From 40dd733c072275488e114044a14f134058e71685 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 17 Nov 2024 02:56:36 +0000 Subject: [PATCH 1/3] fix: upgrade @actions/http-client from 2.2.1 to 2.2.3 Snyk has created this PR to upgrade @actions/http-client from 2.2.1 to 2.2.3. See this package in npm: @actions/http-client See this project in Snyk: https://app.snyk.io/org/tr4200812/project/c294311f-40c3-4386-990f-dd7769a0ca56?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 9 +++++---- package.json | 2 +- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/package-lock.json b/package-lock.json index cb1af44..0b2b620 100644 --- a/package-lock.json +++ b/package-lock.json @@ -13,7 +13,7 @@ "@actions/core": "^1.10.0", "@actions/exec": "^1.0.4", "@actions/glob": "^0.4.0", - "@actions/http-client": "^2.2.1", + "@actions/http-client": "^2.2.3", "@actions/io": "^1.0.2", "@actions/tool-cache": "^2.0.1", "semver": "^7.6.0", @@ -115,9 +115,10 @@ } }, "node_modules/@actions/http-client": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.2.1.tgz", - "integrity": "sha512-KhC/cZsq7f8I4LfZSJKgCvEwfkE8o1538VoBeoGzokVLLnbFDEAdFD3UhoMklxo2un9NJVBdANOresx7vTHlHw==", + "version": "2.2.3", + "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.2.3.tgz", + "integrity": "sha512-mx8hyJi/hjFvbPokCg4uRd4ZX78t+YyRPtnKWwIl+RzNaVuFpQHfmlGVfsKEJN8LwTCvL+DfVgAM04XaHkm6bA==", + "license": "MIT", "dependencies": { "tunnel": "^0.0.6", "undici": "^5.25.4" diff --git a/package.json b/package.json index d8c4948..05af243 100644 --- a/package.json +++ b/package.json @@ -30,7 +30,7 @@ "@actions/core": "^1.10.0", "@actions/exec": "^1.0.4", "@actions/glob": "^0.4.0", - "@actions/http-client": "^2.2.1", + "@actions/http-client": "^2.2.3", "@actions/io": "^1.0.2", "@actions/tool-cache": "^2.0.1", "semver": "^7.6.0", From bc9ed765d92542b06396162cdc793bf361f2f7a3 Mon Sep 17 00:00:00 2001 From: aparnajyothi-y <147696841+aparnajyothi-y@users.noreply.github.com> Date: Tue, 4 Mar 2025 03:57:48 +0530 Subject: [PATCH 2/3] Add Documentation to Recommend Using GraalVM JDK 17 Version to 17.0.12 to Align with GFTC License Terms (#704) * Update the graalvm documentation * update the documentation --- README.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/README.md b/README.md index 8e892f5..844fa99 100644 --- a/README.md +++ b/README.md @@ -118,6 +118,8 @@ Currently, the following distributions are supported: **NOTE:** For Azul Zulu OpenJDK architectures x64 and arm64 are mapped to x86 / arm with proper hw_bitness. +**NOTE:** To comply with the GraalVM Free Terms and Conditions (GFTC) license, it is recommended to use GraalVM JDK 17 version 17.0.12, as this is the only version of GraalVM JDK 17 available under the GFTC license. Additionally, it is encouraged to consider upgrading to GraalVM JDK 21, which offers the latest features and improvements. + ### Caching packages dependencies The action has a built-in functionality for caching and restoring dependencies. It uses [toolkit/cache](https://github.com/actions/toolkit/tree/main/packages/cache) under hood for caching dependencies but requires less configuration settings. Supported package managers are gradle, maven and sbt. The format of the used cache key is `setup-java-${{ platform }}-${{ packageManager }}-${{ fileHash }}`, where the hash is based on the following files: From 5ab241026e18144b054a429cff42d3338239cde5 Mon Sep 17 00:00:00 2001 From: sarut Limpajeerawong <179701381+tr4200812@users.noreply.github.com> Date: Thu, 13 Mar 2025 18:02:16 +0700 Subject: [PATCH 3/3] =?UTF-8?q?Revert=20"Add=20Documentation=20to=20Recomm?= =?UTF-8?q?end=20Using=20GraalVM=20JDK=2017=20Version=20to=2017.0.1?= =?UTF-8?q?=E2=80=A6"?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This reverts commit bc9ed765d92542b06396162cdc793bf361f2f7a3. --- README.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/README.md b/README.md index 844fa99..8e892f5 100644 --- a/README.md +++ b/README.md @@ -118,8 +118,6 @@ Currently, the following distributions are supported: **NOTE:** For Azul Zulu OpenJDK architectures x64 and arm64 are mapped to x86 / arm with proper hw_bitness. -**NOTE:** To comply with the GraalVM Free Terms and Conditions (GFTC) license, it is recommended to use GraalVM JDK 17 version 17.0.12, as this is the only version of GraalVM JDK 17 available under the GFTC license. Additionally, it is encouraged to consider upgrading to GraalVM JDK 21, which offers the latest features and improvements. - ### Caching packages dependencies The action has a built-in functionality for caching and restoring dependencies. It uses [toolkit/cache](https://github.com/actions/toolkit/tree/main/packages/cache) under hood for caching dependencies but requires less configuration settings. Supported package managers are gradle, maven and sbt. The format of the used cache key is `setup-java-${{ platform }}-${{ packageManager }}-${{ fileHash }}`, where the hash is based on the following files: