Merge 355a2519f6 into 4a5aa37169

2025-10-08 03:05:04 +09:00 · 2025-10-08 03:05:04 +09:00 · 4433951142
parent 4a5aa37169 355a2519f6
commit 4433951142
7 changed files with 12 additions and 12 deletions
--- a/.github/actions/setup-gradle/action.yml
+++ b/.github/actions/setup-gradle/action.yml
@ -42,7 +42,7 @@ runs:
        distribution: temurin
        java-version: ${{ inputs.java-version }}
    - name: Setup Gradle
-      uses: gradle/actions/setup-gradle@748248ddd2a24f49513d8f472f81c3a07d4d50e1 # v4.4.4
+      uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
      env:
        GRADLE_BUILD_ACTION_CACHE_DEBUG_ENABLED: true
      with:
--- a/.github/workflows/docker_build_and_test.yml
+++ b/.github/workflows/docker_build_and_test.yml
@ -54,7 +54,7 @@ jobs:
      run: |
        python docker_build_test.py kafka/test -tag=test -type=$IMAGE_TYPE -u=$KAFKA_URL
    - name: Run CVE scan
-      uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0
+      uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # v0.33.1
      with:
        image-ref: 'kafka/test:test'
        format: 'table'
--- a/.github/workflows/docker_official_image_build_and_test.yml
+++ b/.github/workflows/docker_official_image_build_and_test.yml
@ -53,7 +53,7 @@ jobs:
      run: |
        python docker_official_image_build_test.py kafka/test -tag=test -type=$IMAGE_TYPE -v=$KAFKA_VERSION
    - name: Run CVE scan
-      uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0
+      uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # v0.33.1
      with:
        image-ref: 'kafka/test:test'
        format: 'table'
--- a/.github/workflows/docker_promote.yml
+++ b/.github/workflows/docker_promote.yml
@ -31,11 +31,11 @@ jobs:
    runs-on: ubuntu-latest
    steps:
    - name: Set up QEMU
-      uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
+      uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0
    - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1
+      uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
    - name: Login to Docker Hub
-      uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
+      uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
      with:
        username: ${{ secrets.DOCKERHUB_USER }}
        password: ${{ secrets.DOCKERHUB_TOKEN }}
--- a/.github/workflows/docker_rc_release.yml
+++ b/.github/workflows/docker_rc_release.yml
@ -47,11 +47,11 @@ jobs:
        python -m pip install --upgrade pip
        pip install -r docker/requirements.txt
    - name: Set up QEMU
-      uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
+      uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0
    - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1
+      uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
    - name: Login to Docker Hub
-      uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
+      uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
      with:
        username: ${{ secrets.DOCKERHUB_USER }}
        password: ${{ secrets.DOCKERHUB_TOKEN }}
--- a/.github/workflows/docker_scan.yml
+++ b/.github/workflows/docker_scan.yml
@ -29,7 +29,7 @@ jobs:
        supported_image_tag: ['latest', '3.9.1', '4.0.0', '4.1.0']
    steps:
      - name: Run CVE scan
-        uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0
+        uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # v0.33.1
        if: always()
        with:
          image-ref: apache/kafka:${{ matrix.supported_image_tag }}
--- a/.github/workflows/pr-labels-cron.yml
+++ b/.github/workflows/pr-labels-cron.yml
@ -35,7 +35,7 @@ jobs:
        env:
          GITHUB_CONTEXT: ${{ toJson(github) }}
      - name: Remove label
-        uses: actions/github-script@v7
+        uses: actions/github-script@v8
        continue-on-error: true
        with:
          github-token: ${{ secrets.GITHUB_TOKEN }}
@ -77,7 +77,7 @@ jobs:
      issues: write
      pull-requests: write
    steps:
-      - uses: actions/stale@v9
+      - uses: actions/stale@v10
        with:
          debug-only: ${{ inputs.dryRun || false }}
          operations-per-run: ${{ inputs.operationsPerRun || 500 }}