[PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-jcs]
dependabot[bot] opened a new pull request, #179: URL: https://github.com/apache/commons-jcs/pull/179 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. Release notes Sourced from https://github.com/actions/checkout/releases";>actions/checkout's releases. v4.1.1 What's Changed Update CODEOWNERS to Launch team by https://github.com/joshmgross";>@joshmgross in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 Correct link to GitHub Docs by https://github.com/peterbe";>@peterbe in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Link to release page from what's new section by https://github.com/cory-miller";>@cory-miller in https://redirect.github.com/actions/checkout/pull/1514";>actions/checkout#1514 New Contributors https://github.com/joshmgross";>@joshmgross made their first contribution in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 https://github.com/peterbe";>@peterbe made their first contribution in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Full Changelog: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>https://github.com/actions/checkout/compare/v4.1.0...v4.1.1 Commits https://github.com/actions/checkout/commit/b4ffde65f46336ab88eb53be808477a3936bae11";>b4ffde6 Link to release page from what's new section (https://redirect.github.com/actions/checkout/issues/1514";>#1514) https://github.com/actions/checkout/commit/8530928916aaef40f59e6f221989ccb31f5759e7";>8530928 Correct link to GitHub Docs (https://redirect.github.com/actions/checkout/issues/1511";>#1511) https://github.com/actions/checkout/commit/7cdaf2fbc075e6f3b9ca94cfd6cec5adc8a75622";>7cdaf2f Update CODEOWNERS to Launch team (https://redirect.github.com/actions/checkout/issues/1510";>#1510) See full diff in https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump github/codeql-action from 2.22.2 to 2.22.3 [commons-jcs]
dependabot[bot] opened a new pull request, #180: URL: https://github.com/apache/commons-jcs/pull/180 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.2 to 2.22.3. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md";>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases";>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] Update default CodeQL bundle version to 2.15.1. https://redirect.github.com/github/codeql-action/pull/1953";>#1953 Users will begin to see warnings on Node.js 16 deprecation in their Actions logs on code scanning runs starting October 23, 2023. All code scanning workflows should continue to succeed regardless of the warning. The team at GitHub maintaining the CodeQL Action is aware of the deprecation timeline and actively working on creating another version of the CodeQL Action, v3, that will bump us to Node 20. For more information, and to communicate with the maintaining team, please use https://redirect.github.com/github/codeql-action/issues/1959";>this issue. 2.22.3 - 13 Oct 2023 Provide an authentication token when downloading the CodeQL Bundle from the API of a GitHub Enterprise Server instance. https://redirect.github.com/github/codeql-action/pull/1945";>#1945 2.22.2 - 12 Oct 2023 Update default CodeQL bundle version to 2.15.0. https://redirect.github.com/github/codeql-action/pull/1938";>#1938 Improve the log output when an error occurs in an invocation of the CodeQL CLI. https://redirect.github.com/github/codeql-action/pull/1927";>#1927 2.22.1 - 09 Oct 2023 Add a workaround for Python 3.12, which is not supported in CodeQL CLI version 2.14.6 or earlier. If you are running an analysis on Windows and using Python 3.12 or later, the CodeQL Action will switch to running Python 3.11. In this case, if Python 3.11 is not found, then the workflow will fail. https://redirect.github.com/github/codeql-action/pull/1928";>#1928 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907";>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/";>"CodeQL code scanning deprecates ML-powered alerts." https://redirect.github.com/github/codeql-action/pull/1910";>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909";>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897";>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889";>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903";>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901";>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884";>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883";>#1883 2.21.7 - 14 Sep 2023 Update
[GH] (commons-jcs): Workflow run "Coverage" failed!
The GitHub Actions job "Coverage" on commons-jcs.git has failed. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: 0ce7fb355e703069b8839b7a4be188ed99b9b3ce / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump actions/checkout from 4.1.0 to 4.1.1 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-jcs/actions/runs/6584771312 With regards, GitHub Actions via GitBox
[GH] (commons-jcs): Workflow run "Coverage" is working again!
The GitHub Actions job "Coverage" on commons-jcs.git has succeeded. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: 0ce7fb355e703069b8839b7a4be188ed99b9b3ce / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump actions/checkout from 4.1.0 to 4.1.1 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-jcs/actions/runs/6584771444 With regards, GitHub Actions via GitBox
Re: [PR] Bump graalvm.version from 22.0.0.2 to 23.0.1 [commons-build-plugin]
dependabot[bot] commented on PR #166: URL: https://github.com/apache/commons-build-plugin/pull/166#issuecomment-1772240274 OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an [`ignore` condition](https://docs.github.com/en/code-security/supply-chain-security/configuration-options-for-dependency-updates#ignore) with the desired `update_types` to your config file. If you change your mind, just re-open this PR and I'll resolve any conflicts on it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-cli]
dependabot[bot] opened a new pull request, #202: URL: https://github.com/apache/commons-cli/pull/202 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. Release notes Sourced from https://github.com/actions/checkout/releases";>actions/checkout's releases. v4.1.1 What's Changed Update CODEOWNERS to Launch team by https://github.com/joshmgross";>@joshmgross in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 Correct link to GitHub Docs by https://github.com/peterbe";>@peterbe in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Link to release page from what's new section by https://github.com/cory-miller";>@cory-miller in https://redirect.github.com/actions/checkout/pull/1514";>actions/checkout#1514 New Contributors https://github.com/joshmgross";>@joshmgross made their first contribution in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 https://github.com/peterbe";>@peterbe made their first contribution in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Full Changelog: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>https://github.com/actions/checkout/compare/v4.1.0...v4.1.1 Commits https://github.com/actions/checkout/commit/b4ffde65f46336ab88eb53be808477a3936bae11";>b4ffde6 Link to release page from what's new section (https://redirect.github.com/actions/checkout/issues/1514";>#1514) https://github.com/actions/checkout/commit/8530928916aaef40f59e6f221989ccb31f5759e7";>8530928 Correct link to GitHub Docs (https://redirect.github.com/actions/checkout/issues/1511";>#1511) https://github.com/actions/checkout/commit/7cdaf2fbc075e6f3b9ca94cfd6cec5adc8a75622";>7cdaf2f Update CODEOWNERS to Launch team (https://redirect.github.com/actions/checkout/issues/1510";>#1510) See full diff in https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump github/codeql-action from 2.22.2 to 2.22.3 [commons-cli]
dependabot[bot] opened a new pull request, #203: URL: https://github.com/apache/commons-cli/pull/203 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.2 to 2.22.3. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md";>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases";>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] Update default CodeQL bundle version to 2.15.1. https://redirect.github.com/github/codeql-action/pull/1953";>#1953 Users will begin to see warnings on Node.js 16 deprecation in their Actions logs on code scanning runs starting October 23, 2023. All code scanning workflows should continue to succeed regardless of the warning. The team at GitHub maintaining the CodeQL Action is aware of the deprecation timeline and actively working on creating another version of the CodeQL Action, v3, that will bump us to Node 20. For more information, and to communicate with the maintaining team, please use https://redirect.github.com/github/codeql-action/issues/1959";>this issue. 2.22.3 - 13 Oct 2023 Provide an authentication token when downloading the CodeQL Bundle from the API of a GitHub Enterprise Server instance. https://redirect.github.com/github/codeql-action/pull/1945";>#1945 2.22.2 - 12 Oct 2023 Update default CodeQL bundle version to 2.15.0. https://redirect.github.com/github/codeql-action/pull/1938";>#1938 Improve the log output when an error occurs in an invocation of the CodeQL CLI. https://redirect.github.com/github/codeql-action/pull/1927";>#1927 2.22.1 - 09 Oct 2023 Add a workaround for Python 3.12, which is not supported in CodeQL CLI version 2.14.6 or earlier. If you are running an analysis on Windows and using Python 3.12 or later, the CodeQL Action will switch to running Python 3.11. In this case, if Python 3.11 is not found, then the workflow will fail. https://redirect.github.com/github/codeql-action/pull/1928";>#1928 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907";>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/";>"CodeQL code scanning deprecates ML-powered alerts." https://redirect.github.com/github/codeql-action/pull/1910";>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909";>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897";>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889";>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903";>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901";>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884";>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883";>#1883 2.21.7 - 14 Sep 2023 Update
[GH] (commons-io): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-io.git has failed. Run started by GitHub user sebbASF (triggered by sebbASF). Head commit for run: 02f7601a2aa815572e2c2cfd2c6350b929406415 / sebbASF Trailing space Report URL: https://github.com/apache/commons-io/actions/runs/6584724803 With regards, GitHub Actions via GitBox
Re: [PR] Update DoubleFormat to state it is based on Double.toString. [commons-text]
codecov-commenter commented on PR #467: URL: https://github.com/apache/commons-text/pull/467#issuecomment-1772277622 ## [Codecov](https://app.codecov.io/gh/apache/commons-text/pull/467?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) Report > Merging [#467](https://app.codecov.io/gh/apache/commons-text/pull/467?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (22c0bb1) into [master](https://app.codecov.io/gh/apache/commons-text/commit/3bb3568a12f24c7b38e21b2042d77423f05ce7c3?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (3bb3568) will **not change** coverage. > Report is 2 commits behind head on master. > The diff coverage is `n/a`. ```diff @@Coverage Diff@@ ## master #467 +/- ## = Coverage 96.99% 96.99% Complexity 2342 2342 = Files86 86 Lines 5792 5792 Branches938 938 = Hits 5618 5618 Misses 95 95 Partials 79 79 ``` | [Files](https://app.codecov.io/gh/apache/commons-text/pull/467?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) | Coverage Δ | | |---|---|---| | [.../org/apache/commons/text/numbers/DoubleFormat.java](https://app.codecov.io/gh/apache/commons-text/pull/467?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2NvbW1vbnMvdGV4dC9udW1iZXJzL0RvdWJsZUZvcm1hdC5qYXZh) | `100.00% <ø> (ø)` | | :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump org.apache.commons:commons-parent from 62 to 64 [commons-release-plugin]
dependabot[bot] opened a new pull request, #209: URL: https://github.com/apache/commons-release-plugin/pull/209 Bumps [org.apache.commons:commons-parent](https://github.com/apache/commons-parent) from 62 to 64. Changelog Sourced from https://github.com/apache/commons-parent/blob/master/RELEASE-NOTES.txt";>org.apache.commons:commons-parent's changelog. Apache Commons Parent 64 RELEASE NOTES The Apache Commons Parent team is pleased to announce the release of Apache Commons Parent 64. The Apache Commons Parent POM provides common settings for all Apache Commons components. Version 64: Maintenance and update dependencies Changes in this version include: New features: o Restore building on Java 8 (com.puppycrawl.tools:checkstyle 10.x requires Java 11). Thanks to Gary Gregory. o Rename profile 'moditect' to 'java-9-up'. Thanks to Gary Gregory. o Merge profile 'jdk9-compiler' into 'java-9-up' and remove 'jdk9-compiler'. Thanks to Gary Gregory. Changes: o Use Checkstyle 9.x on Java less than 11 and Checkstyle 10.x on Java 11 and up. Thanks to Gary Gregory. Removed: o Remove 'javasvn' profile. Thanks to Gary Gregory. o Remove '.svn'-activated profile. Thanks to Gary Gregory. o Remove 'jdk9-compiler.' profile. Thanks to Gary Gregory. Historical list of changes: https://commons.apache.org/proper/commons-parent/changes-report.html";>https://commons.apache.org/proper/commons-parent/changes-report.html For complete information on Apache Commons Parent, including instructions on how to submit bug reports, patches, or suggestions for improvement, see the Apache Commons Parent website: https://commons.apache.org/proper/commons-parent/";>https://commons.apache.org/proper/commons-parent/ Apache Commons Parent 63 RELEASE NOTES The Apache Commons Parent team is pleased to announce the release of Apache Commons Parent 63. The Apache Commons Parent POM provides common settings for all Apache Commons components. Version 63: Maintenance and update dependencies Changes in this version include: New features: o Add commons.conf.dir property defaulting to src/conf. Thanks to Dependabot. Changes: o Bump GitHub actions. Thanks to Dependabot. o Bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.17.2 to 0.18.1 https://redirect.github.com/apache/commons-parent/issues/302";>#302, https://redirect.github.com/apache/commons-parent/issues/313";>#313. Thanks to Dependabot, Gary Gregory. ... (truncated) Commits See full diff in https://github.com/apache/commons-parent/commits";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the mes
[GH] (commons-io): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-io.git has failed. Run started by GitHub user sebbASF (triggered by sebbASF). Head commit for run: 76e8beb1bf546edb3acf64ef6a937af9de470127 / sebbASF Fix Javadoc error Report URL: https://github.com/apache/commons-io/actions/runs/6585046544 With regards, GitHub Actions via GitBox
[PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-release-plugin]
dependabot[bot] opened a new pull request, #210: URL: https://github.com/apache/commons-release-plugin/pull/210 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. Release notes Sourced from https://github.com/actions/checkout/releases";>actions/checkout's releases. v4.1.1 What's Changed Update CODEOWNERS to Launch team by https://github.com/joshmgross";>@joshmgross in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 Correct link to GitHub Docs by https://github.com/peterbe";>@peterbe in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Link to release page from what's new section by https://github.com/cory-miller";>@cory-miller in https://redirect.github.com/actions/checkout/pull/1514";>actions/checkout#1514 New Contributors https://github.com/joshmgross";>@joshmgross made their first contribution in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 https://github.com/peterbe";>@peterbe made their first contribution in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Full Changelog: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>https://github.com/actions/checkout/compare/v4.1.0...v4.1.1 Commits https://github.com/actions/checkout/commit/b4ffde65f46336ab88eb53be808477a3936bae11";>b4ffde6 Link to release page from what's new section (https://redirect.github.com/actions/checkout/issues/1514";>#1514) https://github.com/actions/checkout/commit/8530928916aaef40f59e6f221989ccb31f5759e7";>8530928 Correct link to GitHub Docs (https://redirect.github.com/actions/checkout/issues/1511";>#1511) https://github.com/actions/checkout/commit/7cdaf2fbc075e6f3b9ca94cfd6cec5adc8a75622";>7cdaf2f Update CODEOWNERS to Launch team (https://redirect.github.com/actions/checkout/issues/1510";>#1510) See full diff in https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump github/codeql-action from 2.22.2 to 2.22.3 [commons-release-plugin]
dependabot[bot] opened a new pull request, #211: URL: https://github.com/apache/commons-release-plugin/pull/211 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.2 to 2.22.3. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md";>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases";>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] Update default CodeQL bundle version to 2.15.1. https://redirect.github.com/github/codeql-action/pull/1953";>#1953 Users will begin to see warnings on Node.js 16 deprecation in their Actions logs on code scanning runs starting October 23, 2023. All code scanning workflows should continue to succeed regardless of the warning. The team at GitHub maintaining the CodeQL Action is aware of the deprecation timeline and actively working on creating another version of the CodeQL Action, v3, that will bump us to Node 20. For more information, and to communicate with the maintaining team, please use https://redirect.github.com/github/codeql-action/issues/1959";>this issue. 2.22.3 - 13 Oct 2023 Provide an authentication token when downloading the CodeQL Bundle from the API of a GitHub Enterprise Server instance. https://redirect.github.com/github/codeql-action/pull/1945";>#1945 2.22.2 - 12 Oct 2023 Update default CodeQL bundle version to 2.15.0. https://redirect.github.com/github/codeql-action/pull/1938";>#1938 Improve the log output when an error occurs in an invocation of the CodeQL CLI. https://redirect.github.com/github/codeql-action/pull/1927";>#1927 2.22.1 - 09 Oct 2023 Add a workaround for Python 3.12, which is not supported in CodeQL CLI version 2.14.6 or earlier. If you are running an analysis on Windows and using Python 3.12 or later, the CodeQL Action will switch to running Python 3.11. In this case, if Python 3.11 is not found, then the workflow will fail. https://redirect.github.com/github/codeql-action/pull/1928";>#1928 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907";>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/";>"CodeQL code scanning deprecates ML-powered alerts." https://redirect.github.com/github/codeql-action/pull/1910";>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909";>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897";>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889";>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903";>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901";>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884";>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883";>#1883 2.21.7 - 14 Sep 2023
[GH] (commons-net): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-net.git has failed. Run started by GitHub user garydgregory (triggered by garydgregory). Head commit for run: ce5d73b22e5e83177cb0da80dc3b9d19650e4c33 / Gary Gregory Merge pull request #192 from apache/dependabot/github_actions/actions/checkout-4.1.1 Bump actions/checkout from 4.1.0 to 4.1.1 Report URL: https://github.com/apache/commons-net/actions/runs/6585933031 With regards, GitHub Actions via GitBox
[GH] (commons-net): Workflow run "Java CI" is working again!
