Bump org.apache.maven.plugins:maven-pmd-plugin from 3.21.2 to 3.22.0 #236
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: ci | |
| ## Does continuous integration build with Java 8 and 11 and | |
| ## if succeeds and due to a dependabot pull request (minor or | |
| ## patch verson change) it will automatically merge the PR. | |
| ## Unlike many sample automerge workflows this does not rely | |
| ## on third-party libraries apart from the official dependabot | |
| ## repository ones. This reduces the security risk significantly | |
| ## (we don't want to unknowingly merge malicious code or expose | |
| ## secrets to a malicious third party). | |
| on: [push, pull_request] | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| java: ['8', '11', '17'] | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - name: Set up JDK ${{ matrix.java }} | |
| uses: actions/setup-java@v2 | |
| with: | |
| java-version: ${{ matrix.java }} | |
| distribution: 'adopt' | |
| - name: Build with Maven | |
| run: mvn --batch-mode --update-snapshots verify | |
| - uses: codecov/codecov-action@v1 | |
| with: | |
| file: ./**/target/site/jacoco/jacoco.xml | |
| name: codecov | |
| dependabot: | |
| runs-on: ubuntu-latest | |
| needs: build | |
| permissions: | |
| pull-requests: write | |
| contents: write | |
| if: ${{ github.actor == 'dependabot[bot]' && github.event_name == 'pull_request' }} | |
| steps: | |
| - name: Dependabot metadata | |
| id: metadata | |
| uses: dependabot/fetch-metadata@v1.1.1 | |
| with: | |
| github-token: "${{ secrets.GITHUB_TOKEN }}" | |
| - name: Enable auto-merge for Dependabot PRs | |
| if: ${{!contains(steps.metadata.outputs.dependency-names, 'maven-plugin-api') && (steps.metadata.outputs.update-type == 'version-update:semver-minor' || steps.metadata.outputs.update-type == 'version-update:semver-patch')}} | |
| run: gh pr merge --auto --rebase "$PR_URL" | |
| env: | |
| PR_URL: ${{github.event.pull_request.html_url}} | |
| GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}} |