Mirrors/Stirling-PDF
Mirrors/Stirling-PDF
1
0
Fork 0
mirror of https://github.com/Frooodle/Stirling-PDF.git synced 2025-09-26 17:52:59 +02:00
Code Issues Packages Projects Releases Wiki Activity
3,968 Commits 99 Branches 138 Tags 139 MiB
dependabot/gradle/org.springdoc-springdoc-openapi-starter-webmvc-ui-2.8.13
Commit Graph

115 Commits

Author SHA1 Message Date
dependabot[bot]
54c7b0e689
build(deps): bump actions/setup-java from 4.7.1 to 5.0.0 (#4269) 
Bumps [actions/setup-java](https://github.com/actions/setup-java) from
4.7.1 to 5.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-java/releases">actions/setup-java's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.0</h2>
<h2>What's Changed</h2>
<h3>Breaking Changes</h3>
<ul>
<li>Upgrade to node 24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/888">actions/setup-java#888</a></li>
</ul>
<p>Make sure your runner is updated to this version or newer to use this
release. v2.327.1 <a
href="https://github.com/actions/runner/releases/tag/v2.327.1">Release
Notes</a></p>
<h3>Dependency Upgrades</h3>
<ul>
<li>Upgrade Publish Immutable Action by <a
href="https://github.com/HarithaVattikuti"><code>@​HarithaVattikuti</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/798">actions/setup-java#798</a></li>
<li>Upgrade eslint-plugin-jest from 27.9.0 to 28.11.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/setup-java/pull/730">actions/setup-java#730</a></li>
<li>Upgrade undici from 5.28.5 to 5.29.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/setup-java/pull/833">actions/setup-java#833</a></li>
<li>Upgrade form-data to bring in fix for critical vulnerability by <a
href="https://github.com/gowridurgad"><code>@​gowridurgad</code></a> in
<a
href="https://redirect.github.com/actions/setup-java/pull/887">actions/setup-java#887</a></li>
<li>Upgrade actions/checkout from 4 to 5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/setup-java/pull/896">actions/setup-java#896</a></li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>Prevent default installation of JetBrains pre-releases by <a
href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/859">actions/setup-java#859</a></li>
<li>Improve Error Handling for Setup-Java Action to Help Debug
Intermittent Failures by <a
href="https://github.com/gowridurgad"><code>@​gowridurgad</code></a> in
<a
href="https://redirect.github.com/actions/setup-java/pull/848">actions/setup-java#848</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/gowridurgad"><code>@​gowridurgad</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-java/pull/848">actions/setup-java#848</a></li>
<li><a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-java/pull/888">actions/setup-java#888</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-java/compare/v4...v5.0.0">https://github.com/actions/setup-java/compare/v4...v5.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="dded088883"><code>dded088</code></a>
Bump actions/checkout from 4 to 5 (<a
href="https://redirect.github.com/actions/setup-java/issues/896">#896</a>)</li>
<li><a
href="0913e9a06e"><code>0913e9a</code></a>
Upgrade to node 24 (<a
href="https://redirect.github.com/actions/setup-java/issues/888">#888</a>)</li>
<li><a
href="e9343db97e"><code>e9343db</code></a>
Bumps form-data (<a
href="https://redirect.github.com/actions/setup-java/issues/887">#887</a>)</li>
<li><a
href="ae2b61dbc6"><code>ae2b61d</code></a>
Bump undici from 5.28.5 to 5.29.0 (<a
href="https://redirect.github.com/actions/setup-java/issues/833">#833</a>)</li>
<li><a
href="c190c18feb"><code>c190c18</code></a>
Bump eslint-plugin-jest from 27.9.0 to 29.0.1 (<a
href="https://redirect.github.com/actions/setup-java/issues/730">#730</a>)</li>
<li><a
href="67aec007b3"><code>67aec00</code></a>
Fix: prevent default installation of JetBrains pre-releases (<a
href="https://redirect.github.com/actions/setup-java/issues/859">#859</a>)</li>
<li><a
href="ebb356cc4e"><code>ebb356c</code></a>
Improve Error Handling for Setup-Java Action to Help Debug Intermittent
Failu...</li>
<li><a
href="f4f1212c88"><code>f4f1212</code></a>
Update publish-immutable-actions.yml (<a
href="https://redirect.github.com/actions/setup-java/issues/798">#798</a>)</li>
<li>See full diff in <a
href="c5195efecf...dded088883">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-java&package-manager=github_actions&previous-version=4.7.1&new-version=5.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-04 12:28:22 +01:00
dependabot[bot]
58ca41e5c5
build(deps): bump actions/checkout from 4.3.0 to 5.0.0 (#4194) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.3.0
to 5.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update actions checkout to use node 24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li>
<li>Prepare v5.0.0 release by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2238">actions/checkout#2238</a></li>
</ul>
<h2>⚠️ Minimum Compatible Runner Version</h2>
<p><strong>v2.327.1</strong><br />
<a
href="https://github.com/actions/runner/releases/tag/v2.327.1">Release
Notes</a></p>
<p>Make sure your runner is updated to this version or newer to use this
release.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v4...v5.0.0">https://github.com/actions/checkout/compare/v4...v5.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>V5.0.0</h2>
<ul>
<li>Update actions checkout to use node 24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li>
</ul>
<h2>V4.3.0</h2>
<ul>
<li>docs: update README.md by <a
href="https://github.com/motss"><code>@​motss</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li>
<li>Add internal repos for checking out multiple repositories by <a
href="https://github.com/mouismail"><code>@​mouismail</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li>
<li>Documentation update - add recommended permissions to Readme by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li>
<li>Adjust positioning of user email note and permissions heading by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@​nebuk89</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li>
<li>Update CODEOWNERS for actions by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li>
<li>Update package dependencies by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li>
</ul>
<h2>v4.2.2</h2>
<ul>
<li><code>url-helper.ts</code> now leverages well-known environment
variables by <a href="https://github.com/jww3"><code>@​jww3</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li>
<li>Expand unit test coverage for <code>isGhes</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li>
</ul>
<h2>v4.2.1</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li>
</ul>
<h2>v4.2.0</h2>
<ul>
<li>Add Ref and Commit outputs by <a
href="https://github.com/lucacome"><code>@​lucacome</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li>
<li>Dependency updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>- <a
href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>,
<a
href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li>
</ul>
<h2>v4.1.7</h2>
<ul>
<li>Bump the minor-npm-dependencies group across 1 directory with 4
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li>
<li>Bump actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li>
<li>Check out other refs/* by commit by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li>
<li>Pin actions/checkout's own workflows to a known, good, stable
version. by <a href="https://github.com/jww3"><code>@​jww3</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li>
</ul>
<h2>v4.1.6</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li>
</ul>
<h2>v4.1.5</h2>
<ul>
<li>Update NPM dependencies by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li>
<li>Bump github/codeql-action from 2 to 3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li>
<li>Bump actions/setup-node from 1 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li>
<li>Bump actions/upload-artifact from 2 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li>
<li>README: Suggest <code>user.email</code> to be
<code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li>
</ul>
<h2>v4.1.4</h2>
<ul>
<li>Disable <code>extensions.worktreeConfig</code> when disabling
<code>sparse-checkout</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li>
<li>Add dependabot config by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li>
<li>Bump the minor-actions-dependencies group with 2 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li>
</ul>
<h2>v4.1.3</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="08c6903cd8"><code>08c6903</code></a>
Prepare v5.0.0 release (<a
href="https://redirect.github.com/actions/checkout/issues/2238">#2238</a>)</li>
<li><a
href="9f265659d3"><code>9f26565</code></a>
Update actions checkout to use node 24 (<a
href="https://redirect.github.com/actions/checkout/issues/2226">#2226</a>)</li>
<li>See full diff in <a
href="08eba0b27e...08c6903cd8">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.3.0&new-version=5.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-09-04 12:27:59 +01:00
dependabot[bot]
1dd5e9c649
build(deps): bump actions/checkout from 4.2.2 to 4.3.0 (#4180) 
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2
to 4.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>docs: update README.md by <a
href="https://github.com/motss"><code>@​motss</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li>
<li>Add internal repos for checking out multiple repositories by <a
href="https://github.com/mouismail"><code>@​mouismail</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li>
<li>Documentation update - add recommended permissions to Readme by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li>
<li>Adjust positioning of user email note and permissions heading by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@​nebuk89</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li>
<li>Update CODEOWNERS for actions by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li>
<li>Update package dependencies by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li>
<li>Prepare release v4.3.0 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2237">actions/checkout#2237</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/motss"><code>@​motss</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li>
<li><a href="https://github.com/mouismail"><code>@​mouismail</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li>
<li><a href="https://github.com/benwells"><code>@​benwells</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li>
<li><a href="https://github.com/nebuk89"><code>@​nebuk89</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li>
<li><a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v4...v4.3.0">https://github.com/actions/checkout/compare/v4...v4.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>V4.3.0</h2>
<ul>
<li>docs: update README.md by <a
href="https://github.com/motss"><code>@​motss</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li>
<li>Add internal repos for checking out multiple repositories by <a
href="https://github.com/mouismail"><code>@​mouismail</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li>
<li>Documentation update - add recommended permissions to Readme by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li>
<li>Adjust positioning of user email note and permissions heading by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@​nebuk89</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li>
<li>Update CODEOWNERS for actions by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li>
<li>Update package dependencies by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li>
</ul>
<h2>v4.2.2</h2>
<ul>
<li><code>url-helper.ts</code> now leverages well-known environment
variables by <a href="https://github.com/jww3"><code>@​jww3</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li>
<li>Expand unit test coverage for <code>isGhes</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li>
</ul>
<h2>v4.2.1</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li>
</ul>
<h2>v4.2.0</h2>
<ul>
<li>Add Ref and Commit outputs by <a
href="https://github.com/lucacome"><code>@​lucacome</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li>
<li>Dependency updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>- <a
href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>,
<a
href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li>
</ul>
<h2>v4.1.7</h2>
<ul>
<li>Bump the minor-npm-dependencies group across 1 directory with 4
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li>
<li>Bump actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li>
<li>Check out other refs/* by commit by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li>
<li>Pin actions/checkout's own workflows to a known, good, stable
version. by <a href="https://github.com/jww3"><code>@​jww3</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li>
</ul>
<h2>v4.1.6</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li>
</ul>
<h2>v4.1.5</h2>
<ul>
<li>Update NPM dependencies by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li>
<li>Bump github/codeql-action from 2 to 3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li>
<li>Bump actions/setup-node from 1 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li>
<li>Bump actions/upload-artifact from 2 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li>
<li>README: Suggest <code>user.email</code> to be
<code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li>
</ul>
<h2>v4.1.4</h2>
<ul>
<li>Disable <code>extensions.worktreeConfig</code> when disabling
<code>sparse-checkout</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li>
<li>Add dependabot config by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li>
<li>Bump the minor-actions-dependencies group with 2 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li>
</ul>
<h2>v4.1.3</h2>
<ul>
<li>Check git version before attempting to disable
<code>sparse-checkout</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li>
<li>Add SSH user parameter by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li>
<li>Update <code>actions/checkout</code> version in
<code>update-main-version.yml</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="08eba0b27e"><code>08eba0b</code></a>
Prepare release v4.3.0 (<a