The GitHub Actions job "Java CI" on commons-net.git has succeeded. Run started by GitHub user garydgregory (triggered by garydgregory). Head commit for run: 725b9fef5cc3bf4134d676f38fea2e9ab9a77740 / Gary Gregory Merge pull request #191 from apache/dependabot/github_actions/github/codeql-action-2.22.3 Bump github/codeql-action from 2.22.2 to 2.22.3 Report URL: https://github.com/apache/commons-net/actions/runs/6585934672 With regards, GitHub Actions via GitBox
[PR] Bump github/codeql-action from 2.22.2 to 2.22.3 [commons-dbutils]
dependabot[bot] opened a new pull request, #213: URL: https://github.com/apache/commons-dbutils/pull/213 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.2 to 2.22.3. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md";>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases";>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] Update default CodeQL bundle version to 2.15.1. https://redirect.github.com/github/codeql-action/pull/1953";>#1953 Users will begin to see warnings on Node.js 16 deprecation in their Actions logs on code scanning runs starting October 23, 2023. All code scanning workflows should continue to succeed regardless of the warning. The team at GitHub maintaining the CodeQL Action is aware of the deprecation timeline and actively working on creating another version of the CodeQL Action, v3, that will bump us to Node 20. For more information, and to communicate with the maintaining team, please use https://redirect.github.com/github/codeql-action/issues/1959";>this issue. 2.22.3 - 13 Oct 2023 Provide an authentication token when downloading the CodeQL Bundle from the API of a GitHub Enterprise Server instance. https://redirect.github.com/github/codeql-action/pull/1945";>#1945 2.22.2 - 12 Oct 2023 Update default CodeQL bundle version to 2.15.0. https://redirect.github.com/github/codeql-action/pull/1938";>#1938 Improve the log output when an error occurs in an invocation of the CodeQL CLI. https://redirect.github.com/github/codeql-action/pull/1927";>#1927 2.22.1 - 09 Oct 2023 Add a workaround for Python 3.12, which is not supported in CodeQL CLI version 2.14.6 or earlier. If you are running an analysis on Windows and using Python 3.12 or later, the CodeQL Action will switch to running Python 3.11. In this case, if Python 3.11 is not found, then the workflow will fail. https://redirect.github.com/github/codeql-action/pull/1928";>#1928 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907";>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/";>"CodeQL code scanning deprecates ML-powered alerts." https://redirect.github.com/github/codeql-action/pull/1910";>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909";>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897";>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889";>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903";>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901";>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884";>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883";>#1883 2.21.7 - 14 Sep 2023 Up
[PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-dbutils]
dependabot[bot] opened a new pull request, #214: URL: https://github.com/apache/commons-dbutils/pull/214 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. Release notes Sourced from https://github.com/actions/checkout/releases";>actions/checkout's releases. v4.1.1 What's Changed Update CODEOWNERS to Launch team by https://github.com/joshmgross";>@joshmgross in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 Correct link to GitHub Docs by https://github.com/peterbe";>@peterbe in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Link to release page from what's new section by https://github.com/cory-miller";>@cory-miller in https://redirect.github.com/actions/checkout/pull/1514";>actions/checkout#1514 New Contributors https://github.com/joshmgross";>@joshmgross made their first contribution in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 https://github.com/peterbe";>@peterbe made their first contribution in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Full Changelog: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>https://github.com/actions/checkout/compare/v4.1.0...v4.1.1 Commits https://github.com/actions/checkout/commit/b4ffde65f46336ab88eb53be808477a3936bae11";>b4ffde6 Link to release page from what's new section (https://redirect.github.com/actions/checkout/issues/1514";>#1514) https://github.com/actions/checkout/commit/8530928916aaef40f59e6f221989ccb31f5759e7";>8530928 Correct link to GitHub Docs (https://redirect.github.com/actions/checkout/issues/1511";>#1511) https://github.com/actions/checkout/commit/7cdaf2fbc075e6f3b9ca94cfd6cec5adc8a75622";>7cdaf2f Update CODEOWNERS to Launch team (https://redirect.github.com/actions/checkout/issues/1510";>#1510) See full diff in https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GH] (commons-digester): Workflow run "Scorecards supply-chain security" failed!
The GitHub Actions job "Scorecards supply-chain security" on commons-digester.git has failed. Run started by GitHub user garydgregory (triggered by garydgregory). Head commit for run: 45df03c426350df1d519d656c3a7a4845be4e402 / Gary Gregory Merge pull request #100 from apache/dependabot/github_actions/actions/checkout-4.1.1 Bump actions/checkout from 4.1.0 to 4.1.1 Report URL: https://github.com/apache/commons-digester/actions/runs/6585968106 With regards, GitHub Actions via GitBox
[GH] (commons-digester): Workflow run "Scorecards supply-chain security" failed!
The GitHub Actions job "Scorecards supply-chain security" on commons-digester.git has failed. Run started by GitHub user garydgregory (triggered by garydgregory). Head commit for run: c0d947366be581bdfb9667f5c5abb2c3c6e2bc17 / Gary Gregory Merge pull request #101 from apache/dependabot/github_actions/github/codeql-action-2.22.3 Bump github/codeql-action from 2.22.2 to 2.22.3 Report URL: https://github.com/apache/commons-digester/actions/runs/6585966124 With regards, GitHub Actions via GitBox
[GH] (commons-io): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-io.git has failed. Run started by GitHub user garydgregory (triggered by garydgregory). Head commit for run: 0638102d06892314e2a0ecb5198b108907bd52a8 / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump actions/checkout from 4.1.0 to 4.1.1 (#502) Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Report URL: https://github.com/apache/commons-io/actions/runs/6586008959 With regards, GitHub Actions via GitBox
[GH] (commons-io): Workflow run "Java CI" is working again!
The GitHub Actions job "Java CI" on commons-io.git has succeeded. Run started by GitHub user garydgregory (triggered by garydgregory). Head commit for run: f388d71bf8e25cb04e9e62291376e3853f561a63 / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump github/codeql-action from 2.22.2 to 2.22.3 (#501) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.2 to 2.22.3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/d90b8d79de6dc1f58e83a1499aa58d6c93dc28de...0116bc2df50751f9724a2e35ef1f24d22f90e4e1) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Report URL: https://github.com/apache/commons-io/actions/runs/6586012133 With regards, GitHub Actions via GitBox
[PR] Bump github/codeql-action from 2.22.2 to 2.22.3 [commons-logging]
dependabot[bot] opened a new pull request, #172: URL: https://github.com/apache/commons-logging/pull/172 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.2 to 2.22.3. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md";>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases";>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] Update default CodeQL bundle version to 2.15.1. https://redirect.github.com/github/codeql-action/pull/1953";>#1953 Users will begin to see warnings on Node.js 16 deprecation in their Actions logs on code scanning runs starting October 23, 2023. All code scanning workflows should continue to succeed regardless of the warning. The team at GitHub maintaining the CodeQL Action is aware of the deprecation timeline and actively working on creating another version of the CodeQL Action, v3, that will bump us to Node 20. For more information, and to communicate with the maintaining team, please use https://redirect.github.com/github/codeql-action/issues/1959";>this issue. 2.22.3 - 13 Oct 2023 Provide an authentication token when downloading the CodeQL Bundle from the API of a GitHub Enterprise Server instance. https://redirect.github.com/github/codeql-action/pull/1945";>#1945 2.22.2 - 12 Oct 2023 Update default CodeQL bundle version to 2.15.0. https://redirect.github.com/github/codeql-action/pull/1938";>#1938 Improve the log output when an error occurs in an invocation of the CodeQL CLI. https://redirect.github.com/github/codeql-action/pull/1927";>#1927 2.22.1 - 09 Oct 2023 Add a workaround for Python 3.12, which is not supported in CodeQL CLI version 2.14.6 or earlier. If you are running an analysis on Windows and using Python 3.12 or later, the CodeQL Action will switch to running Python 3.11. In this case, if Python 3.11 is not found, then the workflow will fail. https://redirect.github.com/github/codeql-action/pull/1928";>#1928 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907";>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/";>"CodeQL code scanning deprecates ML-powered alerts." https://redirect.github.com/github/codeql-action/pull/1910";>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909";>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897";>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889";>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903";>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901";>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884";>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883";>#1883 2.21.7 - 14 Sep 2023 Up
[PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-logging]
dependabot[bot] opened a new pull request, #173: URL: https://github.com/apache/commons-logging/pull/173 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. Release notes Sourced from https://github.com/actions/checkout/releases";>actions/checkout's releases. v4.1.1 What's Changed Update CODEOWNERS to Launch team by https://github.com/joshmgross";>@joshmgross in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 Correct link to GitHub Docs by https://github.com/peterbe";>@peterbe in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Link to release page from what's new section by https://github.com/cory-miller";>@cory-miller in https://redirect.github.com/actions/checkout/pull/1514";>actions/checkout#1514 New Contributors https://github.com/joshmgross";>@joshmgross made their first contribution in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 https://github.com/peterbe";>@peterbe made their first contribution in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Full Changelog: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>https://github.com/actions/checkout/compare/v4.1.0...v4.1.1 Commits https://github.com/actions/checkout/commit/b4ffde65f46336ab88eb53be808477a3936bae11";>b4ffde6 Link to release page from what's new section (https://redirect.github.com/actions/checkout/issues/1514";>#1514) https://github.com/actions/checkout/commit/8530928916aaef40f59e6f221989ccb31f5759e7";>8530928 Correct link to GitHub Docs (https://redirect.github.com/actions/checkout/issues/1511";>#1511) https://github.com/actions/checkout/commit/7cdaf2fbc075e6f3b9ca94cfd6cec5adc8a75622";>7cdaf2f Update CODEOWNERS to Launch team (https://redirect.github.com/actions/checkout/issues/1510";>#1510) See full diff in https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump org.apache.commons:commons-parent from 59 to 64 [commons-logging]
dependabot[bot] opened a new pull request, #174: URL: https://github.com/apache/commons-logging/pull/174 Bumps [org.apache.commons:commons-parent](https://github.com/apache/commons-parent) from 59 to 64. Changelog Sourced from https://github.com/apache/commons-parent/blob/master/RELEASE-NOTES.txt";>org.apache.commons:commons-parent's changelog. Apache Commons Parent 64 RELEASE NOTES The Apache Commons Parent team is pleased to announce the release of Apache Commons Parent 64. The Apache Commons Parent POM provides common settings for all Apache Commons components. Version 64: Maintenance and update dependencies Changes in this version include: New features: o Restore building on Java 8 (com.puppycrawl.tools:checkstyle 10.x requires Java 11). Thanks to Gary Gregory. o Rename profile 'moditect' to 'java-9-up'. Thanks to Gary Gregory. o Merge profile 'jdk9-compiler' into 'java-9-up' and remove 'jdk9-compiler'. Thanks to Gary Gregory. Changes: o Use Checkstyle 9.x on Java less than 11 and Checkstyle 10.x on Java 11 and up. Thanks to Gary Gregory. Removed: o Remove 'javasvn' profile. Thanks to Gary Gregory. o Remove '.svn'-activated profile. Thanks to Gary Gregory. o Remove 'jdk9-compiler.' profile. Thanks to Gary Gregory. Historical list of changes: https://commons.apache.org/proper/commons-parent/changes-report.html";>https://commons.apache.org/proper/commons-parent/changes-report.html For complete information on Apache Commons Parent, including instructions on how to submit bug reports, patches, or suggestions for improvement, see the Apache Commons Parent website: https://commons.apache.org/proper/commons-parent/";>https://commons.apache.org/proper/commons-parent/ Apache Commons Parent 63 RELEASE NOTES The Apache Commons Parent team is pleased to announce the release of Apache Commons Parent 63. The Apache Commons Parent POM provides common settings for all Apache Commons components. Version 63: Maintenance and update dependencies Changes in this version include: New features: o Add commons.conf.dir property defaulting to src/conf. Thanks to Dependabot. Changes: o Bump GitHub actions. Thanks to Dependabot. o Bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.17.2 to 0.18.1 https://redirect.github.com/apache/commons-parent/issues/302";>#302, https://redirect.github.com/apache/commons-parent/issues/313";>#313. Thanks to Dependabot, Gary Gregory. ... (truncated) Commits See full diff in https://github.com/apache/commons-parent/commits";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, p
[GH] (commons-logging): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-logging.git has failed. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: 85c9e7a2229f0e321173274ebf9f1a89a2d1f4de / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump org.apache.commons:commons-parent from 59 to 64 Bumps [org.apache.commons:commons-parent](https://github.com/apache/commons-parent) from 59 to 64. - [Changelog](https://github.com/apache/commons-parent/blob/master/RELEASE-NOTES.txt) - [Commits](https://github.com/apache/commons-parent/commits) --- updated-dependencies: - dependency-name: org.apache.commons:commons-parent dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-logging/actions/runs/6586392027 With regards, GitHub Actions via GitBox
