chore(deps): update all dependencies j:cdx-227

.github/workflows/auto-approve-renovate.yml

@@ -13,7 +13,7 @@ jobs:
  if: "${{ (github.actor == 'developer-experience-bot[bot]') && contains(github.event.pull_request.labels.*.name, 'autorelease: snapshot') }}"
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 

.github/workflows/build.yml

@@ -18,14 +18,14 @@ jobs:
 
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 
- - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
 
  - name: Set up JDK 11
- uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2
+ uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0
  with:
  java-version: '11'
  distribution: 'adopt'

.github/workflows/maven-publish.yml

@@ -21,13 +21,13 @@ jobs:
 
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 
- - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
  - name: Set up JDK 11
- uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2
+ uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0
  with:
  java-version: '11'
  distribution: 'temurin'

.github/workflows/pr-title-semantic-lint.yml

@@ -10,7 +10,7 @@ jobs:
  GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 

.github/workflows/release.yml

@@ -15,16 +15,16 @@ jobs:
  environment: 'Release'
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 
- - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
  with:
  fetch-depth: 0
 
  - name: Set up Node.js
- uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
+ uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
  with:
  node-version: '18'
 
@@ -40,7 +40,7 @@ jobs:
  RELEASER_CLIENT_SECRET: ${{ secrets.RELEASER_CLIENT_SECRET }}
  RELEASER_INSTALLATION_ID: ${{ secrets.RELEASER_INSTALLATION_ID }}
 
- - uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2
+ - uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0
  name: Set up Java
  with:
  java-version: '11'

.github/workflows/scorecards.yml

@@ -31,12 +31,12 @@ jobs:
 
  steps:
  - name: Harden Runner
- uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+ uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
  with:
  egress-policy: audit
 
  - name: "Checkout code"
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+ uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
  with:
  persist-credentials: false
 
@@ -63,14 +63,14 @@ jobs:
  # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
  # format to the repository Actions tab.
  - name: "Upload artifact"
- uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
+ uses: actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9 # v4.4.1
  with:
  name: SARIF file
  path: results.sarif
  retention-days: 5
 
  # Upload the results to GitHub's code scanning dashboard.
  - name: "Upload to code-scanning"
- uses: github/codeql-action/upload-sarif@429e1977040da7a23b6822b13c129cd1ba93dbb2 # v3.26.2
+ uses: github/codeql-action/upload-sarif@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12
  with:
  sarif_file: results.sarif

package.json

@@ -8,7 +8,7 @@
  "license": "Apache-2.0",
  "devDependencies": {
  "@actions/core": "^1.10.0",
- "@commitlint/config-conventional": "19.2.2",
+ "@commitlint/config-conventional": "19.5.0",
  "@octokit/auth-app": "^7.0.0"
  },
  "scripts": {

pom.xml

@@ -93,7 +93,7 @@
  <plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-javadoc-plugin</artifactId>
- <version>3.8.0</version>
+ <version>3.10.1</version>
  <configuration>
  <doclint>all,-missing</doclint>
  </configuration>
@@ -109,7 +109,7 @@
  <plugin>
  <groupId>org.apache.maven.plugins</groupId>
  <artifactId>maven-gpg-plugin</artifactId>
- <version>3.2.5</version>
+ <version>3.2.7</version>
  <executions>
  <execution>
  <id>sign-artifacts</id>
@@ -135,7 +135,7 @@
  <dependency>
  <groupId>org.apache.logging.log4j</groupId>
  <artifactId>log4j-core</artifactId>
- <version>2.23.1</version>
+ <version>2.24.1</version>
  </dependency>
  <dependency>
  <groupId>com.google.code.gson</groupId>
@@ -145,17 +145,17 @@
  <dependency>
  <groupId>io.github.cdimascio</groupId>
  <artifactId>dotenv-java</artifactId>
- <version>3.0.1</version>
+ <version>3.0.2</version>
  </dependency>
  <dependency>
  <groupId>joda-time</groupId>
  <artifactId>joda-time</artifactId>
- <version>2.12.7</version>
+ <version>2.13.0</version>
  </dependency>
  <dependency>
  <groupId>org.mockito</groupId>
  <artifactId>mockito-core</artifactId>
- <version>5.12.0</version>
+ <version>5.14.1</version>
  <scope>test</scope>
  </dependency>
  <dependency>