From 99974b70658d975779c9400b8443e6ea8ce1024f Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 26 May 2026 00:47:57 +0000 Subject: [PATCH] Update github actions --- .github/workflows/auto-update-semconv.yml | 2 +- .github/workflows/codeql.yml | 4 ++-- .github/workflows/issue-management-stale-action.yml | 6 +++--- .github/workflows/ossf-scorecard.yml | 2 +- .github/workflows/prepare-release-branch.yml | 4 ++-- .github/workflows/release.yml | 2 +- 6 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/auto-update-semconv.yml b/.github/workflows/auto-update-semconv.yml index 10f4495..2049cad 100644 --- a/.github/workflows/auto-update-semconv.yml +++ b/.github/workflows/auto-update-semconv.yml @@ -51,7 +51,7 @@ jobs: needs: - check-versions steps: - - uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1 + - uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0 id: otelbot-token with: app-id: ${{ vars.OTELBOT_SEMANTIC_CONVENTIONS_JAVA_APP_ID }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index b757f67..c1dc0a4 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -43,7 +43,7 @@ jobs: uses: gradle/actions/setup-gradle@50e97c2cd7a37755bbfafc9c5b7cafaece252f6e # v6.1.0 - name: Initialize CodeQL - uses: github/codeql-action/init@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4 + uses: github/codeql-action/init@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0 with: languages: ${{ matrix.language }} # using "linked" helps to keep up with the latest Kotlin support @@ -60,6 +60,6 @@ jobs: DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }} - name: Perform CodeQL analysis - uses: github/codeql-action/analyze@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4 + uses: github/codeql-action/analyze@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/issue-management-stale-action.yml b/.github/workflows/issue-management-stale-action.yml index 7ab52a6..339bf30 100644 --- a/.github/workflows/issue-management-stale-action.yml +++ b/.github/workflows/issue-management-stale-action.yml @@ -20,7 +20,7 @@ jobs: # Action #1: Handle issues/PRs awaiting author feedback # - After 7 days inactive: Adds "stale" label + warning comment # - After 7 more days inactive: Closes - - uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # v10.2.0 + - uses: actions/stale@eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899 # v10.3.0 with: only-labels: "needs author feedback" days-before-stale: 7 @@ -38,7 +38,7 @@ jobs: # - Targets: Issues with "enhancement" label (but NOT "needs author feedback") # - After 365 days inactive: Adds "stale" label + closes immediately (no warning period) # - Skips: Issues with "needs author feedback" to avoid conflicts with Action #1 - - uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # v10.2.0 + - uses: actions/stale@eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899 # v10.3.0 with: only-labels: "enhancement" # Skip issues that need author feedback (handled by the first action with 7+7 day policy) @@ -55,7 +55,7 @@ jobs: # Action #3: Handle stale PRs # - After 180 days inactive: Adds "stale" label + warning comment # - After 14 more days inactive: Closes - - uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # v10.2.0 + - uses: actions/stale@eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899 # v10.3.0 with: days-before-issue-stale: -1 days-before-issue-close: -1 diff --git a/.github/workflows/ossf-scorecard.yml b/.github/workflows/ossf-scorecard.yml index 63b3d79..3fbd4e9 100644 --- a/.github/workflows/ossf-scorecard.yml +++ b/.github/workflows/ossf-scorecard.yml @@ -44,6 +44,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4 + uses: github/codeql-action/upload-sarif@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0 with: sarif_file: results.sarif diff --git a/.github/workflows/prepare-release-branch.yml b/.github/workflows/prepare-release-branch.yml index 16cf26e..13f5df2 100644 --- a/.github/workflows/prepare-release-branch.yml +++ b/.github/workflows/prepare-release-branch.yml @@ -62,7 +62,7 @@ jobs: - name: Use CLA approved bot run: .github/scripts/use-cla-approved-bot.sh - - uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1 + - uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0 id: otelbot-token with: app-id: ${{ vars.OTELBOT_APP_ID }} @@ -110,7 +110,7 @@ jobs: - name: Use CLA approved bot run: .github/scripts/use-cla-approved-bot.sh - - uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1 + - uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0 id: otelbot-token with: app-id: ${{ vars.OTELBOT_APP_ID }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 34ddb90..8feb38c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -194,7 +194,7 @@ jobs: - name: Use CLA approved bot run: .github/scripts/use-cla-approved-bot.sh - - uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1 + - uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0 id: otelbot-token with: app-id: ${{ vars.OTELBOT_APP_ID }}