[GH] (commons-logging): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-logging.git has failed. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: 85c9e7a2229f0e321173274ebf9f1a89a2d1f4de / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump org.apache.commons:commons-parent from 59 to 64 Bumps [org.apache.commons:commons-parent](https://github.com/apache/commons-parent) from 59 to 64. - [Changelog](https://github.com/apache/commons-parent/blob/master/RELEASE-NOTES.txt) - [Commits](https://github.com/apache/commons-parent/commits) --- updated-dependencies: - dependency-name: org.apache.commons:commons-parent dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-logging/actions/runs/6586392335 With regards, GitHub Actions via GitBox
[PR] Bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.18.1 to 0.18.2 [commons-parent]
dependabot[bot] opened a new pull request, #320: URL: https://github.com/apache/commons-parent/pull/320 Bumps [com.github.siom79.japicmp:japicmp-maven-plugin](https://github.com/siom79/japicmp) from 0.18.1 to 0.18.2. Commits https://github.com/siom79/japicmp/commit/ebd98f6fa31093bbdaa12e415f06b4181aad8dbc";>ebd98f6 [maven-release-plugin] prepare release japicmp-base-0.18.2 https://github.com/siom79/japicmp/commit/77d89b9e78baa27c68296827ace14c26d8e87d50";>77d89b9 upgraded version in *.md files to 0.18.2 https://github.com/siom79/japicmp/commit/b25b199b0cca533fcc365e5b38ab67f458a9535a";>b25b199 ReleaseNotes.md https://github.com/siom79/japicmp/commit/ee6e1d83981b501109c3723c49860e56764bcddf";>ee6e1d8 Merge remote-tracking branch 'origin/master' https://github.com/siom79/japicmp/commit/b756a9fa74731683e1294d8bddb36ea5b4f3d821";>b756a9f https://redirect.github.com/siom79/japicmp/issues/365";>#365: renamed privateModifier() to notPublicModifier() in CtClassBuilder https://github.com/siom79/japicmp/commit/fa5f3919d50b199031d6c1624d25196d05dd1402";>fa5f391 https://redirect.github.com/siom79/japicmp/issues/365";>#365: correct name of package_protected in documentation, added new test case... https://github.com/siom79/japicmp/commit/2536bc2d812d2d88ddad6a2a1eb141b1cb972a65";>2536bc2 https://redirect.github.com/siom79/japicmp/issues/364";>#364: upgrade to groovy 4.0.15 https://github.com/siom79/japicmp/commit/83f8658670978ecd4eda50c08531f1d86ae706a7";>83f8658 [maven-release-plugin] prepare for next development iteration See full diff in https://github.com/siom79/japicmp/compare/japicmp-base-0.18.1...japicmp-base-0.18.2";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump org.jacoco:jacoco-maven-plugin from 0.8.10 to 0.8.11 [commons-parent]
dependabot[bot] opened a new pull request, #321: URL: https://github.com/apache/commons-parent/pull/321 Bumps [org.jacoco:jacoco-maven-plugin](https://github.com/jacoco/jacoco) from 0.8.10 to 0.8.11. Release notes Sourced from https://github.com/jacoco/jacoco/releases";>org.jacoco:jacoco-maven-plugin's releases. 0.8.11 New Features JaCoCo now officially supports Java 21 (GitHub https://redirect.github.com/jacoco/jacoco/issues/1520";>#1520). Experimental support for Java 22 class files (GitHub https://redirect.github.com/jacoco/jacoco/issues/1479";>#1479). Part of bytecode generated by the Java compilers for exhaustive switch expressions is filtered out during generation of report (GitHub https://redirect.github.com/jacoco/jacoco/issues/1472";>#1472). Part of bytecode generated by the Java compilers for record patterns is filtered out during generation of report (GitHub https://redirect.github.com/jacoco/jacoco/issues/1473";>#1473). Fixed bugs Instrumentation should not cause VerifyError when the last local variable of method parameters is overridden in the method body to store a value of type long or double (GitHub https://redirect.github.com/jacoco/jacoco/issues/893";>#893). Restore exec file compatibility with versions from 0.7.5 to 0.8.8 in case of class files with zero line numbers (GitHub https://redirect.github.com/jacoco/jacoco/issues/1492";>#1492). Non-functional Changes jacoco-maven-plugin now requires at least Java 8 (GitHub https://redirect.github.com/jacoco/jacoco/issues/1466";>#1466, https://redirect.github.com/jacoco/jacoco/issues/1468";>#1468). JaCoCo build now requires at least Maven 3.5.4 (GitHub https://redirect.github.com/jacoco/jacoco/issues/1467";>#1467). Maven 3.9.2 should not produce warnings for jacoco-maven-plugin (GitHub https://redirect.github.com/jacoco/jacoco/issues/1468";>#1468). JaCoCo build now requires JDK 17 (GitHub https://redirect.github.com/jacoco/jacoco/issues/1482";>#1482). JaCoCo now depends on ASM 9.6 (GitHub https://redirect.github.com/jacoco/jacoco/issues/1518";>#1518). Commits https://github.com/jacoco/jacoco/commit/f33756c37f1e41041d84018047b14cb394742761";>f33756c Prepare release 0.8.11 https://github.com/jacoco/jacoco/commit/06705305b207bc42b3369f2c4ade598e4c1d7b12";>0670530 Upgrade animal-sniffer-maven-plugin to 1.23 https://github.com/jacoco/jacoco/commit/206e5bed2c4f11de6e6bf20e96a27c1f4ff93e0d";>206e5be Restore exec file compatibility after upgrade of ASM to version 9.5 (https://redirect.github.com/jacoco/jacoco/issues/1492";>#1492) https://github.com/jacoco/jacoco/commit/36fc079692f9cf6dcc2b6f391cc0d7fbe2a90a7a";>36fc079 Update documentation: JDK version 21 is officially supported (https://redirect.github.com/jacoco/jacoco/issues/1520";>#1520) https://github.com/jacoco/jacoco/commit/7162917334d9094ebb10d66f9b0f971725ad754c";>7162917 Add validation tests for boolean expressions (https://redirect.github.com/jacoco/jacoco/issues/1505";>#1505) https://github.com/jacoco/jacoco/commit/4bc9267836e2aba546eb4638e16bfa28ddd365a9";>4bc9267 Fix link to Bytecode Outline Plug-In (https://redirect.github.com/jacoco/jacoco/issues/1519";>#1519) https://github.com/jacoco/jacoco/commit/ded62fc40764cc52003df527318fd081fafd6b75";>ded62fc Upgrade ASM to 9.6 (https://redirect.github.com/jacoco/jacoco/issues/1518";>#1518) https://github.com/jacoco/jacoco/commit/67982608d01b57107db31d0e0e02dda325f2cb6e";>6798260 Fix links to ASM website (https://redirect.github.com/jacoco/jacoco/issues/1515";>#1515) https://github.com/jacoco/jacoco/commit/4ba332f69c3ed59b1453d8c7543842cab803e303";>4ba332f Fix misleading outdated javadoc (https://redirect.github.com/jacoco/jacoco/issues/1513";>#1513) https://github.com/jacoco/jacoco/commit/7ca0f0f6e4003b108d980e837adf013e9c825da7";>7ca0f0f Opcodes.RET should be processed by visitVarInsn instead of visitInsn (#... Additional commits viewable in https://github.com/jacoco/jacoco/compare/v0.8.10...v0.8.11";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been ma
[PR] Bump org.apache.commons:commons-parent from 59 to 64 [commons-bsf]
dependabot[bot] opened a new pull request, #105: URL: https://github.com/apache/commons-bsf/pull/105 Bumps [org.apache.commons:commons-parent](https://github.com/apache/commons-parent) from 59 to 64. Changelog Sourced from https://github.com/apache/commons-parent/blob/master/RELEASE-NOTES.txt";>org.apache.commons:commons-parent's changelog. Apache Commons Parent 64 RELEASE NOTES The Apache Commons Parent team is pleased to announce the release of Apache Commons Parent 64. The Apache Commons Parent POM provides common settings for all Apache Commons components. Version 64: Maintenance and update dependencies Changes in this version include: New features: o Restore building on Java 8 (com.puppycrawl.tools:checkstyle 10.x requires Java 11). Thanks to Gary Gregory. o Rename profile 'moditect' to 'java-9-up'. Thanks to Gary Gregory. o Merge profile 'jdk9-compiler' into 'java-9-up' and remove 'jdk9-compiler'. Thanks to Gary Gregory. Changes: o Use Checkstyle 9.x on Java less than 11 and Checkstyle 10.x on Java 11 and up. Thanks to Gary Gregory. Removed: o Remove 'javasvn' profile. Thanks to Gary Gregory. o Remove '.svn'-activated profile. Thanks to Gary Gregory. o Remove 'jdk9-compiler.' profile. Thanks to Gary Gregory. Historical list of changes: https://commons.apache.org/proper/commons-parent/changes-report.html";>https://commons.apache.org/proper/commons-parent/changes-report.html For complete information on Apache Commons Parent, including instructions on how to submit bug reports, patches, or suggestions for improvement, see the Apache Commons Parent website: https://commons.apache.org/proper/commons-parent/";>https://commons.apache.org/proper/commons-parent/ Apache Commons Parent 63 RELEASE NOTES The Apache Commons Parent team is pleased to announce the release of Apache Commons Parent 63. The Apache Commons Parent POM provides common settings for all Apache Commons components. Version 63: Maintenance and update dependencies Changes in this version include: New features: o Add commons.conf.dir property defaulting to src/conf. Thanks to Dependabot. Changes: o Bump GitHub actions. Thanks to Dependabot. o Bump com.github.siom79.japicmp:japicmp-maven-plugin from 0.17.2 to 0.18.1 https://redirect.github.com/apache/commons-parent/issues/302";>#302, https://redirect.github.com/apache/commons-parent/issues/313";>#313. Thanks to Dependabot, Gary Gregory. ... (truncated) Commits See full diff in https://github.com/apache/commons-parent/commits";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, pleas
[PR] Bump github/codeql-action from 2.22.2 to 2.22.3 [commons-skin]
dependabot[bot] opened a new pull request, #88: URL: https://github.com/apache/commons-skin/pull/88 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.2 to 2.22.3. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md";>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases";>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] Update default CodeQL bundle version to 2.15.1. https://redirect.github.com/github/codeql-action/pull/1953";>#1953 Users will begin to see warnings on Node.js 16 deprecation in their Actions logs on code scanning runs starting October 23, 2023. All code scanning workflows should continue to succeed regardless of the warning. The team at GitHub maintaining the CodeQL Action is aware of the deprecation timeline and actively working on creating another version of the CodeQL Action, v3, that will bump us to Node 20. For more information, and to communicate with the maintaining team, please use https://redirect.github.com/github/codeql-action/issues/1959";>this issue. 2.22.3 - 13 Oct 2023 Provide an authentication token when downloading the CodeQL Bundle from the API of a GitHub Enterprise Server instance. https://redirect.github.com/github/codeql-action/pull/1945";>#1945 2.22.2 - 12 Oct 2023 Update default CodeQL bundle version to 2.15.0. https://redirect.github.com/github/codeql-action/pull/1938";>#1938 Improve the log output when an error occurs in an invocation of the CodeQL CLI. https://redirect.github.com/github/codeql-action/pull/1927";>#1927 2.22.1 - 09 Oct 2023 Add a workaround for Python 3.12, which is not supported in CodeQL CLI version 2.14.6 or earlier. If you are running an analysis on Windows and using Python 3.12 or later, the CodeQL Action will switch to running Python 3.11. In this case, if Python 3.11 is not found, then the workflow will fail. https://redirect.github.com/github/codeql-action/pull/1928";>#1928 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907";>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/";>"CodeQL code scanning deprecates ML-powered alerts." https://redirect.github.com/github/codeql-action/pull/1910";>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909";>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897";>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889";>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903";>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901";>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884";>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883";>#1883 2.21.7 - 14 Sep 2023 Update
[PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-skin]
dependabot[bot] opened a new pull request, #89: URL: https://github.com/apache/commons-skin/pull/89 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. Release notes Sourced from https://github.com/actions/checkout/releases";>actions/checkout's releases. v4.1.1 What's Changed Update CODEOWNERS to Launch team by https://github.com/joshmgross";>@joshmgross in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 Correct link to GitHub Docs by https://github.com/peterbe";>@peterbe in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Link to release page from what's new section by https://github.com/cory-miller";>@cory-miller in https://redirect.github.com/actions/checkout/pull/1514";>actions/checkout#1514 New Contributors https://github.com/joshmgross";>@joshmgross made their first contribution in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 https://github.com/peterbe";>@peterbe made their first contribution in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Full Changelog: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>https://github.com/actions/checkout/compare/v4.1.0...v4.1.1 Commits https://github.com/actions/checkout/commit/b4ffde65f46336ab88eb53be808477a3936bae11";>b4ffde6 Link to release page from what's new section (https://redirect.github.com/actions/checkout/issues/1514";>#1514) https://github.com/actions/checkout/commit/8530928916aaef40f59e6f221989ccb31f5759e7";>8530928 Correct link to GitHub Docs (https://redirect.github.com/actions/checkout/issues/1511";>#1511) https://github.com/actions/checkout/commit/7cdaf2fbc075e6f3b9ca94cfd6cec5adc8a75622";>7cdaf2f Update CODEOWNERS to Launch team (https://redirect.github.com/actions/checkout/issues/1510";>#1510) See full diff in https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GH] (commons-bsf): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-bsf.git has failed. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: f5f52e8c1a7212a4517dd80d44dae8858aa54a23 / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump org.apache.commons:commons-parent from 59 to 64 Bumps [org.apache.commons:commons-parent](https://github.com/apache/commons-parent) from 59 to 64. - [Changelog](https://github.com/apache/commons-parent/blob/master/RELEASE-NOTES.txt) - [Commits](https://github.com/apache/commons-parent/commits) --- updated-dependencies: - dependency-name: org.apache.commons:commons-parent dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-bsf/actions/runs/6586866586 With regards, GitHub Actions via GitBox
[GH] (commons-bsf): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-bsf.git has failed. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: f5f52e8c1a7212a4517dd80d44dae8858aa54a23 / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump org.apache.commons:commons-parent from 59 to 64 Bumps [org.apache.commons:commons-parent](https://github.com/apache/commons-parent) from 59 to 64. - [Changelog](https://github.com/apache/commons-parent/blob/master/RELEASE-NOTES.txt) - [Commits](https://github.com/apache/commons-parent/commits) --- updated-dependencies: - dependency-name: org.apache.commons:commons-parent dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-bsf/actions/runs/6586866435 With regards, GitHub Actions via GitBox
[GH] (commons-bsf): Workflow run "CodeQL" failed!
