You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I noticed JNA is using an older version of actions/checkout@v3. But v4 was released in September (and is now at v4.1.1).
This can be avoided in the future by using Dependabot to monitor your GitHub Actions. It will periodically scan the project's workflows and see if any Actions have new versions. In this particular case, it's just one workflow with two Actions, so you likely won't see these PRs very often, but they'll pop up whenever there's something new to keep an eye on.
I'll send a PR bumping the version of actions/checkout and setting up dependabot to keep an eye on your actions moving forward.
I also noticed that create-export-package-metadata-pom.xml has a dependency on the maven-bundle-plugin v5.1.8. There is a more recent version (5.1.9, released in May) of this dependency as well. However, dependabot currently can't handle this case because it only scans files named exactly pom.xml, unfortunately (dependabot/dependabot-core#4425).
The text was updated successfully, but these errors were encountered:
I noticed JNA is using an older version of
actions/checkout@v3. But v4 was released in September (and is now at v4.1.1).This can be avoided in the future by using Dependabot to monitor your GitHub Actions. It will periodically scan the project's workflows and see if any Actions have new versions. In this particular case, it's just one workflow with two Actions, so you likely won't see these PRs very often, but they'll pop up whenever there's something new to keep an eye on.
I'll send a PR bumping the version of
actions/checkoutand setting up dependabot to keep an eye on your actions moving forward.I also noticed that
create-export-package-metadata-pom.xmlhas a dependency on the maven-bundle-plugin v5.1.8. There is a more recent version (5.1.9, released in May) of this dependency as well. However, dependabot currently can't handle this case because it only scans files named exactlypom.xml, unfortunately (dependabot/dependabot-core#4425).The text was updated successfully, but these errors were encountered: