diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 841500f7..70a7e179 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -28,7 +28,7 @@ jobs:
steps:
- name: Harden Runner
- uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
+ uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4
with:
disable-sudo: true
egress-policy: block
@@ -43,11 +43,11 @@ jobs:
uploads.github.com:443
- name: Checkout repository
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+ uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
- uses: github/codeql-action/init@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
+ uses: github/codeql-action/init@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3
with:
# Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
languages: java
@@ -65,6 +65,6 @@ jobs:
(cd function-maven-plugin && mvn install)
- name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
+ uses: github/codeql-action/analyze@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3
with:
category: ${{ matrix.working-directory }}
diff --git a/.github/workflows/conformance.yaml b/.github/workflows/conformance.yaml
index 091a77a4..25daf54b 100644
--- a/.github/workflows/conformance.yaml
+++ b/.github/workflows/conformance.yaml
@@ -19,7 +19,7 @@ jobs:
]
steps:
- name: Harden Runner
- uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
+ uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4
with:
disable-sudo: true
egress-policy: block
@@ -32,16 +32,16 @@ jobs:
repo.maven.apache.org:443
storage.googleapis.com:443
- - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+ - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
- name: Set up JDK ${{ matrix.java }}
- uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
+ uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5.4.0
with:
java-version: ${{ matrix.java }}
distribution: temurin
- name: Setup Go
- uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
+ uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6.5.0
with:
go-version: '1.26'
diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml
index 2c88f621..923c31e9 100644
--- a/.github/workflows/lint.yaml
+++ b/.github/workflows/lint.yaml
@@ -13,16 +13,16 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
- uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
+ uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4
with:
disable-sudo: true
egress-policy: block
allowed-endpoints: >
github.com:443
repo.maven.apache.org:443
- - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+ - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
- name: Set up JDK
- uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
+ uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5.4.0
with:
java-version: 17.x
distribution: temurin
@@ -38,13 +38,13 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
- uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
+ uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
- - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 # v2 minimum required
+ - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 # v2 minimum required
- name: Set up JDK
- uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
+ uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5.4.0
with:
java-version: 21.x
distribution: temurin
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index ba1d718d..2e5bd84e 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -26,7 +26,7 @@ jobs:
steps:
- name: Harden Runner
- uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
+ uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4
with:
disable-sudo: true
egress-policy: block
@@ -45,7 +45,7 @@ jobs:
*.github.com:443
- name: "Checkout code"
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+ uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
with:
persist-credentials: false
@@ -62,6 +62,6 @@ jobs:
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
- uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
+ uses: github/codeql-action/upload-sarif@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3
with:
sarif_file: results.sarif
diff --git a/.github/workflows/unit.yaml b/.github/workflows/unit.yaml
index fd3ffc97..8c103ec6 100644
--- a/.github/workflows/unit.yaml
+++ b/.github/workflows/unit.yaml
@@ -18,7 +18,7 @@ jobs:
]
steps:
- name: Harden Runner
- uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
+ uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4
with:
disable-sudo: true
egress-policy: block
@@ -27,9 +27,9 @@ jobs:
repo.maven.apache.org:443
api.adoptium.net:443
*.githubusercontent.com:443
- - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+ - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
- name: Set up JDK ${{ matrix.java }}
- uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0
+ uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5.4.0
with:
java-version: ${{ matrix.java }}
distribution: temurin
diff --git a/function-maven-plugin/pom.xml b/function-maven-plugin/pom.xml
index 6dca952c..0c65d262 100644
--- a/function-maven-plugin/pom.xml
+++ b/function-maven-plugin/pom.xml
@@ -56,13 +56,13 @@
org.apache.maven
maven-plugin-api
- 3.9.14
+ 3.9.16
provided
org.apache.maven
maven-core
- 3.9.14
+ 3.9.16
provided
@@ -164,7 +164,7 @@
org.sonatype.central
central-publishing-maven-plugin
- 0.10.0
+ 0.11.0
true
sonatype-central-portal
diff --git a/functions-framework-api/pom.xml b/functions-framework-api/pom.xml
index 250d5c2b..ae46a8bd 100644
--- a/functions-framework-api/pom.xml
+++ b/functions-framework-api/pom.xml
@@ -70,7 +70,7 @@
io.cloudevents
cloudevents-api
- 4.0.2
+ 4.1.1
@@ -197,7 +197,7 @@
org.sonatype.central
central-publishing-maven-plugin
- 0.10.0
+ 0.11.0
true
sonatype-central-portal
diff --git a/invoker/conformance/pom.xml b/invoker/conformance/pom.xml
index 331f08d1..ee33e41b 100644
--- a/invoker/conformance/pom.xml
+++ b/invoker/conformance/pom.xml
@@ -28,22 +28,22 @@
com.google.cloud.functions
functions-framework-api
- 2.0.0
+ 2.0.1
com.google.code.gson
gson
- 2.13.2
+ 2.14.0
io.cloudevents
cloudevents-core
- 4.0.1
+ 4.1.1
io.cloudevents
cloudevents-json-jackson
- 4.0.1
+ 4.1.1
@@ -53,7 +53,7 @@
com.google.cloud.functions
function-maven-plugin
- 1.0.0
+ 1.0.1
diff --git a/invoker/core/pom.xml b/invoker/core/pom.xml
index cd8984ba..31872f88 100644
--- a/invoker/core/pom.xml
+++ b/invoker/core/pom.xml
@@ -23,8 +23,8 @@
5.3.2
17
17
- 4.0.1
- 12.1.8
+ 4.1.1
+ 12.1.10
@@ -46,7 +46,7 @@
com.google.cloud.functions
functions-framework-api
- 2.0.0
+ 2.0.1
io.cloudevents
@@ -66,7 +66,7 @@
com.google.code.gson
gson
- 2.13.2
+ 2.14.0
com.ryanharter.auto.value
@@ -100,7 +100,7 @@
org.slf4j
slf4j-jdk14
- 2.0.17
+ 2.0.18
com.beust
diff --git a/invoker/pom.xml b/invoker/pom.xml
index 33cf5383..87d37acc 100644
--- a/invoker/pom.xml
+++ b/invoker/pom.xml
@@ -130,7 +130,7 @@
org.sonatype.central
central-publishing-maven-plugin
- 0.10.0
+ 0.11.0
true
sonatype-central-portal
diff --git a/invoker/testfunction/pom.xml b/invoker/testfunction/pom.xml
index 541eb9a8..b7184232 100644
--- a/invoker/testfunction/pom.xml
+++ b/invoker/testfunction/pom.xml
@@ -20,7 +20,7 @@
com.google.cloud.functions
functions-framework-api
- 2.0.0
+ 2.0.1