The GitHub Actions job "CodeQL" on commons-bsf.git has failed. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: f5f52e8c1a7212a4517dd80d44dae8858aa54a23 / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump org.apache.commons:commons-parent from 59 to 64 Bumps [org.apache.commons:commons-parent](https://github.com/apache/commons-parent) from 59 to 64. - [Changelog](https://github.com/apache/commons-parent/blob/master/RELEASE-NOTES.txt) - [Commits](https://github.com/apache/commons-parent/commits) --- updated-dependencies: - dependency-name: org.apache.commons:commons-parent dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-bsf/actions/runs/6586866587 With regards, GitHub Actions via GitBox
[PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-bsf]
dependabot[bot] opened a new pull request, #106: URL: https://github.com/apache/commons-bsf/pull/106 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. Release notes Sourced from https://github.com/actions/checkout/releases";>actions/checkout's releases. v4.1.1 What's Changed Update CODEOWNERS to Launch team by https://github.com/joshmgross";>@joshmgross in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 Correct link to GitHub Docs by https://github.com/peterbe";>@peterbe in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Link to release page from what's new section by https://github.com/cory-miller";>@cory-miller in https://redirect.github.com/actions/checkout/pull/1514";>actions/checkout#1514 New Contributors https://github.com/joshmgross";>@joshmgross made their first contribution in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 https://github.com/peterbe";>@peterbe made their first contribution in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Full Changelog: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>https://github.com/actions/checkout/compare/v4.1.0...v4.1.1 Changelog Sourced from https://github.com/actions/checkout/blob/main/CHANGELOG.md";>actions/checkout's changelog. Changelog Commits https://github.com/actions/checkout/commit/b4ffde65f46336ab88eb53be808477a3936bae11";>b4ffde6 Link to release page from what's new section (https://redirect.github.com/actions/checkout/issues/1514";>#1514) https://github.com/actions/checkout/commit/8530928916aaef40f59e6f221989ccb31f5759e7";>8530928 Correct link to GitHub Docs (https://redirect.github.com/actions/checkout/issues/1511";>#1511) https://github.com/actions/checkout/commit/7cdaf2fbc075e6f3b9ca94cfd6cec5adc8a75622";>7cdaf2f Update CODEOWNERS to Launch team (https://redirect.github.com/actions/checkout/issues/1510";>#1510) See full diff in https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GH] (commons-bsf): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-bsf.git has failed. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: bc602c99b6f19cf579be4161d03d72c05efc94c0 / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump actions/checkout from 4.1.0 to 4.1.1 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-bsf/actions/runs/6586912215 With regards, GitHub Actions via GitBox
[GH] (commons-bsf): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-bsf.git has failed. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: bc602c99b6f19cf579be4161d03d72c05efc94c0 / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump actions/checkout from 4.1.0 to 4.1.1 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-bsf/actions/runs/6586912492 With regards, GitHub Actions via GitBox
[GH] (commons-bsf): Workflow run "CodeQL" failed!
The GitHub Actions job "CodeQL" on commons-bsf.git has failed. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: bc602c99b6f19cf579be4161d03d72c05efc94c0 / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump actions/checkout from 4.1.0 to 4.1.1 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4.1.0...v4.1.1) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-bsf/actions/runs/6586912494 With regards, GitHub Actions via GitBox
[GH] (commons-logging): Workflow run "Java CI" is working again!
The GitHub Actions job "Java CI" on commons-logging.git has succeeded. Run started by GitHub user garydgregory (triggered by garydgregory). Head commit for run: fc51d061ae084ac411049b26402339dcde202ed4 / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump github/codeql-action from 2.22.2 to 2.22.3 (#172) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.2 to 2.22.3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/d90b8d79de6dc1f58e83a1499aa58d6c93dc28de...0116bc2df50751f9724a2e35ef1f24d22f90e4e1) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Report URL: https://github.com/apache/commons-logging/actions/runs/6586945781 With regards, GitHub Actions via GitBox
[PR] Bump github/codeql-action from 2.22.2 to 2.22.3 [commons-crypto]
dependabot[bot] opened a new pull request, #256: URL: https://github.com/apache/commons-crypto/pull/256 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.2 to 2.22.3. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md";>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases";>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] Update default CodeQL bundle version to 2.15.1. https://redirect.github.com/github/codeql-action/pull/1953";>#1953 Users will begin to see warnings on Node.js 16 deprecation in their Actions logs on code scanning runs starting October 23, 2023. All code scanning workflows should continue to succeed regardless of the warning. The team at GitHub maintaining the CodeQL Action is aware of the deprecation timeline and actively working on creating another version of the CodeQL Action, v3, that will bump us to Node 20. For more information, and to communicate with the maintaining team, please use https://redirect.github.com/github/codeql-action/issues/1959";>this issue. 2.22.3 - 13 Oct 2023 Provide an authentication token when downloading the CodeQL Bundle from the API of a GitHub Enterprise Server instance. https://redirect.github.com/github/codeql-action/pull/1945";>#1945 2.22.2 - 12 Oct 2023 Update default CodeQL bundle version to 2.15.0. https://redirect.github.com/github/codeql-action/pull/1938";>#1938 Improve the log output when an error occurs in an invocation of the CodeQL CLI. https://redirect.github.com/github/codeql-action/pull/1927";>#1927 2.22.1 - 09 Oct 2023 Add a workaround for Python 3.12, which is not supported in CodeQL CLI version 2.14.6 or earlier. If you are running an analysis on Windows and using Python 3.12 or later, the CodeQL Action will switch to running Python 3.11. In this case, if Python 3.11 is not found, then the workflow will fail. https://redirect.github.com/github/codeql-action/pull/1928";>#1928 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907";>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/";>"CodeQL code scanning deprecates ML-powered alerts." https://redirect.github.com/github/codeql-action/pull/1910";>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909";>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897";>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889";>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903";>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901";>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884";>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883";>#1883 2.21.7 - 14 Sep 2023 Upd
[GH] (commons-bsf): Workflow run "CodeQL" failed!
The GitHub Actions job "CodeQL" on commons-bsf.git has failed. Run started by GitHub user garydgregory (triggered by garydgregory). Head commit for run: 70fca8e95daee9d53cf6336999a176acda9278a2 / Gary Gregory Merge pull request #106 from apache/dependabot/github_actions/actions/checkout-4.1.1 Bump actions/checkout from 4.1.0 to 4.1.1 Report URL: https://github.com/apache/commons-bsf/actions/runs/6586959984 With regards, GitHub Actions via GitBox
[PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-crypto]
dependabot[bot] opened a new pull request, #255: URL: https://github.com/apache/commons-crypto/pull/255 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. Release notes Sourced from https://github.com/actions/checkout/releases";>actions/checkout's releases. v4.1.1 What's Changed Update CODEOWNERS to Launch team by https://github.com/joshmgross";>@joshmgross in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 Correct link to GitHub Docs by https://github.com/peterbe";>@peterbe in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Link to release page from what's new section by https://github.com/cory-miller";>@cory-miller in https://redirect.github.com/actions/checkout/pull/1514";>actions/checkout#1514 New Contributors https://github.com/joshmgross";>@joshmgross made their first contribution in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 https://github.com/peterbe";>@peterbe made their first contribution in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Full Changelog: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>https://github.com/actions/checkout/compare/v4.1.0...v4.1.1 Commits https://github.com/actions/checkout/commit/b4ffde65f46336ab88eb53be808477a3936bae11";>b4ffde6 Link to release page from what's new section (https://redirect.github.com/actions/checkout/issues/1514";>#1514) https://github.com/actions/checkout/commit/8530928916aaef40f59e6f221989ccb31f5759e7";>8530928 Correct link to GitHub Docs (https://redirect.github.com/actions/checkout/issues/1511";>#1511) https://github.com/actions/checkout/commit/7cdaf2fbc075e6f3b9ca94cfd6cec5adc8a75622";>7cdaf2f Update CODEOWNERS to Launch team (https://redirect.github.com/actions/checkout/issues/1510";>#1510) See full diff in https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GH] (commons-bsf): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-bsf.git has failed. Run started by GitHub user garydgregory (triggered by garydgregory). Head commit for run: 70fca8e95daee9d53cf6336999a176acda9278a2 / Gary Gregory Merge pull request #106 from apache/dependabot/github_actions/actions/checkout-4.1.1 Bump actions/checkout from 4.1.0 to 4.1.1 Report URL: https://github.com/apache/commons-bsf/actions/runs/6586959988 With regards, GitHub Actions via GitBox
[GH] (commons-beanutils): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-beanutils.git has failed. Run started by GitHub user asfgit (triggered by garydgregory). Head commit for run: e2e6119b491c7b234d0fe8b0ba89579ae18c94c2 / Gary Gregory Javadoc: Better wording Report URL: https://github.com/apache/commons-beanutils/actions/runs/6576252526 With regards, GitHub Actions via GitBox
[GH] (commons-beanutils): Workflow run "Coverage" failed!
The GitHub Actions job "Coverage" on commons-beanutils.git has failed. Run started by GitHub user asfgit (triggered by asfgit). Head commit for run: 76b72ee8bbadfa5b0ef18bfe6dfaf2b07a8b47da / Gary Gregory Undo innadvertant change made while debugging Java 21 build Report URL: https://github.com/apache/commons-beanutils/actions/runs/6587038311 With regards, GitHub Actions via GitBox
[GH] (commons-beanutils): Workflow run "Java CI" is working again!
The GitHub Actions job "Java CI" on commons-beanutils.git has succeeded. Run started by GitHub user asfgit (triggered by asfgit). Head commit for run: 76b72ee8bbadfa5b0ef18bfe6dfaf2b07a8b47da / Gary Gregory Undo innadvertant change made while debugging Java 21 build Report URL: https://github.com/apache/commons-beanutils/actions/runs/6587038307 With regards, GitHub Actions via GitBox
Re: [PR] Bump jaxb-impl from 2.3.7 to 4.0.3 [commons-crypto]
dependabot[bot] commented on PR #227: URL: https://github.com/apache/commons-crypto/pull/227#issuecomment-1772561895 Superseded by #257. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump jaxb-impl from 2.3.7 to 4.0.3 [commons-crypto]
dependabot[bot] closed pull request #227: Bump jaxb-impl from 2.3.7 to 4.0.3 URL: https://github.com/apache/commons-crypto/pull/227 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump com.sun.xml.bind:jaxb-impl from 2.3.7 to 4.0.4 [commons-crypto]
dependabot[bot] opened a new pull request, #257: URL: https://github.com/apache/commons-crypto/pull/257 Bumps com.sun.xml.bind:jaxb-impl from 2.3.7 to 4.0.4. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GH] (commons-crypto): Workflow run "CodeQL" failed!
The GitHub Actions job "CodeQL" on commons-crypto.git has failed. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: fef5b402db049d58ce434754018138c8bbecf40d / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump com.sun.xml.bind:jaxb-impl from 2.3.7 to 4.0.4 Bumps com.sun.xml.bind:jaxb-impl from 2.3.7 to 4.0.4. --- updated-dependencies: - dependency-name: com.sun.xml.bind:jaxb-impl dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-crypto/actions/runs/6587064374 With regards, GitHub Actions via GitBox
[GH] (commons-crypto): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-crypto.git has failed. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: fef5b402db049d58ce434754018138c8bbecf40d / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump com.sun.xml.bind:jaxb-impl from 2.3.7 to 4.0.4 Bumps com.sun.xml.bind:jaxb-impl from 2.3.7 to 4.0.4. --- updated-dependencies: - dependency-name: com.sun.xml.bind:jaxb-impl dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-crypto/actions/runs/6587064103 With regards, GitHub Actions via GitBox
[GH] (commons-crypto): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-crypto.git has failed. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: fef5b402db049d58ce434754018138c8bbecf40d / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump com.sun.xml.bind:jaxb-impl from 2.3.7 to 4.0.4 Bumps com.sun.xml.bind:jaxb-impl from 2.3.7 to 4.0.4. --- updated-dependencies: - dependency-name: com.sun.xml.bind:jaxb-impl dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-crypto/actions/runs/6587064373 With regards, GitHub Actions via GitBox
[GH] (commons-crypto): Workflow run "CodeQL" is working again!
The GitHub Actions job "CodeQL" on commons-crypto.git has succeeded. Run started by GitHub user asfgit (triggered by asfgit). Head commit for run: c14df32ea386eadf1d459e05ca526ab1b6bc9874 / Gary Gregory Bump com.sun.xml.bind:jaxb-impl from 2.3.7 to 2.3.8 Report URL: https://github.com/apache/commons-crypto/actions/runs/6587161280 With regards, GitHub Actions via GitBox
[GH] (commons-crypto): Workflow run "Java CI" is working again!
The GitHub Actions job "Java CI" on commons-crypto.git has succeeded. Run started by GitHub user asfgit (triggered by asfgit). Head commit for run: c14df32ea386eadf1d459e05ca526ab1b6bc9874 / Gary Gregory Bump com.sun.xml.bind:jaxb-impl from 2.3.7 to 2.3.8 Report URL: https://github.com/apache/commons-crypto/actions/runs/6587161264 With regards, GitHub Actions via GitBox
Re: [PR] Bump org.graalvm.js:js-scriptengine from 23.1.0 to 23.1.1 [commons-build-plugin]
dependabot[bot] commented on PR #190: URL: https://github.com/apache/commons-build-plugin/pull/190#issuecomment-1772582571 Looks like this PR is already up-to-date with master! If you'd still like to recreate it from scratch, overwriting any edits, you can request `@dependabot recreate`. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GH] (commons-crypto): Workflow run "CodeQL" failed!
