add dependency update check

anasoid · Dec 12, 2021 · 6ad34d5 · 6ad34d5
1 parent b2d1d0d
commit 6ad34d5
Show file tree

Hide file tree

Showing 6 changed files with 29 additions and 20 deletions.
diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml
@@ -26,9 +26,9 @@ jobs:
             ~/.gradle/caches
             ~/.gradle/wrapper
             ~/.gradle/dependency-check-data
-          key: ${{ runner.os }}-gradle-audit-v4-${{ hashFiles('**/*.gradle*') }}-${{ hashFiles('gradle.properties') }}
+          key: ${{ runner.os }}-gradle-audit-v5-${{ hashFiles('**/*.gradle*') }}-${{ hashFiles('gradle.properties') }}
           restore-keys: |
-            ${{ runner.os }}-gradle-audit-v4
+            ${{ runner.os }}-gradle-audit-v5
 
 
 

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -25,18 +25,18 @@ jobs:
           path: |
             ~/.gradle/caches
             ~/.gradle/wrapper
-          key: ${{ runner.os }}-gradle-main-v4-${{ hashFiles('**/*.gradle*') }}-${{ hashFiles('gradle.properties') }}
+          key: ${{ runner.os }}-gradle-main-v5-${{ hashFiles('**/*.gradle*') }}-${{ hashFiles('gradle.properties') }}
           restore-keys: |
-            ${{ runner.os }}-gradle-main-v4
+            ${{ runner.os }}-gradle-main-v5
 
       - name: Cache Sonar
         uses: actions/cache@v2
         with:
           path: |
             ~/.sonar
-          key: ${{ runner.os }}-sonar-v4-${{ hashFiles('**/*.gradle*') }}-${{ hashFiles('gradle.properties') }}
+          key: ${{ runner.os }}-sonar-v5-${{ hashFiles('**/*.gradle*') }}-${{ hashFiles('gradle.properties') }}
           restore-keys: |
-            ${{ runner.os }}-sonar-v4
+            ${{ runner.os }}-sonar-v5
 
 
 
@@ -53,6 +53,9 @@ jobs:
       - name: Grant execute permission for gradlew
         run: chmod +x gradlew
 
+      - name: Update Dependencies with Gradle
+        run: ./gradlew --stacktrace --console=verbose dependencyUpdates -Drevision=release -DoutputFormatter=plain,html
+
       - name: Build with Gradle
         run: ./gradlew --stacktrace --console=verbose -x test build
 

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -53,9 +53,9 @@ jobs:
           path: |
             ~/.gradle/caches
             ~/.gradle/wrapper
-          key: ${{ runner.os }}-gradle-publish-v4-${{ hashFiles('**/*.gradle*') }}-${{ hashFiles('gradle.properties') }}
+          key: ${{ runner.os }}-gradle-publish-v5-${{ hashFiles('**/*.gradle*') }}-${{ hashFiles('gradle.properties') }}
           restore-keys: |
-            ${{ runner.os }}-gradle-publish-v4
+            ${{ runner.os }}-gradle-publish-v5
 
 
 

diff --git a/build.gradle b/build.gradle
@@ -7,7 +7,7 @@ buildscript {
 
     }
     dependencies {
-        classpath 'org.owasp:dependency-check-gradle:6.2.2'
+        classpath 'org.owasp:dependency-check-gradle:6.5.0.1'
 
     }
 }
@@ -17,8 +17,9 @@ plugins {
     id "io.spring.dependency-management" version "1.0.11.RELEASE"
     id "org.sonarqube" version "3.3"
     id 'jacoco'
-    id "io.freefair.lombok" version "6.1.0-m3"
-    id "io.freefair.git-version" version "6.1.0-m3"
+    id "io.freefair.lombok" version "6.3.0"
+    id "io.freefair.git-version" version "6.3.0"
+    id "com.github.ben-manes.versions" version "0.39.0"
 }
 
 
@@ -135,11 +136,11 @@ subprojects {
         implementation("com.thoughtworks.xstream:xstream:1.4.15")
 
         //LOMBOCK
-        compileOnly 'org.projectlombok:lombok:1.18.20'
-        annotationProcessor 'org.projectlombok:lombok:1.18.20'
+        compileOnly 'org.projectlombok:lombok:1.18.22'
+        annotationProcessor 'org.projectlombok:lombok:1.18.22'
 
-        testCompileOnly 'org.projectlombok:lombok:1.18.20'
-        testAnnotationProcessor 'org.projectlombok:lombok:1.18.20'
+        testCompileOnly 'org.projectlombok:lombok:1.18.22'
+        testAnnotationProcessor 'org.projectlombok:lombok:1.18.22'
 
 
         //Apache common
@@ -192,6 +193,11 @@ test {
     finalizedBy codeCoverageReport // report is always generated after tests run
 }
 
+tasks.named("dependencyUpdates").configure {
+    checkConstraints = true
+    outputDir = "build/reports/dependencyUpdates"
+}
+
 // always run the tests before generating the report
 codeCoverageReport.dependsOn {
     subprojects*.test

diff --git a/gradle.properties b/gradle.properties
@@ -6,16 +6,16 @@ commonsIoVersion=2.11.0
 commonsLangVersion=3.12.0
 jmeterVersion=5.4.1
 commonsBeanutilsVersion=1.9.4
-classgraphVersion=4.8.137
+classgraphVersion=4.8.138
 xmlunitVersion=2.8.3
 wiremockVersion=2.27.2
 wiremockJunit5Version=1.3.1
 assertjCore=3.21.0
-mockitoVersion=3.+
+mockitoVersion=4.+
 #Jmeter Plugins
-jpgcCslVersion=2.9
+jpgcCslVersion=2.10
 jpgcgraphsbasicVersion=2.0
 jpgcgraphsadditionalVersion=2.0
-jpgcrandomcsvVersion=0.7
+jpgcrandomcsvVersion=0.8
 jpprmctlVersion=0.4
 synthesisVersion=2.2
diff --git a/gradle/javadoc.gradle b/gradle/javadoc.gradle
@@ -1,6 +1,6 @@
 // Lombok Task
 lombok {
-    version = "1.18.20"
+    version = "1.18.22"
 }