From c3e1c40e3e9ca390c20ccc654dc858e81a4b7ade Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 23 Nov 2023 08:51:44 +0000
Subject: [PATCH 1/6] Bump the maven-dependencies group with 2 updates (#85)

---
 pom.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index 418ca35..eb97665 100644
--- a/pom.xml
+++ b/pom.xml
@@ -31,7 +31,7 @@
         <cryptofs.version>2.6.7</cryptofs.version>
 
         <!-- build dependencies -->
-        <dependency-check.version>8.4.0</dependency-check.version>
+        <dependency-check.version>8.4.2</dependency-check.version>
         <maven.deploy.version>3.1.1</maven.deploy.version>
         <jacoco.version>0.8.11</jacoco.version>
     </properties>
@@ -179,7 +179,7 @@
             </plugin>
             <plugin>
                 <artifactId>maven-surefire-plugin</artifactId>
-                <version>3.1.2</version>
+                <version>3.2.1</version>
                 <configuration>
                     <argLine>@{surefire.jacoco.args} --enable-preview --enable-native-access=ALL-UNNAMED</argLine>
                 </configuration>

From 5767d2b69a2fa20e61f03157c30d33ba3cd286fc Mon Sep 17 00:00:00 2001
From: Armin Schrenk <armin.schrenk@skymatic.de>
Date: Tue, 28 Nov 2023 10:47:54 +0100
Subject: [PATCH 2/6] fix wrong logger statement

---
 .../java/org/cryptomator/frontend/fuse/ReadWriteAdapter.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/org/cryptomator/frontend/fuse/ReadWriteAdapter.java b/src/main/java/org/cryptomator/frontend/fuse/ReadWriteAdapter.java
index b8f069f..a2741f8 100644
--- a/src/main/java/org/cryptomator/frontend/fuse/ReadWriteAdapter.java
+++ b/src/main/java/org/cryptomator/frontend/fuse/ReadWriteAdapter.java
@@ -160,7 +160,7 @@ public int chmod(String path, int mode, FileInfo fi) {
 			LOG.warn("chmod {} failed, file not found.", path);
 			return -errno.enoent();
 		} catch (UnsupportedOperationException e) {
-			if (OS.WINDOWS.isCurrent()) { //prevent spamming warnings
+			if (!OS.WINDOWS.isCurrent()) { //prevent spamming warnings
 				LOG.warn("Setting posix permissions not supported by underlying file system.");
 			}
 			return -errno.enosys();

From 384da832a49ee4be2cfaa774d8e1d252675a66dd Mon Sep 17 00:00:00 2001
From: Armin Schrenk <armin.schrenk@skymatic.de>
Date: Wed, 29 Nov 2023 16:57:04 +0100
Subject: [PATCH 3/6] refine dependabot config

---
 .github/dependabot.yml | 25 ++++++++++++++++++++++---
 1 file changed, 22 insertions(+), 3 deletions(-)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index b257aaa..871fede 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -3,14 +3,33 @@ updates:
   - package-ecosystem: "maven"
     directory: "/"
     schedule:
-      interval: "monthly"
+      interval: "weekly"
       day: "monday"
       time: "06:00"
-      timezone: "UTC"
+      timezone: "Etc/UTC"
     groups:
-      maven-dependencies:
+      java-test-dependencies:
+        patterns:
+          - "org.junit.jupiter:*"
+          - "org.mockito:*"
+          - "org.cryptomator:cryptofs"
+      maven-build-plugins:
+        patterns:
+          - "org.apache.maven.plugins:*"
+          - "org.jacoco:jacoco-maven-plugin"
+          - "org.owasp:dependency-check-maven"
+          - "org.sonatype.plugins:nexus-staging-maven-plugin"
+      java-production-dependencies:
         patterns:
           - "*"
+        exclude-patterns:
+          - "org.junit.jupiter:*"
+          - "org.mockito:*"
+          - "org.cryptomator:cryptofs"
+          - "org.apache.maven.plugins:*"
+          - "org.jacoco:jacoco-maven-plugin"
+          - "org.owasp:dependency-check-maven"
+          - "org.sonatype.plugins:nexus-staging-maven-plugin"
 