The GitHub Actions job "CodeQL" on commons-crypto.git has failed. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: e8c106854453d8fd54e1c998fe7feec9fcaba530 / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump com.sun.xml.bind:jaxb-impl from 2.3.7 to 4.0.4 Bumps com.sun.xml.bind:jaxb-impl from 2.3.7 to 4.0.4. --- updated-dependencies: - dependency-name: com.sun.xml.bind:jaxb-impl dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-crypto/actions/runs/6587258378 With regards, GitHub Actions via GitBox
[GH] (commons-crypto): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-crypto.git has failed. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: e8c106854453d8fd54e1c998fe7feec9fcaba530 / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump com.sun.xml.bind:jaxb-impl from 2.3.7 to 4.0.4 Bumps com.sun.xml.bind:jaxb-impl from 2.3.7 to 4.0.4. --- updated-dependencies: - dependency-name: com.sun.xml.bind:jaxb-impl dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-crypto/actions/runs/6587258003 With regards, GitHub Actions via GitBox
[GH] (commons-crypto): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-crypto.git has failed. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]). Head commit for run: e8c106854453d8fd54e1c998fe7feec9fcaba530 / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump com.sun.xml.bind:jaxb-impl from 2.3.7 to 4.0.4 Bumps com.sun.xml.bind:jaxb-impl from 2.3.7 to 4.0.4. --- updated-dependencies: - dependency-name: com.sun.xml.bind:jaxb-impl dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Report URL: https://github.com/apache/commons-crypto/actions/runs/6587258375 With regards, GitHub Actions via GitBox
[PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-parent]
dependabot[bot] opened a new pull request, #322: URL: https://github.com/apache/commons-parent/pull/322 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. Release notes Sourced from https://github.com/actions/checkout/releases";>actions/checkout's releases. v4.1.1 What's Changed Update CODEOWNERS to Launch team by https://github.com/joshmgross";>@joshmgross in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 Correct link to GitHub Docs by https://github.com/peterbe";>@peterbe in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Link to release page from what's new section by https://github.com/cory-miller";>@cory-miller in https://redirect.github.com/actions/checkout/pull/1514";>actions/checkout#1514 New Contributors https://github.com/joshmgross";>@joshmgross made their first contribution in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 https://github.com/peterbe";>@peterbe made their first contribution in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Full Changelog: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>https://github.com/actions/checkout/compare/v4.1.0...v4.1.1 Commits https://github.com/actions/checkout/commit/b4ffde65f46336ab88eb53be808477a3936bae11";>b4ffde6 Link to release page from what's new section (https://redirect.github.com/actions/checkout/issues/1514";>#1514) https://github.com/actions/checkout/commit/8530928916aaef40f59e6f221989ccb31f5759e7";>8530928 Correct link to GitHub Docs (https://redirect.github.com/actions/checkout/issues/1511";>#1511) https://github.com/actions/checkout/commit/7cdaf2fbc075e6f3b9ca94cfd6cec5adc8a75622";>7cdaf2f Update CODEOWNERS to Launch team (https://redirect.github.com/actions/checkout/issues/1510";>#1510) See full diff in https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump github/codeql-action from 2.22.2 to 2.22.3 [commons-parent]
dependabot[bot] opened a new pull request, #323: URL: https://github.com/apache/commons-parent/pull/323 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.2 to 2.22.3. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md";>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases";>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] Update default CodeQL bundle version to 2.15.1. https://redirect.github.com/github/codeql-action/pull/1953";>#1953 Users will begin to see warnings on Node.js 16 deprecation in their Actions logs on code scanning runs starting October 23, 2023. All code scanning workflows should continue to succeed regardless of the warning. The team at GitHub maintaining the CodeQL Action is aware of the deprecation timeline and actively working on creating another version of the CodeQL Action, v3, that will bump us to Node 20. For more information, and to communicate with the maintaining team, please use https://redirect.github.com/github/codeql-action/issues/1959";>this issue. 2.22.3 - 13 Oct 2023 Provide an authentication token when downloading the CodeQL Bundle from the API of a GitHub Enterprise Server instance. https://redirect.github.com/github/codeql-action/pull/1945";>#1945 2.22.2 - 12 Oct 2023 Update default CodeQL bundle version to 2.15.0. https://redirect.github.com/github/codeql-action/pull/1938";>#1938 Improve the log output when an error occurs in an invocation of the CodeQL CLI. https://redirect.github.com/github/codeql-action/pull/1927";>#1927 2.22.1 - 09 Oct 2023 Add a workaround for Python 3.12, which is not supported in CodeQL CLI version 2.14.6 or earlier. If you are running an analysis on Windows and using Python 3.12 or later, the CodeQL Action will switch to running Python 3.11. In this case, if Python 3.11 is not found, then the workflow will fail. https://redirect.github.com/github/codeql-action/pull/1928";>#1928 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907";>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/";>"CodeQL code scanning deprecates ML-powered alerts." https://redirect.github.com/github/codeql-action/pull/1910";>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909";>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897";>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889";>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903";>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901";>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884";>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883";>#1883 2.21.7 - 14 Sep 2023 Upd
[PR] Bump github/codeql-action from 2.22.2 to 2.22.3 [commons-vfs]
dependabot[bot] opened a new pull request, #439: URL: https://github.com/apache/commons-vfs/pull/439 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.2 to 2.22.3. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md";>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases";>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] Update default CodeQL bundle version to 2.15.1. https://redirect.github.com/github/codeql-action/pull/1953";>#1953 Users will begin to see warnings on Node.js 16 deprecation in their Actions logs on code scanning runs starting October 23, 2023. All code scanning workflows should continue to succeed regardless of the warning. The team at GitHub maintaining the CodeQL Action is aware of the deprecation timeline and actively working on creating another version of the CodeQL Action, v3, that will bump us to Node 20. For more information, and to communicate with the maintaining team, please use https://redirect.github.com/github/codeql-action/issues/1959";>this issue. 2.22.3 - 13 Oct 2023 Provide an authentication token when downloading the CodeQL Bundle from the API of a GitHub Enterprise Server instance. https://redirect.github.com/github/codeql-action/pull/1945";>#1945 2.22.2 - 12 Oct 2023 Update default CodeQL bundle version to 2.15.0. https://redirect.github.com/github/codeql-action/pull/1938";>#1938 Improve the log output when an error occurs in an invocation of the CodeQL CLI. https://redirect.github.com/github/codeql-action/pull/1927";>#1927 2.22.1 - 09 Oct 2023 Add a workaround for Python 3.12, which is not supported in CodeQL CLI version 2.14.6 or earlier. If you are running an analysis on Windows and using Python 3.12 or later, the CodeQL Action will switch to running Python 3.11. In this case, if Python 3.11 is not found, then the workflow will fail. https://redirect.github.com/github/codeql-action/pull/1928";>#1928 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907";>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/";>"CodeQL code scanning deprecates ML-powered alerts." https://redirect.github.com/github/codeql-action/pull/1910";>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909";>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897";>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889";>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903";>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901";>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884";>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883";>#1883 2.21.7 - 14 Sep 2023 Update
[PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-vfs]
dependabot[bot] opened a new pull request, #440: URL: https://github.com/apache/commons-vfs/pull/440 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. Release notes Sourced from https://github.com/actions/checkout/releases";>actions/checkout's releases. v4.1.1 What's Changed Update CODEOWNERS to Launch team by https://github.com/joshmgross";>@joshmgross in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 Correct link to GitHub Docs by https://github.com/peterbe";>@peterbe in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Link to release page from what's new section by https://github.com/cory-miller";>@cory-miller in https://redirect.github.com/actions/checkout/pull/1514";>actions/checkout#1514 New Contributors https://github.com/joshmgross";>@joshmgross made their first contribution in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 https://github.com/peterbe";>@peterbe made their first contribution in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Full Changelog: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>https://github.com/actions/checkout/compare/v4.1.0...v4.1.1 Commits https://github.com/actions/checkout/commit/b4ffde65f46336ab88eb53be808477a3936bae11";>b4ffde6 Link to release page from what's new section (https://redirect.github.com/actions/checkout/issues/1514";>#1514) https://github.com/actions/checkout/commit/8530928916aaef40f59e6f221989ccb31f5759e7";>8530928 Correct link to GitHub Docs (https://redirect.github.com/actions/checkout/issues/1511";>#1511) https://github.com/actions/checkout/commit/7cdaf2fbc075e6f3b9ca94cfd6cec5adc8a75622";>7cdaf2f Update CODEOWNERS to Launch team (https://redirect.github.com/actions/checkout/issues/1510";>#1510) See full diff in https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump github/codeql-action from 2.22.2 to 2.22.3 [commons-csv]
dependabot[bot] opened a new pull request, #366: URL: https://github.com/apache/commons-csv/pull/366 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.2 to 2.22.3. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md";>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases";>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] Update default CodeQL bundle version to 2.15.1. https://redirect.github.com/github/codeql-action/pull/1953";>#1953 Users will begin to see warnings on Node.js 16 deprecation in their Actions logs on code scanning runs starting October 23, 2023. All code scanning workflows should continue to succeed regardless of the warning. The team at GitHub maintaining the CodeQL Action is aware of the deprecation timeline and actively working on creating another version of the CodeQL Action, v3, that will bump us to Node 20. For more information, and to communicate with the maintaining team, please use https://redirect.github.com/github/codeql-action/issues/1959";>this issue. 2.22.3 - 13 Oct 2023 Provide an authentication token when downloading the CodeQL Bundle from the API of a GitHub Enterprise Server instance. https://redirect.github.com/github/codeql-action/pull/1945";>#1945 2.22.2 - 12 Oct 2023 Update default CodeQL bundle version to 2.15.0. https://redirect.github.com/github/codeql-action/pull/1938";>#1938 Improve the log output when an error occurs in an invocation of the CodeQL CLI. https://redirect.github.com/github/codeql-action/pull/1927";>#1927 2.22.1 - 09 Oct 2023 Add a workaround for Python 3.12, which is not supported in CodeQL CLI version 2.14.6 or earlier. If you are running an analysis on Windows and using Python 3.12 or later, the CodeQL Action will switch to running Python 3.11. In this case, if Python 3.11 is not found, then the workflow will fail. https://redirect.github.com/github/codeql-action/pull/1928";>#1928 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907";>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/";>"CodeQL code scanning deprecates ML-powered alerts." https://redirect.github.com/github/codeql-action/pull/1910";>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909";>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897";>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889";>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903";>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901";>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884";>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883";>#1883 2.21.7 - 14 Sep 2023 Update
[PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-csv]
dependabot[bot] opened a new pull request, #367: URL: https://github.com/apache/commons-csv/pull/367 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. Release notes Sourced from https://github.com/actions/checkout/releases";>actions/checkout's releases. v4.1.1 What's Changed Update CODEOWNERS to Launch team by https://github.com/joshmgross";>@joshmgross in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 Correct link to GitHub Docs by https://github.com/peterbe";>@peterbe in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Link to release page from what's new section by https://github.com/cory-miller";>@cory-miller in https://redirect.github.com/actions/checkout/pull/1514";>actions/checkout#1514 New Contributors https://github.com/joshmgross";>@joshmgross made their first contribution in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 https://github.com/peterbe";>@peterbe made their first contribution in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Full Changelog: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>https://github.com/actions/checkout/compare/v4.1.0...v4.1.1 Commits https://github.com/actions/checkout/commit/b4ffde65f46336ab88eb53be808477a3936bae11";>b4ffde6 Link to release page from what's new section (https://redirect.github.com/actions/checkout/issues/1514";>#1514) https://github.com/actions/checkout/commit/8530928916aaef40f59e6f221989ccb31f5759e7";>8530928 Correct link to GitHub Docs (https://redirect.github.com/actions/checkout/issues/1511";>#1511) https://github.com/actions/checkout/commit/7cdaf2fbc075e6f3b9ca94cfd6cec5adc8a75622";>7cdaf2f Update CODEOWNERS to Launch team (https://redirect.github.com/actions/checkout/issues/1510";>#1510) See full diff in https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump github/codeql-action from 2.22.2 to 2.22.3 [commons-csv]
codecov-commenter commented on PR #366: URL: https://github.com/apache/commons-csv/pull/366#issuecomment-1772609053 ## [Codecov](https://app.codecov.io/gh/apache/commons-csv/pull/366?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) Report > Merging [#366](https://app.codecov.io/gh/apache/commons-csv/pull/366?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (239a860) into [master](https://app.codecov.io/gh/apache/commons-csv/commit/8d74818f11e2bc00c8a248a66c05de26095aed5a?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (8d74818) will **not change** coverage. > The diff coverage is `n/a`. ```diff @@Coverage Diff@@ ## master #366 +/- ## = Coverage 98.35% 98.35% Complexity 541 541 = Files10 10 Lines 1152 1152 Branches202 202 = Hits 1133 1133 Misses77 Partials 12 12 ``` :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-csv]
codecov-commenter commented on PR #367: URL: https://github.com/apache/commons-csv/pull/367#issuecomment-1772609632 ## [Codecov](https://app.codecov.io/gh/apache/commons-csv/pull/367?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) Report > Merging [#367](https://app.codecov.io/gh/apache/commons-csv/pull/367?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (6a89929) into [master](https://app.codecov.io/gh/apache/commons-csv/commit/8d74818f11e2bc00c8a248a66c05de26095aed5a?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (8d74818) will **not change** coverage. > The diff coverage is `n/a`. ```diff @@Coverage Diff@@ ## master #367 +/- ## = Coverage 98.35% 98.35% Complexity 541 541 = Files10 10 Lines 1152 1152 Branches202 202 = Hits 1133 1133 Misses77 Partials 12 12 ``` :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-pool]
