diff --git a/.docker/Dockerfile b/.docker/Dockerfile index 763b1c23..057115f1 100644 --- a/.docker/Dockerfile +++ b/.docker/Dockerfile @@ -1,5 +1,5 @@ ARG ARCH_BASE -FROM $ARCH_BASE as jre-build +FROM $ARCH_BASE AS jre-build WORKDIR /app @@ -32,12 +32,12 @@ RUN unzip target/shacl-${VERSION}-bin.zip -d /app/ # BUILD STAGE 2: keep only Java and SHACL -FROM alpine:3.19.1 +FROM alpine:3.20.3 ARG VERSION ENV JAVA_HOME=/usr -ENV PATH "/app/shacl-${VERSION}/bin:${PATH}" +ENV PATH="/app/shacl-${VERSION}/bin:${PATH}" COPY --from=jre-build /javaruntime $JAVA_HOME COPY --chmod=0755 --from=jre-build /app/shacl-${VERSION} /app/shacl-${VERSION} diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index c2b88496..030ac422 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -36,14 +36,14 @@ jobs: echo "IMAGE_NAME=${GITHUB_REPOSITORY,,}" >> ${GITHUB_ENV} - name: Checkout repository - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 + uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 - name: Set up Docker Buildx id: buildx - uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 + uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 # inspired by https://github.com/reloc8/action-latest-release-version - name: Get release version @@ -68,7 +68,7 @@ jobs: - name: Log in to the Container registry - uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0 + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} @@ -76,7 +76,7 @@ jobs: - name: Build and push Docker image for x86 and arm64 id: build - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 with: file: .docker/Dockerfile push: true @@ -93,7 +93,7 @@ jobs: digest="${{ steps.build.outputs.digest }}" touch "/tmp/digests/${digest#sha256:}" - name: Upload digest - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: digests-${{ matrix.package }} path: /tmp/digests/* @@ -110,7 +110,7 @@ jobs: echo "IMAGE_NAME=${GITHUB_REPOSITORY,,}" >> ${GITHUB_ENV} - name: Checkout repository - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 # inspired by https://github.com/reloc8/action-latest-release-version - name: Get release version @@ -124,14 +124,14 @@ jobs: echo "version_build=${LATEST_RELEASE}_"$(git rev-parse --short "$GITHUB_SHA") >> $GITHUB_OUTPUT - name: Download digests - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: path: /tmp/digests pattern: digests-* merge-multiple: true - name: Set up Docker Buildx - uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 + uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 - name: Extract metadata (tags, labels) for Docker id: meta @@ -144,7 +144,7 @@ jobs: type=raw,value=${{ steps.get_version.outputs.latest-release}},enable=${{ github.event_name == 'release' }} - name: Log in to the Container registry - uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0 + uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} diff --git a/.github/workflows/maven-test-pr.yml b/.github/workflows/maven-test-pr.yml index 8140f34a..1f86a7bd 100644 --- a/.github/workflows/maven-test-pr.yml +++ b/.github/workflows/maven-test-pr.yml @@ -8,9 +8,9 @@ jobs: test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Set up JDK - uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1 + uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0 with: java-version: "11" distribution: "temurin" diff --git a/pom.xml b/pom.xml index 98dc9ff6..f4f9e7ce 100644 --- a/pom.xml +++ b/pom.xml @@ -121,7 +121,7 @@ org.apache.maven.plugins maven-jar-plugin - 3.4.1 + 3.4.2 @@ -174,7 +174,7 @@ org.apache.maven.plugins maven-release-plugin - 3.0.1 + 3.1.1 deploy true @@ -199,7 +199,7 @@ org.sonatype.plugins nexus-staging-maven-plugin - 1.6.13 + 1.7.0 true ossrh.releases @@ -210,7 +210,7 @@ org.apache.maven.plugins maven-javadoc-plugin - 3.6.3 + 3.10.1 attach-javadocs @@ -223,7 +223,7 @@ org.apache.maven.plugins maven-gpg-plugin - 3.2.4 + 3.2.7 sign-artifacts