diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 649ecc2dd9f..91bc8d9601f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -141,7 +141,7 @@ jobs: run: ./gradlew codeCoverageReport - name: Send code coverage report to Codecov.io - uses: codecov/codecov-action@ad3126e916f78f00edff4ed0317cf185271ccc2d # v5.4.2 + uses: codecov/codecov-action@18283e04ce6e62d37312384ff67231eb8fd56d24 # v5.4.3 with: token: ${{ secrets.CODECOV_TOKEN }} docs: @@ -191,6 +191,6 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Generate and submit dependency graph if: github.event_name == 'workflow_dispatch' || github.event_name == 'push' && github.ref == 'refs/heads/main' - uses: gradle/actions/dependency-submission@06832c7b30a0129d7fb559bcc6e43d26f6374244 # v4.3.1 + uses: gradle/actions/dependency-submission@8379f6a1328ee0e06e2bb424dadb7b159856a326 # v4.4.0 with: github-token: ${{ steps.generate_github_token.outputs.token }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 1b2f597a098..2a8e3718631 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -54,7 +54,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 + uses: github/codeql-action/init@fca7ace96b7d713c7035871441bd52efbe39e27e # v3.28.19 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -68,7 +68,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 + uses: github/codeql-action/autobuild@fca7ace96b7d713c7035871441bd52efbe39e27e # v3.28.19 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -81,6 +81,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 + uses: github/codeql-action/analyze@fca7ace96b7d713c7035871441bd52efbe39e27e # v3.28.19 with: category: "/language:${{matrix.language}}" diff --git a/build.gradle b/build.gradle index 64a4c800d0d..83ff0178670 100644 --- a/build.gradle +++ b/build.gradle @@ -66,7 +66,7 @@ allprojects { configurations { taglet { - resolutionStrategy.force("net.sourceforge.plantuml:plantuml:1.2025.2") + resolutionStrategy.force("net.sourceforge.plantuml:plantuml:1.2025.3") } } diff --git a/commercetools/commercetools-apachehttp-client/build.gradle b/commercetools/commercetools-apachehttp-client/build.gradle index 2bece0afcfa..ca776fa10a7 100644 --- a/commercetools/commercetools-apachehttp-client/build.gradle +++ b/commercetools/commercetools-apachehttp-client/build.gradle @@ -1,7 +1,7 @@ dependencies { api project(":rmf:rmf-java-base") - api "org.apache.httpcomponents.client5:httpclient5:5.4.4" version { + api "org.apache.httpcomponents.client5:httpclient5:5.5" version { strictly "[5.4.4,6.0[" prefer "5.4.4" } diff --git a/commercetools/commercetools-async-http-client/build.gradle b/commercetools/commercetools-async-http-client/build.gradle index a28391a1019..242fc7a3882 100644 --- a/commercetools/commercetools-async-http-client/build.gradle +++ b/commercetools/commercetools-async-http-client/build.gradle @@ -3,10 +3,10 @@ dependencies { api project(":rmf:rmf-java-base") api "org.asynchttpclient:async-http-client:2.12.4" api commons.io version commons.io_version - api "io.netty:netty-codec:4.2.0.Final" - api "io.netty:netty-codec-http:4.2.0.Final" - api "io.netty:netty-codec-socks:4.2.0.Final" - api "io.netty:netty-handler-proxy:4.2.0.Final" - api "io.netty:netty-handler:4.2.0.Final" + api "io.netty:netty-codec:4.2.1.Final" + api "io.netty:netty-codec-http:4.2.1.Final" + api "io.netty:netty-codec-socks:4.2.1.Final" + api "io.netty:netty-handler-proxy:4.2.1.Final" + api "io.netty:netty-handler:4.2.1.Final" implementation javax.validation } diff --git a/commercetools/commercetools-monitoring-datadog/build.gradle b/commercetools/commercetools-monitoring-datadog/build.gradle index 3bbe208dd55..dca012c238b 100644 --- a/commercetools/commercetools-monitoring-datadog/build.gradle +++ b/commercetools/commercetools-monitoring-datadog/build.gradle @@ -1,7 +1,7 @@ dependencies { api project(":rmf:rmf-java-base") implementation "com.datadoghq:java-dogstatsd-client:4.4.4" - implementation "com.datadoghq:datadog-api-client:2.34.1" + implementation "com.datadoghq:datadog-api-client:2.35.0" testImplementation project(":commercetools:commercetools-sdk-java-api") } diff --git a/commercetools/commercetools-monitoring-newrelic/build.gradle b/commercetools/commercetools-monitoring-newrelic/build.gradle index 6dc8e8a6dd5..fcdb01bf910 100644 --- a/commercetools/commercetools-monitoring-newrelic/build.gradle +++ b/commercetools/commercetools-monitoring-newrelic/build.gradle @@ -1,7 +1,7 @@ dependencies { api project(":rmf:rmf-java-base") - implementation 'com.newrelic.agent.java:newrelic-api:8.20.0' + implementation 'com.newrelic.agent.java:newrelic-api:8.21.0' testImplementation project(":commercetools:commercetools-sdk-java-api") } diff --git a/commercetools/commercetools-monitoring-opentelemetry/build.gradle b/commercetools/commercetools-monitoring-opentelemetry/build.gradle index ffb185984b9..3ad278b4582 100644 --- a/commercetools/commercetools-monitoring-opentelemetry/build.gradle +++ b/commercetools/commercetools-monitoring-opentelemetry/build.gradle @@ -1,7 +1,7 @@ dependencies { api project(":rmf:rmf-java-base") - implementation 'io.opentelemetry:opentelemetry-api:1.49.0' + implementation 'io.opentelemetry:opentelemetry-api:1.50.0' testImplementation project(":commercetools:commercetools-sdk-java-api") } diff --git a/commercetools/commercetools-okhttp-client3/build.gradle b/commercetools/commercetools-okhttp-client3/build.gradle index 0837552bb49..6a7469e6891 100644 --- a/commercetools/commercetools-okhttp-client3/build.gradle +++ b/commercetools/commercetools-okhttp-client3/build.gradle @@ -12,7 +12,7 @@ jmh { dependencies { api project(":rmf:rmf-java-base") - implementation "com.squareup.okio:okio:3.11.0" + implementation "com.squareup.okio:okio:3.12.0" api "com.squareup.okhttp3:okhttp:3.14.9" version { strictly "[3.0,4.0[" prefer "3.14.9" diff --git a/commercetools/commercetools-okhttp-client4/build.gradle b/commercetools/commercetools-okhttp-client4/build.gradle index 1a13cf098cf..9bbc5af1415 100644 --- a/commercetools/commercetools-okhttp-client4/build.gradle +++ b/commercetools/commercetools-okhttp-client4/build.gradle @@ -15,7 +15,7 @@ dependencies { strictly '[4.0,5.0[' prefer "4.12.0" } - implementation "com.squareup.okio:okio:3.11.0" + implementation "com.squareup.okio:okio:3.12.0" implementation javax.validation } diff --git a/commercetools/commercetools-reactornetty-client/build.gradle b/commercetools/commercetools-reactornetty-client/build.gradle index a8aa38a299b..7f3261042d8 100644 --- a/commercetools/commercetools-reactornetty-client/build.gradle +++ b/commercetools/commercetools-reactornetty-client/build.gradle @@ -2,8 +2,8 @@ dependencies { api project(":rmf:rmf-java-base") - api "io.projectreactor.netty:reactor-netty-http:1.2.5" - api "io.projectreactor.netty:reactor-netty-core:1.2.5" + api "io.projectreactor.netty:reactor-netty-http:1.2.6" + api "io.projectreactor.netty:reactor-netty-core:1.2.6" implementation javax.validation } diff --git a/commercetools/commercetools-sdk-compat-v1/build.gradle b/commercetools/commercetools-sdk-compat-v1/build.gradle index d8772034d97..7737ce99dcd 100644 --- a/commercetools/commercetools-sdk-compat-v1/build.gradle +++ b/commercetools/commercetools-sdk-compat-v1/build.gradle @@ -21,8 +21,8 @@ dependencies { api project(':commercetools:commercetools-sdk-java-api') api ctsdkv1.client version ctsdkv1.version api ctsdkv1.models version ctsdkv1.version - api "io.netty:netty-codec:4.2.0.Final" - api "io.netty:netty-codec-http:4.2.0.Final" + api "io.netty:netty-codec:4.2.1.Final" + api "io.netty:netty-codec-http:4.2.1.Final" jmhImplementation project(':commercetools:commercetools-async-http-client') jmhImplementation project(':commercetools:commercetools-apachehttp-client') diff --git a/common-plugins/build.gradle b/common-plugins/build.gradle index 296cba83bc7..9c63ae7d37a 100644 --- a/common-plugins/build.gradle +++ b/common-plugins/build.gradle @@ -1,7 +1,7 @@ plugins { id 'java-gradle-plugin' id 'idea' - id 'org.jetbrains.kotlin.jvm' version "2.1.20" + id 'org.jetbrains.kotlin.jvm' version "2.1.21" } repositories { diff --git a/gradle-scripts/extensions.gradle b/gradle-scripts/extensions.gradle index eb5efc3a586..5cfd7e1f932 100644 --- a/gradle-scripts/extensions.gradle +++ b/gradle-scripts/extensions.gradle @@ -56,14 +56,14 @@ ext { ] junit = [ - junit: 'org.junit.jupiter:junit-jupiter:5.12.2', + junit: 'org.junit.jupiter:junit-jupiter:5.13.0', jsonassert: 'org.skyscreamer:jsonassert:1.5.3', assertj: 'org.assertj:assertj-core:3.27.3' ] mockito = [ inline: 'org.mockito:mockito-inline:5.2.0', - junit: 'org.mockito:mockito-junit-jupiter:5.17.0', + junit: 'org.mockito:mockito-junit-jupiter:5.18.0', ] failsafe = [ diff --git a/gradle/wrapper/gradle-wrapper.jar