dependabot[bot] opened a new pull request, #255: URL: https://github.com/apache/commons-pool/pull/255 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. Release notes Sourced from https://github.com/actions/checkout/releases";>actions/checkout's releases. v4.1.1 What's Changed Update CODEOWNERS to Launch team by https://github.com/joshmgross";>@joshmgross in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 Correct link to GitHub Docs by https://github.com/peterbe";>@peterbe in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Link to release page from what's new section by https://github.com/cory-miller";>@cory-miller in https://redirect.github.com/actions/checkout/pull/1514";>actions/checkout#1514 New Contributors https://github.com/joshmgross";>@joshmgross made their first contribution in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 https://github.com/peterbe";>@peterbe made their first contribution in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Full Changelog: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>https://github.com/actions/checkout/compare/v4.1.0...v4.1.1 Commits https://github.com/actions/checkout/commit/b4ffde65f46336ab88eb53be808477a3936bae11";>b4ffde6 Link to release page from what's new section (https://redirect.github.com/actions/checkout/issues/1514";>#1514) https://github.com/actions/checkout/commit/8530928916aaef40f59e6f221989ccb31f5759e7";>8530928 Correct link to GitHub Docs (https://redirect.github.com/actions/checkout/issues/1511";>#1511) https://github.com/actions/checkout/commit/7cdaf2fbc075e6f3b9ca94cfd6cec5adc8a75622";>7cdaf2f Update CODEOWNERS to Launch team (https://redirect.github.com/actions/checkout/issues/1510";>#1510) See full diff in https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump github/codeql-action from 2.22.2 to 2.22.3 [commons-pool]
dependabot[bot] opened a new pull request, #256: URL: https://github.com/apache/commons-pool/pull/256 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.2 to 2.22.3. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md";>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases";>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] Update default CodeQL bundle version to 2.15.1. https://redirect.github.com/github/codeql-action/pull/1953";>#1953 Users will begin to see warnings on Node.js 16 deprecation in their Actions logs on code scanning runs starting October 23, 2023. All code scanning workflows should continue to succeed regardless of the warning. The team at GitHub maintaining the CodeQL Action is aware of the deprecation timeline and actively working on creating another version of the CodeQL Action, v3, that will bump us to Node 20. For more information, and to communicate with the maintaining team, please use https://redirect.github.com/github/codeql-action/issues/1959";>this issue. 2.22.3 - 13 Oct 2023 Provide an authentication token when downloading the CodeQL Bundle from the API of a GitHub Enterprise Server instance. https://redirect.github.com/github/codeql-action/pull/1945";>#1945 2.22.2 - 12 Oct 2023 Update default CodeQL bundle version to 2.15.0. https://redirect.github.com/github/codeql-action/pull/1938";>#1938 Improve the log output when an error occurs in an invocation of the CodeQL CLI. https://redirect.github.com/github/codeql-action/pull/1927";>#1927 2.22.1 - 09 Oct 2023 Add a workaround for Python 3.12, which is not supported in CodeQL CLI version 2.14.6 or earlier. If you are running an analysis on Windows and using Python 3.12 or later, the CodeQL Action will switch to running Python 3.11. In this case, if Python 3.11 is not found, then the workflow will fail. https://redirect.github.com/github/codeql-action/pull/1928";>#1928 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907";>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/";>"CodeQL code scanning deprecates ML-powered alerts." https://redirect.github.com/github/codeql-action/pull/1910";>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909";>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897";>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889";>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903";>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901";>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884";>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883";>#1883 2.21.7 - 14 Sep 2023 Updat
[PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-collections]
dependabot[bot] opened a new pull request, #424: URL: https://github.com/apache/commons-collections/pull/424 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. Release notes Sourced from https://github.com/actions/checkout/releases";>actions/checkout's releases. v4.1.1 What's Changed Update CODEOWNERS to Launch team by https://github.com/joshmgross";>@joshmgross in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 Correct link to GitHub Docs by https://github.com/peterbe";>@peterbe in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Link to release page from what's new section by https://github.com/cory-miller";>@cory-miller in https://redirect.github.com/actions/checkout/pull/1514";>actions/checkout#1514 New Contributors https://github.com/joshmgross";>@joshmgross made their first contribution in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 https://github.com/peterbe";>@peterbe made their first contribution in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Full Changelog: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>https://github.com/actions/checkout/compare/v4.1.0...v4.1.1 Changelog Sourced from https://github.com/actions/checkout/blob/main/CHANGELOG.md";>actions/checkout's changelog. Changelog Commits https://github.com/actions/checkout/commit/b4ffde65f46336ab88eb53be808477a3936bae11";>b4ffde6 Link to release page from what's new section (https://redirect.github.com/actions/checkout/issues/1514";>#1514) https://github.com/actions/checkout/commit/8530928916aaef40f59e6f221989ccb31f5759e7";>8530928 Correct link to GitHub Docs (https://redirect.github.com/actions/checkout/issues/1511";>#1511) https://github.com/actions/checkout/commit/7cdaf2fbc075e6f3b9ca94cfd6cec5adc8a75622";>7cdaf2f Update CODEOWNERS to Launch team (https://redirect.github.com/actions/checkout/issues/1510";>#1510) See full diff in https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-collections]
codecov-commenter commented on PR #424: URL: https://github.com/apache/commons-collections/pull/424#issuecomment-1772621743 ## [Codecov](https://app.codecov.io/gh/apache/commons-collections/pull/424?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) Report > Merging [#424](https://app.codecov.io/gh/apache/commons-collections/pull/424?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (c2e6b09) into [master](https://app.codecov.io/gh/apache/commons-collections/commit/fce46cdcc6fa33ba9472921d4b3ec3f548d8cbcc?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (fce46cd) will **not change** coverage. > The diff coverage is `n/a`. ```diff @@Coverage Diff@@ ## master #424 +/- ## = Coverage 81.29% 81.29% Complexity 4640 4640 = Files 290 290 Lines 1354713547 Branches 2003 2003 = Hits 1101311013 Misses 1933 1933 Partials601 601 ``` :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-jexl]
dependabot[bot] opened a new pull request, #205: URL: https://github.com/apache/commons-jexl/pull/205 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. Release notes Sourced from https://github.com/actions/checkout/releases";>actions/checkout's releases. v4.1.1 What's Changed Update CODEOWNERS to Launch team by https://github.com/joshmgross";>@joshmgross in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 Correct link to GitHub Docs by https://github.com/peterbe";>@peterbe in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Link to release page from what's new section by https://github.com/cory-miller";>@cory-miller in https://redirect.github.com/actions/checkout/pull/1514";>actions/checkout#1514 New Contributors https://github.com/joshmgross";>@joshmgross made their first contribution in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 https://github.com/peterbe";>@peterbe made their first contribution in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Full Changelog: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>https://github.com/actions/checkout/compare/v4.1.0...v4.1.1 Commits https://github.com/actions/checkout/commit/b4ffde65f46336ab88eb53be808477a3936bae11";>b4ffde6 Link to release page from what's new section (https://redirect.github.com/actions/checkout/issues/1514";>#1514) https://github.com/actions/checkout/commit/8530928916aaef40f59e6f221989ccb31f5759e7";>8530928 Correct link to GitHub Docs (https://redirect.github.com/actions/checkout/issues/1511";>#1511) https://github.com/actions/checkout/commit/7cdaf2fbc075e6f3b9ca94cfd6cec5adc8a75622";>7cdaf2f Update CODEOWNERS to Launch team (https://redirect.github.com/actions/checkout/issues/1510";>#1510) See full diff in https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump github/codeql-action from 2.22.2 to 2.22.3 [commons-jexl]
dependabot[bot] opened a new pull request, #206: URL: https://github.com/apache/commons-jexl/pull/206 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.2 to 2.22.3. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md";>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases";>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] Update default CodeQL bundle version to 2.15.1. https://redirect.github.com/github/codeql-action/pull/1953";>#1953 Users will begin to see warnings on Node.js 16 deprecation in their Actions logs on code scanning runs starting October 23, 2023. All code scanning workflows should continue to succeed regardless of the warning. The team at GitHub maintaining the CodeQL Action is aware of the deprecation timeline and actively working on creating another version of the CodeQL Action, v3, that will bump us to Node 20. For more information, and to communicate with the maintaining team, please use https://redirect.github.com/github/codeql-action/issues/1959";>this issue. 2.22.3 - 13 Oct 2023 Provide an authentication token when downloading the CodeQL Bundle from the API of a GitHub Enterprise Server instance. https://redirect.github.com/github/codeql-action/pull/1945";>#1945 2.22.2 - 12 Oct 2023 Update default CodeQL bundle version to 2.15.0. https://redirect.github.com/github/codeql-action/pull/1938";>#1938 Improve the log output when an error occurs in an invocation of the CodeQL CLI. https://redirect.github.com/github/codeql-action/pull/1927";>#1927 2.22.1 - 09 Oct 2023 Add a workaround for Python 3.12, which is not supported in CodeQL CLI version 2.14.6 or earlier. If you are running an analysis on Windows and using Python 3.12 or later, the CodeQL Action will switch to running Python 3.11. In this case, if Python 3.11 is not found, then the workflow will fail. https://redirect.github.com/github/codeql-action/pull/1928";>#1928 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907";>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/";>"CodeQL code scanning deprecates ML-powered alerts." https://redirect.github.com/github/codeql-action/pull/1910";>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909";>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897";>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889";>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903";>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901";>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884";>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/1883";>#1883 2.21.7 - 14 Sep 2023 Updat
[GH] (commons-jexl): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-jexl.git has failed. Run started by GitHub user garydgregory (triggered by garydgregory). Head commit for run: 5cb6d2e471943ae5c64e6430c34f0253a77fa454 / Gary Gregory Merge pull request #206 from apache/dependabot/github_actions/github/codeql-action-2.22.3 Bump github/codeql-action from 2.22.2 to 2.22.3 Report URL: https://github.com/apache/commons-jexl/actions/runs/6587840313 With regards, GitHub Actions via GitBox
[GH] (commons-vfs): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-vfs.git has failed. Run started by GitHub user garydgregory (triggered by garydgregory). Head commit for run: 56b0b7bd0d8cab244a14fd043c84999de2055d09 / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump github/codeql-action from 2.22.2 to 2.22.3 (#439) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.2 to 2.22.3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/d90b8d79de6dc1f58e83a1499aa58d6c93dc28de...0116bc2df50751f9724a2e35ef1f24d22f90e4e1) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Report URL: https://github.com/apache/commons-vfs/actions/runs/6587828409 With regards, GitHub Actions via GitBox
[GH] (commons-vfs): Workflow run "Java CI" is working again!
The GitHub Actions job "Java CI" on commons-vfs.git has succeeded. Run started by GitHub user garydgregory (triggered by garydgregory). Head commit for run: 8f5fea79026a87635f361dca93feb3ff4b0d28c6 / dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Bump actions/checkout from 4.1.0 to 4.1.1 (#440) Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Report URL: https://github.com/apache/commons-vfs/actions/runs/6587830489 With regards, GitHub Actions via GitBox
[GH] (commons-jexl): Workflow run "Java CI" is working again!
The GitHub Actions job "Java CI" on commons-jexl.git has succeeded. Run started by GitHub user garydgregory (triggered by garydgregory). Head commit for run: 5cb6d2e471943ae5c64e6430c34f0253a77fa454 / Gary Gregory Merge pull request #206 from apache/dependabot/github_actions/github/codeql-action-2.22.3 Bump github/codeql-action from 2.22.2 to 2.22.3 Report URL: https://github.com/apache/commons-jexl/actions/runs/6587840313 With regards, GitHub Actions via GitBox
[PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-lang]
dependabot[bot] opened a new pull request, #1124: URL: https://github.com/apache/commons-lang/pull/1124 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. Release notes Sourced from https://github.com/actions/checkout/releases";>actions/checkout's releases. v4.1.1 What's Changed Update CODEOWNERS to Launch team by https://github.com/joshmgross";>@joshmgross in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 Correct link to GitHub Docs by https://github.com/peterbe";>@peterbe in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Link to release page from what's new section by https://github.com/cory-miller";>@cory-miller in https://redirect.github.com/actions/checkout/pull/1514";>actions/checkout#1514 New Contributors https://github.com/joshmgross";>@joshmgross made their first contribution in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 https://github.com/peterbe";>@peterbe made their first contribution in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Full Changelog: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>https://github.com/actions/checkout/compare/v4.1.0...v4.1.1 Commits https://github.com/actions/checkout/commit/b4ffde65f46336ab88eb53be808477a3936bae11";>b4ffde6 Link to release page from what's new section (https://redirect.github.com/actions/checkout/issues/1514";>#1514) https://github.com/actions/checkout/commit/8530928916aaef40f59e6f221989ccb31f5759e7";>8530928 Correct link to GitHub Docs (https://redirect.github.com/actions/checkout/issues/1511";>#1511) https://github.com/actions/checkout/commit/7cdaf2fbc075e6f3b9ca94cfd6cec5adc8a75622";>7cdaf2f Update CODEOWNERS to Launch team (https://redirect.github.com/actions/checkout/issues/1510";>#1510) See full diff in https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-lang]
codecov-commenter commented on PR #1124: URL: https://github.com/apache/commons-lang/pull/1124#issuecomment-1772933690 ## [Codecov](https://app.codecov.io/gh/apache/commons-lang/pull/1124?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) Report > Merging [#1124](https://app.codecov.io/gh/apache/commons-lang/pull/1124?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (35a95eb) into [master](https://app.codecov.io/gh/apache/commons-lang/commit/c5d8c4f19ac4fedb5501a203ab019e065ad9ad4e?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (c5d8c4f) will **not change** coverage. > Report is 1 commits behind head on master. > The diff coverage is `n/a`. ```diff @@Coverage Diff@@ ## master#1124 +/- ## = Coverage 92.17% 92.17% Complexity 7570 7570 = Files 199 199 Lines 1582815828 Branches 2918 2918 = Hits 1458914589 Misses 668 668 Partials571 571 ``` | [Files](https://app.codecov.io/gh/apache/commons-lang/pull/1124?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) | Coverage Δ | | |---|---|---| | [...rg/apache/commons/lang3/builder/ToStringStyle.java](https://app.codecov.io/gh/apache/commons-lang/pull/1124?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2NvbW1vbnMvbGFuZzMvYnVpbGRlci9Ub1N0cmluZ1N0eWxlLmphdmE=) | `90.34% <ø> (ø)` | | :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-codec]
dependabot[bot] opened a new pull request, #214: URL: https://github.com/apache/commons-codec/pull/214 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. Release notes Sourced from https://github.com/actions/checkout/releases";>actions/checkout's releases. v4.1.1 What's Changed Update CODEOWNERS to Launch team by https://github.com/joshmgross";>@joshmgross in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 Correct link to GitHub Docs by https://github.com/peterbe";>@peterbe in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Link to release page from what's new section by https://github.com/cory-miller";>@cory-miller in https://redirect.github.com/actions/checkout/pull/1514";>actions/checkout#1514 New Contributors https://github.com/joshmgross";>@joshmgross made their first contribution in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 https://github.com/peterbe";>@peterbe made their first contribution in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Full Changelog: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>https://github.com/actions/checkout/compare/v4.1.0...v4.1.1 Commits https://github.com/actions/checkout/commit/b4ffde65f46336ab88eb53be808477a3936bae11";>b4ffde6 Link to release page from what's new section (https://redirect.github.com/actions/checkout/issues/1514";>#1514) https://github.com/actions/checkout/commit/8530928916aaef40f59e6f221989ccb31f5759e7";>8530928 Correct link to GitHub Docs (https://redirect.github.com/actions/checkout/issues/1511";>#1511) https://github.com/actions/checkout/commit/7cdaf2fbc075e6f3b9ca94cfd6cec5adc8a75622";>7cdaf2f Update CODEOWNERS to Launch team (https://redirect.github.com/actions/checkout/issues/1510";>#1510) See full diff in https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-codec]
codecov-commenter commented on PR #214: URL: https://github.com/apache/commons-codec/pull/214#issuecomment-1772985962 ## [Codecov](https://app.codecov.io/gh/apache/commons-codec/pull/214?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) Report > Merging [#214](https://app.codecov.io/gh/apache/commons-codec/pull/214?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (64abb55) into [master](https://app.codecov.io/gh/apache/commons-codec/commit/f0dc8e10ebae7cd6c80c5b9f7c614464054fc9c1?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (f0dc8e1) will **not change** coverage. > The diff coverage is `n/a`. ```diff @@Coverage Diff@@ ## master #214 +/- ## = Coverage 92.21% 92.21% Complexity 1741 1741 = Files67 67 Lines 4585 4585 Branches709 709 = Hits 4228 4228 Misses 244 244 Partials113 113 ``` :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-daemon]
dependabot[bot] opened a new pull request, #118: URL: https://github.com/apache/commons-daemon/pull/118 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. Release notes Sourced from https://github.com/actions/checkout/releases";>actions/checkout's releases. v4.1.1 What's Changed Update CODEOWNERS to Launch team by https://github.com/joshmgross";>@joshmgross in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 Correct link to GitHub Docs by https://github.com/peterbe";>@peterbe in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Link to release page from what's new section by https://github.com/cory-miller";>@cory-miller in https://redirect.github.com/actions/checkout/pull/1514";>actions/checkout#1514 New Contributors https://github.com/joshmgross";>@joshmgross made their first contribution in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 https://github.com/peterbe";>@peterbe made their first contribution in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Full Changelog: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>https://github.com/actions/checkout/compare/v4.1.0...v4.1.1 Commits https://github.com/actions/checkout/commit/b4ffde65f46336ab88eb53be808477a3936bae11";>b4ffde6 Link to release page from what's new section (https://redirect.github.com/actions/checkout/issues/1514";>#1514) https://github.com/actions/checkout/commit/8530928916aaef40f59e6f221989ccb31f5759e7";>8530928 Correct link to GitHub Docs (https://redirect.github.com/actions/checkout/issues/1511";>#1511) https://github.com/actions/checkout/commit/7cdaf2fbc075e6f3b9ca94cfd6cec5adc8a75622";>7cdaf2f Update CODEOWNERS to Launch team (https://redirect.github.com/actions/checkout/issues/1510";>#1510) See full diff in https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-configuration]
dependabot[bot] opened a new pull request, #327: URL: https://github.com/apache/commons-configuration/pull/327 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. Release notes Sourced from https://github.com/actions/checkout/releases";>actions/checkout's releases. v4.1.1 What's Changed Update CODEOWNERS to Launch team by https://github.com/joshmgross";>@joshmgross in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 Correct link to GitHub Docs by https://github.com/peterbe";>@peterbe in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Link to release page from what's new section by https://github.com/cory-miller";>@cory-miller in https://redirect.github.com/actions/checkout/pull/1514";>actions/checkout#1514 New Contributors https://github.com/joshmgross";>@joshmgross made their first contribution in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 https://github.com/peterbe";>@peterbe made their first contribution in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Full Changelog: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>https://github.com/actions/checkout/compare/v4.1.0...v4.1.1 Changelog Sourced from https://github.com/actions/checkout/blob/main/CHANGELOG.md";>actions/checkout's changelog. Changelog Commits https://github.com/actions/checkout/commit/b4ffde65f46336ab88eb53be808477a3936bae11";>b4ffde6 Link to release page from what's new section (https://redirect.github.com/actions/checkout/issues/1514";>#1514) https://github.com/actions/checkout/commit/8530928916aaef40f59e6f221989ccb31f5759e7";>8530928 Correct link to GitHub Docs (https://redirect.github.com/actions/checkout/issues/1511";>#1511) https://github.com/actions/checkout/commit/7cdaf2fbc075e6f3b9ca94cfd6cec5adc8a75622";>7cdaf2f Update CODEOWNERS to Launch team (https://redirect.github.com/actions/checkout/issues/1510";>#1510) See full diff in https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Use LazyInitializer without subclassing. [commons-lang]
codecov-commenter commented on PR #1123: URL: https://github.com/apache/commons-lang/pull/1123#issuecomment-1773084461 ## [Codecov](https://app.codecov.io/gh/apache/commons-lang/pull/1123?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) Report > Merging [#1123](https://app.codecov.io/gh/apache/commons-lang/pull/1123?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (929a17d) into [master](https://app.codecov.io/gh/apache/commons-lang/commit/88879df3a9ba47d597f2620c1a72befcb5c69711?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (88879df) will **decrease** coverage by `0.06%`. > Report is 11 commits behind head on master. > The diff coverage is `85.89%`. ```diff @@ Coverage Diff @@ ## master#1123 +/- ## - Coverage 92.21% 92.15% -0.06% - Complexity 7571 7591 +20 Files 199 200 +1 Lines 1582415902 +78 Branches 2918 2925 +7 + Hits 1459214655 +63 - Misses 661 675 +14 - Partials571 572 +1 ``` | [Files](https://app.codecov.io/gh/apache/commons-lang/pull/1123?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) | Coverage Δ | | |---|---|---| | [...apache/commons/lang3/builder/AbstractSupplier.java](https://app.codecov.io/gh/apache/commons-lang/pull/1123?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2NvbW1vbnMvbGFuZzMvYnVpbGRlci9BYnN0cmFjdFN1cHBsaWVyLmphdmE=) | `100.00% <100.00%> (ø)` | | | [...he/commons/lang3/concurrent/AtomicInitializer.java](https://app.codecov.io/gh/apache/commons-lang/pull/1123?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2NvbW1vbnMvbGFuZzMvY29uY3VycmVudC9BdG9taWNJbml0aWFsaXplci5qYXZh) | `88.88% <100.00%> (+7.07%)` | :arrow_up: | | [...ommons/lang3/concurrent/AtomicSafeInitializer.java](https://app.codecov.io/gh/apache/commons-lang/pull/1123?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2NvbW1vbnMvbGFuZzMvY29uY3VycmVudC9BdG9taWNTYWZlSW5pdGlhbGl6ZXIuamF2YQ==) | `94.11% <100.00%> (+4.11%)` | :arrow_up: | | [...ache/commons/lang3/concurrent/LazyInitializer.java](https://app.codecov.io/gh/apache/commons-lang/pull/1123?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2NvbW1vbnMvbGFuZzMvY29uY3VycmVudC9MYXp5SW5pdGlhbGl6ZXIuamF2YQ==) | `94.73% <100.00%> (+3.07%)` | :arrow_up: | | [...s/lang3/concurrent/MultiBackgroundInitializer.java](https://app.codecov.io/gh/apache/commons-lang/pull/1123?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2NvbW1vbnMvbGFuZzMvY29uY3VycmVudC9NdWx0aUJhY2tncm91bmRJbml0aWFsaXplci5qYXZh) | `100.00% <100.00%> (ø)` | | | [...ang3/concurrent/CallableBackgroundInitializer.java](https://app.codecov.io/gh/apache/commons-lang/pull/1123?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2NvbW1vbnMvbGFuZzMvY29uY3VycmVudC9DYWxsYWJsZUJhY2tncm91bmRJbml0aWFsaXplci5qYXZh) | `91.66% <0.00%> (-8.34%)` | :arrow_down: | | [...ang3/concurrent/AbstractConcurrentInitializer.java](https://app.codecov.io/gh/apache/commons-lang/pull/1123?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2NvbW1vbnMvbGFuZzMvY29uY3VycmVudC9BYnN0cmFjdENvbmN1cnJlbnRJbml0aWFsaXplci5qYXZh) | `92.85% <92.85%> (-7.15%)` | :arrow_down: | | [...ommons/lang3/concurrent/BackgroundInitializer.java](https://app.codecov.io/gh/apache/commons-lang/pull/1123?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache#diff-c3JjL21haW4vamF2YS9vcmcvYXBhY2hlL2NvbW1vbnMvbGFuZzMvY29uY3VycmVudC9CYWNrZ3JvdW5kSW5pdGlhbGl6ZXIuamF2YQ==) | `77.77% <11.11%> (-11.12%)` | :arrow_down: | ... and [2 files with indirect coverage changes](https://app.codecov.io/gh/apache/commons-lang/pull/1123/indirect-changes?src=pr&el=tree-more&utm_medium=referral&utm_so
[PR] Bump github/codeql-action from 2.22.3 to 2.22.4 [commons-exec]
dependabot[bot] opened a new pull request, #132: URL: https://github.com/apache/commons-exec/pull/132 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.3 to 2.22.4. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md";>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases";>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] No user facing changes. 2.22.4 - 20 Oct 2023 Update default CodeQL bundle version to 2.15.1. https://redirect.github.com/github/codeql-action/pull/1953";>#1953 Users will begin to see warnings on Node.js 16 deprecation in their Actions logs on code scanning runs starting October 23, 2023. All code scanning workflows should continue to succeed regardless of the warning. The team at GitHub maintaining the CodeQL Action is aware of the deprecation timeline and actively working on creating another version of the CodeQL Action, v3, that will bump us to Node 20. For more information, and to communicate with the maintaining team, please use https://redirect.github.com/github/codeql-action/issues/1959";>this issue. 2.22.3 - 13 Oct 2023 Provide an authentication token when downloading the CodeQL Bundle from the API of a GitHub Enterprise Server instance. https://redirect.github.com/github/codeql-action/pull/1945";>#1945 2.22.2 - 12 Oct 2023 Update default CodeQL bundle version to 2.15.0. https://redirect.github.com/github/codeql-action/pull/1938";>#1938 Improve the log output when an error occurs in an invocation of the CodeQL CLI. https://redirect.github.com/github/codeql-action/pull/1927";>#1927 2.22.1 - 09 Oct 2023 Add a workaround for Python 3.12, which is not supported in CodeQL CLI version 2.14.6 or earlier. If you are running an analysis on Windows and using Python 3.12 or later, the CodeQL Action will switch to running Python 3.11. In this case, if Python 3.11 is not found, then the workflow will fail. https://redirect.github.com/github/codeql-action/pull/1928";>#1928 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907";>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/";>"CodeQL code scanning deprecates ML-powered alerts." https://redirect.github.com/github/codeql-action/pull/1910";>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909";>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897";>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889";>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903";>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901";>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884";>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/18
[PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-exec]
dependabot[bot] opened a new pull request, #131: URL: https://github.com/apache/commons-exec/pull/131 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. Release notes Sourced from https://github.com/actions/checkout/releases";>actions/checkout's releases. v4.1.1 What's Changed Update CODEOWNERS to Launch team by https://github.com/joshmgross";>@joshmgross in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 Correct link to GitHub Docs by https://github.com/peterbe";>@peterbe in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Link to release page from what's new section by https://github.com/cory-miller";>@cory-miller in https://redirect.github.com/actions/checkout/pull/1514";>actions/checkout#1514 New Contributors https://github.com/joshmgross";>@joshmgross made their first contribution in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 https://github.com/peterbe";>@peterbe made their first contribution in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Full Changelog: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>https://github.com/actions/checkout/compare/v4.1.0...v4.1.1 Commits https://github.com/actions/checkout/commit/b4ffde65f46336ab88eb53be808477a3936bae11";>b4ffde6 Link to release page from what's new section (https://redirect.github.com/actions/checkout/issues/1514";>#1514) https://github.com/actions/checkout/commit/8530928916aaef40f59e6f221989ccb31f5759e7";>8530928 Correct link to GitHub Docs (https://redirect.github.com/actions/checkout/issues/1511";>#1511) https://github.com/actions/checkout/commit/7cdaf2fbc075e6f3b9ca94cfd6cec5adc8a75622";>7cdaf2f Update CODEOWNERS to Launch team (https://redirect.github.com/actions/checkout/issues/1510";>#1510) See full diff in https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump github/codeql-action from 2.22.3 to 2.22.4 [commons-imaging]
dependabot[bot] opened a new pull request, #327: URL: https://github.com/apache/commons-imaging/pull/327 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.3 to 2.22.4. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md";>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases";>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] No user facing changes. 2.22.4 - 20 Oct 2023 Update default CodeQL bundle version to 2.15.1. https://redirect.github.com/github/codeql-action/pull/1953";>#1953 Users will begin to see warnings on Node.js 16 deprecation in their Actions logs on code scanning runs starting October 23, 2023. All code scanning workflows should continue to succeed regardless of the warning. The team at GitHub maintaining the CodeQL Action is aware of the deprecation timeline and actively working on creating another version of the CodeQL Action, v3, that will bump us to Node 20. For more information, and to communicate with the maintaining team, please use https://redirect.github.com/github/codeql-action/issues/1959";>this issue. 2.22.3 - 13 Oct 2023 Provide an authentication token when downloading the CodeQL Bundle from the API of a GitHub Enterprise Server instance. https://redirect.github.com/github/codeql-action/pull/1945";>#1945 2.22.2 - 12 Oct 2023 Update default CodeQL bundle version to 2.15.0. https://redirect.github.com/github/codeql-action/pull/1938";>#1938 Improve the log output when an error occurs in an invocation of the CodeQL CLI. https://redirect.github.com/github/codeql-action/pull/1927";>#1927 2.22.1 - 09 Oct 2023 Add a workaround for Python 3.12, which is not supported in CodeQL CLI version 2.14.6 or earlier. If you are running an analysis on Windows and using Python 3.12 or later, the CodeQL Action will switch to running Python 3.11. In this case, if Python 3.11 is not found, then the workflow will fail. https://redirect.github.com/github/codeql-action/pull/1928";>#1928 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907";>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/";>"CodeQL code scanning deprecates ML-powered alerts." https://redirect.github.com/github/codeql-action/pull/1910";>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909";>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897";>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889";>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903";>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901";>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884";>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull
[PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-imaging]
dependabot[bot] opened a new pull request, #328: URL: https://github.com/apache/commons-imaging/pull/328 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. Release notes Sourced from https://github.com/actions/checkout/releases";>actions/checkout's releases. v4.1.1 What's Changed Update CODEOWNERS to Launch team by https://github.com/joshmgross";>@joshmgross in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 Correct link to GitHub Docs by https://github.com/peterbe";>@peterbe in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Link to release page from what's new section by https://github.com/cory-miller";>@cory-miller in https://redirect.github.com/actions/checkout/pull/1514";>actions/checkout#1514 New Contributors https://github.com/joshmgross";>@joshmgross made their first contribution in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 https://github.com/peterbe";>@peterbe made their first contribution in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Full Changelog: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>https://github.com/actions/checkout/compare/v4.1.0...v4.1.1 Commits https://github.com/actions/checkout/commit/b4ffde65f46336ab88eb53be808477a3936bae11";>b4ffde6 Link to release page from what's new section (https://redirect.github.com/actions/checkout/issues/1514";>#1514) https://github.com/actions/checkout/commit/8530928916aaef40f59e6f221989ccb31f5759e7";>8530928 Correct link to GitHub Docs (https://redirect.github.com/actions/checkout/issues/1511";>#1511) https://github.com/actions/checkout/commit/7cdaf2fbc075e6f3b9ca94cfd6cec5adc8a75622";>7cdaf2f Update CODEOWNERS to Launch team (https://redirect.github.com/actions/checkout/issues/1510";>#1510) See full diff in https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-imaging]
