From 160b37f3dc9104d40470bdbaf4f52e1e260b825f Mon Sep 17 00:00:00 2001 From: yeikel Date: Mon, 17 Nov 2025 20:39:59 -0500 Subject: [PATCH 01/10] Use Java 25 --- .github/workflows/backend_tests.yml | 2 +- .github/workflows/branch-deploy.yml | 2 +- .github/workflows/build-public-image.yml | 2 +- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/cve_checks.yml | 2 +- .github/workflows/e2e-playwright-run.yml | 2 +- .github/workflows/main.yml | 2 +- .github/workflows/release-serde-api.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/separate_env_public_create.yml | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/backend_tests.yml b/.github/workflows/backend_tests.yml index 749a3e68c..ef14e732e 100644 --- a/.github/workflows/backend_tests.yml +++ b/.github/workflows/backend_tests.yml @@ -28,7 +28,7 @@ jobs: - name: Set up JDK uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4 with: - java-version: '21' + java-version-file: '.java-version' distribution: 'zulu' cache: 'gradle' diff --git a/.github/workflows/branch-deploy.yml b/.github/workflows/branch-deploy.yml index ef2758953..33376a173 100644 --- a/.github/workflows/branch-deploy.yml +++ b/.github/workflows/branch-deploy.yml @@ -29,7 +29,7 @@ jobs: - name: Set up JDK uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4 with: - java-version: '21' + java-version-file: '.java-version' distribution: 'zulu' cache: 'gradle' - name: Build diff --git a/.github/workflows/build-public-image.yml b/.github/workflows/build-public-image.yml index ca13bae2b..2994f6c32 100644 --- a/.github/workflows/build-public-image.yml +++ b/.github/workflows/build-public-image.yml @@ -27,7 +27,7 @@ jobs: - name: Set up JDK uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4 with: - java-version: '21' + java-version-file: '.java-version' distribution: 'zulu' cache: 'gradle' - name: Build diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 056b34905..a09ad8fa7 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -50,7 +50,7 @@ jobs: - name: Set up JDK uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4 with: - java-version: '21' + java-version-file: '.java-version' distribution: 'zulu' cache: 'gradle' diff --git a/.github/workflows/cve_checks.yml b/.github/workflows/cve_checks.yml index 940125b2f..691cc7d24 100644 --- a/.github/workflows/cve_checks.yml +++ b/.github/workflows/cve_checks.yml @@ -25,7 +25,7 @@ jobs: - name: Set up JDK uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4 with: - java-version: '21' + java-version-file: '.java-version' distribution: 'zulu' cache: 'gradle' diff --git a/.github/workflows/e2e-playwright-run.yml b/.github/workflows/e2e-playwright-run.yml index bc94fefce..7d4575012 100644 --- a/.github/workflows/e2e-playwright-run.yml +++ b/.github/workflows/e2e-playwright-run.yml @@ -24,7 +24,7 @@ jobs: - name: Set up JDK uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4 with: - java-version: '21' + java-version-file: '.java-version' distribution: 'zulu' cache: 'gradle' diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 94e6f92f9..e84eefec9 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -28,7 +28,7 @@ jobs: - name: Set up JDK uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4 with: - java-version: '21' + java-version-file: '.java-version' distribution: 'zulu' cache: 'gradle' diff --git a/.github/workflows/release-serde-api.yml b/.github/workflows/release-serde-api.yml index e19a6e38d..c49237079 100644 --- a/.github/workflows/release-serde-api.yml +++ b/.github/workflows/release-serde-api.yml @@ -22,7 +22,7 @@ jobs: - name: Set up JDK uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4 with: - java-version: '21' + java-version-file: '.java-version' distribution: 'zulu' cache: 'gradle' diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d8f700916..dc5da9f94 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -28,7 +28,7 @@ jobs: - name: Set up JDK uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4 with: - java-version: '21' + java-version-file: '.java-version' distribution: 'zulu' cache: 'gradle' diff --git a/.github/workflows/separate_env_public_create.yml b/.github/workflows/separate_env_public_create.yml index 760449b68..d74ff7edf 100644 --- a/.github/workflows/separate_env_public_create.yml +++ b/.github/workflows/separate_env_public_create.yml @@ -29,7 +29,7 @@ jobs: - name: Set up JDK uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # infered from @v4 with: - java-version: '21' + java-version-file: '.java-version' distribution: 'zulu' cache: 'gradle' - name: Build From 5a44fcf2def7d2b72f132a02200037740ec500d0 Mon Sep 17 00:00:00 2001 From: Yeikel Santana Date: Mon, 17 Nov 2025 20:40:38 -0500 Subject: [PATCH 02/10] Update .java-version --- .java-version | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.java-version b/.java-version index aabe6ec39..7273c0fa8 100644 --- a/.java-version +++ b/.java-version @@ -1 +1 @@ -21 +25 From 58bf4fe5847dcb0f6d8309ac8646ab92a25883fe Mon Sep 17 00:00:00 2001 From: Yeikel Santana Date: Wed, 19 Nov 2025 11:44:25 -0500 Subject: [PATCH 03/10] Update dependabot.yml --- .github/dependabot.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index bb0a26569..0f92ac940 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -7,7 +7,6 @@ updates: interval: weekly time: "10:00" timezone: Europe/London - open-pull-requests-limit: 10 labels: - "type/dependencies" - "scope/backend" @@ -44,7 +43,6 @@ updates: interval: weekly time: "10:00" timezone: Europe/London - open-pull-requests-limit: 10 ignore: - dependency-name: "azul/zulu-openjdk-alpine" update-types: ["version-update:semver-major"] @@ -58,7 +56,6 @@ updates: interval: weekly time: "10:00" timezone: Europe/London - open-pull-requests-limit: 10 versioning-strategy: increase-if-necessary labels: - "type/dependencies" @@ -77,7 +74,6 @@ updates: interval: weekly time: "10:00" timezone: Europe/London - open-pull-requests-limit: 10 labels: - "type/dependencies" - "scope/infra" From 0b128459ab051fbd96e792a6d1d193f4cb7ea493 Mon Sep 17 00:00:00 2001 From: Yeikel Santana Date: Wed, 19 Nov 2025 11:49:43 -0500 Subject: [PATCH 04/10] Update dependabot.yml --- .github/dependabot.yml | 12 ------------ 1 file changed, 12 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 0f92ac940..171953b59 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -7,9 +7,6 @@ updates: interval: weekly time: "10:00" timezone: Europe/London - labels: - - "type/dependencies" - - "scope/backend" ignore: # Disable dependabot pull requests for Netty # In general, our Netty references are temporary overrides, usually applied to address transitive Spring vulnerabilities, and should be configured with caution @@ -46,9 +43,6 @@ updates: ignore: - dependency-name: "azul/zulu-openjdk-alpine" update-types: ["version-update:semver-major"] - labels: - - "type/dependencies" - - "scope/backend" - package-ecosystem: npm directory: "/frontend" @@ -57,9 +51,6 @@ updates: time: "10:00" timezone: Europe/London versioning-strategy: increase-if-necessary - labels: - - "type/dependencies" - - "scope/frontend" groups: pnpm-dependencies: patterns: @@ -74,6 +65,3 @@ updates: interval: weekly time: "10:00" timezone: Europe/London - labels: - - "type/dependencies" - - "scope/infra" From 822037c0ab4bc23eceeedb2684abfe16c3f0ff5e Mon Sep 17 00:00:00 2001 From: Yeikel Santana Date: Wed, 19 Nov 2025 11:50:43 -0500 Subject: [PATCH 05/10] Update dependabot.yml --- .github/dependabot.yml | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 171953b59..bedf51d14 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -34,16 +34,6 @@ updates: - "patch" - "minor" -- package-ecosystem: docker - directory: "/api" - schedule: - interval: weekly - time: "10:00" - timezone: Europe/London - ignore: - - dependency-name: "azul/zulu-openjdk-alpine" - update-types: ["version-update:semver-major"] - - package-ecosystem: npm directory: "/frontend" schedule: From da6cd5524fc0478a8ed6ccb612f02dd792844bb9 Mon Sep 17 00:00:00 2001 From: Yeikel Santana Date: Wed, 19 Nov 2025 11:50:53 -0500 Subject: [PATCH 06/10] Update dependabot.yml --- .github/dependabot.