stevespringett / nist-data-mirror

A simple Java command-line utility to mirror the CVE JSON data from NIST.
Apache License 2.0
206 stars 93 forks source link

Bump actions/setup-java from 2.5.0 to 3.1.1 #121

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps actions/setup-java from 2.5.0 to 3.1.1.

Release notes

Sourced from actions/setup-java's releases.

v3.1.1

This release introduces new output cache-hit (actions/setup-java#275) and update of actions/cache dependency to 2.0.2 (actions/setup-java#317)

Add "cache-hit" output

The cache-hit output contains boolean value indicating that an exact match was found for the key. It shows that the action uses already existing cache or not. The output is available only if cache is enabled.

Update actions/cache to 2.0.2

We updated actions/cache package as the new version contains fixes related to GHES 3.5 (actions/setup-java#317)

v3.1.0

In scope of this release we added support for caching from GHES 3.5 and fixed download issue for files > 2GB during restore.

Updated dependencies:

  • bumped minimist from 1.2.5 to 1.2.6.
  • updated actions/cache dependency to 2.0.0 version

v3.0.0

In scope of this release we changed version of the runtime Node.js for the setup-java action and updated package-lock.json file to v2.

Breaking Changes

With the update to Node 16 in #290, all scripts will now be run with Node 16 rather than Node 12.

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)