eclipse-tractusx · almadigabor · May 14, 2024 · May 14, 2024 · May 14, 2024
diff --git a/.github/workflows/chart-release.yaml b/.github/workflows/chart-release.yaml
@@ -1,6 +1,6 @@
 #################################################################################
-# Copyright (c) 2022,2023 T-Systems International GmbH
-# Copyright (c) 2022,2023 Contributors to the Eclipse Foundation
+# Copyright (c) 2022,2024 T-Systems International GmbH
+# Copyright (c) 2022,2024 Contributors to the Eclipse Foundation
 #
 # See the NOTICE file(s) distributed with this work for additional
 # information regarding copyright ownership.
@@ -53,6 +53,6 @@ jobs:
           token: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Run chart-releaser
-        uses: helm/chart-releaser-action@v1.4.1
+        uses: helm/chart-releaser-action@v1.6.0
         env:
           CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -1,6 +1,6 @@
 #################################################################################
-# Copyright (c) 2024,2025 T-Systems International GmbH
-# Copyright (c) 2024,2025 Contributors to the Eclipse Foundation
+# Copyright (c) 2023,2024 T-Systems International GmbH
+# Copyright (c) 2023,2024 Contributors to the Eclipse Foundation
 #
 # See the NOTICE file(s) distributed with this work for additional
 # information regarding copyright ownership.
@@ -69,7 +69,7 @@ jobs:
 
     #Setup Java 17
     - name: Set up JDK 17
-      uses: actions/setup-java@v3
+      uses: actions/setup-java@v4
       with:
         java-version: '17'
         distribution: 'adopt'

diff --git a/.github/workflows/dependencies.yml b/.github/workflows/dependencies.yml
@@ -1,5 +1,6 @@
-###############################################################
-# Copyright (c) 2024 Contributors to the Eclipse Foundation
+#################################################################################
+# Copyright (c) 2022,2024 T-Systems International GmbH
+# Copyright (c) 2022,2024 Contributors to the Eclipse Foundation
 #
 # See the NOTICE file(s) distributed with this work for additional
 # information regarding copyright ownership.
@@ -15,7 +16,7 @@
 # under the License.
 #
 # SPDX-License-Identifier: Apache-2.0
-###############################################################
+################################################################################
 
 name: Check Dependencies
 
@@ -41,7 +42,7 @@ jobs:
           distribution: 'temurin'
 
       - name: Cache maven packages
-        uses: actions/cache@v3
+        uses: actions/cache@v4
         with:
           path: ~/.m2
           key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}

diff --git a/.github/workflows/sdfactorypipeline.yml b/.github/workflows/sdfactorypipeline.yml
@@ -74,7 +74,7 @@ jobs:
 
       - name: DockerHub login
         if: github.event_name != 'pull_request'
-        uses: docker/login-action@v2
+        uses: docker/login-action@v3
         with:
           # Use existing DockerHub credentials present as secrets
           username: ${{ secrets.DOCKER_HUB_USER }}
@@ -94,7 +94,7 @@ jobs:
       # Important step to push image description to DockerHub 
       - name: Update Docker Hub description
         if: github.event_name != 'pull_request'
-        uses: peter-evans/dockerhub-description@v3
+        uses: peter-evans/dockerhub-description@v4
         with:
         # readme-filepath defaults to toplevel README.md, Only necessary if you have a dedicated file with your 'Notice for docker images'   
           readme-filepath: ./DOCKER_NOTICE.md 

diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -36,7 +36,7 @@ jobs:
 
     steps:
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.18.0
+        uses: aquasecurity/trivy-action@0.20.0
         with:
           image-ref: "tractusx/sdfactory:latest" # Pull image from Docker Hub and run Trivy vulnerability scanner
           format: "sarif"