b/gradle/wrapper/gradle-wrapper.jar index e6441136f3d..1b33c55baab 100644 Binary files a/gradle/wrapper/gradle-wrapper.jar and b/gradle/wrapper/gradle-wrapper.jar differ diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index ca025c83a7c..002b867c48b 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,6 +1,6 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-8.14-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.14.1-bin.zip networkTimeout=10000 validateDistributionUrl=true zipStoreBase=GRADLE_USER_HOME diff --git a/gradlew b/gradlew index b740cf13397..23d15a93670 100755 --- a/gradlew +++ b/gradlew @@ -15,6 +15,8 @@ # See the License for the specific language governing permissions and # limitations under the License. # +# SPDX-License-Identifier: Apache-2.0 +# ############################################################################## # @@ -84,7 +86,7 @@ done # shellcheck disable=SC2034 APP_BASE_NAME=${0##*/} # Discard cd standard output in case $CDPATH is set (https://github.com/gradle/gradle/issues/25036) -APP_HOME=$( cd "${APP_HOME:-./}" > /dev/null && pwd -P ) || exit +APP_HOME=$( cd -P "${APP_HOME:-./}" > /dev/null && printf '%s\n' "$PWD" ) || exit # Use the maximum available, or set MAX_FD != -1 to use that value. MAX_FD=maximum @@ -112,7 +114,7 @@ case "$( uname )" in #( NONSTOP* ) nonstop=true ;; esac -CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar +CLASSPATH="\\\"\\\"" # Determine the Java command to use to start the JVM. @@ -203,7 +205,7 @@ fi DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' # Collect all arguments for the java command: -# * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments, +# * DEFAULT_JVM_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments, # and any embedded shellness will be escaped. # * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be # treated as '${Hostname}' itself on the command line. @@ -211,7 +213,7 @@ DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"' set -- \ "-Dorg.gradle.appname=$APP_BASE_NAME" \ -classpath "$CLASSPATH" \ - org.gradle.wrapper.GradleWrapperMain \ + -jar "$APP_HOME/gradle/wrapper/gradle-wrapper.jar" \ "$@" # Stop when "xargs" is not available. diff --git a/gradlew.bat b/gradlew.bat index 7101f8e4676..5eed7ee8452 100644 --- a/gradlew.bat +++ b/gradlew.bat @@ -13,6 +13,8 @@ @rem See the License for the specific language governing permissions and @rem limitations under the License. @rem +@rem SPDX-License-Identifier: Apache-2.0 +@rem @if "%DEBUG%"=="" @echo off @rem ########################################################################## @@ -68,11 +70,11 @@ goto fail :execute @rem Setup the command line -set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar +set CLASSPATH= @rem Execute Gradle -"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %* +"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" -jar "%APP_HOME%\gradle\wrapper\gradle-wrapper.jar" %* :end @rem End local scope for the variables with windows NT shell diff --git a/package.json b/package.json index 5cc5f2b6ccc..05407bb58c9 100644 --- a/package.json +++ b/package.json @@ -9,10 +9,10 @@ "node": ">=14.15", "npm": ">=5" }, - "packageManager": "yarn@4.9.1", + "packageManager": "yarn@4.9.2", "dependencies": { "husky": "9.1.7", - "lint-staged": "15.5.1" + "lint-staged": "15.5.2" }, "scripts": { "postinstall": "husky install", diff --git a/yarn.lock b/yarn.lock index faff8d78e7a..f0cd4d2aaea 100644 --- a/yarn.lock +++ b/yarn.lock @@ -82,7 +82,7 @@ __metadata: resolution: "commercetools-sdk-java-v2@workspace:." dependencies: husky: "npm:9.1.7" - lint-staged: "npm:15.5.1" + lint-staged: "npm:15.5.2" languageName: unknown linkType: soft @@ -230,9 +230,9 @@ __metadata: languageName: node linkType: hard -"lint-staged@npm:15.5.1": - version: 15.5.1 - resolution: "lint-staged@npm:15.5.1" +"lint-staged@npm:15.5.2": + version: 15.5.2 + resolution: "lint-staged@npm:15.5.2" dependencies: chalk: "npm:^5.4.1" commander: "npm:^13.1.0" @@ -246,7 +246,7 @@ __metadata: yaml: "npm:^2.7.0" bin: lint-staged: bin/lint-staged.js - checksum: 10c0/86deddb08bf10428f2eb96c02326a9ee403360729225f0b12afb0c0f13c287a75daa01e179d86f64e3432576446d8643d204a47417296f9ef0aa56f1340ff2af + checksum: 10c0/618386254600ada3af3672486a9d082250108245e7c0863d9dfe0a21e7764e3b2eb6416b0f8970e548f4e9d368637331598b27df5a1306925feabbaf16a667e1 languageName: node linkType: hard