href="https://redirect.github.com/actions/checkout/issues/2237">#2237</a>)</li>
<li><a
href="631c7dc4f8"><code>631c7dc</code></a>
Update package dependencies (<a
href="https://redirect.github.com/actions/checkout/issues/2236">#2236</a>)</li>
<li><a
href="8edcb1bdb4"><code>8edcb1b</code></a>
Update CODEOWNERS for actions (<a
href="https://redirect.github.com/actions/checkout/issues/2224">#2224</a>)</li>
<li><a
href="09d2acae67"><code>09d2aca</code></a>
Update README.md (<a
href="https://redirect.github.com/actions/checkout/issues/2194">#2194</a>)</li>
<li><a
href="85e6279cec"><code>85e6279</code></a>
Adjust positioning of user email note and permissions heading (<a
href="https://redirect.github.com/actions/checkout/issues/2044">#2044</a>)</li>
<li><a
href="009b9ae9e4"><code>009b9ae</code></a>
Documentation update - add recommended permissions to Readme (<a
href="https://redirect.github.com/actions/checkout/issues/2043">#2043</a>)</li>
<li><a
href="cbb722410c"><code>cbb7224</code></a>
Update README.md (<a
href="https://redirect.github.com/actions/checkout/issues/1977">#1977</a>)</li>
<li><a
href="3b9b8c884f"><code>3b9b8c8</code></a>
docs: update README.md (<a
href="https://redirect.github.com/actions/checkout/issues/1971">#1971</a>)</li>
<li>See full diff in <a
href="11bd71901b...08eba0b27e">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.2.2&new-version=4.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-11 14:09:30 +01:00
dependabot[bot]
bb07eced6e
build(deps): bump gradle/actions from 4.4.1 to 4.4.2 (#4177) 
Bumps [gradle/actions](https://github.com/gradle/actions) from 4.4.1 to
4.4.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gradle/actions/releases">gradle/actions's
releases</a>.</em></p>
<blockquote>
<h2>v4.4.2</h2>
<p>This patch release updates a bunch of dependency versions</p>
<h2>What's Changed</h2>
<ul>
<li>Bump github/codeql-action from 3.29.4 to 3.29.5 in the
github-actions group across 1 directory (<a
href="https://redirect.github.com/gradle/actions/pull/703">gradle/actions#703</a>)</li>
<li>Bumps the npm-dependencies group in /sources with 4 updates (<a
href="https://redirect.github.com/gradle/actions/pull/702">gradle/actions#702</a>)</li>
<li>Upgrade to gradle 9 in workflows and tests (<a
href="https://redirect.github.com/gradle/actions/pull/704">gradle/actions#704</a>)</li>
<li>Update known wrapper checksums (<a
href="https://redirect.github.com/gradle/actions/pull/701">gradle/actions#701</a>)</li>
<li>Bump Gradle Wrapper from 8.14.3 to 9.0.0 in
/.github/workflow-samples/gradle-plugin (<a
href="https://redirect.github.com/gradle/actions/pull/695">gradle/actions#695</a>)</li>
<li>Bump Gradle Wrapper from 8.14.3 to 9.0.0 in
/.github/workflow-samples/groovy-dsl (<a
href="https://redirect.github.com/gradle/actions/pull/696">gradle/actions#696</a>)</li>
<li>Bump Gradle Wrapper from 8.14.3 to 9.0.0 in
/.github/workflow-samples/java-toolchain (<a
href="https://redirect.github.com/gradle/actions/pull/697">gradle/actions#697</a>)</li>
<li>Bump com.fasterxml.jackson.dataformat:jackson-dataformat-smile from
2.19.1 to 2.19.2 in /sources/test/init-scripts in the gradle group
across 1 directory (<a
href="https://redirect.github.com/gradle/actions/pull/693">gradle/actions#693</a>)</li>
<li>Bump github/codeql-action from 3.29.0 to 3.29.4 in the
github-actions group across 1 directory (<a
href="https://redirect.github.com/gradle/actions/pull/691">gradle/actions#691</a>)</li>
<li>Bump the npm-dependencies group in /sources with 5 updates (<a
href="https://redirect.github.com/gradle/actions/pull/692">gradle/actions#692</a>)</li>
<li>Bump references to Develocity Gradle plugin from 4.0.2 to 4.1 (<a
href="https://redirect.github.com/gradle/actions/pull/685">gradle/actions#685</a>)</li>
<li>Bump the npm-dependencies group across 1 directory with 8 updates
(<a
href="https://redirect.github.com/gradle/actions/pull/684">gradle/actions#684</a>)</li>
<li>Run Gradle release candidate tests with JDK 17 (<a
href="https://redirect.github.com/gradle/actions/pull/690">gradle/actions#690</a>)</li>
<li>Update Develocity npm agent to version 1.0.1 (<a
href="https://redirect.github.com/gradle/actions/pull/687">gradle/actions#687</a>)</li>
<li>Update known wrapper checksums (<a
href="https://redirect.github.com/gradle/actions/pull/688">gradle/actions#688</a>)</li>
<li>Bump Gradle Wrapper from 8.14.2 to 8.14.3 in
/.github/workflow-samples/kotlin-dsl (<a
href="https://redirect.github.com/gradle/actions/pull/683">gradle/actions#683</a></li>
<li>Bump the github-actions group across 1 directory with 3 updates (<a
href="https://redirect.github.com/gradle/actions/pull/675">gradle/actions#675</a>)</li>
<li>Bump the gradle group across 3 directories with 2 updates (<a
href="https://redirect.github.com/gradle/actions/pull/674">gradle/actions#674</a>)</li>
<li>Bump Gradle Wrapper from 8.14.2 to 8.14.3 in
/sources/test/init-scripts (<a
href="https://redirect.github.com/gradle/actions/pull/679">gradle/actions#679</a>)</li>
<li>Bump Gradle Wrapper from 8.14.2 to 8.14.3 in
/.github/workflow-samples/java-toolchain (<a
href="https://redirect.github.com/gradle/actions/pull/682">gradle/actions#682</a>)</li>
<li>Bump Gradle Wrapper from 8.14.2 to 8.14.3 in
/.github/workflow-samples/groovy-dsl (<a
href="https://redirect.github.com/gradle/actions/pull/681">gradle/actions#681</a>)</li>
<li>Bump Gradle Wrapper from 8.14.2 to 8.14.3 in
/.github/workflow-samples/gradle-plugin (<a
href="https://redirect.github.com/gradle/actions/pull/680">gradle/actions#680</a>)</li>
<li>Update known wrapper checksums (<a
href="https://redirect.github.com/gradle/actions/pull/676">gradle/actions#676</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gradle/actions/compare/v4.4.1...v4.4.2">https://github.com/gradle/actions/compare/v4.4.1...v4.4.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="017a9effdb"><code>017a9ef</code></a>
Bump github/codeql-action from 3.29.4 to 3.29.5 in the github-actions
group a...</li>
<li><a
href="d5397cf4c8"><code>d5397cf</code></a>
Merge branch 'main' into
dependabot/github_actions/github-actions-12d2e1d0cf</li>
<li><a
href="559dfbd266"><code>559dfbd</code></a>
Bump the npm-dependencies group in /sources with 4 updates (<a
href="https://redirect.github.com/gradle/actions/issues/702">#702</a>)</li>
<li><a
href="075ee283cc"><code>075ee28</code></a>
Merge branch 'main' into
dependabot/npm_and_yarn/sources/npm-dependencies-fda...</li>
<li><a
href="c3e68c5c72"><code>c3e68c5</code></a>
Upgrade to gradle 9 in workflows and tests (<a
href="https://redirect.github.com/gradle/actions/issues/704">#704</a>)</li>
<li><a
href="d7e674f97b"><code>d7e674f</code></a>
Fix init script tests dependencies</li>
<li><a
href="3e65128986"><code>3e65128</code></a>
Upgrade init script tests to Gradle 9</li>
<li><a
href="896b9fa309"><code>896b9fa</code></a>
Run tests on Gradle release candidate and current with JDK 17 as
required sin...</li>
<li><a
href="431b3e39ba"><code>431b3e3</code></a>
Bump github/codeql-action in the github-actions group across 1
directory</li>
<li><a
href="44c3664945"><code>44c3664</code></a>
Bump the npm-dependencies group in /sources with 4 updates</li>
<li>Additional commits viewable in <a
href="ac638b010c...017a9effdb">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gradle/actions&package-manager=github_actions&previous-version=4.4.1&new-version=4.4.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-11 14:08:52 +01:00
dependabot[bot]
b91bfac416
build(deps): bump docker/login-action from 3.4.0 to 3.5.0 (#4118) 
Bumps [docker/login-action](https://github.com/docker/login-action) from
3.4.0 to 3.5.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/login-action/releases">docker/login-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.5.0</h2>
<ul>
<li>Support dual-stack endpoints for AWS ECR by <a
href="https://github.com/Spacefish"><code>@​Spacefish</code></a> <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/login-action/pull/874">docker/login-action#874</a>
<a
href="https://redirect.github.com/docker/login-action/pull/876">docker/login-action#876</a></li>
<li>Bump <code>@​aws-sdk/client-ecr</code> to 3.859.0 in <a
href="https://redirect.github.com/docker/login-action/pull/860">docker/login-action#860</a>
<a
href="https://redirect.github.com/docker/login-action/pull/878">docker/login-action#878</a></li>
<li>Bump <code>@​aws-sdk/client-ecr-public</code> to 3.859.0 in <a
href="https://redirect.github.com/docker/login-action/pull/860">docker/login-action#860</a>
<a
href="https://redirect.github.com/docker/login-action/pull/878">docker/login-action#878</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.57.0 to 0.62.1 in
<a
href="https://redirect.github.com/docker/login-action/pull/870">docker/login-action#870</a></li>
<li>Bump form-data from 2.5.1 to 2.5.5 in <a
href="https://redirect.github.com/docker/login-action/pull/875">docker/login-action#875</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v3.4.0...v3.5.0">https://github.com/docker/login-action/compare/v3.4.0...v3.5.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="184bdaa072"><code>184bdaa</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/878">#878</a>
from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li>
<li><a
href="5c6bc94683"><code>5c6bc94</code></a>
chore: update generated content</li>
<li><a
href="caf4058643"><code>caf4058</code></a>
build(deps): bump the aws-sdk-dependencies group with 2 updates</li>
<li><a
href="ef38ec311a"><code>ef38ec3</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/860">#860</a>
from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li>
<li><a
href="d52e8ef81c"><code>d52e8ef</code></a>
chore: update generated content</li>
<li><a
href="9644ab7025"><code>9644ab7</code></a>
build(deps): bump the aws-sdk-dependencies group with 2 updates</li>
<li><a
href="7abd1d5126"><code>7abd1d5</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/875">#875</a>
from docker/dependabot/npm_and_yarn/form-data-2.5.5</li>
<li><a
href="1a81202c4f"><code>1a81202</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/876">#876</a>
from crazy-max/aws-public-dual-stack</li>
<li><a
href="d1ab30dc54"><code>d1ab30d</code></a>
chore: update generated content</li>
<li><a
href="f25ff28d1c"><code>f25ff28</code></a>
support dual-stack for aws public ecr</li>
<li>Additional commits viewable in <a
href="74a5d14239...184bdaa072">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/login-action&package-manager=github_actions&previous-version=3.4.0&new-version=3.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-08 12:50:21 +01:00
dependabot[bot]
1d47f5e26a
build(deps): bump docker/metadata-action from 5.7.0 to 5.8.0 (#4116) 
Bumps
[docker/metadata-action](https://github.com/docker/metadata-action) from
5.7.0 to 5.8.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/metadata-action/releases">docker/metadata-action's
releases</a>.</em></p>
<blockquote>
<h2>v5.8.0</h2>
<ul>
<li>New <code>is_not_default_branch</code> global expression by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/metadata-action/pull/535">docker/metadata-action#535</a></li>
<li>Allow to match part of the git tag or value for semver/pep440 types
by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a>
in <a
href="https://redirect.github.com/docker/metadata-action/pull/536">docker/metadata-action#536</a>
<a
href="https://redirect.github.com/docker/metadata-action/pull/537">docker/metadata-action#537</a></li>
<li>Bump <code>@​actions/github</code> from 6.0.0 to 6.0.1 in <a
href="https://redirect.github.com/docker/metadata-action/pull/523">docker/metadata-action#523</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.56.0 to 0.62.1 in
<a
href="https://redirect.github.com/docker/metadata-action/pull/526">docker/metadata-action#526</a></li>
<li>Bump form-data from 2.5.1 to 2.5.5 in <a
href="https://redirect.github.com/docker/metadata-action/pull/533">docker/metadata-action#533</a></li>
<li>Bump moment-timezone from 0.5.47 to 0.6.0 in <a
href="https://redirect.github.com/docker/metadata-action/pull/525">docker/metadata-action#525</a></li>
<li>Bump semver from 7.7.1 to 7.7.2 in <a
href="https://redirect.github.com/docker/metadata-action/pull/524">docker/metadata-action#524</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/metadata-action/compare/v5.7.0...v5.8.0">https://github.com/docker/metadata-action/compare/v5.7.0...v5.8.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c1e51972af"><code>c1e5197</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/metadata-action/issues/537">#537</a>
from crazy-max/pep440-match</li>
<li><a
href="89dd65a569"><code>89dd65a</code></a>
chore: update generated content</li>
<li><a
href="699ee45cf1"><code>699ee45</code></a>
allow to match part of the git tag or value for pep440 type</li>
<li><a
href="e0542a6360"><code>e0542a6</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/metadata-action/issues/536">#536</a>
from crazy-max/semver-match</li>
<li><a
href="b7facdfcef"><code>b7facdf</code></a>
chore: update generated content</li>
<li><a
href="81c60dfb8b"><code>81c60df</code></a>
allow to match part of the git tag or value for semver type</li>
<li><a
href="de1119515d"><code>de11195</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/metadata-action/issues/535">#535</a>
from crazy-max/not_def_branch</li>
<li><a
href="2f9c64b1b1"><code>2f9c64b</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/metadata-action/issues/533">#533</a>
from docker/dependabot/npm_and_yarn/form-data-2.5.5</li>
<li><a
href="510f746975"><code>510f746</code></a>
chore: update generated content</li>
<li><a
href="2bc3f4e0f1"><code>2bc3f4e</code></a>
is_not_default_branch global expression</li>
<li>Additional commits viewable in <a
href="902fa8ec7d...c1e51972af">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/metadata-action&package-manager=github_actions&previous-version=5.7.0&new-version=5.8.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-05 16:17:59 +01:00
Ludy
054bf15b24
ci(workflows): add concurrency cancellation to CI workflows (#4034) 
# Description of Changes

- **What was changed**  
Added a `concurrency` block to all GitHub Actions workflow files
(`build.yml`, `check_properties.yml`, `licenses-update.yml`,
`push-docker.yml`, `sonarqube.yml`, `swagger.yml`, `sync_files.yml`,
`testdriver.yml`) to group jobs by workflow name, event name, and
branch, with `cancel-in-progress: true`.