   - package-ecosystem: "github-actions"
     directory: "/" # even for `.github/workflows`

From f6b44438d8afd7e6b1e955acff4c4800e2004c9e Mon Sep 17 00:00:00 2001
From: Armin Schrenk <armin.schrenk@skymatic.de>
Date: Wed, 29 Nov 2023 16:57:46 +0100
Subject: [PATCH 4/6] deactivate codeql on dependabot commits

---
 .github/workflows/codeql-analysis.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 3591b14..40fd4bb 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -13,7 +13,7 @@ jobs:
   analyse:
     name: Analyse
     runs-on: ubuntu-latest
-    if: "!contains(github.event.head_commit.message, '[ci skip]') && !contains(github.event.head_commit.message, '[skip ci]')"
+    if: ${{ !(github.actor == 'dependabot[bot]' && contains(fromJSON('["push"]'), github.event_name)) }}
     steps:
     - uses: actions/checkout@v4
       with:

From 461abf8092958b9d76d34922b141f5842552eafd Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 5 Dec 2023 08:44:25 +0000
Subject: [PATCH 5/6] Bump the java-production-dependencies group with 1 update
 (#91)

---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index eb97665..1783936 100644
--- a/pom.xml
+++ b/pom.xml
@@ -90,7 +90,7 @@
         <dependency>
             <groupId>org.jetbrains</groupId>
             <artifactId>annotations</artifactId>
-            <version>24.0.1</version>
+            <version>24.1.0</version>
             <scope>provided</scope>
         </dependency>
 

From c9e91a842c279845eb1581f797346c275350d628 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 5 Dec 2023 08:44:45 +0000
Subject: [PATCH 6/6] Bump the github-actions group with 1 update (#88)

---
 .github/workflows/build.yml           | 2 +-
 .github/workflows/codeql-analysis.yml | 2 +-
 .github/workflows/publish-central.yml | 2 +-
 .github/workflows/publish-github.yml  | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 05f56f6..555d6b7 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -8,7 +8,7 @@ jobs:
     if: "!contains(github.event.head_commit.message, '[ci skip]') && !contains(github.event.head_commit.message, '[skip ci]')"
     steps:
       - uses: actions/checkout@v4
-      - uses: actions/setup-java@v3
+      - uses: actions/setup-java@v4
         with:
           java-version: 21
           distribution: 'zulu'
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 40fd4bb..3d22e02 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -18,7 +18,7 @@ jobs:
     - uses: actions/checkout@v4
       with:
         fetch-depth: 2
-    - uses: actions/setup-java@v3
+    - uses: actions/setup-java@v4
       with:
         java-version: 21
         distribution: 'zulu'
diff --git a/.github/workflows/publish-central.yml b/.github/workflows/publish-central.yml
index b82366f..d4c8e14 100644
--- a/.github/workflows/publish-central.yml
+++ b/.github/workflows/publish-central.yml
@@ -13,7 +13,7 @@ jobs:
       - uses: actions/checkout@v4
         with:
           ref: "refs/tags/${{ github.event.inputs.tag }}"
-      - uses: actions/setup-java@v3
+      - uses: actions/setup-java@v4
         with:
           java-version: 21
           distribution: 'zulu'
diff --git a/.github/workflows/publish-github.yml b/.github/workflows/publish-github.yml
index c510a22..5b9df1c 100644
--- a/.github/workflows/publish-github.yml
+++ b/.github/workflows/publish-github.yml
@@ -8,7 +8,7 @@ jobs:
     if: startsWith(github.ref, 'refs/tags/') # only allow publishing tagged versions
     steps:
       - uses: actions/checkout@v4
-      - uses: actions/setup-java@v3
+      - uses: actions/setup-java@v4
         with:
           java-version: 21
           distribution: 'zulu'