dependabot[bot]
b9bfcd59cd
Bump gradle/actions from 4.2.2 to 4.3.0 ( #2870 )
...
Bumps [gradle/actions](https://github.com/gradle/actions ) from 4.2.2 to
4.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gradle/actions/releases ">gradle/actions's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.0</h2>
<p>This release brings some significant improvements to cache-cleanup
and dependency-submission:</p>
<ul>
<li>Cleanup cache entries written by newly released Gradle versions (<a
href="https://redirect.github.com/gradle/actions/issues/436 ">#436</a>)</li>
<li>Use existing Gradle wrapper distribution for cache-cleanup where
possible (<a
href="https://redirect.github.com/gradle/actions/issues/515 ">#515</a>)</li>
<li>Automatically save each dependency-graph that is submitted by
<code>dependency-submission</code> (<a
href="https://redirect.github.com/gradle/actions/issues/519 ">#519</a>)</li>
<li>Fix deprecation warnings emitted by Gradle 8.12+ when:
<ul>
<li>Using <code>build-scan-publish: true</code> or Develocity injection
(<a
href="https://redirect.github.com/gradle/actions/issues/543 ">#543</a>)</li>
<li>Using dependency-submission with an authenticated plugin repository
with Gradle (<a
href="https://redirect.github.com/gradle/actions/issues/541 ">#541</a>)</li>
</ul>
</li>
<li>Fix warning when using toolchain support with Gradle 7.x (<a
href="https://redirect.github.com/gradle/actions/issues/511 ">#511</a>)</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>Update known wrapper checksums by <a
href="https://github.com/github-actions "><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/493 ">gradle/actions#493</a></li>
<li>Fix typo in <code>cache-reporting.ts</code> by <a
href="https://github.com/SimonMarquis "><code>@SimonMarquis</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/492 ">gradle/actions#492</a></li>
<li>Bump Gradle Wrappers by <a
href="https://github.com/github-actions "><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/499 ">gradle/actions#499</a></li>
<li>Bump the github-actions group across 3 directories with 7 updates by
<a href="https://github.com/dependabot "><code>@dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/510 ">gradle/actions#510</a></li>
<li>Bump the npm-dependencies group across 1 directory with 6 updates by
<a href="https://github.com/dependabot "><code>@dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/512 ">gradle/actions#512</a></li>
<li>Clean-up missing imports for tests by <a
href="https://github.com/bigdaz "><code>@bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/513 ">gradle/actions#513</a></li>
<li>Bump the npm-dependencies group in /sources with 3 updates by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/521 ">gradle/actions#521</a></li>
<li>Add npm build scans by <a
href="https://github.com/bigdaz "><code>@bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/517 ">gradle/actions#517</a></li>
<li>Avoid env-var interpolation in toolchains.xml by <a
href="https://github.com/bigdaz "><code>@bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/518 ">gradle/actions#518</a></li>
<li>Avoid saving build-results for cache cleanup by <a
href="https://github.com/bigdaz "><code>@bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/520 ">gradle/actions#520</a></li>
<li>Save dependency graph as workflow artifact by <a
href="https://github.com/bigdaz "><code>@bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/522 ">gradle/actions#522</a></li>
<li>Update to CCUDGP 2.1 by <a
href="https://github.com/bigdaz "><code>@bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/524 ">gradle/actions#524</a></li>
<li>Bump references to Develocity Gradle plugin from 3.19 to 3.19.1 by
<a
href="https://github.com/bot-githubaction "><code>@bot-githubaction</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/527 ">gradle/actions#527</a></li>
<li>Choose best Gradle version to use for cache cleanup by <a
href="https://github.com/bigdaz "><code>@bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/526 ">gradle/actions#526</a></li>
<li>Uppercase cache-encryption-key by <a
href="https://github.com/Goooler "><code>@Goooler</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/528 ">gradle/actions#528</a></li>
<li>Attempt to use gradle wrapper for cache cleanup by <a
href="https://github.com/bigdaz "><code>@bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/525 ">gradle/actions#525</a></li>
<li>Document GRADLE_ACTIONS_SKIP_BUILD_RESULT_CAPTURE by <a
href="https://github.com/bigdaz "><code>@bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/529 ">gradle/actions#529</a></li>
<li>Update known wrapper checksums by <a
href="https://github.com/github-actions "><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/509 ">gradle/actions#509</a></li>
<li>Bump Gradle Wrappers by <a
href="https://github.com/github-actions "><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/535 ">gradle/actions#535</a></li>