- **Why the change was made**  
To prevent redundant runs of long-running CI jobs on the same branch
when new commits or PR updates occur, saving compute resources and
reducing queue times.


---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
 2025-07-26 16:46:25 +01:00
dependabot[bot]
d80c11dffa
build(deps): bump sigstore/cosign-installer from 3.9.1 to 3.9.2 (#4009) 
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer)
from 3.9.1 to 3.9.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.9.2</h2>
<h2>What's Changed</h2>
<ul>
<li>not fail fast and setup permissions in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/195">sigstore/cosign-installer#195</a></li>
<li>drop old unsupported versions &lt;v2.0.0 in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/192">sigstore/cosign-installer#192</a></li>
<li>Update default to v2.5.3 in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/196">sigstore/cosign-installer#196</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3.9.1...v3.9.2">https://github.com/sigstore/cosign-installer/compare/v3.9.1...v3.9.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d58896d6a1"><code>d58896d</code></a>
Update default to v2.5.3 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/196">#196</a>)</li>
<li><a
href="e40248c492"><code>e40248c</code></a>
drop old unsupported versions &lt;v2.0.0 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/192">#192</a>)</li>
<li><a
href="d9374b96fe"><code>d9374b9</code></a>
not fail fast and setup permissions (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/195">#195</a>)</li>
<li>See full diff in <a
href="398d4b0eee...d58896d6a1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/cosign-installer&package-manager=github_actions&previous-version=3.9.1&new-version=3.9.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-22 10:11:29 +01:00
dependabot[bot]
b1bbad53bc
build(deps): bump step-security/harden-runner from 2.12.2 to 2.13.0 (#4007) 
Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.12.2 to 2.13.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.13.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Improved job markdown summary</li>
<li>Https monitoring for all domains (included with the enterprise
tier)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.13.0">https://github.com/step-security/harden-runner/compare/v2...v2.13.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ec9f2d5744"><code>ec9f2d5</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/565">#565</a>
from step-security/rc-24</li>
<li><a
href="04bcbc31cf"><code>04bcbc3</code></a>
update agent</li>
<li><a
href="7c7a56fcaa"><code>7c7a56f</code></a>
feat: get job summary from API</li>
<li>See full diff in <a
href="6c439dc8bd...ec9f2d5744">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.12.2&new-version=2.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-22 10:10:45 +01:00
Ludy
d1b9cfd1a4
fix(ci): disable Gradle caching in GitHub workflows to resolve cache conflicts (#3986) 
# Description of Changes

- **What was changed**  
In all affected GitHub Actions workflow files under
`.github/workflows/`, the `cache: gradle` setting was replaced with
`cache: false # Disable Gradle caching for this job`.
- **Why the change was made**  
Gradle’s cache was causing intermittent build conflicts; disabling it
ensures each job starts from a clean state and avoids cache corruption.

#3980

---

## Checklist

### General

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
 2025-07-20 21:37:04 +01:00
Ludy
fc9551a332
ci: enhance GitHub Actions workflows with Gradle setup, caching improvements, and Docker image testing (#3956) 
# Description of Changes

- **What was changed**:  
- Added a new path filter configuration file at
`.github/config/.files.yaml` to centralize filter groups (`build`,
`app`, `openapi`, `project`).
  - Updated `.github/workflows/build.yml` to:  
- Rename the workflow to “Build and Test Workflow” and add a manual
`workflow_dispatch` trigger.
- Integrate the path-filter step and conditionally run jobs
(`check-generateOpenApiDocs`, `check-licence`, `docker-compose-tests`)
based on changed files.
    - Standardize Gradle setup to version 8.14.  
- Introduce a new `test-build-docker-images` job that builds Docker
images for each `Dockerfile*` in PRs.
- Updated `.github/workflows/pre_commit.yml` to cache pre-commit
dependencies via `cache-dependency-path:
./.github/scripts/requirements_pre_commit.txt`.
- Updated `.github/workflows/testdriver.yml` to add dedicated Gradle
(`gradle-version: 8.14`) and Node/npm setup steps with caching.

- **Why the change was made**:  
To optimize CI performance by only running relevant jobs when specific
files change, improve maintainability through a single source of truth
for path filters, enable manual workflow dispatch, ensure consistent
environments (Gradle, Node), and speed up runs with better caching.


---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
 2025-07-16 17:17:11 +01:00
Anthony Stirling
6158454020
Update push-docker.yml 2025-07-03 20:20:23 +01:00
Anthony Stirling
6cc0303873
Update push-docker.yml to change alpha to be fat (#3872) 
# Description of Changes

Please provide a summary of the changes, including:

- What was changed
- Why the change was made
- Any challenges encountered

Closes #(issue_number)

---

## Checklist

### General

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.
 2025-07-03 20:10:46 +01:00
dependabot[bot]
0b342d463c
chore(deps): bump sigstore/cosign-installer from 3.9.0 to 3.9.1 (#3801) 
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer)
from 3.9.0 to 3.9.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.9.1</h2>
<h2>What's Changed</h2>
<ul>
<li>default action install to use release v2.5.1 by <a
href="https://github.com/cpanato"><code>@​cpanato</code></a> in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/193">sigstore/cosign-installer#193</a></li>
<li>default cosign to v2.5.2 by <a
href="https://github.com/cpanato"><code>@​cpanato</code></a> in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/194">sigstore/cosign-installer#194</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3.9.0...v3.9.1">https://github.com/sigstore/cosign-installer/compare/v3.9.0...v3.9.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="398d4b0eee"><code>398d4b0</code></a>
default cosign to v2.5.2 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/194">#194</a>)</li>
<li><a
href="84f54a2bcd"><code>84f54a2</code></a>
default action install to use release v2.5.1 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/193">#193</a>)</li>
<li>See full diff in <a
href="fb28c2b633...398d4b0eee">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/cosign-installer&package-manager=github_actions&previous-version=3.9.0&new-version=3.9.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-01 15:40:09 +01:00
dependabot[bot]
e7ac4b7b20
chore(deps): bump step-security/harden-runner from 2.12.1 to 2.12.2 (#3849) 
Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.12.1 to 2.12.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.12.2</h2>
<h2>What's Changed</h2>
<p>Added HTTPS Monitoring for additional destinations -
*.githubusercontent.com
Bug fixes:</p>
<ul>
<li>Implicitly allow local multicast, local unicast and broadcast IP
addresses in block mode</li>
<li>Increased policy map size for block mode</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.12.2">https://github.com/step-security/harden-runner/compare/v2...v2.12.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6c439dc8bd"><code>6c439dc</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/562">#562</a>
from step-security/rc-22</li>
<li><a
href="bf5688696d"><code>bf56886</code></a>
update agent</li>
<li><a
href="5436dac7b5"><code>5436dac</code></a>
update agent</li>
<li><a
href="88d305a353"><code>88d305a</code></a>
update agent</li>
<li><a
href="b976878278"><code>b976878</code></a>
update agent</li>
<li><a
href="875cc92db2"><code>875cc92</code></a>
Update agent</li>
<li>See full diff in <a
href="002fdce3c6...6c439dc8bd">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.12.1&new-version=2.12.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-07-01 15:39:12 +01:00
dependabot[bot]
76808b716a
Bump docker/setup-buildx-action from 3.11.0 to 3.11.1 (#3790) 
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 3.11.0 to 3.11.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.11.1</h2>
<ul>
<li>Fix <code>keep-state</code> not being respected by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/429">docker/setup-buildx-action#429</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.11.0...v3.11.1">https://github.com/docker/setup-buildx-action/compare/v3.11.0...v3.11.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e468171a9d"><code>e468171</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/429">#429</a>
from crazy-max/fix-keep-state</li>
<li><a
href="a3e7502fd0"><code>a3e7502</code></a>
chore: update generated content</li>
<li><a
href="b145473295"><code>b145473</code></a>
fix keep-state not being respected</li>
<li>See full diff in <a
href="18ce135bb5...e468171a9d">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=3.11.0&new-version=3.11.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-23 14:08:20 +01:00
dependabot[bot]
96315ee76f
Bump sigstore/cosign-installer from 3.8.2 to 3.9.0 (#3792) 
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer)
from 3.8.2 to 3.9.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.9.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump actions/setup-go from 5.4.0 to 5.5.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/189">sigstore/cosign-installer#189</a></li>
<li>bump cosign install to use release v2.5.0 as default by <a
href="https://github.com/cpanato"><code>@​cpanato</code></a> in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/191">sigstore/cosign-installer#191</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3...v3.9.0">https://github.com/sigstore/cosign-installer/compare/v3...v3.9.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="fb28c2b633"><code>fb28c2b</code></a>
bump cosign install to use release v2.5.0 as default (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/191">#191</a>)</li>
<li><a
href="e9a05e6d32"><code>e9a05e6</code></a>
Bump actions/setup-go from 5.4.0 to 5.5.0 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/189">#189</a>)</li>
<li>See full diff in <a
href="3454372f43...fb28c2b633">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/cosign-installer&package-manager=github_actions&previous-version=3.8.2&new-version=3.9.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-23 14:08:06 +01:00
dependabot[bot]
625900557a
Bump docker/setup-buildx-action from 3.10.0 to 3.11.0 (#3726) 
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 3.10.0 to 3.11.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.11.0</h2>
<ul>
<li>Keep BuildKit state support by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/427">docker/setup-buildx-action#427</a></li>
<li>Remove aliases created when installing by default by <a
href="https://github.com/hashhar"><code>@​hashhar</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/139">docker/setup-buildx-action#139</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.56.0 to 0.62.1 in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/422">docker/setup-buildx-action#422</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/425">docker/setup-buildx-action#425</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.10.0...v3.11.0">https://github.com/docker/setup-buildx-action/compare/v3.10.0...v3.11.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="18ce135bb5"><code>18ce135</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/425">#425</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="0e198e93af"><code>0e198e9</code></a>
chore: update generated content</li>
<li><a
href="05f3f3ac10"><code>05f3f3a</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.61.0 to
0.62.1</li>
<li><a
href="622913496d"><code>6229134</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/427">#427</a>
from crazy-max/keep-state</li>
<li><a
href="c6f6a07025"><code>c6f6a07</code></a>
chore: update generated content</li>
<li><a
href="6c5e29d848"><code>6c5e29d</code></a>
skip builder creation if one already exists with the same name</li>
<li><a
href="548b297749"><code>548b297</code></a>
ci: keep-state check</li>
<li><a
href="36590ad0c1"><code>36590ad</code></a>
check if driver compatible with keep-state</li>
<li><a
href="4143b5899b"><code>4143b58</code></a>
Support to retain cache</li>
<li><a
href="3f1544eb9e"><code>3f1544e</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/139">#139</a>
from hashhar/hashhar/cleanup-aliases</li>
<li>Additional commits viewable in <a
href="b5ca514318...18ce135bb5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=3.10.0&new-version=3.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-16 23:32:11 +01:00
dependabot[bot]
d98ebddf49
Bump gradle/actions from 4.4.0 to 4.4.1 (#3727) 
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [gradle/actions](https://github.com/gradle/actions) from 4.4.0 to
4.4.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gradle/actions/releases">gradle/actions's
releases</a>.</em></p>
<blockquote>
<h2>v4.4.1</h2>
<p>This patch release fixes a bug in Develocity Injection with a custom
plugin repository.
The <code>gradle-plugin-repository-*</code> action parameters were not
being correctly mapped to environment variables that are read by the
Develocity Injection init script.</p>
<p>This issue has been fixed by setting the correct environment
variables:</p>
<ul>
<li><code>gradle-plugin-repository-url</code> is mapped to
<code>DEVELOCITY_INJECTION_PLUGIN_REPOSITORY_URL</code></li>
<li><code>gradle-plugin-repository-username</code> is mapped to
<code>DEVELOCITY_INJECTION_PLUGIN_REPOSITORY_USERNAME</code></li>
<li><code>gradle-plugin-repository-password</code> is mapped to
<code>DEVELOCITY_INJECTION_PLUGIN_REPOSITORY_PASSWORD</code></li>
</ul>
<p>Additionally, these parameters can now be used to configure a custom
plugin repository for the GitHub Dependency Graph Gradle Plugin,
required for dependency submission.</p>
<h2>What's Changed</h2>
<ul>
<li>Dependency updates by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/667">gradle/actions#667</a></li>
<li>Fix plugin repository env vars by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/669">gradle/actions#669</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gradle/actions/compare/v4.4.0...v4.4.1">https://github.com/gradle/actions/compare/v4.4.0...v4.4.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ac638b010c"><code>ac638b0</code></a>
[bot] Update dist directory</li>
<li><a
href="fd888822a4"><code>fd88882</code></a>
Fix setting env vars for plugin repository (<a
href="https://redirect.github.com/gradle/actions/issues/669">#669</a>)</li>
<li><a
href="3af3dd3475"><code>3af3dd3</code></a>
[bot] Update dist directory</li>
<li><a
href="bf78bf9f10"><code>bf78bf9</code></a>
Dependency updates (<a
href="https://redirect.github.com/gradle/actions/issues/667">#667</a>)</li>
<li><a
href="ca92106195"><code>ca92106</code></a>
Use Java 17 for toolchain build</li>
<li><a
href="f7d1903e6c"><code>f7d1903</code></a>
Update known wrapper checksums</li>
<li><a
href="eb0816ba44"><code>eb0816b</code></a>
Fix update-wrapper-checksums workflow</li>
<li><a
href="d408d6219d"><code>d408d62</code></a>
Bump the npm-dependencies group across 1 directory with 5 updates</li>
<li><a
href="306df22de3"><code>306df22</code></a>
Bump the github-actions group across 1 directory with 3 updates</li>
<li><a
href="05baf32a7f"><code>05baf32</code></a>
Bump org.gradle.toolchains.foojay-resolver-convention</li>
<li>Additional commits viewable in <a
href="8379f6a132...ac638b010c">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gradle/actions&package-manager=github_actions&previous-version=4.4.0&new-version=4.4.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-16 23:32:01 +01:00
dependabot[bot]
406695e167
Bump step-security/harden-runner from 2.12.0 to 2.12.1 (#3728) 
Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.12.0 to 2.12.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.12.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Detection capabilities have been upgraded to better recognize
attempts at runner tampering. These improvements are informed by
real-world incident learnings, including analysis of anomalous behaviors
observed in the tj-actions and reviewdog supply chain attack.</li>
<li>Resolved an issue where the block policy was not enforced correctly
when the GitHub Actions job was running inside a container on a
self-hosted VM runner.</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.12.1">https://github.com/step-security/harden-runner/compare/v2...v2.12.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="002fdce3c6"><code>002fdce</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/544">#544</a>
from step-security/rc-21</li>
<li><a
href="2489e3fcb3"><code>2489e3f</code></a>
Merge branch 'main' into rc-21</li>
<li><a
href="75dd441a81"><code>75dd441</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/555">#555</a>
from step-security/dependabot/github_actions/step-sec...</li>
<li><a
href="4381ace9c4"><code>4381ace</code></a>
Bump step-security/publish-unit-test-result-action from 2.19.0 to
2.20.0</li>
<li><a
href="a9da90b635"><code>a9da90b</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/553">#553</a>
from h0x0er/feat/container-workflows</li>
<li><a
href="a60ef21c0c"><code>a60ef21</code></a>
update</li>
<li><a
href="4ad512f165"><code>4ad512f</code></a>
Merge branch 'rc-21' into feat/container-workflows</li>
<li><a
href="6b41a39235"><code>6b41a39</code></a>
fixed test case</li>
<li><a
href="fa70c45ca9"><code>fa70c45</code></a>
update agent</li>
<li><a
href="eb47845632"><code>eb47845</code></a>
self-hosted: refactored block-policy apply logic</li>
<li>Additional commits viewable in <a
href="0634a2670c...002fdce3c6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.12.0&new-version=2.12.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-16 23:31:27 +01:00
Dario Ghunney Ware
a0cb56ab0c correcting security logic 
This Pull Request was automatically generated to synchronize updates to
translation files and documentation. Below are the details of the
changes made:

- Updated translation files (`messages_*.properties`) to reflect changes
in the reference file `messages_en_GB.properties`.
- Ensured consistency and synchronization across all supported language
files.
- Highlighted any missing or incomplete translations.

- Generated the translation progress table in `README.md`.
- Added a summary of the current translation status for all supported
languages.
- Included up-to-date statistics on translation coverage.

- Keeps translation files aligned with the latest reference updates.
- Ensures the documentation reflects the current translation progress.

---

Auto-generated by [create-pull-request][1].

[1]: https://github.com/peter-evans/create-pull-request

Co-authored-by: stirlingbot[bot] <195170888+stirlingbot[bot]@users.noreply.github.com>

Update messages_de_DE.properties (#3618)

Please provide a summary of the changes, including:

- What was changed
- Why the change was made
- Any challenges encountered

Closes #(issue_number)

---

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.

---------

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

Fix error display for Split by Chapter (#3621)

- throw `IllegalArgumentException` when bookmark level is invalid or
when a PDF has no outline
- rely on global error handling so frontend shows the message

- `./gradlew build`

------
https://chatgpt.com/codex/tasks/task_b_683dc51dd31083288be3f9892889fa59

🌐 Sync Translations + Update README Progress Table (#3638)

This Pull Request was automatically generated to synchronize updates to
translation files and documentation. Below are the details of the
changes made:

- Updated translation files (`messages_*.properties`) to reflect changes
in the reference file `messages_en_GB.properties`.
- Ensured consistency and synchronization across all supported language
files.
- Highlighted any missing or incomplete translations.

- Generated the translation progress table in `README.md`.
- Added a summary of the current translation status for all supported
languages.
- Included up-to-date statistics on translation coverage.

- Keeps translation files aligned with the latest reference updates.
- Ensures the documentation reflects the current translation progress.

---

Auto-generated by [create-pull-request][1].

[1]: https://github.com/peter-evans/create-pull-request

Co-authored-by: stirlingbot[bot] <195170888+stirlingbot[bot]@users.noreply.github.com>

GetInfo summary #2388 (#3585)

Please provide a summary of the changes, including:

- What was changed
- Why the change was made
- Any challenges encountered

Closes #(issue_number)

---

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.

Co-authored-by: a <a>

🌐 Sync Translations + Update README Progress Table (#3639)

This Pull Request was automatically generated to synchronize updates to
translation files and documentation. Below are the details of the
changes made:

- Updated translation files (`messages_*.properties`) to reflect changes
in the reference file `messages_en_GB.properties`.
- Ensured consistency and synchronization across all supported language
files.
- Highlighted any missing or incomplete translations.

- Generated the translation progress table in `README.md`.
- Added a summary of the current translation status for all supported
languages.
- Included up-to-date statistics on translation coverage.

- Keeps translation files aligned with the latest reference updates.
- Ensures the documentation reflects the current translation progress.

---

Auto-generated by [create-pull-request][1].

[1]: https://github.com/peter-evans/create-pull-request

---------

Co-authored-by: stirlingbot[bot] <195170888+stirlingbot[bot]@users.noreply.github.com>

clean up

🌐 Sync Translations + Update README Progress Table (#3639)

This Pull Request was automatically generated to synchronize updates to
translation files and documentation. Below are the details of the
changes made:

- Updated translation files (`messages_*.properties`) to reflect changes
in the reference file `messages_en_GB.properties`.
- Ensured consistency and synchronization across all supported language
files.
- Highlighted any missing or incomplete translations.

- Generated the translation progress table in `README.md`.
- Added a summary of the current translation status for all supported
languages.
- Included up-to-date statistics on translation coverage.

- Keeps translation files aligned with the latest reference updates.
- Ensures the documentation reflects the current translation progress.

---

Auto-generated by [create-pull-request][1].

[1]: https://github.com/peter-evans/create-pull-request

---------

Co-authored-by: stirlingbot[bot] <195170888+stirlingbot[bot]@users.noreply.github.com>

ADDITIONAL_FEATURES_OFF > ADDITIONAL_FEATURES

renamed flag

renamed flag in workflows
 2025-06-05 11:02:53 +01:00
DarioGii
41cd7d8f47 removing DOCKER_ENABLE_SECURITY flag 2025-06-05 11:02:40 +01:00
Dario Ghunney Ware
149fe8755d DOCKER_ENABLE_SECURITY > ADDITIONAL_FEATURES_OFF 2025-06-05 11:02:40 +01:00
dependabot[bot]
679ecdd50d
Bump docker/build-push-action from 6.17.0 to 6.18.0 (#3624) 
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.17.0 to 6.18.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.18.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.61.0 to 0.62.1 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1381">docker/build-push-action#1381</a></li>
</ul>
<blockquote>
<p>[!NOTE]
<a
href="https://docs.docker.com/build/ci/github-actions/build-summary/">Build
summary</a> is now supported with <a
href="https://docs.docker.com/build-cloud/">Docker Build Cloud</a>.</p>
</blockquote>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.17.0...v6.18.0">https://github.com/docker/build-push-action/compare/v6.17.0...v6.18.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="263435318d"><code>2634353</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1381">#1381</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="c0432d2e01"><code>c0432d2</code></a>
chore: update generated content</li>
<li><a
href="0bb1f27d6b"><code>0bb1f27</code></a>
set builder driver and endpoint attributes for dbc summary support</li>
<li><a
href="5f9dbf956c"><code>5f9dbf9</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.61.0 to
0.62.1</li>
<li><a
href="0788c444d8"><code>0788c44</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1375">#1375</a>
from crazy-max/remove-gcr</li>
<li><a
href="aa179ca4f4"><code>aa179ca</code></a>
e2e: remove GCR</li>
<li>See full diff in <a
href="1dc7386353...263435318d">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6.17.0&new-version=6.18.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-06-02 19:51:22 +01:00
dependabot[bot]
1f56ccfc99
Bump gradle/actions from 4.3.1 to 4.4.0 (#3544) 
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [gradle/actions](https://github.com/gradle/actions) from 4.3.1 to
4.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gradle/actions/releases">gradle/actions's
releases</a>.</em></p>
<blockquote>
<h2>v4.4.0</h2>
<p>This release updates 2 downstream components:</p>
<ul>
<li>Develocity injection has been updated to <a
href="https://github.com/gradle/develocity-ci-injection/releases/tag/v2.0">v2.0</a>
<ul>
<li>Some environment variables related to Develocity injection have been
renamed. All vars now being with <code>DEVELOCITY_INJECTION_</code>.
Check <a
href="https://github.com/gradle/actions/blob/main/docs/setup-gradle.md#configuring-develocity-injection">the
docs</a> for more details.</li>
</ul>
</li>
<li>Dependency-graph plugin has been updated to <a
href="https://github.com/gradle/github-dependency-graph-gradle-plugin/releases/tag/v1.4.0">v1.4.0</a>
<ul>
<li>The 'detector' values included in the generated graph can now be
configured via environment variables.</li>
</ul>
</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>Update develocity-injection init script to v1.3 by <a
href="https://github.com/bot-githubaction"><code>@​bot-githubaction</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/592">gradle/actions#592</a></li>
<li>Update develocity-injection init script to v2.0 by <a
href="https://github.com/bot-githubaction"><code>@​bot-githubaction</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/593">gradle/actions#593</a></li>
<li>[StepSecurity] ci: Harden GitHub Actions by <a
href="https://github.com/step-security-bot"><code>@​step-security-bot</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/597">gradle/actions#597</a></li>
<li>Use v1.4.0 of dependency graph plugin by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/638">gradle/actions#638</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/step-security-bot"><code>@​step-security-bot</code></a>
made their first contribution in <a
href="https://redirect.github.com/gradle/actions/pull/597">gradle/actions#597</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gradle/actions/compare/v4.3.1...v4.4.0">https://github.com/gradle/actions/compare/v4.3.1...v4.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8379f6a132"><code>8379f6a</code></a>
Use v1.4.0 of dependency graph plugin (<a
href="https://redirect.github.com/gradle/actions/issues/638">#638</a>)</li>
<li><a
href="9f79b5fa2c"><code>9f79b5f</code></a>
[bot] Update dist directory</li>
<li><a
href="e093fac84c"><code>e093fac</code></a>
Bump the npm-dependencies group in /sources with 5 updates (<a
href="https://redirect.github.com/gradle/actions/issues/636">#636</a>)</li>
<li><a
href="768a17f348"><code>768a17f</code></a>
Bump the npm-dependencies group in /sources with 2 updates (<a
href="https://redirect.github.com/gradle/actions/issues/635">#635</a>)</li>
<li><a
href="3654113772"><code>3654113</code></a>
[bot] Update dist directory</li>
<li><a
href="2ad385cb2a"><code>2ad385c</code></a>
Replace use of typed-rest-client with <code>@​actions/http-client</code>
(<a
href="https://redirect.github.com/gradle/actions/issues/634">#634</a>)</li>
<li><a
href="95dcf96b0d"><code>95dcf96</code></a>
[bot] Update dist directory</li>
<li><a
href="2e3238a664"><code>2e3238a</code></a>
Bump actions/download-artifact from 4.2.1 to 4.3.0 in
/.github/actions/init-i...</li>
<li><a
href="39dddb8ae7"><code>39dddb8</code></a>
Remove direct use of octokit/request-error (<a
href="https://redirect.github.com/gradle/actions/issues/632">#632</a>)</li>
<li><a
href="755ed7db09"><code>755ed7d</code></a>
[bot] Update dist directory</li>
<li>Additional commits viewable in <a
href="06832c7b30...8379f6a132">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gradle/actions&package-manager=github_actions&previous-version=4.3.1&new-version=4.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-20 11:51:52 +01:00
dependabot[bot]
1346abf0e5
Bump docker/build-push-action from 6.16.0 to 6.17.0 (#3541) 
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.16.0 to 6.17.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.17.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.59.0 to 0.61.0 by
<a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1364">docker/build-push-action#1364</a></li>
</ul>
<blockquote>
<p>[!NOTE]
Build record is now exported using the <a
href="https://docs.docker.com/reference/cli/docker/buildx/history/export/"><code>buildx
history export</code></a> command instead of the legacy export-build
tool.</p>
</blockquote>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.16.0...v6.17.0">https://github.com/docker/build-push-action/compare/v6.16.0...v6.17.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1dc7386353"><code>1dc7386</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1364">#1364</a>
from crazy-max/history-export-cmd</li>
<li><a
href="9c9803f364"><code>9c9803f</code></a>
chore: update generated content</li>
<li><a
href="db1f6c46e8"><code>db1f6c4</code></a>
DOCKER_BUILD_EXPORT_LEGACY env var to opt-in for legacy export</li>
<li><a
href="721e8c79de"><code>721e8c7</code></a>
Bump <code>@​docker/actions-toolkit</code> from 0.59.0 to 0.61.0</li>
<li>See full diff in <a
href="14487ce63c...1dc7386353">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6.16.0&new-version=6.17.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-05-20 11:50:59 +01:00
dependabot[bot]
b7eed4300e
Bump docker/build-push-action from 6.15.0 to 6.16.0 (#3442) 
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.15.0 to 6.16.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.16.0</h2>
<ul>
<li>Handle no default attestations env var by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1343">docker/build-push-action#1343</a></li>
<li>Only print secret keys in build summary output by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1353">docker/build-push-action#1353</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.56.0 to 0.59.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1352">docker/build-push-action#1352</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.15.0...v6.16.0">https://github.com/docker/build-push-action/compare/v6.15.0...v6.16.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="14487ce63c"><code>14487ce</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1343">#1343</a>
from crazy-max/fix-no-default-attest</li>
<li><a
href="0ec91264d8"><code>0ec9126</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1366">#1366</a>
from crazy-max/pr-assign-author</li>
<li><a
href="b749522b90"><code>b749522</code></a>
pr-assign-author workflow</li>
<li><a
href="c566248492"><code>c566248</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1363">#1363</a>
from crazy-max/fix-codecov</li>
<li><a
href="13275dd76e"><code>13275dd</code></a>
ci: fix missing source for codecov</li>
<li><a
href="67dc78bbaf"><code>67dc78b</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1361">#1361</a>
from mschoettle/patch-1</li>
<li><a
href="0760504437"><code>0760504</code></a>
docs: add validating build configuration example</li>
<li><a
href="1c198f4467"><code>1c198f4</code></a>
chore: update generated content</li>
<li><a
href="288d9e2e4a"><code>288d9e2</code></a>
handle no default attestations env var</li>
<li><a
href="88844b95d8"><code>88844b9</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1353">#1353</a>
from crazy-max/summary-secret-keys</li>
<li>Additional commits viewable in <a
href="471d1dc4e0...14487ce63c">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6.15.0&new-version=6.16.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-29 11:38:55 +01:00
Ludy
0b81dfdf7c
Upgrade Gradle to 8.14 in CI Workflows and Gradle Wrapper (#3425) 
# Description of Changes