codecov-commenter commented on PR #328: URL: https://github.com/apache/commons-imaging/pull/328#issuecomment-1773166024 ## [Codecov](https://app.codecov.io/gh/apache/commons-imaging/pull/328?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) Report > Merging [#328](https://app.codecov.io/gh/apache/commons-imaging/pull/328?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (d4c3e8b) into [master](https://app.codecov.io/gh/apache/commons-imaging/commit/6a43629341d85deef838572cbac58322ceb61728?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (6a43629) will **not change** coverage. > The diff coverage is `n/a`. ```diff @@Coverage Diff@@ ## master #328 +/- ## = Coverage 71.18% 71.18% Complexity 3521 3521 = Files 351 351 Lines 1729217292 Branches 2668 2668 = Hits 1231012310 Misses 3930 3930 Partials 1052 1052 ``` :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump github/codeql-action from 2.22.3 to 2.22.4 [commons-imaging]
codecov-commenter commented on PR #327: URL: https://github.com/apache/commons-imaging/pull/327#issuecomment-1773166859 ## [Codecov](https://app.codecov.io/gh/apache/commons-imaging/pull/327?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) Report > Merging [#327](https://app.codecov.io/gh/apache/commons-imaging/pull/327?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (5b37685) into [master](https://app.codecov.io/gh/apache/commons-imaging/commit/6a43629341d85deef838572cbac58322ceb61728?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (6a43629) will **not change** coverage. > The diff coverage is `n/a`. ```diff @@Coverage Diff@@ ## master #327 +/- ## = Coverage 71.18% 71.18% Complexity 3521 3521 = Files 351 351 Lines 1729217292 Branches 2668 2668 = Hits 1231012310 Misses 3930 3930 Partials 1052 1052 ``` :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-jxpath]
dependabot[bot] opened a new pull request, #90: URL: https://github.com/apache/commons-jxpath/pull/90 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. Release notes Sourced from https://github.com/actions/checkout/releases";>actions/checkout's releases. v4.1.1 What's Changed Update CODEOWNERS to Launch team by https://github.com/joshmgross";>@joshmgross in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 Correct link to GitHub Docs by https://github.com/peterbe";>@peterbe in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Link to release page from what's new section by https://github.com/cory-miller";>@cory-miller in https://redirect.github.com/actions/checkout/pull/1514";>actions/checkout#1514 New Contributors https://github.com/joshmgross";>@joshmgross made their first contribution in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 https://github.com/peterbe";>@peterbe made their first contribution in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Full Changelog: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>https://github.com/actions/checkout/compare/v4.1.0...v4.1.1 Commits https://github.com/actions/checkout/commit/b4ffde65f46336ab88eb53be808477a3936bae11";>b4ffde6 Link to release page from what's new section (https://redirect.github.com/actions/checkout/issues/1514";>#1514) https://github.com/actions/checkout/commit/8530928916aaef40f59e6f221989ccb31f5759e7";>8530928 Correct link to GitHub Docs (https://redirect.github.com/actions/checkout/issues/1511";>#1511) https://github.com/actions/checkout/commit/7cdaf2fbc075e6f3b9ca94cfd6cec5adc8a75622";>7cdaf2f Update CODEOWNERS to Launch team (https://redirect.github.com/actions/checkout/issues/1510";>#1510) See full diff in https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump github/codeql-action from 2.22.3 to 2.22.4 [commons-jxpath]
dependabot[bot] opened a new pull request, #91: URL: https://github.com/apache/commons-jxpath/pull/91 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.3 to 2.22.4. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md";>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases";>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] No user facing changes. 2.22.4 - 20 Oct 2023 Update default CodeQL bundle version to 2.15.1. https://redirect.github.com/github/codeql-action/pull/1953";>#1953 Users will begin to see warnings on Node.js 16 deprecation in their Actions logs on code scanning runs starting October 23, 2023. All code scanning workflows should continue to succeed regardless of the warning. The team at GitHub maintaining the CodeQL Action is aware of the deprecation timeline and actively working on creating another version of the CodeQL Action, v3, that will bump us to Node 20. For more information, and to communicate with the maintaining team, please use https://redirect.github.com/github/codeql-action/issues/1959";>this issue. 2.22.3 - 13 Oct 2023 Provide an authentication token when downloading the CodeQL Bundle from the API of a GitHub Enterprise Server instance. https://redirect.github.com/github/codeql-action/pull/1945";>#1945 2.22.2 - 12 Oct 2023 Update default CodeQL bundle version to 2.15.0. https://redirect.github.com/github/codeql-action/pull/1938";>#1938 Improve the log output when an error occurs in an invocation of the CodeQL CLI. https://redirect.github.com/github/codeql-action/pull/1927";>#1927 2.22.1 - 09 Oct 2023 Add a workaround for Python 3.12, which is not supported in CodeQL CLI version 2.14.6 or earlier. If you are running an analysis on Windows and using Python 3.12 or later, the CodeQL Action will switch to running Python 3.11. In this case, if Python 3.11 is not found, then the workflow will fail. https://redirect.github.com/github/codeql-action/pull/1928";>#1928 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907";>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/";>"CodeQL code scanning deprecates ML-powered alerts." https://redirect.github.com/github/codeql-action/pull/1910";>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909";>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897";>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889";>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903";>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901";>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884";>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/pull/18
Re: [PR] Bump github/codeql-action from 2.22.3 to 2.22.4 [commons-jxpath]
codecov-commenter commented on PR #91: URL: https://github.com/apache/commons-jxpath/pull/91#issuecomment-1773178118 ## [Codecov](https://app.codecov.io/gh/apache/commons-jxpath/pull/91?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) Report > Merging [#91](https://app.codecov.io/gh/apache/commons-jxpath/pull/91?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (d5d5409) into [master](https://app.codecov.io/gh/apache/commons-jxpath/commit/90577347bbb2cc5d940ccd3d1e78b6b2681ed846?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (9057734) will **not change** coverage. > The diff coverage is `n/a`. ```diff @@Coverage Diff@@ ## master #91 +/- ## = Coverage 69.19% 69.19% Complexity 3121 3121 = Files 152 152 Lines 9575 9575 Branches 2005 2005 = Hits 6625 6625 Misses 2155 2155 Partials795 795 ``` :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
Re: [PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-jxpath]
codecov-commenter commented on PR #90: URL: https://github.com/apache/commons-jxpath/pull/90#issuecomment-1773178372 ## [Codecov](https://app.codecov.io/gh/apache/commons-jxpath/pull/90?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) Report > Merging [#90](https://app.codecov.io/gh/apache/commons-jxpath/pull/90?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (f4fc4ac) into [master](https://app.codecov.io/gh/apache/commons-jxpath/commit/90577347bbb2cc5d940ccd3d1e78b6b2681ed846?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) (9057734) will **not change** coverage. > The diff coverage is `n/a`. ```diff @@Coverage Diff@@ ## master #90 +/- ## = Coverage 69.19% 69.19% Complexity 3121 3121 = Files 152 152 Lines 9575 9575 Branches 2005 2005 = Hits 6625 6625 Misses 2155 2155 Partials795 795 ``` :mega: We’re building smart automated test selection to slash your CI/CD build times. [Learn more](https://about.codecov.io/iterative-testing/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=apache) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GH] (commons-lang): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-lang.git has failed. Run started by GitHub user asfgit (triggered by asfgit). Head commit for run: 902b1ce39d140e2ba07deaa7e5326d96b25f5d99 / Gary Gregory Merge branch 'master' of https://gitbox.apache.org/repos/asf/commons-lang.git Report URL: https://github.com/apache/commons-lang/actions/runs/6591322308 With regards, GitHub Actions via GitBox
[PR] Bump actions/checkout from 4.1.0 to 4.1.1 [commons-fileupload]
dependabot[bot] opened a new pull request, #251: URL: https://github.com/apache/commons-fileupload/pull/251 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0 to 4.1.1. Release notes Sourced from https://github.com/actions/checkout/releases";>actions/checkout's releases. v4.1.1 What's Changed Update CODEOWNERS to Launch team by https://github.com/joshmgross";>@joshmgross in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 Correct link to GitHub Docs by https://github.com/peterbe";>@peterbe in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Link to release page from what's new section by https://github.com/cory-miller";>@cory-miller in https://redirect.github.com/actions/checkout/pull/1514";>actions/checkout#1514 New Contributors https://github.com/joshmgross";>@joshmgross made their first contribution in https://redirect.github.com/actions/checkout/pull/1510";>actions/checkout#1510 https://github.com/peterbe";>@peterbe made their first contribution in https://redirect.github.com/actions/checkout/pull/1511";>actions/checkout#1511 Full Changelog: https://github.com/actions/checkout/compare/v4.1.0...v4.1.1";>https://github.com/actions/checkout/compare/v4.1.0...v4.1.1 Commits https://github.com/actions/checkout/commit/b4ffde65f46336ab88eb53be808477a3936bae11";>b4ffde6 Link to release page from what's new section (https://redirect.github.com/actions/checkout/issues/1514";>#1514) https://github.com/actions/checkout/commit/8530928916aaef40f59e6f221989ccb31f5759e7";>8530928 Correct link to GitHub Docs (https://redirect.github.com/actions/checkout/issues/1511";>#1511) https://github.com/actions/checkout/commit/7cdaf2fbc075e6f3b9ca94cfd6cec5adc8a75622";>7cdaf2f Update CODEOWNERS to Launch team (https://redirect.github.com/actions/checkout/issues/1510";>#1510) See full diff in https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11";>compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@commons.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[PR] Bump github/codeql-action from 2.22.3 to 2.22.4 [commons-fileupload]
dependabot[bot] opened a new pull request, #252: URL: https://github.com/apache/commons-fileupload/pull/252 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.22.3 to 2.22.4. Changelog Sourced from https://github.com/github/codeql-action/blob/main/CHANGELOG.md";>github/codeql-action's changelog. CodeQL Action Changelog See the https://github.com/github/codeql-action/releases";>releases page for the relevant changes to the CodeQL CLI and language packs. [UNRELEASED] No user facing changes. 2.22.4 - 20 Oct 2023 Update default CodeQL bundle version to 2.15.1. https://redirect.github.com/github/codeql-action/pull/1953";>#1953 Users will begin to see warnings on Node.js 16 deprecation in their Actions logs on code scanning runs starting October 23, 2023. All code scanning workflows should continue to succeed regardless of the warning. The team at GitHub maintaining the CodeQL Action is aware of the deprecation timeline and actively working on creating another version of the CodeQL Action, v3, that will bump us to Node 20. For more information, and to communicate with the maintaining team, please use https://redirect.github.com/github/codeql-action/issues/1959";>this issue. 2.22.3 - 13 Oct 2023 Provide an authentication token when downloading the CodeQL Bundle from the API of a GitHub Enterprise Server instance. https://redirect.github.com/github/codeql-action/pull/1945";>#1945 2.22.2 - 12 Oct 2023 Update default CodeQL bundle version to 2.15.0. https://redirect.github.com/github/codeql-action/pull/1938";>#1938 Improve the log output when an error occurs in an invocation of the CodeQL CLI. https://redirect.github.com/github/codeql-action/pull/1927";>#1927 2.22.1 - 09 Oct 2023 Add a workaround for Python 3.12, which is not supported in CodeQL CLI version 2.14.6 or earlier. If you are running an analysis on Windows and using Python 3.12 or later, the CodeQL Action will switch to running Python 3.11. In this case, if Python 3.11 is not found, then the workflow will fail. https://redirect.github.com/github/codeql-action/pull/1928";>#1928 2.22.0 - 06 Oct 2023 The CodeQL Action now requires CodeQL version 2.10.5 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.21.8. https://redirect.github.com/github/codeql-action/pull/1907";>#1907 The CodeQL Action no longer runs ML-powered queries. For more information, including details on our investment in AI-powered security technology, see https://github.blog/changelog/2023-09-29-codeql-code-scanning-deprecates-ml-powered-alerts/";>"CodeQL code scanning deprecates ML-powered alerts." https://redirect.github.com/github/codeql-action/pull/1910";>#1910 Fix a bug which prevented tracing of projects using Go 1.21 and above on Linux. https://redirect.github.com/github/codeql-action/pull/1909";>#1909 2.21.9 - 27 Sep 2023 Update default CodeQL bundle version to 2.14.6. https://redirect.github.com/github/codeql-action/pull/1897";>#1897 We are rolling out a feature in October 2023 that will improve the success rate of C/C++ autobuild. https://redirect.github.com/github/codeql-action/pull/1889";>#1889 We are rolling out a feature in October 2023 that will provide specific file coverage information for C and C++, Java and Kotlin, and JavaScript and TypeScript. Currently file coverage information for each of these pairs of languages is grouped together. https://redirect.github.com/github/codeql-action/pull/1903";>#1903 Add a warning to help customers avoid inadvertently analyzing the same CodeQL language in multiple matrix jobs. https://redirect.github.com/github/codeql-action/pull/1901";>#1901 2.21.8 - 19 Sep 2023 Add a deprecation warning for customers using CodeQL version 2.10.4 and earlier. These versions of CodeQL were discontinued on 12 September 2023 alongside GitHub Enterprise Server 3.6, and will be unsupported by the next minor release of the CodeQL Action. https://redirect.github.com/github/codeql-action/pull/1884";>#1884 If you are using one of these versions, please update to CodeQL CLI version 2.10.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version. Alternatively, if you want to continue using a version of the CodeQL CLI between 2.9.5 and 2.10.4, you can replace github/codeql-action/*@v2 by github/codeql-action/*@v2.21.7 in your code scanning workflow to ensure you continue using this version of the CodeQL Action. Enable the following language aliases when using CodeQL 2.14.4 and later: c-cpp for C/C++ analysis, java-kotlin for Java/Kotlin analysis, and javascript-typescript for JavaScript/TypeScript analysis. https://redirect.github.com/github/codeql-action/p
[GH] (commons-lang): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-lang.git has failed. Run started by GitHub user asfgit (triggered by asfgit). Head commit for run: 30af12480090cfde0a0eafc6ac08c5380890b4b7 / Gary Gregory Javbadoc and comments Report URL: https://github.com/apache/commons-lang/actions/runs/6591449470 With regards, GitHub Actions via GitBox
[GH] (commons-lang): Workflow run "Java CI" is working again!
The GitHub Actions job "Java CI" on commons-lang.git has succeeded. Run started by GitHub user asfgit (triggered by garydgregory). Head commit for run: 902b1ce39d140e2ba07deaa7e5326d96b25f5d99 / Gary Gregory Merge branch 'master' of https://gitbox.apache.org/repos/asf/commons-lang.git Report URL: https://github.com/apache/commons-lang/actions/runs/6591322308 With regards, GitHub Actions via GitBox
[GH] (commons-lang): Workflow run "Java CI" failed!
The GitHub Actions job "Java CI" on commons-lang.git has failed. Run started by GitHub user asfgit (triggered by asfgit). Head commit for run: 181ba18528dad981e98f30860ef65e1c66f6eb51 / Gary Gregory @deprecated in package info files generates a warning in Java 21 Report URL: https://github.com/apache/commons-lang/actions/runs/6591883109 With regards, GitHub Actions via GitBox
[GH] (commons-lang): Workflow run "Java CI" is working again!
The GitHub Actions job "Java CI" on commons-lang.git has succeeded. Run started by GitHub user asfgit (triggered by asfgit). Head commit for run: 9840b9df5795a9d253611ac7cd451163470b2443 / Gary Gregory Try to fix random failures in StopWatchTest.testStopWatchSuspend() Watch out comparing measurements from System.currentTimeMillis() vs. System.nanoTime() Report URL: https://github.com/apache/commons-lang/actions/runs/6591805315 With regards, GitHub Actions via GitBox
