Skip to content

feat: merge commits #226

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
unknowIfGuestInDream merged 14 commits into from
Dec 21, 2025
Merged

feat: merge commits #226

unknowIfGuestInDream merged 14 commits into from
Dec 21, 2025

Conversation

@unknowIfGuestInDream
Copy link
Owner

@unknowIfGuestInDream unknowIfGuestInDream commented Dec 21, 2025
edited by sourcery-ai bot
Loading

Fixes #

Proposed Changes

  1. ...
  2. ...
  3. ...

Readiness Checklist

Author/Contributor

  • If documentation is needed for this change, has that been included in this pull request

Reviewing Maintainer

  • Label as either enhancement, bug, documentation, style or dependencies
  • Verify design and implementation

Summary by Sourcery

Update dependencies and CI workflows to newer versions and adjust automation schedules.

Build:

  • Bump Maven plugin and MariaDB JDBC driver versions in pom.xml.

CI:

  • Upgrade various GitHub Actions (checkout, CodeQL, changelog generator, contributors PR, labeler, lock-threads, stale, linter, Maven, dependency review) to their latest major or minor versions and update Dependabot’s Maven schedule to weekly.

Documentation:

  • Refresh CONTRIBUTORS metadata with the latest generated timestamp.

dependabot bot and others added 14 commits August 29, 2025 14:52
@dependabot
build(deps): bump BobAnkh/auto-generate-changelog from 1.2.5 to 1.3.0 (
d4215cc 
…#206)

Bumps [BobAnkh/auto-generate-changelog](https://github.com/bobankh/auto-generate-changelog) from 1.2.5 to 1.3.0.
- [Release notes](https://github.com/bobankh/auto-generate-changelog/releases)
- [Changelog](https://github.com/BobAnkh/auto-generate-changelog/blob/master/CHANGELOG.md)
- [Commits](BobAnkh/auto-generate-changelog@v1.2.5...v1.3.0)

---
updated-dependencies:
- dependency-name: BobAnkh/auto-generate-changelog
  dependency-version: 1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@github-actions
bot: Update Contributors File
eed30b9
@dependabot
build(deps): bump actions/stale from 9 to 10 (#209)
14a154e 
Bumps [actions/stale](https://github.com/actions/stale) from 9 to 10.
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](actions/stale@v9...v10)

---
updated-dependencies:
- dependency-name: actions/stale
  dependency-version: '10'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): bump actions/labeler from 5 to 6 (#208)
9983b87 
Bumps [actions/labeler](https://github.com/actions/labeler) from 5 to 6.
- [Release notes](https://github.com/actions/labeler/releases)
- [Commits](actions/labeler@v5...v6)

---
updated-dependencies:
- dependency-name: actions/labeler
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): bump org.mariadb.jdbc:mariadb-java-client (#210)
f6d5d34 
Bumps [org.mariadb.jdbc:mariadb-java-client](https://github.com/mariadb-corporation/mariadb-connector-j) from 3.5.5 to 3.5.6.
- [Release notes](https://github.com/mariadb-corporation/mariadb-connector-j/releases)
- [Changelog](https://github.com/mariadb-corporation/mariadb-connector-j/blob/main/CHANGELOG.md)
- [Commits](mariadb-corporation/mariadb-connector-j@3.5.5...3.5.6)

---
updated-dependencies:
- dependency-name: org.mariadb.jdbc:mariadb-java-client
  dependency-version: 3.5.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): bump org.apache.maven.plugins:maven-javadoc-plugin (#211)
4bbc715 
Bumps [org.apache.maven.plugins:maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) from 3.11.3 to 3.12.0.
- [Release notes](https://github.com/apache/maven-javadoc-plugin/releases)
- [Commits](apache/maven-javadoc-plugin@maven-javadoc-plugin-3.11.3...maven-javadoc-plugin-3.12.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-javadoc-plugin
  dependency-version: 3.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@unknowIfGuestInDream
ci: Change Dependabot update interval from daily to weekly (#213)
d9d889f 
Signed-off-by: 梦里不知身是客 <liang.tang.cx@gmail.com>
@dependabot
build(deps): bump github/codeql-action from 3 to 4 (#217)
514e2c8 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@v3...v4)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): bump actions/checkout from 5 to 6 (#216)
d073266 
Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v5...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): bump peter-evans/create-pull-request from 7.0.8 to 7.0.9 (
f700efd 
…#214)

Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 7.0.8 to 7.0.9.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](peter-evans/create-pull-request@v7.0.8...v7.0.9)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-version: 7.0.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): bump org.apache.maven.plugins:maven-jar-plugin (#215)
eb280b2 
Bumps [org.apache.maven.plugins:maven-jar-plugin](https://github.com/apache/maven-jar-plugin) from 3.4.2 to 3.5.0.
- [Release notes](https://github.com/apache/maven-jar-plugin/releases)
- [Commits](apache/maven-jar-plugin@maven-jar-plugin-3.4.2...maven-jar-plugin-3.5.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-jar-plugin
  dependency-version: 3.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): bump org.apache.maven.plugins:maven-source-plugin (#219)
f976a54 
Bumps [org.apache.maven.plugins:maven-source-plugin](https://github.com/apache/maven-source-plugin) from 3.3.1 to 3.4.0.
- [Release notes](https://github.com/apache/maven-source-plugin/releases)
- [Commits](apache/maven-source-plugin@maven-source-plugin-3.3.1...maven-source-plugin-3.4.0)

---
updated-dependencies:
- dependency-name: org.apache.maven.plugins:maven-source-plugin
  dependency-version: 3.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): bump peter-evans/create-pull-request from 7.0.9 to 8.0.0 (
bf687c9 
…#220)

Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 7.0.9 to 8.0.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](peter-evans/create-pull-request@v7.0.9...v8.0.0)

---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
  dependency-version: 8.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
build(deps): bump dessant/lock-threads from 5 to 6 (#221)
c000ee5 
Bumps [dessant/lock-threads](https://github.com/dessant/lock-threads) from 5 to 6.
- [Release notes](https://github.com/dessant/lock-threads/releases)
- [Changelog](https://github.com/dessant/lock-threads/blob/main/CHANGELOG.md)
- [Commits](dessant/lock-threads@v5...v6)

---
updated-dependencies:
- dependency-name: dessant/lock-threads
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Copilot AI review requested due to automatic review settings December 21, 2025 02:19
@naming-conventions-bot
Copy link

naming-conventions-bot bot commented Dec 21, 2025

Thank you for following naming conventions! 😻

@coderabbitai
Copy link

coderabbitai bot commented Dec 21, 2025

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Post copyable unit tests in a comment
  • Commit unit tests in branch master

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@sourcery-ai
Copy link

sourcery-ai bot commented Dec 21, 2025
edited
Loading

Reviewer's guide (collapsed on small PRs)

Reviewer's Guide

This PR updates various GitHub Actions workflows to newer major versions of third-party actions, bumps several Maven plugin and MariaDB driver versions, and adjusts Dependabot’s Maven update schedule, with a minor metadata refresh in CONTRIBUTORS.md.

File-Level Changes

Change Details Files
Upgrade GitHub Actions workflow dependencies to newer major versions.
  • Bump actions/checkout from v5 to v6 across workflows (code scanning, changelog generation, contributors update, dependency review, linting, Maven build).
  • Upgrade CodeQL actions (init, autobuild, analyze) from v3 to v4 in the codeql-analysis workflow.
  • Update third-party workflow actions such as BobAnkh/auto-generate-changelog, peter-evans/create-pull-request, actions/labeler, dessant/lock-threads, and actions/stale to their latest referenced major versions.
 .github/workflows/codeql-analysis.yml
.github/workflows/changelog.yml
.github/workflows/contributors.yml
.github/workflows/dependency-review.yml
.github/workflows/label.yml
.github/workflows/linter.yml
.github/workflows/lock.yml
.github/workflows/maven.yml
.github/workflows/stale.yml
Refresh Maven dependency and plugin versions.
  • Increment mariadb-java-client from 3.5.5 to 3.5.6.
  • Update maven-javadoc-plugin, maven-source-plugin, and maven-jar-plugin to newer minor/patch versions in the pom properties section.
 pom.xml
Adjust automated dependency management and metadata.
  • Change Dependabot Maven update interval from daily to weekly.
  • Update the autogenerated timestamp footer in CONTRIBUTORS.md.
 .github/dependabot.yml
CONTRIBUTORS.md
Tips and commands

Interacting with Sourcery

  • Trigger a new review: Comment @sourcery-ai review on the pull request.
  • Continue discussions: Reply directly to Sourcery's review comments.
  • Generate a GitHub issue from a review comment: Ask Sourcery to create an
    issue from a review comment by replying to it. You can also reply to a
    review comment with @sourcery-ai issue to create an issue from it.
  • Generate a pull request title: Write @sourcery-ai anywhere in the pull
    request title to generate a title at any time. You can also comment
    @sourcery-ai title on the pull request to (re-)generate the title at any time.
  • Generate a pull request summary: Write @sourcery-ai summary anywhere in
    the pull request body to generate a PR summary at any time exactly where you
    want it. You can also comment @sourcery-ai summary on the pull request to
    (re-)generate the summary at any time.
  • Generate reviewer's guide: Comment @sourcery-ai guide on the pull
    request to (re-)generate the reviewer's guide at any time.
  • Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
    pull request to resolve all Sourcery comments. Useful if you've already
    addressed all the comments and don't want to see them anymore.
  • Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
    request to dismiss all existing Sourcery reviews. Especially useful if you
    want to start fresh with a new review - don't forget to comment
    @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

  • Enable or disable review features such as the Sourcery-generated pull request
    summary, the reviewer's guide, and others.
  • Change the review language.
  • Add, remove or edit custom review instructions.
  • Adjust other review settings.

