stevespringett / owasp-risk-rating-calculator

A Java library for programmatically calculating OWASP Risk Rating scores
https://www.owasp.org/index.php/OWASP_Risk_Rating_Methodology
Apache License 2.0
18 stars 4 forks source link

Bump actions/setup-java from 1 to 2.3.1 #29

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 3 years ago

Bumps actions/setup-java from 1 to 2.3.1.

Release notes

Sourced from actions/setup-java's releases.

v2.3.1

In this release we updated dependencies from the dependabot. In scope of this pull request http-client version was bumped actions/setup-java#222. Besides the release resolves possible issues related to removing gpg private key pull request actions/setup-java#226.

v2.3.0

This release introduces dependency caching support (#193).

Now the action has a built-in functionality for caching and restoring dependencies. Supported package managers are Maven and Gradle. The cache input is optional, and caching is turned off by default.

Caching gradle dependencies

steps:
- uses: actions/checkout@v2
- uses: actions/setup-java@v2
  with:
    distribution: 'temurin'
    java-version: '11'
    cache: 'gradle'
- run: ./gradlew build

Caching maven dependencies

steps:
- uses: actions/checkout@v2
- uses: actions/setup-java@v2
  with:
    distribution: 'temurin'
    java-version: '11'
    cache: 'maven'
- name: Build with Maven
  run: mvn -B package --file pom.xml

v2.2.0

Add support for Eclipse Temurin (#201).

Supported distributions

Currently, the following distributions are supported:

Keyword Distribution Official site License
zulu Zulu OpenJDK Link Link
adopt or adopt-hotspot Adopt OpenJDK Hotspot Link Link
adopt-openj9 Adopt OpenJDK OpenJ9 Link Link
temurin Eclipse Temurin Link Link

v2.1.0

Add support for Adopt OpenJDK OpenJ9:

Supported distributions

Currently, the following distributions are supported:

Keyword Distribution Official site License
zulu Zulu OpenJDK Link Link
</tr></table>

... (truncated)

Commits
  • 8db439b Bump ws from 7.4.3 to 7.5.5 (#228)
  • e39cf0e Bump tmpl from 1.0.4 to 1.0.5 (#234)
  • 770ccdb Bump ansi-regex from 5.0.0 to 5.0.1 (#235)
  • 6a258a9 Bump path-parse from 1.0.6 to 1.0.7 (#227)
  • 7ac3cd2 Prints error message encountered in cleanup-java (#220)
  • d34438b cleanup: Use --delete-secret-and-public-key to delete GPG_PRIVATE_KEY (#226)
  • 61c179a Bump http-client version (actions#221) (#222)
  • 68c162b docs: append --no-daemon option for Windows user (#218)
  • b02a107 Create check-dist.yml (#212)
  • 3bc31aa Merge pull request #210 from dmitry-shibanov/v-dmshib/suppress-test-log-output
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 2 years ago

Superseded by #32.