From beb45655ae31314951c106b46303ff0d0bf2898d Mon Sep 17 00:00:00 2001 From: amyu Date: Thu, 4 Sep 2025 01:40:21 +0900 Subject: [PATCH 1/2] Upgrade to node 24 --- .github/actions/build-dist/action.yml | 2 +- dependency-submission/action.yml | 2 +- setup-gradle/action.yml | 2 +- sources/.tool-versions | 2 +- sources/package-lock.json | 3 +++ sources/package.json | 3 +++ wrapper-validation/action.yml | 2 +- 7 files changed, 11 insertions(+), 5 deletions(-) diff --git a/.github/actions/build-dist/action.yml b/.github/actions/build-dist/action.yml index 5a9e0aee2..6f4b8cc10 100644 --- a/.github/actions/build-dist/action.yml +++ b/.github/actions/build-dist/action.yml @@ -5,7 +5,7 @@ runs: steps: - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 with: - node-version: 20 + node-version: 24 cache: npm cache-dependency-path: sources/package-lock.json - name: Build distribution diff --git a/dependency-submission/action.yml b/dependency-submission/action.yml index db4e0f1c8..a5ee281ca 100644 --- a/dependency-submission/action.yml +++ b/dependency-submission/action.yml @@ -222,7 +222,7 @@ outputs: description: Version of Gradle that was setup by the action runs: - using: 'node20' + using: 'node24' main: '../dist/dependency-submission/main/index.js' post: '../dist/dependency-submission/post/index.js' diff --git a/setup-gradle/action.yml b/setup-gradle/action.yml index 23f7ef72d..78e08a6d2 100644 --- a/setup-gradle/action.yml +++ b/setup-gradle/action.yml @@ -239,7 +239,7 @@ outputs: description: Version of Gradle that was setup by the action runs: - using: 'node20' + using: 'node24' main: '../dist/setup-gradle/main/index.js' post: '../dist/setup-gradle/post/index.js' post-if: '!cancelled()' diff --git a/sources/.tool-versions b/sources/.tool-versions index c1370032d..b03358c8c 100644 --- a/sources/.tool-versions +++ b/sources/.tool-versions @@ -1,3 +1,3 @@ # Configuration file for asdf version manager -nodejs 20.19.0 +nodejs 24.3.0 gradle 8.14.2 diff --git a/sources/package-lock.json b/sources/package-lock.json index e8096f7da..6d20cb8e2 100644 --- a/sources/package-lock.json +++ b/sources/package-lock.json @@ -45,6 +45,9 @@ "prettier": "3.6.2", "ts-jest": "29.4.1", "typescript": "5.9.2" + }, + "engines": { + "node": ">=24.0.0" } }, "node_modules/@actions/artifact": { diff --git a/sources/package.json b/sources/package.json index 590a5dfe7..82372a9b5 100644 --- a/sources/package.json +++ b/sources/package.json @@ -31,6 +31,9 @@ "gradle" ], "license": "MIT", + "engines": { + "node": ">=24.0.0" + }, "dependencies": { "@actions/artifact": "2.3.2", "@actions/cache": "4.0.5", diff --git a/wrapper-validation/action.yml b/wrapper-validation/action.yml index 117fb54bb..6f9d6036b 100644 --- a/wrapper-validation/action.yml +++ b/wrapper-validation/action.yml @@ -21,7 +21,7 @@ outputs: description: 'The path of the Gradle Wrapper(s) JAR that failed validation. Path is a platform-dependent relative path to git repository root. Multiple paths are separated by a | character.' runs: - using: 'node20' + using: 'node24' main: '../dist/wrapper-validation/main/index.js' branding: From 4b530e369bfef1ac8fc2160ec97b9fda1ccd9901 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 30 Sep 2025 02:24:08 +0000 Subject: [PATCH 2/2] Bump the github-actions group across 1 directory with 2 updates Bumps the github-actions group with 2 updates in the / directory: [gradle/actions](https://github.com/gradle/actions) and [github/codeql-action](https://github.com/github/codeql-action). Updates `gradle/actions` from 4.4.3 to 4.4.4 - [Release notes](https://github.com/gradle/actions/releases) - [Commits](https://github.com/gradle/actions/compare/ed408507eac070d1f99cc633dbcf757c94c7933a...748248ddd2a24f49513d8f472f81c3a07d4d50e1) Updates `github/codeql-action` from 3.30.3 to 3.30.5 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/192325c86100d080feab897ff886c34abd4c83a3...3599b3baa15b485a2e49ef411a7a4bb2452e7f93) --- updated-dependencies: - dependency-name: gradle/actions dependency-version: 4.4.