I am not at my desk but, about java 21, have plugins been upgraded too? Il Sab 21 Mar 2026, 10:13 Jacopo Cappellato <[email protected]> ha scritto:
> I am having a look > > Jacopo > > Il Sab 21 Mar 2026, 09:58 Jacques Le Roux via dev <[email protected]> > ha scritto: > >> I still don't stand understand why we get this error on GH trunk actions >> >> *Error* < >> https://github.com/apache/ofbiz-framework/actions/runs/23375921548/workflow >> > >> The action >> step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 is >> not allowed in apache/ofbiz-framework because all actions must be >> from a repository owned by your enterprise, created by GitHub, or match >> one of the patterns: >> 1Password/load-secrets-action@13f58eec611f8e5db52ec16247f58c508398f3e6, >> 1Password/load-secrets-action@8d0d610af187e78a2772c2d18d627f4c52d3fbfb, >> 1Password/load-secrets-action@dafbe7cb03502b260e2b2893c753c352eee545bf, >> AdoptOpenJDK/install-jdk@*, BobAnkh/auto-generate-changelog@*, >> >> DavidAnson/markdownlint-cli2-action@07035fd053f7be764496c0f8d8f9f41f98305101, >> >> >> DavidAnson/markdownlint-cli2-action@30a0e04f1870d58f8d717450cc6134995f993c63, >> EnricoMi/publish-unit-test-result-action@*, >> >> JamesIves/github-pages-deploy-action@4a3abc783e1a24aeb44c16e869ad83caf6b4cc23, >> >> >> JamesIves/github-pages-deploy-action@d92aa235d04922e8f08b40ce78cc5442fcfbfa2f, >> Jimver/cuda-toolkit@6008063726ffe3309d1b22e413d9e88fed91a2f2, >> Jimver/cuda-toolkit@b6fc3a9f3f15256d9d94ffe1254f9c5a2565... >> Show less >> >> It seems that reverting pushes related to Java 21, ie those of this >> morning >> https://github.com/apache/ofbiz-framework/commits/trunk/ >> should clear the situation. >> >> Maybe we need to change others location (from java 17 to 21) in our GH >> related code >> Or, reading the error above, have an Infra agreement to move to 21 >> >> If nobody has a better idea, I'll revert for now. >> >> Jacques >> >> Le 21/03/2026 à 09:36, Jacques Le Roux via dev a écrit : >> > Hi Jacopo, >> > >> > I'll have a look very soon. >> > >> > Jacques >> > >> > Le 21/03/2026 à 08:53, Jacopo Cappellato a écrit : >> >> Hi all, >> >> >> >> Dependabot has created five pull requests to bump various libraries >> used by >> >> GitHub Actions for CI/CD: >> >> >> >> https://github.com/apache/ofbiz-framework/pull/1000 >> >> https://github.com/apache/ofbiz-framework/pull/1001 >> >> https://github.com/apache/ofbiz-framework/pull/1002 >> >> https://github.com/apache/ofbiz-framework/pull/1003 >> >> https://github.com/apache/ofbiz-framework/pull/1003 >> >> >> >> Should we upgrade and merge these PRs? >> >> >> >> Jacopo > >