<li>Bump the github-actions group across 2 directories with 2 updates by
<a href="https://github.com/dependabot "><code>@dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/538 ">gradle/actions#538</a></li>
<li>Update undici to resolve vulnerability by <a
href="https://github.com/bigdaz "><code>@bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/536 ">gradle/actions#536</a></li>
<li>Bump the npm-dependencies group across 1 directory with 2 updates by
<a href="https://github.com/dependabot "><code>@dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/539 ">gradle/actions#539</a></li>
<li>Update docs for dependency review by <a
href="https://github.com/bigdaz "><code>@bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/540 ">gradle/actions#540</a></li>
<li>Fix space assignment deprecations in init-scripts by <a
href="https://github.com/bigdaz "><code>@bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/542 ">gradle/actions#542</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/SimonMarquis "><code>@SimonMarquis</code></a>
made their first contribution in <a
href="https://redirect.github.com/gradle/actions/pull/492 ">gradle/actions#492</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gradle/actions/compare/v4.2.2...v4.3.0 ">https://github.com/gradle/actions/compare/v4.2.2...v4.3.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="94baf225fehttps://redirect.github.com/gradle/actions/issues/542 ">#542</a>)</li>
<li><a
href="6f10c21ec50b492c475f79bad900c0986922f6a6https://redirect.github.com/gradle/actions/issues/540 ">#540</a>)</li>
<li><a
href="65a3beb9410e67f6d83bb6ac71fd869053a599ae7560c304a60bdd871935...94baf225fehttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gradle/actions&package-manager=github_actions&previous-version=4.2.2&new-version=4.3.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com>
2025-02-04 10:42:29 +00:00
dependabot[bot]
637446fab8
Bump actions/setup-java from 4.6.0 to 4.7.0 ( #2855 )
...
[//]: # (dependabot-start)
⚠️ **Dependabot is rebasing this PR** ⚠️
Rebasing might not happen immediately, so don't worry if this takes some
time.
Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.
---
[//]: # (dependabot-end)
Bumps [actions/setup-java](https://github.com/actions/setup-java ) from
4.6.0 to 4.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-java/releases ">actions/setup-java's
releases</a>.</em></p>
<blockquote>
<h2>v4.7.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Configure Dependabot settings by <a
href="https://github.com/HarithaVattikuti "><code>@HarithaVattikuti</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/722 ">actions/setup-java#722</a></li>
<li>README Update: Added a permissions section by <a
href="https://github.com/benwells "><code>@benwells</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/723 ">actions/setup-java#723</a></li>
<li>Upgrade <code>cache</code> from version 3.2.4 to 4.0.0 by <a
href="https://github.com/aparnajyothi-y "><code>@aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/724 ">actions/setup-java#724</a></li>
<li>Upgrade <code>@actions/http-client</code> from 2.2.1 to 2.2.3 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/728 ">actions/setup-java#728</a></li>
<li>Upgrade <code>actions/publish-immutable-action</code> from 0.0.3 to
0.0.4 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/727 ">actions/setup-java#727</a></li>
<li>Upgrade <code>@types/jest</code> from 29.5.12 to 29.5.14 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/729 ">actions/setup-java#729</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/benwells "><code>@benwells</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-java/pull/723 ">actions/setup-java#723</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-java/compare/v4...v4.7.0 ">https://github.com/actions/setup-java/compare/v4...v4.7.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3a4f6e1af5https://redirect.github.com/actions/setup-java/issues/729 ">#729</a>)</li>
<li><a
href="25f376e348https://redirect.github.com/actions/setup-java/issues/727 ">#727</a>)</li>
<li><a
href="d4e4b6bbc1https://redirect.github.com/actions/setup-java/issues/728 ">#728</a>)</li>
<li><a
href="28b532bcb3https://redirect.github.com/actions/setup-java/issues/722 ">#722</a>)</li>
<li><a
href="51ab6d2e30https://redirect.github.com/actions/setup-java/issues/724 ">#724</a>)</li>
<li><a
href="99d3141d9bhttps://redirect.github.com/actions/setup-java/issues/723 ">#723</a>)</li>
<li>See full diff in <a
href="7a6d8a8234...3a4f6e1af5https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-java&package-manager=github_actions&previous-version=4.6.0&new-version=4.7.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-03 10:08:34 +00:00
dependabot[bot]
c5ae576541
Bump step-security/harden-runner from 2.10.3 to 2.10.4 ( #2761 )
...
[//]: # (dependabot-start)
⚠️ **Dependabot is rebasing this PR** ⚠️
Rebasing might not happen immediately, so don't worry if this takes some
time.
Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.
---
[//]: # (dependabot-end)
Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner )
from 2.10.3 to 2.10.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases ">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.10.4</h2>
<h2>What's Changed</h2>
<p>Fixed a potential Harden-Runner post step failure that could occur
when printing agent service logs. The fix gracefully handles failures
without failing the post step.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.10.4 ">https://github.com/step-security/harden-runner/compare/v2...v2.10.4 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="cb605e52c2https://redirect.github.com/step-security/harden-runner/issues/496 ">#496</a>
from step-security/fix-enobufs</li>
<li><a
href="61144dda3bb8be370ff46f6fa07e4718f6947f13https://redirect.github.com/step-security/harden-runner/issues/495 ">#495</a>
from AkhigbeEromo/Update-README</li>
<li><a
href="81f844e7434c766de2dbhttps://github.com/AkhigbeEromo/harden-runner ">https://github.com/AkhigbeEromo/harden-runner </a>...</li>
<li><a
href="c9c5f3273c2877824267be87de076dc95a14d0e5...cb605e52c2https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.10.3&new-version=2.10.4 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-21 11:11:01 +00:00
Ludy
888ef104a2
Bump: Harden Runner from v2.10.2 to v2.10.3 ( #2686 )
...
# Description
https://github.com/Stirling-Tools/Stirling-PDF/security/code-scanning/197
https://github.com/Stirling-Tools/Stirling-PDF/security/code-scanning/198
https://github.com/Stirling-Tools/Stirling-PDF/security/code-scanning/199
## Checklist
- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md )
- [x] I have performed a self-review of my own code
- [ ] I have attached images of the change if it is UI based
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] If my code has heavily changed functionality I have updated
relevant docs on [Stirling-PDFs doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/ )
- [x] My changes generate no new warnings
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags )
(for new translation tags only)
2025-01-13 22:26:05 +00:00
Ludy
875f5a85ef
Token-Permissions & Pinned-Dependencies ( #2586 )
...
# Description
Please provide a summary of the changes, including relevant motivation
and context.
Closes #(issue_number)
## Checklist
- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md )
- [ ] I have performed a self-review of my own code
- [ ] I have attached images of the change if it is UI based
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] If my code has heavily changed functionality I have updated
relevant docs on [Stirling-PDFs doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/ )
- [ ] My changes generate no new warnings
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags )
(for new translation tags only)
2025-01-02 18:22:14 +00:00
Ludy87
f29d4db31e
[Security] Token permissions no. 2
2024-12-22 00:33:41 +01:00
StepSecurity Bot
dc5b214932
[StepSecurity] Apply security best practices
...
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2024-12-21 12:28:35 +00:00
Ludy
56a07bbf3a
increases some versions in the workflows ( #1707 )
2024-08-18 13:07:14 +01:00
Ludy
5185fd13b8
updating the build files ( #1100 )
2024-04-21 16:30:17 +01:00
Anthony Stirling
09cb92e235
github bug
2024-03-22 20:15:42 +00:00
Ludy
1af41f8ea5
🔨 add Developer tools/scripts ( #828 )
...
* 🔨 add Developer tools
* Update downloader.js
* Update game.js
* Update .pre-commit-config.yaml
* Update sync_versions.yml
* removed: mixed line ending tool
* Update swagger.yml
* Update push-docker.yml
* Update build.yml
---------
Co-authored-by: Anthony Stirling <77850077+Frooodle@users.noreply.github.com>
2024-03-13 22:18:15 +00:00
sbplat
55d4fda01b
refactor: normalize files
2024-02-11 11:47:00 -05:00
Anthony Stirling
b8fa278173
finalise auto swagger docs
2023-06-03 23:32:47 +01:00
Anthony Stirling
2cfb344e13
swagger
2023-06-03 23:24:40 +01:00
Anthony Stirling
1d2bf92abe
Merge branch 'main' of git@github.com:Frooodle/Stirling-PDF.git into
...
main
2023-06-03 23:21:47 +01:00
Anthony Stirling
cefcda9f40
test
2023-06-03 23:21:12 +01:00
Anthony Stirling
a4bc67ff8e
Update swagger.yml
2023-06-03 23:08:10 +01:00
Anthony Stirling
48b3dea256
remove push
2023-06-03 23:05:20 +01:00
Anthony Stirling
1f5231d905
@./SwaggerDoc.json
2023-06-03 23:01:14 +01:00
Anthony Stirling
c526e18992
Split pages support n function and other stuff
2023-06-03 22:56:15 +01:00
