From 45510ba26d4c338256042aa001444ff11b482ba2 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 25 Apr 2025 10:35:26 +0000 Subject: [PATCH 1/2] fix(deps): update all dependencies --- .github/workflows/ci.yml | 10 +++++----- .github/workflows/codeql.yml | 6 +++--- .github/workflows/docs.yml | 2 +- .github/workflows/release.yml | 4 ++-- .github/workflows/semgrep.yml | 2 +- build.gradle | 2 +- .../build.gradle | 2 +- .../build.gradle | 10 +++++----- commercetools/commercetools-money/build.gradle | 2 +- .../build.gradle | 4 ++-- .../build.gradle | 2 +- .../build.gradle | 2 +- .../commercetools-okhttp-client3/build.gradle | 2 +- .../commercetools-okhttp-client4/build.gradle | 2 +- .../build.gradle | 4 ++-- .../commercetools-sdk-compat-v1/build.gradle | 4 ++-- common-plugins/build.gradle | 4 ++-- common-plugins/javaparser/build.gradle | 2 +- gradle-scripts/extensions.gradle | 18 +++++++++--------- gradle/wrapper/gradle-wrapper.properties | 2 +- package.json | 4 ++-- yarn.lock | 10 +++++----- 22 files changed, 50 insertions(+), 50 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 1de63cb9e0c..ffb11940e45 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -59,7 +59,7 @@ jobs: if: github.event_name == 'push' && github.ref != 'refs/heads/main' run: ./gradlew spotlessApply - - uses: stefanzweifel/git-auto-commit-action@e348103e9026cc0eee72ae06630dbe30c8bf7a79 # v5.1.0 + - uses: stefanzweifel/git-auto-commit-action@b863ae1933cb653a53c021fe36dbb774e1fb9403 # v5.2.0 id: commit_style_fix if: github.event_name == 'push' && github.ref != 'refs/heads/main' with: @@ -75,7 +75,7 @@ jobs: env: HASH: ${{steps.commit_style_fix.outputs.commit_hash}} - - uses: stefanzweifel/git-auto-commit-action@e348103e9026cc0eee72ae06630dbe30c8bf7a79 # v5.1.0 + - uses: stefanzweifel/git-auto-commit-action@b863ae1933cb653a53c021fe36dbb774e1fb9403 # v5.2.0 id: commit_rev_ignore if: github.event_name == 'push' && github.ref != 'refs/heads/main' with: @@ -94,7 +94,7 @@ jobs: if: ${{ failure() }} run: cat licenses/dependencies-without-allowed-license.json - - uses: stefanzweifel/git-auto-commit-action@e348103e9026cc0eee72ae06630dbe30c8bf7a79 # v5.1.0 + - uses: stefanzweifel/git-auto-commit-action@b863ae1933cb653a53c021fe36dbb774e1fb9403 # v5.2.0 id: commit_license_change if: github.event_name == 'push' && github.ref != 'refs/heads/main' with: @@ -140,7 +140,7 @@ jobs: run: ./gradlew codeCoverageReport - name: Send code coverage report to Codecov.io - uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574 # v5.4.0 + uses: codecov/codecov-action@ad3126e916f78f00edff4ed0317cf185271ccc2d # v5.4.2 with: token: ${{ secrets.CODECOV_TOKEN }} docs: @@ -190,6 +190,6 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Generate and submit dependency graph if: github.event_name == 'workflow_dispatch' || github.event_name == 'push' && github.ref == 'refs/heads/main' - uses: gradle/actions/dependency-submission@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0 + uses: gradle/actions/dependency-submission@06832c7b30a0129d7fb559bcc6e43d26f6374244 # v4.3.1 with: github-token: ${{ steps.generate_github_token.outputs.token }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 84381c87e62..1b2f597a098 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -54,7 +54,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@5f8171a638ada777af81d42b55959a643bb29017 # v3.28.12 + uses: github/codeql-action/init@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -68,7 +68,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@5f8171a638ada777af81d42b55959a643bb29017 # v3.28.12 + uses: github/codeql-action/autobuild@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -81,6 +81,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@5f8171a638ada777af81d42b55959a643bb29017 # v3.28.12 + uses: github/codeql-action/analyze@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index e14276650e9..20db184eb19 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -66,7 +66,7 @@ jobs: - run: rsync -r sdk/build/docs/javadoc/ doc/javadoc - - uses: stefanzweifel/git-auto-commit-action@e348103e9026cc0eee72ae06630dbe30c8bf7a79 # v5.1.0 + - uses: stefanzweifel/git-auto-commit-action@b863ae1933cb653a53c021fe36dbb774e1fb9403 # v5.2.0 with: repository: doc commit_message: "Update javadoc" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0485556fb09..1d15214d451 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -100,7 +100,7 @@ jobs: run: rm -rf reference.txt continue-on-error: true - - uses: stefanzweifel/git-auto-commit-action@e348103e9026cc0eee72ae06630dbe30c8bf7a79 # v5.1.0 + - uses: stefanzweifel/git-auto-commit-action@b863ae1933cb653a53c021fe36dbb774e1fb9403 # v5.2.0 with: branch: after-release commit_message: "TASK: Updating version in README" @@ -161,7 +161,7 @@ jobs: - run: rsync -r sdk/build/docs/javadoc/ doc/javadoc - - uses: stefanzweifel/git-auto-commit-action@e348103e9026cc0eee72ae06630dbe30c8bf7a79 # v5.1.0 + - uses: stefanzweifel/git-auto-commit-action@b863ae1933cb653a53c021fe36dbb774e1fb9403 # v5.2.0 with: repository: doc commit_message: "Update javadoc" diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index 108277de976..e6eae520ce6 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -29,7 +29,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # tag=v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false diff --git a/build.gradle b/build.gradle index 09f6c732563..adb0f336c13 100644 --- a/build.gradle +++ b/build.gradle @@ -72,7 +72,7 @@ allprojects { dependencies { taglet 'com.commercetools.build.taglets:commercetools-taglets:3.6.3' - taglet 'com.google.guava:guava:33.4.5-jre' + taglet 'com.google.guava:guava:33.4.8-jre' taglet 'org.jdrupes.taglets:plantuml-taglet:3.1.0' } } diff --git a/commercetools/commercetools-apachehttp-client/build.gradle b/commercetools/commercetools-apachehttp-client/build.gradle index a73fff4c605..0304c308765 100644 --- a/commercetools/commercetools-apachehttp-client/build.gradle +++ b/commercetools/commercetools-apachehttp-client/build.gradle @@ -1,7 +1,7 @@ dependencies { api project(":rmf:rmf-java-base") - api "org.apache.httpcomponents.client5:httpclient5:5.4.2" version { + api "org.apache.httpcomponents.client5:httpclient5:5.4.4" version { strictly "[5.4.1,6.0[" prefer "5.4.2" } diff --git a/commercetools/commercetools-async-http-client/build.gradle b/commercetools/commercetools-async-http-client/build.gradle index db94a691b58..a28391a1019 100644 --- a/commercetools/commercetools-async-http-client/build.gradle +++ b/commercetools/commercetools-async-http-client/build.gradle @@ -3,10 +3,10 @@ dependencies { api project(":rmf:rmf-java-base") api "org.asynchttpclient:async-http-client:2.12.4" api commons.io version commons.io_version - api "io.netty:netty-codec:4.1.119.Final" - api "io.netty:netty-codec-http:4.1.119.Final" - api "io.netty:netty-codec-socks:4.1.119.Final" - api "io.netty:netty-handler-proxy:4.1.119.Final" - api "io.netty:netty-handler:4.1.119.Final" + api "io.netty:netty-codec:4.2.0.Final" + api "io.netty:netty-codec-http:4.2.0.Final" + api "io.netty:netty-codec-socks:4.2.0.Final" + api "io.netty:netty-handler-proxy:4.2.0.Final" + api "io.netty:netty-handler:4.2.0.Final" implementation javax.validation } diff --git a/commercetools/commercetools-money/build.gradle b/commercetools/commercetools-money/build.gradle index c783444ae16..ec0ab9790af 100644 --- a/commercetools/commercetools-money/build.gradle +++ b/commercetools/commercetools-money/build.gradle @@ -1,6 +1,6 @@ dependencies { api "javax.money:money-api:1.1" - api('org.javamoney.moneta:moneta-core:1.4.4') { + api('org.javamoney.moneta:moneta-core:1.4.5') { exclude group: "com.squareup.okhttp3", module: "okhttp" } } diff --git a/commercetools/commercetools-monitoring-datadog/build.gradle b/commercetools/commercetools-monitoring-datadog/build.gradle index c2a9d5cbfc7..3bbe208dd55 100644 --- a/commercetools/commercetools-monitoring-datadog/build.gradle +++ b/commercetools/commercetools-monitoring-datadog/build.gradle @@ -1,7 +1,7 @@ dependencies { api project(":rmf:rmf-java-base") - implementation "com.datadoghq:java-dogstatsd-client:4.4.3" - implementation "com.datadoghq:datadog-api-client:2.33.1" + implementation "com.datadoghq:java-dogstatsd-client:4.4.4" + implementation "com.datadoghq:datadog-api-client:2.34.1" testImplementation project(":commercetools:commercetools-sdk-java-api") } diff --git a/commercetools/commercetools-monitoring-newrelic/build.gradle b/commercetools/commercetools-monitoring-newrelic/build.gradle index c3f20d28630..6dc8e8a6dd5 100644 --- a/commercetools/commercetools-monitoring-newrelic/build.gradle +++ b/commercetools/commercetools-monitoring-newrelic/build.gradle @@ -1,7 +1,7 @@ dependencies { api project(":rmf:rmf-java-base") - implementation 'com.newrelic.agent.java:newrelic-api:8.19.0' + implementation 'com.newrelic.agent.java:newrelic-api:8.20.0' testImplementation project(":commercetools:commercetools-sdk-java-api") } diff --git a/commercetools/commercetools-monitoring-opentelemetry/build.gradle b/commercetools/commercetools-monitoring-opentelemetry/build.gradle index 8e7638d966d..ffb185984b9 100644 --- a/commercetools/commercetools-monitoring-opentelemetry/build.gradle +++ b/commercetools/commercetools-monitoring-opentelemetry/build.gradle @@ -1,7 +1,7 @@ dependencies { api project(":rmf:rmf-java-base") - implementation 'io.opentelemetry:opentelemetry-api:1.48.0' + implementation 'io.opentelemetry:opentelemetry-api:1.49.0' testImplementation project(":commercetools:commercetools-sdk-java-api") } diff --git a/commercetools/commercetools-okhttp-client3/build.gradle b/commercetools/commercetools-okhttp-client3/build.gradle index 3a1dae2ce0b..0837552bb49 100644 --- a/commercetools/commercetools-okhttp-client3/build.gradle +++ b/commercetools/commercetools-okhttp-client3/build.gradle @@ -12,7 +12,7 @@ jmh { dependencies { api project(":rmf:rmf-java-base") - implementation "com.squareup.okio:okio:3.10.2" + implementation "com.squareup.okio:okio:3.11.0" api "com.squareup.okhttp3:okhttp:3.14.9" version { strictly "[3.0,4.0[" prefer "3.14.9" diff --git a/commercetools/commercetools-okhttp-client4/build.gradle b/commercetools/commercetools-okhttp-client4/build.gradle index 9ee7818c4cd..1a13cf098cf 100644 --- a/commercetools/commercetools-okhttp-client4/build.gradle +++ b/commercetools/commercetools-okhttp-client4/build.gradle @@ -15,7 +15,7 @@ dependencies { strictly '[4.0,5.0[' prefer "4.12.0" } - implementation "com.squareup.okio:okio:3.10.2" + implementation "com.squareup.okio:okio:3.11.0" implementation javax.validation } diff --git a/commercetools/commercetools-reactornetty-client/build.gradle b/commercetools/commercetools-reactornetty-client/build.gradle index 38798ab76ac..a8aa38a299b 100644 --- a/commercetools/commercetools-reactornetty-client/build.gradle +++ b/commercetools/commercetools-reactornetty-client/build.gradle @@ -2,8 +2,8 @@ dependencies { api project(":rmf:rmf-java-base") - api "io.projectreactor.netty:reactor-netty-http:1.2.4" - api "io.projectreactor.netty:reactor-netty-core:1.2.4" + api "io.projectreactor.netty:reactor-netty-http:1.2.5" + api "io.projectreactor.netty:reactor-netty-core:1.2.5" implementation javax.validation } diff --git a/commercetools/commercetools-sdk-compat-v1/build.gradle b/commercetools/commercetools-sdk-compat-v1/build.gradle index bd11ee5c25c..d8772034d97 100644 --- a/commercetools/commercetools-sdk-compat-v1/build.gradle +++ b/commercetools/commercetools-sdk-compat-v1/build.gradle @@ -21,8 +21,8 @@ dependencies { api project(':commercetools:commercetools-sdk-java-api') api ctsdkv1.client version ctsdkv1.version api ctsdkv1.models version ctsdkv1.version - api "io.netty:netty-codec:4.1.119.Final" - api "io.netty:netty-codec-http:4.1.119.Final" + api "io.netty:netty-codec:4.2.0.Final" + api "io.netty:netty-codec-http:4.2.0.Final" jmhImplementation project(':commercetools:commercetools-async-http-client') jmhImplementation project(':commercetools:commercetools-apachehttp-client') diff --git a/common-plugins/build.gradle b/common-plugins/build.gradle index d1d7644aef6..296cba83bc7 100644 --- a/common-plugins/build.gradle +++ b/common-plugins/build.gradle @@ -30,7 +30,7 @@ gradlePlugin { dependencies { implementation project(path: ':javaparser', configuration: 'shadow') - implementation "com.google.code.gson:gson:2.12.1" + implementation "com.google.code.gson:gson:2.13.1" implementation 'com.squareup:javapoet:1.13.0' - implementation 'com.google.guava:guava:33.4.5-jre' + implementation 'com.google.guava:guava:33.4.8-jre' } diff --git a/common-plugins/javaparser/build.gradle b/common-plugins/javaparser/build.gradle index b0a2e7f48ba..117bce3f68b 100644 --- a/common-plugins/javaparser/build.gradle +++ b/common-plugins/javaparser/build.gradle @@ -15,5 +15,5 @@ shadowJar { } dependencies { - implementation 'com.github.javaparser:javaparser-core:3.26.3' + implementation 'com.github.javaparser:javaparser-core:3.26.4' } diff --git a/gradle-scripts/extensions.gradle b/gradle-scripts/extensions.gradle index 1f55fdddc83..754e9107a28 100644 --- a/gradle-scripts/extensions.gradle +++ b/gradle-scripts/extensions.gradle @@ -10,9 +10,9 @@ ext { ] commons = [ - text: 'org.apache.commons:commons-text:1.13.0', + text: 'org.apache.commons:commons-text:1.13.1', lang3: 'org.apache.commons:commons-lang3:3.17.0', - io: 'commons-io:commons-io:2.18.0', + io: 'commons-io:commons-io:2.19.0', io_version: { strictly '[2.8.0,)' prefer '2.16.1' @@ -28,15 +28,15 @@ ext { ] jackson_core = [ - annotations: 'com.fasterxml.jackson.core:jackson-annotations:2.18.3', - databind: 'com.fasterxml.jackson.core:jackson-databind:2.18.3', - core: 'com.fasterxml.jackson.core:jackson-core:2.18.3', - datatype: 'com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.18.3', + annotations: 'com.fasterxml.jackson.core:jackson-annotations:2.19.0', + databind: 