This pull request upgrades the Gradle build system from version 8.12 to
8.14 across the Stirling-PDF project to enhance build stability,
compatibility, and performance. The changes include:

- **What was changed**:
- Updated the Gradle wrapper version in
`gradle/wrapper/gradle-wrapper.properties` from `8.12` to `8.14`.
- Modified the `tasks.wrapper` configuration in `build.gradle` to
specify `gradleVersion = "8.14"`.
- Updated Gradle version references in GitHub Actions workflows
(`multiOSReleases.yml`, `push-docker.yml`, `releaseArtifacts.yml`) from
`8.12` to `8.14` to ensure consistent CI/CD builds.

- **Why the change was made**:
- Gradle 8.14 includes bug fixes, performance improvements, and enhanced
compatibility with newer JDK versions (e.g., Java 17 and 21, as
supported by Stirling-PDF).
- Ensures alignment with the latest Gradle features and security
patches, reducing potential build issues in development and CI/CD
environments.
- Supports the project's recommendation to use newer JDK versions (e.g.,
Java 21) and improves integration with the Foojay Toolchains Plugin.

- **Challenges encountered**:
- Verified compatibility of Gradle 8.14 with existing plugins (e.g.,
`org.springframework.boot`, `org.sonarqube`, `com.diffplug.spotless`) to
ensure no breaking changes.
- Tested CI/CD workflows to confirm that the updated Gradle version does
not introduce failures in build, test, or deployment pipelines.
- Ensured the Gradle wrapper distribution URL is correctly updated to
avoid download issues.


