You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@logging.apache.org by pk...@apache.org on 2022/10/22 09:15:35 UTC
[logging-log4j2] branch master updated (463620b50f -> bcd34d72cb)
This is an automated email from the ASF dual-hosted git repository.
pkarwasz pushed a change to branch master
in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git
from 463620b50f Move exclusions from Jackson to Kubernetes
new e35b9c5d7a Bump actions/setup-python from 4.2.0 to 4.3.0
new 285cc7f242 Bump actions/setup-java from 3.4.1 to 3.6.0
new c467c24338 Bump github/codeql-action from 2.1.22 to 2.1.28
new bcd34d72cb Bump actions/checkout from 3.0.2 to 3.1.0
The 4 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
Summary of changes:
.github/workflows/benchmark.yml | 12 ++---
.github/workflows/build.yml | 8 ++--
.github/workflows/codeql-analysis.yml | 80 ++++++++++++++++++++++++++++++++++
.github/workflows/log4j-kafka-test.yml | 4 +-
4 files changed, 92 insertions(+), 12 deletions(-)
create mode 100644 .github/workflows/codeql-analysis.yml
[logging-log4j2] 01/04: Bump actions/setup-python from 4.2.0 to 4.3.0
Posted by pk...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
pkarwasz pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git
commit e35b9c5d7a2f801b4c0ff4c8fdf66bbe2f875332
Author: dependabot[bot] <49...@users.noreply.github.com>
AuthorDate: Tue Oct 11 11:22:27 2022 +0000
Bump actions/setup-python from 4.2.0 to 4.3.0
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/b55428b1882923874294fa556849718a1d7f2ca5...13ae5bb136fac2878aff31522b9efb785519f984)
---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <su...@github.com>
---
.github/workflows/benchmark.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml
index 58eacb8df2..26149a70be 100644
--- a/.github/workflows/benchmark.yml
+++ b/.github/workflows/benchmark.yml
@@ -184,7 +184,7 @@ jobs:
ref: gh-pages
- name: Setup Python 3
- uses: actions/setup-python@v2
+ uses: actions/setup-python@13ae5bb136fac2878aff31522b9efb785519f984 # 4.3.0
with:
python-version: 3.x
[logging-log4j2] 03/04: Bump github/codeql-action from 2.1.22 to 2.1.28
Posted by pk...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
pkarwasz pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git
commit c467c24338765691f19f28c991ad08a25864d52a
Author: dependabot[bot] <49...@users.noreply.github.com>
AuthorDate: Wed Oct 19 10:36:11 2022 +0000
Bump github/codeql-action from 2.1.22 to 2.1.28
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.1.22 to 2.1.28.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/b398f525a5587552e573b247ac661067fafa920b...cc7986c02bac29104a72998e67239bb5ee2ee110)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <su...@github.com>
---
.github/workflows/codeql-analysis.yml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index ffd6f0821b..1393a9c9aa 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -48,7 +48,7 @@ jobs:
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
- uses: github/codeql-action/init@b398f525a5587552e573b247ac661067fafa920b # 2.1.22
+ uses: github/codeql-action/init@cc7986c02bac29104a72998e67239bb5ee2ee110 # 2.1.28
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
@@ -77,4 +77,4 @@ jobs:
--global-toolchains ".github/workflows/maven-toolchains.xml"
- name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@b398f525a5587552e573b247ac661067fafa920b # 2.1.22
+ uses: github/codeql-action/analyze@cc7986c02bac29104a72998e67239bb5ee2ee110 # 2.1.28
[logging-log4j2] 04/04: Bump actions/checkout from 3.0.2 to 3.1.0
Posted by pk...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
pkarwasz pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git
commit bcd34d72cb6186ad9c18832f6984af92ea1c4cae
Author: dependabot[bot] <49...@users.noreply.github.com>
AuthorDate: Sat Oct 22 08:06:17 2022 +0000
Bump actions/checkout from 3.0.2 to 3.1.0