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 3.30.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/ci-check-and-unit-test.yml | 2 +- .github/workflows/ci-codeql.yml | 4 ++-- .github/workflows/ci-init-script-check.yml | 2 +- .github/workflows/ci-ossf-scorecard.yml | 2 +- .github/workflows/ci-validate-wrappers.yml | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci-check-and-unit-test.yml b/.github/workflows/ci-check-and-unit-test.yml index 6a79145b8..7ec4cefec 100644 --- a/.github/workflows/ci-check-and-unit-test.yml +++ b/.github/workflows/ci-check-and-unit-test.yml @@ -26,7 +26,7 @@ jobs: cache-dependency-path: sources/package-lock.json - name: Setup Gradle # Use a released version to avoid breakages - uses: gradle/actions/setup-gradle@ed408507eac070d1f99cc633dbcf757c94c7933a # v4.4.3 + uses: gradle/actions/setup-gradle@748248ddd2a24f49513d8f472f81c3a07d4d50e1 # v4.4.4 env: ALLOWED_GRADLE_WRAPPER_CHECKSUMS: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 # Invalid wrapper jar used for testing with: diff --git a/.github/workflows/ci-codeql.yml b/.github/workflows/ci-codeql.yml index 07026040e..b8fa3eb20 100644 --- a/.github/workflows/ci-codeql.yml +++ b/.github/workflows/ci-codeql.yml @@ -35,7 +35,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@192325c86100d080feab897ff886c34abd4c83a3 # v3.29.5 + uses: github/codeql-action/init@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.29.5 with: languages: ${{ matrix.language }} config: | @@ -43,4 +43,4 @@ jobs: - sources/src - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3 # v3.29.5 + uses: github/codeql-action/analyze@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.29.5 diff --git a/.github/workflows/ci-init-script-check.yml b/.github/workflows/ci-init-script-check.yml index 16ba11800..e2b3228df 100644 --- a/.github/workflows/ci-init-script-check.yml +++ b/.github/workflows/ci-init-script-check.yml @@ -30,7 +30,7 @@ jobs: java-version: 17 - name: Setup Gradle # Use a released version to avoid breakages - uses: gradle/actions/setup-gradle@ed408507eac070d1f99cc633dbcf757c94c7933a # v4.4.3 + uses: gradle/actions/setup-gradle@748248ddd2a24f49513d8f472f81c3a07d4d50e1 # v4.4.4 env: ALLOWED_GRADLE_WRAPPER_CHECKSUMS: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 # Invalid wrapper jar used for testing - name: Run integration tests diff --git a/.github/workflows/ci-ossf-scorecard.yml b/.github/workflows/ci-ossf-scorecard.yml index 448d1ede0..e76781f41 100644 --- a/.github/workflows/ci-ossf-scorecard.yml +++ b/.github/workflows/ci-ossf-scorecard.yml @@ -52,6 +52,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: 'Upload to code-scanning' - uses: github/codeql-action/upload-sarif@192325c86100d080feab897ff886c34abd4c83a3 # v3.29.5 + uses: github/codeql-action/upload-sarif@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.29.5 with: sarif_file: results.sarif diff --git a/.github/workflows/ci-validate-wrappers.yml b/.github/workflows/ci-validate-wrappers.yml index cf8741dcc..61591e31e 100644 --- a/.github/workflows/ci-validate-wrappers.yml +++ b/.github/workflows/ci-validate-wrappers.yml @@ -12,6 +12,6 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - - uses: gradle/actions/wrapper-validation@ed408507eac070d1f99cc633dbcf757c94c7933a # v4.4.3 + - uses: gradle/actions/wrapper-validation@748248ddd2a24f49513d8f472f81c3a07d4d50e1 # v4.4.4 with: allow-checksums: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855