---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [x] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.
 2025-04-27 16:17:07 +01:00
dependabot[bot]
da70980be4
Bump sigstore/cosign-installer from 3.8.1 to 3.8.2 (#3411) 
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer)
from 3.8.1 to 3.8.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.8.2</h2>
<h2>What's Changed</h2>
<ul>
<li>install cosign v2 from main in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/186">sigstore/cosign-installer#186</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3...v3.8.2">https://github.com/sigstore/cosign-installer/compare/v3...v3.8.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3454372f43"><code>3454372</code></a>
install cosign v2 from main (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/186">#186</a>)</li>
<li><a
href="b6ee8f83b9"><code>b6ee8f8</code></a>
Bump actions/setup-go from 5.3.0 to 5.4.0 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/185">#185</a>)</li>
<li>See full diff in <a
href="d7d6bc7722...3454372f43">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/cosign-installer&package-manager=github_actions&previous-version=3.8.1&new-version=3.8.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-24 12:36:14 +01:00
dependabot[bot]
62ec512dda
Bump step-security/harden-runner from 2.11.1 to 2.12.0 (#3394) 
Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.11.1 to 2.12.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.12.0</h2>
<h2>What's Changed</h2>
<ol>
<li>
<p>A new option, <code>disable-sudo-and-containers</code>, is now
available to replace the <code>disable-sudo policy</code>, addressing
Docker-based privilege escalation (<a
href="https://github.com/step-security/harden-runner/security/advisories/GHSA-mxr3-8whj-j74r">CVE-2025-32955</a>).
More details can be found in this <a
href="https://www.stepsecurity.io/blog/evolving-harden-runners-disable-sudo-policy-for-improved-runner-security">blog
post</a>.</p>
</li>
<li>
<p>New detections have been added based on insights from the tj-actions
and reviewdog actions incidents.</p>
</li>
</ol>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.12.0">https://github.com/step-security/harden-runner/compare/v2...v2.12.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0634a2670c"><code>0634a26</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/541">#541</a>
from step-security/rc-20</li>
<li><a
href="2e3c511341"><code>2e3c511</code></a>
Update action.yml</li>
<li><a
href="40873e6a41"><code>40873e6</code></a>
Update README.md</li>
<li><a
href="484c2799ec"><code>484c279</code></a>
Update README.md</li>
<li><a
href="4c8582f455"><code>4c8582f</code></a>
Update agent versions</li>
<li><a
href="e8d595cd66"><code>e8d595c</code></a>
fix disable_sudo_and_containers bug</li>
<li><a
href="5d277fc873"><code>5d277fc</code></a>
fix journalctl related bug</li>
<li><a
href="ff2ab228bd"><code>ff2ab22</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/536">#536</a>
from rohan-stepsecurity/feat/flag/disable-sudo-and-co...</li>
<li><a
href="b81d650d0e"><code>b81d650</code></a>
fix: run sudo command only when both disable-sudo and
disable-sudo-and-docker...</li>
<li><a
href="769df4ef5d"><code>769df4e</code></a>
Update agent</li>
<li>Additional commits viewable in <a
href="c6295a65d1...0634a2670c">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.11.1&new-version=2.12.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-24 10:43:08 +01:00
dependabot[bot]
fd34782bcc
Bump actions/setup-java from 4.7.0 to 4.7.1 (#3339) 
Bumps [actions/setup-java](https://github.com/actions/setup-java) from
4.7.0 to 4.7.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-java/releases">actions/setup-java's
releases</a>.</em></p>
<blockquote>
<h2>v4.7.1</h2>
<h2>What's Changed</h2>
<h3>Documentation changes</h3>
<ul>
<li>Add Documentation to Recommend Using GraalVM JDK 17 Version to
17.0.12 to Align with GFTC License Terms by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/704">actions/setup-java#704</a></li>
<li>Remove duplicated GraalVM section in documentation by <a
href="https://github.com/Marcono1234"><code>@​Marcono1234</code></a> in
<a
href="https://redirect.github.com/actions/setup-java/pull/716">actions/setup-java#716</a></li>
</ul>
<h3>Dependency updates:</h3>
<ul>
<li>Upgrade <code>@​action/cache</code> from 4.0.0 to 4.0.2 by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/766">actions/setup-java#766</a></li>
<li>Upgrade <code>@​actions/glob</code> from 0.4.0 to 0.5.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/744">actions/setup-java#744</a></li>
<li>Upgrade ts-jest from 29.1.2 to 29.2.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/743">actions/setup-java#743</a></li>
<li>Upgrade <code>@​action/cache</code> to 4.0.3 by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/773">actions/setup-java#773</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-java/compare/v4...v4.7.1">https://github.com/actions/setup-java/compare/v4...v4.7.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c5195efecf"><code>c5195ef</code></a>
actions/cache upgrade to 4.0.3 (<a
href="https://redirect.github.com/actions/setup-java/issues/773">#773</a>)</li>
<li><a
href="dd38875f93"><code>dd38875</code></a>
Bump ts-jest from 29.1.2 to 29.2.5 (<a
href="https://redirect.github.com/actions/setup-java/issues/743">#743</a>)</li>
<li><a
href="148017a9b0"><code>148017a</code></a>
Bump <code>@​actions/glob</code> from 0.4.0 to 0.5.0 (<a
href="https://redirect.github.com/actions/setup-java/issues/744">#744</a>)</li>
<li><a
href="3b6c050358"><code>3b6c050</code></a>
Remove duplicated GraalVM section in documentation (<a
href="https://redirect.github.com/actions/setup-java/issues/716">#716</a>)</li>
<li><a
href="b8ebb8ba1d"><code>b8ebb8b</code></a>
upgrade <code>@​action/cache</code> from 4.0.0 to 4.0.2 (<a
href="https://redirect.github.com/actions/setup-java/issues/766">#766</a>)</li>
<li><a
href="799ee7c97e"><code>799ee7c</code></a>
Add Documentation to Recommend Using GraalVM JDK 17 Version to 17.0.12
to Ali...</li>
<li>See full diff in <a
href="3a4f6e1af5...c5195efecf">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-java&package-manager=github_actions&previous-version=4.7.0&new-version=4.7.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-12 17:03:17 +01:00
dependabot[bot]
2938fcc044
Bump step-security/harden-runner from 2.11.0 to 2.11.1 (#3285) 
Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.11.0 to 2.11.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.11.1</h2>
<h2>What's Changed</h2>
<ul>
<li>cache: add support for GitHub Actions cache v2 by <a
href="https://github.com/h0x0er"><code>@​h0x0er</code></a> in <a
href="https://redirect.github.com/step-security/harden-runner/pull/529">step-security/harden-runner#529</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.11.1">https://github.com/step-security/harden-runner/compare/v2...v2.11.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c6295a65d1"><code>c6295a6</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/530">#530</a>
from step-security/rc-19</li>
<li><a
href="3e118b145b"><code>3e118b1</code></a>
Improve error handling</li>
<li><a
href="b38e918ba8"><code>b38e918</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/529">#529</a>
from h0x0er/jatin/cache-fix</li>
<li><a
href="0664d30cda"><code>0664d30</code></a>
cache: added support for cache v2</li>
<li><a
href="b131ca5ebf"><code>b131ca5</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/524">#524</a>
from step-security/fix/security/GHSA-968p-4wvh-cqc8</li>
<li><a
href="2dc9579753"><code>2dc9579</code></a>
Address vulnerabilities</li>
<li><a
href="f054d811b5"><code>f054d81</code></a>
Update README (<a
href="https://redirect.github.com/step-security/harden-runner/issues/522">#522</a>)</li>
<li><a
href="8a09271fed"><code>8a09271</code></a>
Update Readme (<a
href="https://redirect.github.com/step-security/harden-runner/issues/520">#520</a>)</li>
<li><a
href="6ec6af7d62"><code>6ec6af7</code></a>
Update readme (<a
href="https://redirect.github.com/step-security/harden-runner/issues/518">#518</a>)</li>
<li><a
href="539365ba33"><code>539365b</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/516">#516</a>
from vorburger/patch-1</li>
<li>Additional commits viewable in <a
href="4d991eb9b9...c6295a65d1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.11.0&new-version=2.11.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-02 16:53:13 +01:00
dependabot[bot]
472d0b14db
Bump gradle/actions from 4.3.0 to 4.3.1 (#3276) 
Bumps [gradle/actions](https://github.com/gradle/actions) from 4.3.0 to
4.3.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gradle/actions/releases">gradle/actions's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.1</h2>
<p>This release fixes a couple of minor issues, as well as keeping
dependencies up to date.</p>
<h2>Fixed issues</h2>
<ul>
<li>The develocity-allow-untrusted-server parameter should be honoured
when fetching short-lived access tokens <a
href="https://redirect.github.com/gradle/actions/issues/583">#583</a></li>
<li>Build summary may incorrectly report build success <a
href="https://redirect.github.com/gradle/actions/issues/415">#415</a></li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>Update develocity-injection init script to v1.1.1 by <a
href="https://github.com/bot-githubaction"><code>@​bot-githubaction</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/545">gradle/actions#545</a></li>
<li>Bump the github-actions group across 2 directories with 3 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/547">gradle/actions#547</a></li>
<li>Bump the npm-dependencies group in /sources with 2 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/548">gradle/actions#548</a></li>
<li>Update develocity-injection init script to v1.2 by <a
href="https://github.com/bot-githubaction"><code>@​bot-githubaction</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/550">gradle/actions#550</a></li>
<li>Bump the github-actions group across 1 directory with 2 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/552">gradle/actions#552</a></li>
<li>Bump the npm-dependencies group across 1 directory with 5 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/558">gradle/actions#558</a></li>
<li>Update known wrapper checksums by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/560">gradle/actions#560</a></li>
<li>Bump references to Develocity Gradle plugin from 3.19.1 to 3.19.2 by
<a
href="https://github.com/bot-githubaction"><code>@​bot-githubaction</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/561">gradle/actions#561</a></li>
<li>Catch more build failures in job summary by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/571">gradle/actions#571</a></li>
<li>Scope captured build failures by <a
href="https://github.com/erichaagdev"><code>@​erichaagdev</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/574">gradle/actions#574</a></li>
<li>Ignore SSL certificate validation when fetching Develocity
short-lived access token if
<code>develocity-allow-untrusted-server</code> is enabled by <a
href="https://github.com/remcomokveld"><code>@​remcomokveld</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/575">gradle/actions#575</a></li>
<li>Dependency updates by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/579">gradle/actions#579</a></li>
<li>Bump com.google.guava:guava from 33.4.5-jre to 33.4.6-jre in
/.github/workflow-samples/kotlin-dsl in the gradle group across 1
directory by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/580">gradle/actions#580</a></li>
<li>Bump the github-actions group across 2 directories with 2 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/582">gradle/actions#582</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/erichaagdev"><code>@​erichaagdev</code></a>
made their first contribution in <a
href="https://redirect.github.com/gradle/actions/pull/574">gradle/actions#574</a></li>
<li><a
href="https://github.com/remcomokveld"><code>@​remcomokveld</code></a>
made their first contribution in <a
href="https://redirect.github.com/gradle/actions/pull/575">gradle/actions#575</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gradle/actions/compare/v4.3.0...v4.3.1">https://github.com/gradle/actions/compare/v4.3.0...v4.3.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="06832c7b30"><code>06832c7</code></a>
Bump the github-actions group across 2 directories with 2 updates</li>
<li><a
href="b7b029e5c4"><code>b7b029e</code></a>
Bump com.google.guava:guava from 33.4.5-jre to 33.4.6-jre in
/.github/workflo...</li>
<li><a
href="a0bd2ca5cb"><code>a0bd2ca</code></a>
[bot] Update dist directory</li>
<li><a
href="7974541d55"><code>7974541</code></a>
Dependency updates (<a
href="https://redirect.github.com/gradle/actions/issues/579">#579</a>)</li>
<li><a
href="a581639303"><code>a581639</code></a>
Update DSL samples to use test suites</li>
<li><a
href="acd2925667"><code>acd2925</code></a>
Update java-toolchain sample to use Kotlin DSL</li>
<li><a
href="aa88309fbd"><code>aa88309</code></a>
Update gradle-plugin sample to use Kotlin DSL</li>
<li><a
href="086c9e4b25"><code>086c9e4</code></a>
Revert update to eslint-plugin-github</li>
<li><a
href="d31b81842d"><code>d31b818</code></a>
Update patch file for actions/cache@v4.0.3</li>
<li><a
href="2778b4a120"><code>2778b4a</code></a>
Bump the npm-dependencies group across 1 directory with 8 updates</li>
<li>Additional commits viewable in <a
href="94baf225fe...06832c7b30">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gradle/actions&package-manager=github_actions&previous-version=4.3.0&new-version=4.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-04-02 13:40:34 +01:00
dependabot[bot]
976342e10a
Bump docker/login-action from 3.3.0 to 3.4.0 (#3188) 
Bumps [docker/login-action](https://github.com/docker/login-action) from
3.3.0 to 3.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/login-action/releases">docker/login-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.0</h2>
<ul>
<li>Bump <code>@​actions/core</code> from 1.10.1 to 1.11.1 in <a
href="https://redirect.github.com/docker/login-action/pull/791">docker/login-action#791</a></li>
<li>Bump <code>@​aws-sdk/client-ecr</code> to 3.766.0 in <a
href="https://redirect.github.com/docker/login-action/pull/789">docker/login-action#789</a>
<a
href="https://redirect.github.com/docker/login-action/pull/856">docker/login-action#856</a></li>
<li>Bump <code>@​aws-sdk/client-ecr-public</code> to 3.758.0 in <a
href="https://redirect.github.com/docker/login-action/pull/789">docker/login-action#789</a>
<a
href="https://redirect.github.com/docker/login-action/pull/856">docker/login-action#856</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.35.0 to 0.57.0 in
<a
href="https://redirect.github.com/docker/login-action/pull/801">docker/login-action#801</a>
<a
href="https://redirect.github.com/docker/login-action/pull/806">docker/login-action#806</a>
<a
href="https://redirect.github.com/docker/login-action/pull/858">docker/login-action#858</a></li>
<li>Bump cross-spawn from 7.0.3 to 7.0.6 in <a
href="https://redirect.github.com/docker/login-action/pull/814">docker/login-action#814</a></li>
<li>Bump https-proxy-agent from 7.0.5 to 7.0.6 in <a
href="https://redirect.github.com/docker/login-action/pull/823">docker/login-action#823</a></li>
<li>Bump path-to-regexp from 6.2.2 to 6.3.0 in <a
href="https://redirect.github.com/docker/login-action/pull/777">docker/login-action#777</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v3.3.0...v3.4.0">https://github.com/docker/login-action/compare/v3.3.0...v3.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="74a5d14239"><code>74a5d14</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/856">#856</a>
from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li>
<li><a
href="2f4f00e4c6"><code>2f4f00e</code></a>
chore: update generated content</li>
<li><a
href="67c184546c"><code>67c1845</code></a>
build(deps): bump the aws-sdk-dependencies group across 1 directory with
2 up...</li>
<li><a
href="3d4cc89e85"><code>3d4cc89</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/844">#844</a>
from graysonpike/master</li>
<li><a
href="6cc823a6c4"><code>6cc823a</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/823">#823</a>
from docker/dependabot/npm_and_yarn/proxy-agent-depen...</li>
<li><a
href="d94e792124"><code>d94e792</code></a>
chore: update generated content</li>
<li><a
href="033db0da30"><code>033db0d</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/812">#812</a>
from docker/dependabot/github_actions/codecov/codecov...</li>
<li><a
href="09c2ae9716"><code>09c2ae9</code></a>
build(deps): bump https-proxy-agent</li>
<li><a
href="ba56f006fc"><code>ba56f00</code></a>
ci: update deprecated input for codecov-action</li>
<li><a
href="75bf9a79af"><code>75bf9a7</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/858">#858</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li>Additional commits viewable in <a
href="9780b0c442...74a5d14239">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/login-action&package-manager=github_actions&previous-version=3.3.0&new-version=3.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-03-20 07:58:56 +00:00
dependabot[bot]
04cfa9b0f3
Bump docker/build-push-action from 6.14.0 to 6.15.0 (#3091) 
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.14.0 to 6.15.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.15.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.55.0 to 0.56.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1330">docker/build-push-action#1330</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.14.0...v6.15.0">https://github.com/docker/build-push-action/compare/v6.14.0...v6.15.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="471d1dc4e0"><code>471d1dc</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1330">#1330</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="b89ff0a6f2"><code>b89ff0a</code></a>
chore: update generated content</li>
<li><a
href="1e3ae3a4d3"><code>1e3ae3a</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.55.0 to
0.56.0</li>
<li><a
href="b16f42f92a"><code>b16f42f</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1325">#1325</a>
from crazy-max/buildx-edge</li>
<li><a
href="dc0fea5e62"><code>dc0fea5</code></a>
ci: update buildx to edge and buildkit to latest</li>
<li>See full diff in <a
href="0adf995921...471d1dc4e0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6.14.0&new-version=6.15.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-03-01 19:37:06 +00:00
dependabot[bot]
bc9148073c
Bump docker/setup-qemu-action from 3.4.0 to 3.6.0 (#3092) 
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[docker/setup-qemu-action](https://github.com/docker/setup-qemu-action)
from 3.4.0 to 3.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-qemu-action/releases">docker/setup-qemu-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.6.0</h2>
<ul>
<li>Display binfmt version by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/202">docker/setup-qemu-action#202</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-qemu-action/compare/v3.5.0...v3.6.0">https://github.com/docker/setup-qemu-action/compare/v3.5.0...v3.6.0</a></p>
<h2>v3.5.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.54.0 to 0.56.0 in
<a
href="https://redirect.github.com/docker/setup-qemu-action/pull/205">docker/setup-qemu-action#205</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-qemu-action/compare/v3.4.0...v3.5.0">https://github.com/docker/setup-qemu-action/compare/v3.4.0...v3.5.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="29109295f8"><code>2910929</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/202">#202</a>
from crazy-max/binfmt-version</li>
<li><a
href="7ffe24aa9a"><code>7ffe24a</code></a>
chore: update generated content</li>
<li><a
href="17bc18bb05"><code>17bc18b</code></a>
display binfmt version</li>
<li><a
href="5964de0df5"><code>5964de0</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/205">#205</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="862b6633f8"><code>862b663</code></a>
chore: update generated content</li>
<li><a
href="138de3b646"><code>138de3b</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.54.0 to
0.56.0</li>
<li>See full diff in <a
href="4574d27a47...29109295f8">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-qemu-action&package-manager=github_actions&previous-version=3.4.0&new-version=3.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-03-01 19:36:23 +00:00
dependabot[bot]
5c4f463cc8
Bump docker/setup-buildx-action from 3.9.0 to 3.10.0 (#3093) 
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 3.9.0 to 3.10.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.10.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.54.0 to 0.56.0 in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/408">docker/setup-buildx-action#408</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0">https://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b5ca514318"><code>b5ca514</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/408">#408</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="1418a4ef33"><code>1418a4e</code></a>
chore: update generated content</li>
<li><a
href="93acf831ce"><code>93acf83</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.54.0 to
0.56.0</li>
<li>See full diff in <a
href="f7ce87c1d6...b5ca514318">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=3.9.0&new-version=3.10.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-03-01 19:35:43 +00:00
dependabot[bot]
127256c3da
Bump docker/metadata-action from 5.6.1 to 5.7.0 (#3094) 
Bumps
[docker/metadata-action](https://github.com/docker/metadata-action) from
5.6.1 to 5.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/metadata-action/releases">docker/metadata-action's
releases</a>.</em></p>
<blockquote>
<h2>v5.7.0</h2>
<ul>
<li>Global expressions support for labels and annotations by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/metadata-action/pull/489">docker/metadata-action#489</a></li>
<li>Support disabling outputs as environment variables by <a
href="https://github.com/omus"><code>@​omus</code></a> in <a
href="https://redirect.github.com/docker/metadata-action/pull/497">docker/metadata-action#497</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.44.0 to 0.56.0 in
<a
href="https://redirect.github.com/docker/metadata-action/pull/507">docker/metadata-action#507</a>
<a
href="https://redirect.github.com/docker/metadata-action/pull/509">docker/metadata-action#509</a></li>
<li>Bump csv-parse from 5.5.6 to 5.6.0 in <a
href="https://redirect.github.com/docker/metadata-action/pull/482">docker/metadata-action#482</a></li>
<li>Bump moment-timezone from 0.5.46 to 0.5.47 in <a
href="https://redirect.github.com/docker/metadata-action/pull/501">docker/metadata-action#501</a></li>
<li>Bump semver from 7.6.3 to 7.7.1 in <a
href="https://redirect.github.com/docker/metadata-action/pull/504">docker/metadata-action#504</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/metadata-action/compare/v5.6.1...v5.7.0">https://github.com/docker/metadata-action/compare/v5.6.1...v5.7.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="902fa8ec7d"><code>902fa8e</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/metadata-action/issues/504">#504</a>
from docker/dependabot/npm_and_yarn/semver-7.7.1</li>
<li><a
href="c30b9c27e6"><code>c30b9c2</code></a>
chore: update generated content</li>
<li><a
href="0698804aab"><code>0698804</code></a>
chore(deps): Bump semver from 7.6.3 to 7.7.1</li>
<li><a
href="bb3eecaaf8"><code>bb3eeca</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/metadata-action/issues/501">#501</a>
from docker/dependabot/npm_and_yarn/moment-timezone-0...</li>
<li><a
href="94a839cf6a"><code>94a839c</code></a>
chore: update generated content</li>
<li><a
href="ecd51a0f6a"><code>ecd51a0</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/metadata-action/issues/509">#509</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="a85b1dbfe6"><code>a85b1db</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.55.0 to
0.56.0</li>
<li><a
href="5a76a0efcf"><code>5a76a0e</code></a>
chore(deps): Bump moment-timezone from 0.5.46 to 0.5.47</li>
<li><a
href="1cc4a9856a"><code>1cc4a98</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/metadata-action/issues/482">#482</a>
from docker/dependabot/npm_and_yarn/csv-parse-5.6.0</li>
<li><a
href="d84de1e022"><code>d84de1e</code></a>
chore: update generated content</li>
<li>Additional commits viewable in <a
href="369eb591f4...902fa8ec7d">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/metadata-action&package-manager=github_actions&previous-version=5.6.1&new-version=5.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-03-01 19:35:32 +00:00
dependabot[bot]
3797a6827c
Bump docker/build-push-action from 6.13.0 to 6.14.0 (#3012) 
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.13.0 to 6.14.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.14.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.53.0 to 0.55.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1324">docker/build-push-action#1324</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.13.0...v6.14.0">https://github.com/docker/build-push-action/compare/v6.13.0...v6.14.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0adf995921"><code>0adf995</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1324">#1324</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="d88cd289df"><code>d88cd28</code></a>
chore: update generated content</li>
<li><a
href="3d09a6bd70"><code>3d09a6b</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.53.0 to
0.55.0</li>
<li>See full diff in <a
href="ca877d9245...0adf995921">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6.13.0&new-version=6.14.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-22 22:54:43 +00:00
dependabot[bot]
0f5d95661c
Bump sigstore/cosign-installer from 3.8.0 to 3.8.1 (#3010) 
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer)
from 3.8.0 to 3.8.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.8.1</h2>
<h2>What's Changed</h2>
<ul>
<li>use cosign 2.4.3 and other updates by <a
href="https://github.com/cpanato"><code>@​cpanato</code></a> in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/182">sigstore/cosign-installer#182</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3...v3.8.1">https://github.com/sigstore/cosign-installer/compare/v3...v3.8.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d7d6bc7722"><code>d7d6bc7</code></a>
use cosign 2.4.3 and other updates (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/182">#182</a>)</li>
<li>See full diff in <a
href="c56c2d3e59...d7d6bc7722">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/cosign-installer&package-manager=github_actions&previous-version=3.8.0&new-version=3.8.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-22 22:49:28 +00:00
dependabot[bot]
554c112a94
Bump step-security/harden-runner from 2.10.4 to 2.11.0 (#2980) 
Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.10.4 to 2.11.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.11.0</h2>
<h2>What's Changed</h2>
<p>Release v2.11.0 in <a
href="https://redirect.github.com/step-security/harden-runner/issues/498">#498</a>
Harden-Runner Enterprise tier now supports the use of eBPF for DNS
resolution and network call monitoring</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.11.0">https://github.com/step-security/harden-runner/compare/v2...v2.11.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4d991eb9b9"><code>4d991eb</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/498">#498</a>
from step-security/rc-18</li>
<li><a
href="4ea872f897"><code>4ea872f</code></a>
Update README.md</li>
<li><a
href="65d6f6e4ee"><code>65d6f6e</code></a>
Add workflows</li>
<li><a
href="1034c9a805"><code>1034c9a</code></a>
Update package-lock.json</li>
<li><a
href="ab221e2d7a"><code>ab221e2</code></a>
Update agent</li>
<li><a
href="7cb6c2fb52"><code>7cb6c2f</code></a>
Update agent</li>
<li>See full diff in <a
href="cb605e52c2...4d991eb9b9">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.10.4&new-version=2.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-18 12:07:08 +00:00
Anthony Stirling
d34c44ed7b
[Test PR] Desktop fix and unoconv to unoserver (#2971) 
# Description of Changes

