cryptomator · dependabot · May 13, 2024
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -24,10 +24,10 @@ jobs:
     runs-on: ubuntu-latest
     if: "!contains(github.event.head_commit.message, '[ci skip]') && !contains(github.event.head_commit.message, '[skip ci]')" # can the if also be est for all jobs?
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0  # Shallow clones should be disabled for a better relevancy of analysis
-      - uses: actions/setup-node@v3
+      - uses: actions/setup-node@v4
         with:
           node-version: ${{ env.NODE_VERSION }}
           cache: 'npm'
@@ -55,13 +55,13 @@ jobs:
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}  # Needed to get PR information, if any
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-      - uses: actions/setup-java@v2
+      - uses: actions/setup-java@v4
         with:
           distribution: 'temurin'
           java-version: ${{ env.JAVA_VERSION }}
           cache: 'maven'
       - name: Cache SonarCloud packages
-        uses: actions/cache@v2
+        uses: actions/cache@v4
         with:
           path: ~/.sonar/cache
           key: ${{ runner.os }}-sonar

diff --git a/.github/workflows/closeJira.yml b/.github/workflows/closeJira.yml
@@ -17,13 +17,13 @@ jobs:
         env:
           ISSUE_BODY: ${{ github.event.issue.body }}
       - name: Jira Login
-        uses: atlassian/gajira-login@v2.0.0
+        uses: atlassian/gajira-login@v3.0.1
         env:
           JIRA_BASE_URL: ${{ secrets.JIRA_BASE_URL }}
           JIRA_USER_EMAIL: ${{ secrets.JIRA_USER_EMAIL }}
           JIRA_API_TOKEN: ${{ secrets.JIRA_API_TOKEN }}
       - name: Close Jira issue
-        uses: atlassian/gajira-transition@v2.0.2
+        uses: atlassian/gajira-transition@v3.0.1
         with:
           issue: ${{ steps.parseJiraKey.outputs.issueId }}
           transition: "Fixed on GitHub"
diff --git a/.github/workflows/keycloak.yml b/.github/workflows/keycloak.yml
@@ -19,8 +19,8 @@ jobs:
     name: Build Custom Keycloak Image
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-node@v3
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
         with:
           node-version: ${{ env.NODE_VERSION }}
           cache: 'npm'
@@ -32,17 +32,17 @@ jobs:
         working-directory: keycloak/themes/cryptomator/common/resources
         run: npm run build
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v2
+        uses: docker/setup-qemu-action@v3
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v3
       - name: Login to GHCR
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
       - name: Build and Push Container Image
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v5
         with:
           context: keycloak
           platforms: linux/amd64,linux/arm64/v8

diff --git a/.github/workflows/tag.yml b/.github/workflows/tag.yml
@@ -24,7 +24,7 @@ jobs:
       - name: Tag image in github registry
         run: docker tag ghcr.io/cryptomator/hub@${{ github.event.inputs.digest}} ghcr.io/cryptomator/hub:${{ github.event.inputs.tag }}
       - name: Login to GitHub Container Registry
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}