Skip to content

Bump org.owasp.dependencycheck from 11.1.0 to 11.1.1 #2524

Bump org.owasp.dependencycheck from 11.1.0 to 11.1.1

Bump org.owasp.dependencycheck from 11.1.0 to 11.1.1 #2524

Workflow file for this run

name: Dependabot PR actions
on:
pull_request:
types:
- opened
- reopened
- synchronize
- labeled
- unlabeled
jobs:
dependabot:
runs-on: ubuntu-latest
permissions:
pull-requests: write
contents: write
if: ${{ github.actor == 'dependabot[bot]' && !contains(github.event.pull_request.labels.*.name, 'github-actions') }}
steps:
- name: GitHub App token
id: github_app_token
uses: tibdex/[email protected]
with:
app_id: ${{ secrets.APP_ID }}
private_key: ${{ secrets.APP_PRIVATE_KEY }}
installation_id: 22958780
- name: Check out code
uses: actions/checkout@v4
with:
token: ${{ steps.github_app_token.outputs.token }}
- id: version
run: |
echo "::set-output name=version::$(cat gradle.properties | grep systemProp.version | cut -d' ' -f3 | cut -d\. -f1,2)"
- name: Update the changelog
uses: dangoslen/dependabot-changelog-helper@v3
with:
version: "Unreleased ${{ steps.version.outputs.version }}"
- name: Commit the changes
uses: stefanzweifel/git-auto-commit-action@v5
with:
commit_message: "Update changelog"
branch: ${{ github.head_ref }}
commit_user_name: dependabot[bot]
commit_user_email: [email protected]
commit_options: '--signoff'