Getting Help

@sonarqubecloud
Copy link

sonarqubecloud bot commented Dec 21, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@mergify mergify bot added the enhancement New feature or request label Dec 21, 2025
sourcery-ai[bot]
sourcery-ai bot reviewed Dec 21, 2025
View reviewed changes
Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hey - I've found 1 issue, and left some high level feedback:

  • The CONTRIBUTORS.md "Last updated" timestamp changed to Fri, 01 Aug 25 ...; if this file is normally updated by automation, consider reverting or regenerating it to avoid committing a potentially incorrect or out‑of‑sequence date.
  • Switching Dependabot’s Maven schedule from daily to weekly is a behavior change; if this was not an intentional policy change, you may want to keep the previous interval.
Prompt for AI Agents 
Please address the comments from this code review:

## Overall Comments
- The `CONTRIBUTORS.md` "Last updated" timestamp changed to `Fri, 01 Aug 25 ...`; if this file is normally updated by automation, consider reverting or regenerating it to avoid committing a potentially incorrect or out‑of‑sequence date.
- Switching Dependabot’s Maven schedule from `daily` to `weekly` is a behavior change; if this was not an intentional policy change, you may want to keep the previous interval.

## Individual Comments

### Comment 1
<location> `.github/workflows/codeql-analysis.yml:57-64` </location>
<code_context>
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           fetch-depth: 0
</code_context>

<issue_to_address>
**🚨 suggestion (security):** Consider pinning security‑sensitive actions to commit SHAs instead of floating major tags.

Because this workflow runs CodeQL with access to your repo, a compromised action would be high impact. Please pin `actions/checkout` (and any `github/codeql-action/*` uses) to specific commit SHAs, optionally with a comment indicating the version, so you can control upgrades and reduce supply‑chain risk.
</issue_to_address>
Sourcery is free for open source - if you like our reviews please consider sharing them ✨
Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.

@github-actions github-actions bot added dependencies Pull requests that update a dependency file automerge workflow labels Dec 21, 2025
Copilot AI reviewed Dec 21, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates various Maven plugin versions, MariaDB client version, GitHub Actions workflow versions, and adjusts the Dependabot schedule from daily to weekly checks.

Key Changes:

  • Updated Maven plugins (javadoc, source, jar) and MariaDB client to newer versions
  • Updated multiple GitHub Actions workflow dependencies to their latest major/minor versions
  • Changed Dependabot update frequency from daily to weekly
  • Updated CONTRIBUTORS.md timestamp (automated)

Reviewed changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated no comments.

Show a summary per file
File Description
pom.xml Updated mariadb-java-client to 3.5.6 and Maven plugins (javadoc 3.12.0, source 3.4.0, jar 3.5.0)
.github/workflows/stale.yml Updated actions/stale from v9 to v10
.github/workflows/maven.yml Updated actions/checkout from v5 to v6
.github/workflows/lock.yml Updated dessant/lock-threads from v5 to v6
.github/workflows/linter.yml Updated actions/checkout from v5 to v6
.github/workflows/label.yml Updated actions/labeler from v5 to v6
.github/workflows/dependency-review.yml Updated actions/checkout from v5 to v6
.github/workflows/contributors.yml Updated actions/checkout to v6 and peter-evans/create-pull-request to v8.0.0
.github/workflows/codeql-analysis.yml Updated actions/checkout to v6 and github/codeql-action to v4
.github/workflows/changelog.yml Updated actions/checkout to v6 and BobAnkh/auto-generate-changelog to v1.3.0
.github/dependabot.yml Changed Maven update interval from daily to weekly
CONTRIBUTORS.md Automated timestamp update to Mon, 01 Sep 25 01:19:47 +0000

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@unknowIfGuestInDream unknowIfGuestInDream merged commit ed3ecad into genCode-4.1 Dec 21, 2025
288 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

Copilot code review Copilot Copilot left review comments

Assignees

@unknowIfGuestInDream unknowIfGuestInDream

Labels

automerge dependencies Pull requests that update a dependency file enhancement New feature or request size/M workflow

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@unknowIfGuestInDream