diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 036f3da14..94eb05964 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -42,7 +42,7 @@ jobs: uses: gradle/actions/setup-gradle@f29f5a9d7b09a7c6b29859002d29d24e1674c884 # v5.0.1 - name: Initialize CodeQL - uses: github/codeql-action/init@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1 + uses: github/codeql-action/init@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2 with: languages: ${{ matrix.language }} # using "linked" helps to keep up with the latest Kotlin support @@ -59,7 +59,7 @@ jobs: DEVELOCITY_ACCESS_KEY: ${{ secrets.DEVELOCITY_ACCESS_KEY }} - name: Perform CodeQL analysis - uses: github/codeql-action/analyze@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1 + uses: github/codeql-action/analyze@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/ossf-scorecard.yml b/.github/workflows/ossf-scorecard.yml index eb9d34db3..82475f938 100644 --- a/.github/workflows/ossf-scorecard.yml +++ b/.github/workflows/ossf-scorecard.yml @@ -44,6 +44,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@6bc82e05fd0ea64601dd4b465378bbcf57de0314 # v4.32.1 + uses: github/codeql-action/upload-sarif@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2 with: sarif_file: results.sarif diff --git a/doc-snippets/extensions-minimal/oats/Dockerfile b/doc-snippets/extensions-minimal/oats/Dockerfile index 60243c267..263ca3282 100644 --- a/doc-snippets/extensions-minimal/oats/Dockerfile +++ b/doc-snippets/extensions-minimal/oats/Dockerfile @@ -1,4 +1,4 @@ -FROM eclipse-temurin:25.0.1_8-jre@sha256:9d1d3068b16f2c4127be238ca06439012ff14a8fdf38f8f62472160f9058464a +FROM eclipse-temurin:25.0.2_10-jre@sha256:f47c82ca0abea08c1c92affd40d2e07976fae85836050e9e4a5702055d5c0e3f WORKDIR /usr/src/app/ diff --git a/javaagent-declarative-configuration/oats/Dockerfile b/javaagent-declarative-configuration/oats/Dockerfile index bd32019b8..3e3d39f92 100644 --- a/javaagent-declarative-configuration/oats/Dockerfile +++ b/javaagent-declarative-configuration/oats/Dockerfile @@ -1,4 +1,4 @@ -FROM eclipse-temurin:25.0.1_8-jre@sha256:9d1d3068b16f2c4127be238ca06439012ff14a8fdf38f8f62472160f9058464a +FROM eclipse-temurin:25.0.2_10-jre@sha256:f47c82ca0abea08c1c92affd40d2e07976fae85836050e9e4a5702055d5c0e3f WORKDIR /usr/src/app/ diff --git a/javaagent/Dockerfile b/javaagent/Dockerfile index b4c7d96c9..772a2bc7c 100644 --- a/javaagent/Dockerfile +++ b/javaagent/Dockerfile @@ -1,4 +1,4 @@ -FROM eclipse-temurin:25.0.1_8-jre@sha256:9d1d3068b16f2c4127be238ca06439012ff14a8fdf38f8f62472160f9058464a +FROM eclipse-temurin:25.0.2_10-jre@sha256:f47c82ca0abea08c1c92affd40d2e07976fae85836050e9e4a5702055d5c0e3f ADD build/libs/app.jar /app.jar ADD build/agent/opentelemetry-javaagent.jar /opentelemetry-javaagent.jar diff --git a/log-appender/build.gradle.kts b/log-appender/build.gradle.kts index b8262a047..854038f29 100644 --- a/log-appender/build.gradle.kts +++ b/log-appender/build.gradle.kts @@ -16,8 +16,8 @@ java { dependencies { // Slf4J / logback implementation("org.slf4j:slf4j-api:2.0.17") - implementation("ch.qos.logback:logback-core:1.5.27") - implementation("ch.qos.logback:logback-classic:1.5.27") + implementation("ch.qos.logback:logback-core:1.5.28") + implementation("ch.qos.logback:logback-classic:1.5.28") // JUL to SLF4J bridge implementation("org.slf4j:jul-to-slf4j:2.0.17") diff --git a/logging-k8s-stdout-otlp-json/Dockerfile b/logging-k8s-stdout-otlp-json/Dockerfile index a3b15dfab..011801ded 100644 --- a/logging-k8s-stdout-otlp-json/Dockerfile +++ b/logging-k8s-stdout-otlp-json/Dockerfile @@ -1,4 +1,4 @@ -FROM eclipse-temurin:25.0.1_8-jre@sha256:9d1d3068b16f2c4127be238ca06439012ff14a8fdf38f8f62472160f9058464a +FROM eclipse-temurin:25.0.2_10-jre@sha256:f47c82ca0abea08c1c92affd40d2e07976fae85836050e9e4a5702055d5c0e3f WORKDIR /usr/src/app/ diff --git a/logging-k8s-stdout-otlp-json/k8s/lgtm.yaml b/logging-k8s-stdout-otlp-json/k8s/lgtm.yaml index 33666e2d4..679b2c394 100644 --- a/logging-k8s-stdout-otlp-json/k8s/lgtm.yaml +++ b/logging-k8s-stdout-otlp-json/k8s/lgtm.yaml @@ -47,7 +47,7 @@ spec: spec: containers: - name: lgtm - image: grafana/otel-lgtm:0.17.0@sha256:64aa6aed2b94317475019a2cde883ac4f6d67e4b5fbdf9bea5ff229cc9583f5a + image: grafana/otel-lgtm:0.17.1@sha256:557ddac3121c7b470b59dfb4f69a4d24d9f6a3c9d63b330152498a3650f720bf ports: - containerPort: 3000 - containerPort: 4317 diff --git a/prometheus/Dockerfile b/prometheus/Dockerfile index d8efee88d..197da40f1 100644 --- a/prometheus/Dockerfile +++ b/prometheus/Dockerfile @@ -1,4 +1,4 @@ -FROM eclipse-temurin:25.0.1_8-jre@sha256:9d1d3068b16f2c4127be238ca06439012ff14a8fdf38f8f62472160f9058464a +FROM eclipse-temurin:25.0.2_10-jre@sha256:f47c82ca0abea08c1c92affd40d2e07976fae85836050e9e4a5702055d5c0e3f ADD build/libs/opentelemetry-examples-prometheus-*-SNAPSHOT-all.jar /app.jar diff --git a/settings.gradle.kts b/settings.gradle.kts index 588191856..26672322f 100644 --- a/settings.gradle.kts +++ b/settings.gradle.kts @@ -4,7 +4,7 @@ pluginManagement { id("com.gradleup.shadow") version "9.3.1" id("com.google.protobuf") version "0.9.6" id("org.gradle.toolchains.foojay-resolver-convention") version "1.0.0" - id("com.google.cloud.tools.jib") version "3.5.2" + id("com.google.cloud.tools.jib") version "3.5.3" id("com.gradle.develocity") version "4.3.2" } } diff --git a/spring-declarative-configuration/oats/Dockerfile b/spring-declarative-configuration/oats/Dockerfile index 418b9e579..a8b33e0dc 100644 --- a/spring-declarative-configuration/oats/Dockerfile +++ b/spring-declarative-configuration/oats/Dockerfile @@ -1,4 +1,4 @@ -FROM eclipse-temurin:25.0.1_8-jre@sha256:9d1d3068b16f2c4127be238ca06439012ff14a8fdf38f8f62472160f9058464a +FROM eclipse-temurin:25.0.2_10-jre@sha256:f47c82ca0abea08c1c92affd40d2e07976fae85836050e9e4a5702055d5c0e3f WORKDIR /usr/src/app/