This pull request includes several updates to the Docker configuration
and Java application UI scaling. The changes enhance environment
variable management, dependency installation, and UI responsiveness to
different screen sizes.

### Docker Configuration Updates:
* Added new environment variables `STIRLING_PDF_DESKTOP_UI`,
`PYTHONPATH`, `UNO_PATH`, and `URE_BOOTSTRAP` to `Dockerfile` and
`Dockerfile.fat` to improve the configuration and integration of the
LibreOffice environment.
[[1]](diffhunk://#diff-dd2c0eb6ea5cfc6c4bd4eac30934e2d5746747af48fef6da689e85b752f39557L38-R46)
[[2]](diffhunk://#diff-571631582b988e88c52c86960cc083b0b8fa63cf88f056f26e9e684195221c27L40-R49)
* Updated the `CMD` instruction in `Dockerfile` and `Dockerfile.fat` to
run both the Java application and `unoserver` simultaneously.
[[1]](diffhunk://#diff-dd2c0eb6ea5cfc6c4bd4eac30934e2d5746747af48fef6da689e85b752f39557L87-R96)
[[2]](diffhunk://#diff-571631582b988e88c52c86960cc083b0b8fa63cf88f056f26e9e684195221c27L87-R100)
* Modified the `RUN` instruction to include additional Python
dependencies and setup a virtual environment.
[[1]](diffhunk://#diff-dd2c0eb6ea5cfc6c4bd4eac30934e2d5746747af48fef6da689e85b752f39557L68-R81)
[[2]](diffhunk://#diff-571631582b988e88c52c86960cc083b0b8fa63cf88f056f26e9e684195221c27R72-R86)

### Workflow Enhancements:
* Added `STIRLING_PDF_DESKTOP_UI` environment variable to the GitHub
Actions workflows (`PR-Demo-Comment.yml` and `push-docker.yml`) to
ensure consistent environment settings.
[[1]](diffhunk://#diff-145fe5c0ed8c24e4673c9ad39800dd171a2d0a2e8050497cff980fc7e3a3df0dR106)
[[2]](diffhunk://#diff-76056236de05155107f6a660f1e3956059e37338011b8f0e72188afcb9b17b6fR41)

### Java Application UI Scaling:
* Introduced `UIScaling` utility to dynamically adjust the size of UI
components based on screen resolution in `DesktopBrowser` and
`LoadingWindow` classes.
[[1]](diffhunk://#diff-dff83b0fe53cba8ee80dc8cee96b9c2bfec612ec1f2c636ebdf22dedb36671e8L218-R219)
[[2]](diffhunk://#diff-dff83b0fe53cba8ee80dc8cee96b9c2bfec612ec1f2c636ebdf22dedb36671e8L267-R270)
[[3]](diffhunk://#diff-3e287daf297213b698b3c94d6e6ed4aae139d570ba6b115da459d72b5c36c42fL44-R64)
[[4]](diffhunk://#diff-3e287daf297213b698b3c94d6e6ed4aae139d570ba6b115da459d72b5c36c42fL86-R102)
* Improved the loading of icons by using the `UIScaling` utility for
better visual quality.

---

## Checklist

### General

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.

