Skip to content

build(deps): bump actions/setup-java from 5.2.0 to 5.4.0#6708

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/actions/setup-java-5.4.0
Open

build(deps): bump actions/setup-java from 5.2.0 to 5.4.0#6708
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/actions/setup-java-5.4.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps actions/setup-java from 5.2.0 to 5.4.0.

Release notes

Sourced from actions/setup-java's releases.

v5.4.0

What's Changed

New Contributors

Full Changelog: actions/setup-java@v5...v5.4.0

v5.3.0

What's Changed

... (truncated)

Commits
  • 1bcf9fb dist: Address Copilot review suggestions from PR #1042 (GraalVM Community) (#...
  • fa2c650 docs: note jdkfile approach for Early Access / unreleased JDK builds (#1058)
  • 1d56e31 dist: Add GraalVM Community distribution support (#1042)
  • 1d25252 chore: Harden workflows: least-privilege permissions + zizmor integration (#1...
  • 668c1ea docs: add post-install keytool import for the JDK cacerts trust store (#1051)
  • a9a46fb docs: document self-signed certificate / internal CA handling for GitHub Ente...
  • 5431e71 docs: add JavaFX Maven project configuration instructions (#1044)
  • 4baa9b4 docs: replace non-existent HelloWorldApp references with java --version (#1043)
  • eab4b08 Bump @​types/node from 25.9.3 to 26.0.0 (#1031)
  • bf0c0e6 Bump actions/checkout from 6 to 7 (#1032)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [actions/setup-java](https://github.com/actions/setup-java) from 5.2.0 to 5.4.0.
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](actions/setup-java@be666c2...1bcf9fb)

---
updated-dependencies:
- dependency-name: actions/setup-java
  dependency-version: 5.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added Dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 1, 2026
@dependabot dependabot Bot requested a review from a team as a code owner July 1, 2026 03:52
@dependabot dependabot Bot added Dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 1, 2026

@cursor cursor Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Cursor Bugbot has reviewed your changes and found 1 potential issue.

Fix All in Cursor

❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.

Reviewed by Cursor Bugbot for commit a938726. Configure here.

enable-cache: false
- name: Install Java
uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5
uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Generated workflow reverts Java bump

Low Severity

This workflow is auto-generated and the header says not to edit it manually. The actions/setup-java pin was updated here, but scripts/split_tox_gh_actions/templates/test_group.jinja still references the previous commit, so running the generator will overwrite this bump.

Fix in Cursor Fix in Web

Reviewed by Cursor Bugbot for commit a938726. Configure here.

@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Codecov Results 📊

90018 passed | ⏭️ 6298 skipped | Total: 96316 | Pass Rate: 93.46% | Execution Time: 317m 2s

📊 Comparison with Base Branch

Metric Change
Total Tests
Passed Tests
Failed Tests
Skipped Tests

✨ No test changes detected

All tests are passing successfully.

✅ Patch coverage is 100.00%. Project has 2444 uncovered lines.
✅ Project coverage is 89.74%. Comparing base (base) to head (head).

Coverage diff
@@            Coverage Diff             @@
##          main       #PR       +/-##
==========================================
+ Coverage    89.74%    89.74%        —%
==========================================
  Files          192       192         —
  Lines        23819     23819         —
  Branches      8222      8222         —
==========================================
+ Hits         21375     21375         —
- Misses        2444      2444         —
- Partials      1348      1348         —

Generated by Codecov Action

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants