Skip to content

build(deps): bump org.apache.httpcomponents.client5:httpclient5 from 5.3 to 5.3.1 #2181

build(deps): bump org.apache.httpcomponents.client5:httpclient5 from 5.3 to 5.3.1

build(deps): bump org.apache.httpcomponents.client5:httpclient5 from 5.3 to 5.3.1 #2181

name: deploy-on-pr-merge
on:
pull_request_target: # pr-labelled deployment
branches:
- master
types:
- closed
jobs:
deploy-snapshot:
name: deploy PR-labelled version
# only if PR closed by merging
if: github.event.pull_request.merged == true
runs-on: ubuntu-latest
steps:
- name: Checkout git repo
uses: actions/checkout@v4
- name: Setup Java
uses: actions/setup-java@v4
with:
java-version: 17
distribution: 'zulu'
cache: 'maven'
server-id: 'matsim-releases'
server-username: MAVEN_USERNAME
server-password: MAVEN_PASSWORD
- name: Set MATSim version
run: mvn versions:set --batch-mode -DnewVersion=$(mvn help:evaluate -Dexpression=project.version -q -DforceStdout | sed 's/SNAPSHOT//')PR${{ github.event.pull_request.number }} -DgenerateBackupPoms=false
# Build and publish are separated so we start deploying only after all jars are built successfully
- name: Build jars
run: mvn package --batch-mode -DskipTests
- name: Publish jars to matsim maven repo
# fail at end to deploy as many jars as possible
run: mvn deploy --batch-mode --fail-at-end -DskipTests -Dmaven.resources.skip=true -Dmaven.install.skip=true
env:
MAVEN_USERNAME: ${{ secrets.REPOMATSIM_USERNAME }}
MAVEN_PASSWORD: ${{ secrets.REPOMATSIM_TOKEN }}
- name: Submit Dependency Graph
# Generate a complete dependency graph and submit the graph to the GitHub repository.
# The goal is to improve security alerts from dependabot, because dependabot is not able to compute the complete dependency graph.
uses: advanced-security/maven-dependency-submission-action@v4
env:
MAVEN_OPTS: -Xmx2g