---------

Co-authored-by: pixeebot[bot] <104101892+pixeebot[bot]@users.noreply.github.com>
Co-authored-by: a <a>
 2025-02-18 11:57:56 +00:00
dependabot[bot]
c1d7217242
Bump sigstore/cosign-installer from 3.7.0 to 3.8.0 (#2901) 
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer)
from 3.7.0 to 3.8.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.8.0</h2>
<h2>What's Changed</h2>
<ul>
<li>test action against all non-rc releases, verify entry in rekor log
by <a
href="https://github.com/bobcallaway"><code>@​bobcallaway</code></a> in
<a
href="https://redirect.github.com/sigstore/cosign-installer/pull/179">sigstore/cosign-installer#179</a></li>
<li>bump for cosign v2.4.2 release by <a
href="https://github.com/bobcallaway"><code>@​bobcallaway</code></a> in
<a
href="https://redirect.github.com/sigstore/cosign-installer/pull/181">sigstore/cosign-installer#181</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3...v3.8.0">https://github.com/sigstore/cosign-installer/compare/v3...v3.8.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c56c2d3e59"><code>c56c2d3</code></a>
Bump actions/setup-go from 5.2.0 to 5.3.0 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/180">#180</a>)</li>
<li><a
href="02e36b8dc8"><code>02e36b8</code></a>
bump for cosign v2.4.2 release (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/181">#181</a>)</li>
<li><a
href="789d2886c0"><code>789d288</code></a>
test action against all non-rc releases, verify entry in rekor log (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/179">#179</a>)</li>
<li><a
href="e11c089243"><code>e11c089</code></a>
Bump actions/setup-go from 5.1.0 to 5.2.0 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/178">#178</a>)</li>
<li><a
href="718228a5f8"><code>718228a</code></a>
Bump actions/setup-go from 5.0.2 to 5.1.0 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/176">#176</a>)</li>
<li><a
href="325063e39f"><code>325063e</code></a>
Bump actions/checkout from 4.2.1 to 4.2.2 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/177">#177</a>)</li>
<li><a
href="b929758a86"><code>b929758</code></a>
Bump actions/checkout from 4.2.0 to 4.2.1 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/175">#175</a>)</li>
<li>See full diff in <a
href="dc72c7d5c4...c56c2d3e59">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/cosign-installer&package-manager=github_actions&previous-version=3.7.0&new-version=3.8.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com>
Co-authored-by: Ludy <Ludy87@users.noreply.github.com>
 2025-02-17 10:24:25 +00:00
dependabot[bot]
bc3340f3ba
Bump docker/setup-buildx-action from 3.8.0 to 3.9.0 (#2922) 
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 3.8.0 to 3.9.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.9.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.48.0 to 0.54.0 in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/402">docker/setup-buildx-action#402</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/404">docker/setup-buildx-action#404</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0">https://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f7ce87c1d6"><code>f7ce87c</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/404">#404</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="aa1e2a0b49"><code>aa1e2a0</code></a>
chore: update generated content</li>
<li><a
href="673e008776"><code>673e008</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.53.0 to
0.54.0</li>
<li><a
href="ba31df4664"><code>ba31df4</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/402">#402</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="5475af18ec"><code>5475af1</code></a>
chore: update generated content</li>
<li><a
href="acacad903e"><code>acacad9</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.48.0 to
0.53.0</li>
<li><a
href="6a25f988bd"><code>6a25f98</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/396">#396</a>
from crazy-max/bake-v6</li>
<li><a
href="ca1af179f5"><code>ca1af17</code></a>
update bake-action to v6</li>
<li>See full diff in <a
href="6524bf65af...f7ce87c1d6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=3.8.0&new-version=3.9.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-10 10:51:41 +00:00
dependabot[bot]
0aeb22e7c8
Bump docker/setup-qemu-action from 3.3.0 to 3.4.0 (#2902) 
Bumps
[docker/setup-qemu-action](https://github.com/docker/setup-qemu-action)
from 3.3.0 to 3.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-qemu-action/releases">docker/setup-qemu-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.49.0 to 0.54.0 in
<a
href="https://redirect.github.com/docker/setup-qemu-action/pull/193">docker/setup-qemu-action#193</a>
<a
href="https://redirect.github.com/docker/setup-qemu-action/pull/197">docker/setup-qemu-action#197</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-qemu-action/compare/v3.3.0...v3.4.0">https://github.com/docker/setup-qemu-action/compare/v3.3.0...v3.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4574d27a47"><code>4574d27</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/195">#195</a>
from radarhere/patch-1</li>
<li><a
href="7a38281c35"><code>7a38281</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/197">#197</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="7a1c63f9e5"><code>7a1c63f</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.53.0 to
0.54.0</li>
<li><a
href="2825a1268f"><code>2825a12</code></a>
Fixed typo</li>
<li><a
href="f30d974279"><code>f30d974</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/193">#193</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="568bf0683b"><code>568bf06</code></a>
chore: update generated content</li>
<li><a
href="a1aad7b5f5"><code>a1aad7b</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.49.0 to
0.53.0</li>
<li><a
href="e5daf5da4e"><code>e5daf5d</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/189">#189</a>
from crazy-max/bake-v6</li>
<li><a
href="faec242d1f"><code>faec242</code></a>
update bake-action to v6</li>
<li>See full diff in <a
href="53851d1459...4574d27a47">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-qemu-action&package-manager=github_actions&previous-version=3.3.0&new-version=3.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com>
 2025-02-10 10:47:34 +00:00
dependabot[bot]
b9bfcd59cd
Bump gradle/actions from 4.2.2 to 4.3.0 (#2870) 
Bumps [gradle/actions](https://github.com/gradle/actions) from 4.2.2 to
4.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gradle/actions/releases">gradle/actions's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.0</h2>
<p>This release brings some significant improvements to cache-cleanup
and dependency-submission:</p>
<ul>
<li>Cleanup cache entries written by newly released Gradle versions (<a
href="https://redirect.github.com/gradle/actions/issues/436">#436</a>)</li>
<li>Use existing Gradle wrapper distribution for cache-cleanup where
possible (<a
href="https://redirect.github.com/gradle/actions/issues/515">#515</a>)</li>
<li>Automatically save each dependency-graph that is submitted by
<code>dependency-submission</code> (<a
href="https://redirect.github.com/gradle/actions/issues/519">#519</a>)</li>
<li>Fix deprecation warnings emitted by Gradle 8.12+ when:
<ul>
<li>Using <code>build-scan-publish: true</code> or Develocity injection
(<a
href="https://redirect.github.com/gradle/actions/issues/543">#543</a>)</li>
<li>Using dependency-submission with an authenticated plugin repository
with Gradle (<a
href="https://redirect.github.com/gradle/actions/issues/541">#541</a>)</li>
</ul>
</li>
<li>Fix warning when using toolchain support with Gradle 7.x (<a
href="https://redirect.github.com/gradle/actions/issues/511">#511</a>)</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>Update known wrapper checksums by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/493">gradle/actions#493</a></li>
<li>Fix typo in <code>cache-reporting.ts</code> by <a
href="https://github.com/SimonMarquis"><code>@​SimonMarquis</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/492">gradle/actions#492</a></li>
<li>Bump Gradle Wrappers by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/499">gradle/actions#499</a></li>
<li>Bump the github-actions group across 3 directories with 7 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/510">gradle/actions#510</a></li>
<li>Bump the npm-dependencies group across 1 directory with 6 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/512">gradle/actions#512</a></li>
<li>Clean-up missing imports for tests by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/513">gradle/actions#513</a></li>
<li>Bump the npm-dependencies group in /sources with 3 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/521">gradle/actions#521</a></li>
<li>Add npm build scans by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/517">gradle/actions#517</a></li>
<li>Avoid env-var interpolation in toolchains.xml by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/518">gradle/actions#518</a></li>
<li>Avoid saving build-results for cache cleanup by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/520">gradle/actions#520</a></li>
<li>Save dependency graph as workflow artifact by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/522">gradle/actions#522</a></li>
<li>Update to CCUDGP 2.1 by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/524">gradle/actions#524</a></li>
<li>Bump references to Develocity Gradle plugin from 3.19 to 3.19.1 by
<a
href="https://github.com/bot-githubaction"><code>@​bot-githubaction</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/527">gradle/actions#527</a></li>
<li>Choose best Gradle version to use for cache cleanup by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/526">gradle/actions#526</a></li>
<li>Uppercase cache-encryption-key by <a
href="https://github.com/Goooler"><code>@​Goooler</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/528">gradle/actions#528</a></li>
<li>Attempt to use gradle wrapper for cache cleanup by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/525">gradle/actions#525</a></li>
<li>Document GRADLE_ACTIONS_SKIP_BUILD_RESULT_CAPTURE by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/529">gradle/actions#529</a></li>
<li>Update known wrapper checksums by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/509">gradle/actions#509</a></li>
<li>Bump Gradle Wrappers by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/535">gradle/actions#535</a></li>
<li>Bump the github-actions group across 2 directories with 2 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/538">gradle/actions#538</a></li>
<li>Update undici to resolve vulnerability by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/536">gradle/actions#536</a></li>
<li>Bump the npm-dependencies group across 1 directory with 2 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/539">gradle/actions#539</a></li>
<li>Update docs for dependency review by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/540">gradle/actions#540</a></li>
<li>Fix space assignment deprecations in init-scripts by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/542">gradle/actions#542</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/SimonMarquis"><code>@​SimonMarquis</code></a>
made their first contribution in <a
href="https://redirect.github.com/gradle/actions/pull/492">gradle/actions#492</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gradle/actions/compare/v4.2.2...v4.3.0">https://github.com/gradle/actions/compare/v4.2.2...v4.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="94baf225fe"><code>94baf22</code></a>
Fix space assignment deprecations in init-scripts (<a
href="https://redirect.github.com/gradle/actions/issues/542">#542</a>)</li>
<li><a
href="6f10c21ec5"><code>6f10c21</code></a>
Make it easier to produce 'prerelease' versions</li>
<li><a
href="0b492c475f"><code>0b492c4</code></a>
Fix deprecation warnings in develocity init-script</li>
<li><a
href="79bad900c0"><code>79bad90</code></a>
Fix deprecation warnings in dependency-graph init-script</li>
<li><a
href="986922f6a6"><code>986922f</code></a>
Update docs for dependency review (<a
href="https://redirect.github.com/gradle/actions/issues/540">#540</a>)</li>
<li><a
href="65a3beb941"><code>65a3beb</code></a>
[bot] Update dist directory</li>
<li><a
href="0e67f6d83b"><code>0e67f6d</code></a>
Bump the npm-dependencies group across 1 directory with 2 updates</li>
<li><a
href="b6ac71fd86"><code>b6ac71f</code></a>
[bot] Update dist directory</li>
<li><a
href="9053a599ae"><code>9053a59</code></a>
Update undici to resolve vulnerability</li>
<li><a
href="7560c304a6"><code>7560c30</code></a>
Bump the github-actions group across 2 directories with 2 updates</li>
<li>Additional commits viewable in <a
href="0bdd871935...94baf225fe">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gradle/actions&package-manager=github_actions&previous-version=4.2.2&new-version=4.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com>
 2025-02-04 10:42:29 +00:00
dependabot[bot]
637446fab8
Bump actions/setup-java from 4.6.0 to 4.7.0 (#2855) 
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [actions/setup-java](https://github.com/actions/setup-java) from
4.6.0 to 4.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-java/releases">actions/setup-java's
releases</a>.</em></p>
<blockquote>
<h2>v4.7.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Configure Dependabot settings by <a
href="https://github.com/HarithaVattikuti"><code>@​HarithaVattikuti</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/722">actions/setup-java#722</a></li>
<li>README Update: Added a permissions section by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/723">actions/setup-java#723</a></li>
<li>Upgrade <code>cache</code> from version 3.2.4 to 4.0.0 by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/724">actions/setup-java#724</a></li>
<li>Upgrade <code>@actions/http-client</code> from 2.2.1 to 2.2.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/728">actions/setup-java#728</a></li>
<li>Upgrade <code>actions/publish-immutable-action</code> from 0.0.3 to
0.0.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/727">actions/setup-java#727</a></li>
<li>Upgrade <code>@types/jest</code> from 29.5.12 to 29.5.14 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/729">actions/setup-java#729</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/benwells"><code>@​benwells</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-java/pull/723">actions/setup-java#723</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-java/compare/v4...v4.7.0">https://github.com/actions/setup-java/compare/v4...v4.7.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3a4f6e1af5"><code>3a4f6e1</code></a>
Bump <code>@​types/jest</code> from 29.5.12 to 29.5.14 (<a
href="https://redirect.github.com/actions/setup-java/issues/729">#729</a>)</li>
<li><a
href="25f376e348"><code>25f376e</code></a>
Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (<a
href="https://redirect.github.com/actions/setup-java/issues/727">#727</a>)</li>
<li><a
href="d4e4b6bbc1"><code>d4e4b6b</code></a>
Bump <code>@​actions/http-client</code> from 2.2.1 to 2.2.3 (<a
href="https://redirect.github.com/actions/setup-java/issues/728">#728</a>)</li>
<li><a
href="28b532bcb3"><code>28b532b</code></a>
Create dependabot.yml (<a
href="https://redirect.github.com/actions/setup-java/issues/722">#722</a>)</li>
<li><a
href="51ab6d2e30"><code>51ab6d2</code></a>
Update cache from 3.2.4 to 4.0.0 (<a
href="https://redirect.github.com/actions/setup-java/issues/724">#724</a>)</li>
<li><a
href="99d3141d9b"><code>99d3141</code></a>
Update README.md (<a
href="https://redirect.github.com/actions/setup-java/issues/723">#723</a>)</li>
<li>See full diff in <a
href="7a6d8a8234...3a4f6e1af5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-java&package-manager=github_actions&previous-version=4.6.0&new-version=4.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-03 10:08:34 +00:00
dependabot[bot]
e690b09ed2
Bump docker/build-push-action from 6.12.0 to 6.13.0 (#2800) 
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.12.0 to 6.13.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.13.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.51.0 to 0.53.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1308">docker/build-push-action#1308</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.12.0...v6.13.0">https://github.com/docker/build-push-action/compare/v6.12.0...v6.13.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ca877d9245"><code>ca877d9</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1308">#1308</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="d2fe919bb5"><code>d2fe919</code></a>
chore: update generated content</li>
<li><a
href="f0fc9ece82"><code>f0fc9ec</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.51.0 to
0.53.0</li>
<li>See full diff in <a
href="67a2d409c0...ca877d9245">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6.12.0&new-version=6.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-01-30 10:46:23 +00:00
dependabot[bot]
66d0ad5071
Bump docker/build-push-action from 6.11.0 to 6.12.0 (#2762) 
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 6.11.0 to 6.12.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.12.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.49.0 to 0.51.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1300">docker/build-push-action#1300</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v6.11.0...v6.12.0">https://github.com/docker/build-push-action/compare/v6.11.0...v6.12.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="67a2d409c0"><code>67a2d40</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1300">#1300</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="0b1b1c9c43"><code>0b1b1c9</code></a>
chore: update generated content</li>
<li><a
href="b6a7c2c4ee"><code>b6a7c2c</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.49.0 to
0.51.0</li>
<li><a
href="31ca4e5d51"><code>31ca4e5</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1296">#1296</a>
from crazy-max/bake-v6</li>
<li><a
href="e613db9d5a"><code>e613db9</code></a>
update bake-action to v6</li>
<li>See full diff in <a
href="b32b51a8ed...67a2d409c0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=6.11.0&new-version=6.12.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-01-21 11:11:18 +00:00
dependabot[bot]
c5ae576541
Bump step-security/harden-runner from 2.10.3 to 2.10.4 (#2761) 
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.10.3 to 2.10.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.10.4</h2>
<h2>What's Changed</h2>
<p>Fixed a potential Harden-Runner post step failure that could occur
when printing agent service logs. The fix gracefully handles failures
without failing the post step.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.10.4">https://github.com/step-security/harden-runner/compare/v2...v2.10.4</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="cb605e52c2"><code>cb605e5</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/496">#496</a>
from step-security/fix-enobufs</li>
<li><a
href="61144dda3b"><code>61144dd</code></a>
Update log statement</li>
<li><a
href="b8be370ff4"><code>b8be370</code></a>
Add try catch block</li>
<li><a
href="6f6fa07e47"><code>6f6fa07</code></a>
Fix ENOBUFS issue</li>
<li><a
href="18f6947f13"><code>18f6947</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/495">#495</a>
from AkhigbeEromo/Update-README</li>
<li><a
href="81f844e743"><code>81f844e</code></a>
Edit docs</li>
<li><a
href="4c766de2db"><code>4c766de</code></a>
Merge branch 'Update-README' of <a
href="https://github.com/AkhigbeEromo/harden-runner">https://github.com/AkhigbeEromo/harden-runner</a>...</li>
<li><a
href="c9c5f3273c"><code>c9c5f32</code></a>
Handle Ashish reviews</li>
<li><a
href="2877824267"><code>2877824</code></a>
Merge branch 'main' into Update-README</li>
<li><a
href="be87de076d"><code>be87de0</code></a>
Clean up</li>
<li>Additional commits viewable in <a
href="c95a14d0e5...cb605e52c2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.10.3&new-version=2.10.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-01-21 11:11:01 +00:00