'com.fasterxml.jackson.core:jackson-databind:2.19.0', + core: 'com.fasterxml.jackson.core:jackson-core:2.19.0', + datatype: 'com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.19.0', ] google = [ findbugs: 'com.google.code.findbugs:jsr305:3.0.2', - gson: 'com.google.code.gson:gson:2.12.1', + gson: 'com.google.code.gson:gson:2.13.1', ] graphql = [ @@ -51,7 +51,7 @@ ext { ] junit = [ - junit: 'org.junit.jupiter:junit-jupiter:5.11.4', + junit: 'org.junit.jupiter:junit-jupiter:5.12.2', dataprovider: 'com.tngtech.junit.dataprovider:junit-jupiter-dataprovider:2.10', jsonassert: 'org.skyscreamer:jsonassert:1.5.3', assertj: 'org.assertj:assertj-core:3.27.3' @@ -59,7 +59,7 @@ ext { mockito = [ inline: 'org.mockito:mockito-inline:5.2.0', - junit: 'org.mockito:mockito-junit-jupiter:5.16.1', + junit: 'org.mockito:mockito-junit-jupiter:5.17.0', ] failsafe = [ diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index 37f853b1c84..ca025c83a7c 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,6 +1,6 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-8.13-bin.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-8.14-bin.zip networkTimeout=10000 validateDistributionUrl=true zipStoreBase=GRADLE_USER_HOME diff --git a/package.json b/package.json index ed89c3cb3b0..5cc5f2b6ccc 100644 --- a/package.json +++ b/package.json @@ -9,10 +9,10 @@ "node": ">=14.15", "npm": ">=5" }, - "packageManager": "yarn@4.7.0", + "packageManager": "yarn@4.9.1", "dependencies": { "husky": "9.1.7", - "lint-staged": "15.5.0" + "lint-staged": "15.5.1" }, "scripts": { "postinstall": "husky install", diff --git a/yarn.lock b/yarn.lock index a4a85d8d59c..ee9a580e61d 100644 --- a/yarn.lock +++ b/yarn.lock @@ -82,7 +82,7 @@ __metadata: resolution: "commercetools-sdk-java-v2@workspace:." dependencies: husky: "npm:9.1.7" - lint-staged: "npm:15.5.0" + lint-staged: "npm:15.5.1" languageName: unknown linkType: soft @@ -230,9 +230,9 @@ __metadata: languageName: node linkType: hard -"lint-staged@npm:15.5.0": - version: 15.5.0 - resolution: "lint-staged@npm:15.5.0" +"lint-staged@npm:15.5.1": + version: 15.5.1 + resolution: "lint-staged@npm:15.5.1" dependencies: chalk: "npm:^5.4.1" commander: "npm:^13.1.0" @@ -246,7 +246,7 @@ __metadata: yaml: "npm:^2.7.0" bin: lint-staged: bin/lint-staged.js - checksum: 10c0/393b24d85d705a36e6556dc9d9b710594163be60f7789a2ca71bbf8f31debc10f7fde9cd0e868466ac2b7c154661983602decd7abbb6c685b21007bc70dbbdd6 + checksum: 10c0/86deddb08bf10428f2eb96c02326a9ee403360729225f0b12afb0c0f13c287a75daa01e179d86f64e3432576446d8643d204a47417296f9ef0aa56f1340ff2af languageName: node linkType: hard From e6575d072fe28cb3b7ac369120eebd7da5ee04ae Mon Sep 17 00:00:00 2001 From: Jens Schulze Date: Fri, 2 May 2025 07:37:56 +0200 Subject: [PATCH 2/2] update apache http client --- commercetools/commercetools-apachehttp-client/build.gradle | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/commercetools/commercetools-apachehttp-client/build.gradle b/commercetools/commercetools-apachehttp-client/build.gradle index 0304c308765..2bece0afcfa 100644 --- a/commercetools/commercetools-apachehttp-client/build.gradle +++ b/commercetools/commercetools-apachehttp-client/build.gradle @@ -2,8 +2,8 @@ dependencies { api project(":rmf:rmf-java-base") api "org.apache.httpcomponents.client5:httpclient5:5.4.4" version { - strictly "[5.4.1,6.0[" - prefer "5.4.2" + strictly "[5.4.4,6.0[" + prefer "5.4.4" } api commons.io version commons.io_version