +37,6 @@ jobs:
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
- - name: Upload code coverage report
- id: codacyCoverageReporter
- run: bash <(curl -Ls https://coverage.codacy.com/get.sh)
- env:
- CODACY_PROJECT_TOKEN: ${{ secrets.CODACY_PROJECT_TOKEN }}
- continue-on-error: true
- uses: actions/upload-artifact@v3
with:
name: artifacts
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 44b39dd..9aee822 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -15,7 +15,7 @@ jobs:
runs-on: ubuntu-latest
if: "!contains(github.event.head_commit.message, '[ci skip]') && !contains(github.event.head_commit.message, '[skip ci]')"
steps:
- - uses: actions/checkout@v3
+ - uses: actions/checkout@v4
with:
fetch-depth: 2
- uses: actions/setup-java@v3
diff --git a/.github/workflows/publish-central.yml b/.github/workflows/publish-central.yml
index 878c3ef..16b7813 100644
--- a/.github/workflows/publish-central.yml
+++ b/.github/workflows/publish-central.yml
@@ -10,7 +10,7 @@ jobs:
publish:
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v3
+ - uses: actions/checkout@v4
with:
ref: "refs/tags/${{ github.event.inputs.tag }}"
- uses: actions/setup-java@v3
diff --git a/.github/workflows/publish-github.yml b/.github/workflows/publish-github.yml
index d527737..a3850d7 100644
--- a/.github/workflows/publish-github.yml
+++ b/.github/workflows/publish-github.yml
@@ -7,7 +7,7 @@ jobs:
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/') # only allow publishing tagged versions
steps:
- - uses: actions/checkout@v3
+ - uses: actions/checkout@v4
- uses: actions/setup-java@v3
with:
java-version: 21
diff --git a/pom.xml b/pom.xml
index 8f48fdf..a5b1791 100644
--- a/pom.xml
+++ b/pom.xml
@@ -41,11 +41,11 @@
1.70
- 5.8.2
- 3.12.4
- 1.34
+ 5.10.0
+ 5.5.0
+ 1.37
2.2
- 32.0.0-jre
+ 32.1.2-jre
@@ -59,7 +59,7 @@
org.jetbrains
annotations
- 23.0.0
+ 24.0.1
provided
@@ -112,7 +112,7 @@
org.apache.maven.plugins
maven-enforcer-plugin
- 3.0.0
+ 3.4.1
enforce-java
@@ -133,7 +133,7 @@
maven-compiler-plugin
- 3.9.0
+ 3.11.0
8
UTF-8
@@ -159,11 +159,11 @@
org.apache.maven.plugins
maven-surefire-plugin
- 3.0.0-M5
+ 3.1.2
maven-jar-plugin
- 3.2.2
+ 3.3.0
@@ -175,7 +175,7 @@
maven-source-plugin
- 3.2.1
+ 3.3.0
attach-sources
@@ -187,7 +187,7 @@
maven-javadoc-plugin
- 3.3.1
+ 3.6.0
attach-javadocs
@@ -202,7 +202,7 @@
maven-shade-plugin
- 3.2.4
+ 3.5.1
package
@@ -248,7 +248,7 @@
org.owasp
dependency-check-maven
- 8.3.1
+ 8.4.0
24
0
@@ -275,7 +275,7 @@
org.jacoco
jacoco-maven-plugin
- 0.8.7
+ 0.8.10
prepare-agent
@@ -301,7 +301,7 @@
maven-gpg-plugin
- 3.0.1
+ 3.1.0
sign-artifacts
@@ -336,7 +336,7 @@
org.sonatype.plugins
nexus-staging-maven-plugin
- 1.6.8
+ 1.6.13
true
ossrh