update github actions (#52)

Signed-off-by: Sebastian Hoß <[email protected]>

Author: sebhoss

.github/workflows/codeql-analysis.yml

@@ -18,8 +18,9 @@ jobs:
       matrix:
         language: [ java ]
     steps:
-    - name: Checkout repository
-      uses: actions/checkout@v3
+    - id: checkout
+      name: Checkout
+      uses: actions/checkout@v4
     - name: Set up Java
       uses: actions/setup-java@v3
       with:

.github/workflows/dependabot-automerge.yml

@@ -0,0 +1,20 @@
+# SPDX-FileCopyrightText: The Storage-Units Authors
+# SPDX-License-Identifier: 0BSD
+
+name: Dependabot auto-merge
+on: pull_request
+
+permissions:
+  contents: write
+  pull-requests: write
+
+jobs:
+  dependabot:
+    runs-on: ubuntu-latest
+    if: ${{ github.actor == 'dependabot[bot]' }}
+    steps:
+      - name: Enable auto-merge for Dependabot PRs
+        run: gh pr merge --auto --rebase "$PR_URL"
+        env:
+          PR_URL: ${{ github.event.pull_request.html_url }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/release.yml

@@ -13,11 +13,18 @@ jobs:
       contents: write
     steps:
       - id: checkout
-        name: Clone Git Repository
-        uses: actions/checkout@v3
+        name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - id: last_release
+        name: Fetch last release info
+        run: echo "tag=$(gh release view --json tagName --jq '.tagName')" >> $GITHUB_OUTPUT
+        env:
+          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       - id: commits
         name: Count Commits
-        run: echo "count=$(git rev-list --count HEAD --since='last Tuesday')" >> $GITHUB_OUTPUT
+        run: echo "count=$(git rev-list --count ${{ steps.last_release.outputs.tag }}..HEAD)" >> $GITHUB_OUTPUT
       - id: release
         name: Create Release Version
         if: steps.commits.outputs.count > 0
@@ -66,15 +73,15 @@ jobs:
       - id: deploy-maven
         name: Deploy Maven Artifact
         if: steps.commits.outputs.count > 0
-        run: |
-          mvn \
-            --batch-mode \
-            --activate-profiles release \
-            --define scmTag=${{ steps.sha.outputs.sha }} \
-            --define pgp.secretkey=keyfile:${{ steps.gpg.outputs.filePath }} \
-            --define pgp.passphrase=literal:${{ secrets.GPG_SECRET_KEY_PASSWORD }} \
-            --define project.build.outputTimestamp=${{ steps.timestamp.outputs.iso8601 }} \
-            deploy
+        run: >
+          mvn
+          --batch-mode
+          --activate-profiles release
+          --define scmTag=${{ steps.sha.outputs.sha }}
+          --define pgp.secretkey=keyfile:${{ steps.gpg.outputs.filePath }}
+          --define pgp.passphrase=literal:${{ secrets.GPG_SECRET_KEY_PASSWORD }}
+          --define project.build.outputTimestamp=${{ steps.timestamp.outputs.iso8601 }}
+          deploy
         env:
           MAVEN_CENTRAL_USERNAME: ${{ secrets.MAVEN_CENTRAL_USERNAME }}
           MAVEN_CENTRAL_TOKEN: ${{ secrets.MAVEN_CENTRAL_TOKEN }}
@@ -93,7 +100,7 @@ jobs:
       - id: mail
         name: Send Mail
         if: steps.commits.outputs.count > 0
-        uses: dawidd6/action-send-mail@v3.7.1
+        uses: dawidd6/action-send-mail@v3
         with:
           server_address: ${{ secrets.MAIL_SERVER }}
           server_port: ${{ secrets.MAIL_PORT }}

.github/workflows/reuse.yml

@@ -11,6 +11,8 @@ jobs:
   reuse:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - id: checkout
+        name: Checkout
+        uses: actions/checkout@v4
       - name: REUSE Compliance Check
         uses: fsfe/reuse-action@v1

.github/workflows/update-parent.yml

@@ -22,7 +22,7 @@ jobs:
         run: mvn --batch-mode --define generateBackupPoms=false versions:update-parent
       - id: cpr
         name: Create Pull Request
-        uses: peter-evans/create-pull-request@v4
+        uses: peter-evans/create-pull-request@v5
         with:
           token: ${{ secrets.PAT }}
           commit-message: Update parent to latest version
@@ -31,16 +31,14 @@ jobs:
           title: Update parent to latest version
           body: |
             `mvn --batch-mode --define generateBackupPoms=false versions:update-parent`
-          assignees: |
-            sebhoss
+          assignees: sebhoss
           draft: false
           base: main
           branch: update-parent
           delete-branch: true
-      - name: Enable Pull Request Automerge
+      - id: automerge
+        name: Enable Pull Request Automerge
         if: steps.cpr.outputs.pull-request-operation == 'created'
-        uses: peter-evans/enable-pull-request-automerge@v2
-        with:
-          token: ${{ secrets.PAT }}
-          pull-request-number: ${{ steps.cpr.outputs.pull-request-number }}
-          merge-method: rebase
+        run: gh pr merge --rebase --auto "${{ steps.cpr.outputs.pull-request-number }}"
+        env:
+          GH_TOKEN: ${{ secrets.PAT }}

.github/workflows/verify.yml

@@ -18,8 +18,8 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - id: checkout
-        name: Clone Git Repository
-        uses: actions/checkout@v3
+        name: Checkout
+        uses: actions/checkout@v4
       - id: java
         name: Setup Java
         uses: actions/setup-java@v3