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index bedf51d14..0da635038 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -40,7 +40,6 @@ updates: interval: weekly time: "10:00" timezone: Europe/London - versioning-strategy: increase-if-necessary groups: pnpm-dependencies: patterns: From 45e8efd0494e8be88065a125f9dfad3d42ca238c Mon Sep 17 00:00:00 2001 From: Yeikel Santana Date: Wed, 19 Nov 2025 11:51:11 -0500 Subject: [PATCH 07/10] Update dependabot.yml --- .github/dependabot.yml | 5 ----- 1 file changed, 5 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 0da635038..c86b68305 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -7,11 +7,6 @@ updates: interval: weekly time: "10:00" timezone: Europe/London - ignore: - # Disable dependabot pull requests for Netty - # In general, our Netty references are temporary overrides, usually applied to address transitive Spring vulnerabilities, and should be configured with caution - # In general, having conflicting Netty versions in the classpath is not recommended - - dependency-name: "io.netty:*" groups: spring-boot-dependencies: patterns: From a40ae5373547f5ad75f5cee460051d3d433b0add Mon Sep 17 00:00:00 2001 From: Yeikel Santana Date: Wed, 19 Nov 2025 12:26:22 -0500 Subject: [PATCH 08/10] Update dependabot.yml --- .github/dependabot.yml | 41 ----------------------------------------- 1 file changed, 41 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index c86b68305..6829427ae 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -7,45 +7,4 @@ updates: interval: weekly time: "10:00" timezone: Europe/London - groups: - spring-boot-dependencies: - patterns: - - "org.springframework.boot:*" - - "io.spring.dependency-management" - # We will handle major upgrades manually - update-types: - - "patch" - - "minor" - exclude-patterns: - - "org.springframework.boot:*" - - "io.spring.dependency-management" - other-dependencies: - exclude-patterns: - - "org.springframework.boot:*" - - "io.spring.dependency-management" - patterns: - - "*" - update-types: - - "patch" - - "minor" -- package-ecosystem: npm - directory: "/frontend" - schedule: - interval: weekly - time: "10:00" - timezone: Europe/London - groups: - pnpm-dependencies: - patterns: - - "*" - update-types: - - "patch" - - "minor" - -- package-ecosystem: "github-actions" - directory: "/" - schedule: - interval: weekly - time: "10:00" - timezone: Europe/London From 94c432c2cab3a0ecceba95071a5aa2fd256fbe7f Mon Sep 17 00:00:00 2001 From: Yeikel Santana Date: Wed, 19 Nov 2025 12:38:30 -0500 Subject: [PATCH 09/10] Update dependabot.yml --- .github/dependabot.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 6829427ae..33ff6f9b6 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -3,6 +3,7 @@ updates: - package-ecosystem: gradle directory: "/" + open-pull-requests-limit: 10000 schedule: interval: weekly time: "10:00" From d6e00bb1c998e4303bd0ff90370f2ffc8b182174 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 19 Nov 2025 17:44:44 +0000 Subject: [PATCH 10/10] Bump io.swagger.core.v3:swagger-integration-jakarta Bumps io.swagger.core.v3:swagger-integration-jakarta from 2.2.28 to 2.2.40. --- updated-dependencies: - dependency-name: io.swagger.core.v3:swagger-integration-jakarta dependency-version: 2.2.40 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/libs.versions.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml index 126fe572d..a8e8e4e26 100644 --- a/gradle/libs.versions.toml +++ b/gradle/libs.versions.toml @@ -28,7 +28,7 @@ junit = '5.12.2' mockito = '5.20.0' okhttp3 = '4.12.0' testcontainers = '1.20.6' -swagger-integration-jakarta = '2.2.28' +swagger-integration-jakarta = '2.2.40' jakarta-annotation-api = '2.1.1' jackson-databind-nullable = '0.2.6' antlr = '4.13.2'