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.0.2 to 3.1.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/2541b1294d2704b0964813337f33b291d3f8596b...93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <su...@github.com>
---
.github/workflows/benchmark.yml | 6 +++---
.github/workflows/build.yml | 4 ++--
.github/workflows/codeql-analysis.yml | 2 +-
.github/workflows/log4j-kafka-test.yml | 2 +-
4 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml
index cecd7b1162..455f29b691 100644
--- a/.github/workflows/benchmark.yml
+++ b/.github/workflows/benchmark.yml
@@ -28,7 +28,7 @@ jobs:
steps:
- name: Checkout repository
- uses: actions/checkout@v2
+ uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # 3.1.0
- name: Set up JDK 11
uses: actions/setup-java@de1bb2b0c5634f0fc4438d7aa9944e68f9bf86cc # 3.6.0
@@ -73,7 +73,7 @@ jobs:
steps:
- name: Checkout repository
- uses: actions/checkout@v2
+ uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # 3.1.0
- name: Download built sources
uses: actions/download-artifact@v2
@@ -179,7 +179,7 @@ jobs:
steps:
- name: Checkout repository
- uses: actions/checkout@v2
+ uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # 3.1.0
with:
ref: gh-pages
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 3de194d46c..3b6d836593 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -36,7 +36,7 @@ jobs:
steps:
- name: Checkout repository
- uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 # 3.0.1
+ uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # 3.1.0
- name: Setup JDK 11
uses: actions/setup-java@de1bb2b0c5634f0fc4438d7aa9944e68f9bf86cc # 3.6.0
@@ -93,7 +93,7 @@ jobs:
steps:
- name: Checkout repository
- uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 # 3.0.1
+ uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # 3.1.0
- name: Setup JDK 11
uses: actions/setup-java@de1bb2b0c5634f0fc4438d7aa9944e68f9bf86cc # 3.6.0
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 1393a9c9aa..62aae06ff7 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -44,7 +44,7 @@ jobs:
steps:
- name: Checkout repository
- uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # 3.0.2
+ uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # 3.1.0
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
diff --git a/.github/workflows/log4j-kafka-test.yml b/.github/workflows/log4j-kafka-test.yml
index 7fbd94e577..07950e33bf 100644
--- a/.github/workflows/log4j-kafka-test.yml
+++ b/.github/workflows/log4j-kafka-test.yml
@@ -30,7 +30,7 @@ jobs:
steps:
- name: Checkout repository
- uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 # 3.0.1
+ uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # 3.1.0
- name: Setup JDK 11
uses: actions/setup-java@de1bb2b0c5634f0fc4438d7aa9944e68f9bf86cc # 3.6.0
[logging-log4j2] 02/04: Bump actions/setup-java from 3.4.1 to 3.6.0
Posted by pk...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
pkarwasz pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/logging-log4j2.git
commit 285cc7f24242327ec4771002b0783d3415b4a6ff
Author: dependabot[bot] <49...@users.noreply.github.com>
AuthorDate: Wed Oct 19 10:36:06 2022 +0000
Bump actions/setup-java from 3.4.1 to 3.6.0
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 3.4.1 to 3.6.0.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](https://github.com/actions/setup-java/compare/v3.4.1...de1bb2b0c5634f0fc4438d7aa9944e68f9bf86cc)
---
updated-dependencies:
- dependency-name: actions/setup-java
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <su...@github.com>
---
.github/workflows/benchmark.yml | 4 +-
.github/workflows/build.yml | 4 +-
.github/workflows/codeql-analysis.yml | 80 ++++++++++++++++++++++++++++++++++
.github/workflows/log4j-kafka-test.yml | 2 +-
4 files changed, 85 insertions(+), 5 deletions(-)
diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml
index 26149a70be..cecd7b1162 100644
--- a/.github/workflows/benchmark.yml
+++ b/.github/workflows/benchmark.yml
@@ -31,7 +31,7 @@ jobs:
uses: actions/checkout@v2
