From 57170e85759660fe0969d1f83bb18de455149772 Mon Sep 17 00:00:00 2001 From: Ben Manes Date: Sat, 18 Nov 2023 11:14:59 -0800 Subject: [PATCH] add gitleaks-action and dependency updates --- .github/workflows/codacy.yml | 1 + .github/workflows/gitleaks.yml | 30 +++++++++++++++++++ .../gradle/libs.versions.toml | 2 +- .../gradle/wrapper/gradle-wrapper.properties | 2 +- .../graal-native/gradle/libs.versions.toml | 2 +- .../gradle/wrapper/gradle-wrapper.properties | 2 +- examples/hibernate/gradle/libs.versions.toml | 6 ++-- .../gradle/wrapper/gradle-wrapper.properties | 2 +- .../gradle/libs.versions.toml | 2 +- .../gradle/wrapper/gradle-wrapper.properties | 2 +- .../gradle/libs.versions.toml | 2 +- .../gradle/wrapper/gradle-wrapper.properties | 2 +- gradle/libs.versions.toml | 10 +++---- gradle/wrapper/gradle-wrapper.properties | 2 +- 14 files changed, 49 insertions(+), 18 deletions(-) create mode 100644 .github/workflows/gitleaks.yml diff --git a/.github/workflows/codacy.yml b/.github/workflows/codacy.yml index 15c6865b4e..94782503dd 100644 --- a/.github/workflows/codacy.yml +++ b/.github/workflows/codacy.yml @@ -45,5 +45,6 @@ jobs: - name: Upload result to GitHub Code Scanning uses: github/codeql-action/upload-sarif@cdcdbb579706841c47f7063dda365e292e5cad7a # v2.13.4 if: steps.check_files.outputs.files_exists == 'true' + continue-on-error: true with: sarif_file: results.sarif diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml new file mode 100644 index 0000000000..c145a13411 --- /dev/null +++ b/.github/workflows/gitleaks.yml @@ -0,0 +1,30 @@ +name: gitleaks +on: + pull_request: {} + push: + branches: [master, v3.dev] +permissions: read-all + +env: + ALLOWED_ENDPOINTS: > + api.github.com:443 + github.com:443 + objects.githubusercontent.com:443 + +jobs: + scan: + name: gitleaks + runs-on: ubuntu-latest + steps: + - name: Harden Runner + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + with: + disable-sudo: true + egress-policy: block + allowed-endpoints: ${{ env.ALLOWED_ENDPOINTS }} + - name: Checkout + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - name: Run gitleaks + uses: gitleaks/gitleaks-action@1f2d10fb689bc07a5f56f48d6db61f5bbbe772fa # v2.3.2 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/examples/coalescing-bulkloader-reactor/gradle/libs.versions.toml b/examples/coalescing-bulkloader-reactor/gradle/libs.versions.toml index 91e178448c..788b02612c 100644 --- a/examples/coalescing-bulkloader-reactor/gradle/libs.versions.toml +++ b/examples/coalescing-bulkloader-reactor/gradle/libs.versions.toml @@ -3,7 +3,7 @@ caffeine = "3.1.8" junit = "5.10.1" reactor = "3.6.0" truth = "1.1.5" -versions = "0.49.0" +versions = "0.50.0" [libraries] caffeine = { module = "com.github.ben-manes.caffeine:caffeine", version.ref = "caffeine" } diff --git a/examples/coalescing-bulkloader-reactor/gradle/wrapper/gradle-wrapper.properties b/examples/coalescing-bulkloader-reactor/gradle/wrapper/gradle-wrapper.properties index 3fa8f862f7..9aaaf603dd 100644 --- a/examples/coalescing-bulkloader-reactor/gradle/wrapper/gradle-wrapper.properties +++ b/examples/coalescing-bulkloader-reactor/gradle/wrapper/gradle-wrapper.properties @@ -1,6 +1,6 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-8.4-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.5-rc-3-bin.zip networkTimeout=10000 validateDistributionUrl=true zipStoreBase=GRADLE_USER_HOME diff --git a/examples/graal-native/gradle/libs.versions.toml b/examples/graal-native/gradle/libs.versions.toml index f8d0405b71..24dddf59ba 100644 --- a/examples/graal-native/gradle/libs.versions.toml +++ b/examples/graal-native/gradle/libs.versions.toml @@ -3,7 +3,7 @@ caffeine = "3.1.8" graal = "0.9.28" junit = "5.10.1" truth = "1.1.5" -versions = "0.49.0" +versions = "0.50.0" [libraries] caffeine = { module = "com.github.ben-manes.caffeine:caffeine", version.ref = "caffeine" } diff --git a/examples/graal-native/gradle/wrapper/gradle-wrapper.properties b/examples/graal-native/gradle/wrapper/gradle-wrapper.properties index 744c64d127..09cd702c66 100644 --- a/examples/graal-native/gradle/wrapper/gradle-wrapper.properties +++ b/examples/graal-native/gradle/wrapper/gradle-wrapper.properties @@ -1,6 +1,6 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-8.4-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.5-rc-3-bin.zip networkTimeout=10000 zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists diff --git a/examples/hibernate/gradle/libs.versions.toml b/examples/hibernate/gradle/libs.versions.toml index 06237a8749..53e4f7f5c0 100644 --- a/examples/hibernate/gradle/libs.versions.toml +++ b/examples/hibernate/gradle/libs.versions.toml @@ -1,12 +1,12 @@ [versions] caffeine = "3.1.8" h2 = "2.2.224" -hibernate = "6.3.1.Final" +hibernate = "6.4.0.CR1" junit = "5.10.1" -log4j2 = "2.21.1" +log4j2 = "3.0.0-alpha1" slf4j = "2.0.7" truth = "1.1.5" -versions = "0.49.0" +versions = "0.50.0" [libraries] caffeine = { module = "com.github.ben-manes.caffeine:jcache", version.ref = "caffeine" } diff --git a/examples/hibernate/gradle/wrapper/gradle-wrapper.properties b/examples/hibernate/gradle/wrapper/gradle-wrapper.properties index 744c64d127..09cd702c66 100644 --- a/examples/hibernate/gradle/wrapper/gradle-wrapper.properties +++ b/examples/hibernate/gradle/wrapper/gradle-wrapper.properties @@ -1,6 +1,6 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-8.4-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.5-rc-3-bin.zip networkTimeout=10000 zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists diff --git a/examples/resilience-failsafe/gradle/libs.versions.toml b/examples/resilience-failsafe/gradle/libs.versions.toml index 0c82bc62bd..5d714b4a91 100644 --- a/examples/resilience-failsafe/gradle/libs.versions.toml +++ b/examples/resilience-failsafe/gradle/libs.versions.toml @@ -3,7 +3,7 @@ caffeine = "3.1.8" failsafe = "3.3.2" junit = "5.10.1" truth = "1.1.5" -versions = "0.49.0" +versions = "0.50.0" [libraries] caffeine = { module = "com.github.ben-manes.caffeine:caffeine", version.ref = "caffeine" } diff --git a/examples/resilience-failsafe/gradle/wrapper/gradle-wrapper.properties b/examples/resilience-failsafe/gradle/wrapper/gradle-wrapper.properties index 3fa8f862f7..9aaaf603dd 100644 --- a/examples/resilience-failsafe/gradle/wrapper/gradle-wrapper.properties +++ b/examples/resilience-failsafe/gradle/wrapper/gradle-wrapper.properties @@ -1,6 +1,6 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-8.4-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.5-rc-3-bin.zip networkTimeout=10000 validateDistributionUrl=true zipStoreBase=GRADLE_USER_HOME diff --git a/examples/write-behind-rxjava/gradle/libs.versions.toml b/examples/write-behind-rxjava/gradle/libs.versions.toml index c9c5aed916..519ebd32b7 100644 --- a/examples/write-behind-rxjava/gradle/libs.versions.toml +++ b/examples/write-behind-rxjava/gradle/libs.versions.toml @@ -3,7 +3,7 @@ awaitility = "4.2.0" caffeine = "3.1.8" junit = "5.10.1" rxjava = "3.1.8" -versions = "0.49.0" +versions = "0.50.0" [libraries] awaitility = { module = "org.awaitility:awaitility", version.ref = "awaitility" } diff --git a/examples/write-behind-rxjava/gradle/wrapper/gradle-wrapper.properties b/examples/write-behind-rxjava/gradle/wrapper/gradle-wrapper.properties index 3fa8f862f7..9aaaf603dd 100644 --- a/examples/write-behind-rxjava/gradle/wrapper/gradle-wrapper.properties +++ b/examples/write-behind-rxjava/gradle/wrapper/gradle-wrapper.properties @@ -1,6 +1,6 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-8.4-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.5-rc-3-bin.zip networkTimeout=10000 validateDistributionUrl=true zipStoreBase=GRADLE_USER_HOME diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 6d802095a6..090a4db6b1 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -11,7 +11,7 @@ checker-framework = "3.40.0" checkstyle = "10.12.5" coherence = "22.06.2" commons-collections4 = "4.4" -commons-compress = "1.24.0" +commons-compress = "1.25.0" commons-io = "2.15.0" commons-lang3 = "3.13.0" commons-math3 = "3.6.1" @@ -19,7 +19,7 @@ commons-text = "1.11.0" concurrentlinkedhashmap = "1.4.2" config = "1.4.3" coveralls = "2.12.2" -dependency-check = "8.4.2" +dependency-check = "8.4.3" eclipse-collections = "12.0.0.M3" ehcache3 = "3.10.8" errorprone-core = "2.23.0" @@ -41,7 +41,7 @@ hazelcast = "5.3.6" httpclient = "4.5.14" idea = "1.1.7" jackrabbit = "1.58.0" -jackson = "2.15.3" +jackson = "2.16.0" jacoco = "0.8.11" jakarta-inject = "2.0.1" jamm = "0.4.0" @@ -76,7 +76,7 @@ pax-exam = "4.13.5" pax-url = "2.6.14" picocli = "4.7.5" pmd = "7.0.0-rc4" -protobuf = "3.25.0" +protobuf = "3.25.1" slf4j = "2.0.9" slf4j-test = "3.0.1" snakeyaml = "2.2" @@ -89,7 +89,7 @@ tcache = "2.0.1" testng = "7.8.0" truth = "1.1.5" univocity-parsers = "2.9.1" -versions = "0.49.0" +versions = "0.50.0" xz = "1.9" ycsb = "0.17.0" zstd = "1.5.5-10" diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index 514c8337e9..27c20c219b 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,4 +1,4 @@ -distributionUrl=https\://services.gradle.org/distributions/gradle-8.4-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.5-rc-3-bin.zip distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists zipStoreBase=GRADLE_USER_HOME