- name: Set up JDK 11
- uses: actions/setup-java@v2.4.0
+ uses: actions/setup-java@de1bb2b0c5634f0fc4438d7aa9944e68f9bf86cc # 3.6.0
with:
distribution: temurin
java-version: 11
@@ -83,7 +83,7 @@ jobs:
- name: Set up JDK ${{ matrix.jdk }}
if: matrix.jdk != 11
- uses: actions/setup-java@v2.4.0
+ uses: actions/setup-java@de1bb2b0c5634f0fc4438d7aa9944e68f9bf86cc # 3.6.0
with:
distribution: temurin
java-version: ${{ matrix.jdk }}
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 00d3bad3d6..3de194d46c 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -39,7 +39,7 @@ jobs:
uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 # 3.0.1
- name: Setup JDK 11
- uses: actions/setup-java@9519cf1382ac8dc61ad461f7f7cb45f033220189 # 3.1.1
+ uses: actions/setup-java@de1bb2b0c5634f0fc4438d7aa9944e68f9bf86cc # 3.6.0
with:
distribution: temurin
java-version: 11
@@ -96,7 +96,7 @@ jobs:
uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 # 3.0.1
- name: Setup JDK 11
- uses: actions/setup-java@9519cf1382ac8dc61ad461f7f7cb45f033220189 # 3.1.1
+ uses: actions/setup-java@de1bb2b0c5634f0fc4438d7aa9944e68f9bf86cc # 3.6.0
with:
distribution: temurin
java-version: 11
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
new file mode 100644
index 0000000000..ffd6f0821b
--- /dev/null
+++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,80 @@
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements. See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache license, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the license for the specific language governing permissions and
+# limitations under the license.
+
+name: "CodeQL"
+
+on:
+ push:
+ branches: [ master ]
+ pull_request:
+ # The branches below must be a subset of the branches above
+ branches: [ master ]
+ schedule:
+ - cron: '32 12 * * 5'
+
+jobs:
+
+ analyze:
+ name: Analyze
+ runs-on: ubuntu-latest
+ permissions:
+ actions: read
+ contents: read
+ security-events: write
+
+ strategy:
+ fail-fast: false
+ matrix:
+ language: [ 'java' ]
+ # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+ # Learn more about CodeQL language support at https://git.io/codeql-language-support
+
+ steps:
+
+ - name: Checkout repository
+ uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # 3.0.2
+
+ # Initializes the CodeQL tools for scanning.
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init@b398f525a5587552e573b247ac661067fafa920b # 2.1.22
+ with:
+ languages: ${{ matrix.language }}
+ # If you wish to specify custom queries, you can do so here or in a config file.
+ # By default, queries listed here will override any specified in a config file.
+ # Prefix the list here with "+" to use these queries and those in the config file.
+ # queries: ./path/to/local/query, your-org/your-repo/queries@main
+
+ # JDK 11 is needed for the build.
+ # Search `maven-toolchains-plugin` usages for details.
+ - name: Setup JDK 11
+ uses: actions/setup-java@de1bb2b0c5634f0fc4438d7aa9944e68f9bf86cc # 3.6.0
+ with:
+ distribution: temurin
+ java-version: 11
+ java-package: jdk
+ architecture: x64
+ cache: maven
+
+ - name: Build with Maven
+ timeout-minutes: 60
+ shell: bash
+ run: |
+ ./mvnw \
+ --show-version --batch-mode --errors --no-transfer-progress \
+ -DskipTests \
+ --global-toolchains ".github/workflows/maven-toolchains.xml"
+
+ - name: Perform CodeQL Analysis
+ uses: github/codeql-action/analyze@b398f525a5587552e573b247ac661067fafa920b # 2.1.22
diff --git a/.github/workflows/log4j-kafka-test.yml b/.github/workflows/log4j-kafka-test.yml
index edf462c45b..7fbd94e577 100644
--- a/.github/workflows/log4j-kafka-test.yml
+++ b/.github/workflows/log4j-kafka-test.yml
@@ -33,7 +33,7 @@ jobs:
uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 # 3.0.1
- name: Setup JDK 11
- uses: actions/setup-java@9519cf1382ac8dc61ad461f7f7cb45f033220189 # 3.1.1
+ uses: actions/setup-java@de1bb2b0c5634f0fc4438d7aa9944e68f9bf86cc # 3.6.0
with:
distribution: temurin
java-version: 11