hibernate
diff --git a/‎.github/dependabot.yml
Copy file name to clipboardExpand all lines: .github/dependabot.yml
+12Lines changed: 12 additions & 0 deletions b/‎.github/dependabot.yml
Copy file name to clipboardExpand all lines: .github/dependabot.yml
+12Lines changed: 12 additions & 0 deletions
diff --git a/‎.github/hibernate-github-bot.yml
Copy file name to clipboardExpand all lines: .github/hibernate-github-bot.yml
+7-1Lines changed: 7 additions & 1 deletion b/‎.github/hibernate-github-bot.yml
Copy file name to clipboardExpand all lines: .github/hibernate-github-bot.yml
+7-1Lines changed: 7 additions & 1 deletion
diff --git a/‎.github/workflows/ci-report.yml
Copy file name to clipboardExpand all lines: .github/workflows/ci-report.yml
+4-4Lines changed: 4 additions & 4 deletions b/‎.github/workflows/ci-report.yml
Copy file name to clipboardExpand all lines: .github/workflows/ci-report.yml
+4-4Lines changed: 4 additions & 4 deletions
diff --git a/‎.github/workflows/ci.yml
Copy file name to clipboardExpand all lines: .github/workflows/ci.yml
+7-5Lines changed: 7 additions & 5 deletions b/‎.github/workflows/ci.yml
Copy file name to clipboardExpand all lines: .github/workflows/ci.yml
+7-5Lines changed: 7 additions & 5 deletions
diff --git a/‎.mvn/develocity.xml
Copy file name to clipboardExpand all lines: .mvn/develocity.xml
+1-1Lines changed: 1 addition & 1 deletion b/‎.mvn/develocity.xml
Copy file name to clipboardExpand all lines: .mvn/develocity.xml
+1-1Lines changed: 1 addition & 1 deletion
diff --git a/‎.mvn/extensions.xml
Copy file name to clipboardExpand all lines: .mvn/extensions.xml
+2-2Lines changed: 2 additions & 2 deletions b/‎.mvn/extensions.xml
Copy file name to clipboardExpand all lines: .mvn/extensions.xml
+2-2Lines changed: 2 additions & 2 deletions
@@ -5,6 +5,18 @@
 
 version: 2
 updates:
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "monthly"
+    groups:
+      workflow-actions:
+        patterns:
+          - "*"
+    allow:
+      - dependency-name: "actions/*"
+      - dependency-name: "redhat-actions/*"
+    assignees: [ "marko-bekhta" ]
   - package-ecosystem: "maven"
     directory: "/" # Location of package manifests
     schedule:
 
@@ -7,7 +7,7 @@ jira:
       # Examples:
       # Bump some-dep-GAV from some-version to some-version in the build-dependencies group
       # Bump the build-dependencies group with 2 updates
-      titlePattern: "Bump.*the build-dependencies group( across \\d+ director(ies|y))?( with \\d+ updates?)?"
+      titlePattern: "Bump.*the (build-dependencies|workflow-actions) group.*+"
   ignoreFiles:
     # Git
     - ".git*"
@@ -47,3 +47,9 @@ develocity:
         replacement: "$1"
       - pattern: "org.hibernate.validator|Hibernate Validator|main|HEAD|\\d+.\\d+|PR-\\d+"
         replacement: "" # Just remove these tags
+licenseAgreement:
+  enabled: true
+  ignore:
+    # We ignore all dependabot PRs for a license check:
+    - user: dependabot[bot]
+      titlePattern: "Bump.*"
@@ -23,18 +23,18 @@ jobs:
     steps:
       # Checkout target branch which has trusted code
       - name: Check out target branch
-        uses: actions/checkout@v4
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2
         with:
           persist-credentials: false
           ref: ${{ github.ref }}
       - name: Set up Java 21
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # 4.7.0
         with:
           java-version: 21
           distribution: temurin
       # https://github.com/actions/cache/blob/main/examples.md#java---maven
       - name: Cache local Maven repository
-        uses: actions/cache@v4
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # 4.2.3
         with:
           path: ~/.m2/repository
           # use a different key than workflows running untrusted code
@@ -45,7 +45,7 @@ jobs:
         run: ./mvnw -v
       - name: Download GitHub Actions artifacts for the Develocity build scans
         id: downloadBuildScan
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@95815c38cf2ff2164869cbab79da8d1f422bc89e # 4.2.1
         with:
           pattern: build-scan-data-*
           github-token: ${{ github.token }}
 
@@ -83,17 +83,17 @@ jobs:
       - name: Support longpaths on Windows
         if: "startsWith(matrix.os.runs-on, 'windows')"
         run: git config --global core.longpaths true
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # 4.2.2
         with:
           persist-credentials: false
       - name: Set up Java ${{ matrix.os.java.version }}
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # 4.7.0
         with:
           java-version: ${{ matrix.os.java.version }}
           distribution: temurin
       # https://github.com/actions/cache/blob/main/examples.md#java---maven
       - name: Cache local Maven repository
-        uses: actions/cache@v4
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # 4.2.3
         with:
           path: ~/.m2/repository
           # use a different key than workflows running in trusted mode
@@ -109,11 +109,12 @@ jobs:
           -Pjqassistant -Pdist
         env:
           DEVELOCITY_ACCESS_KEY: "${{ secrets.DEVELOCITY_ACCESS_KEY || '' }}"
+          DEVELOCITY_BASE_URL: "${{ env.DEVELOCITY_BASE_URL || 'https://develocity.commonhaus.dev' }}"
       # For jobs running on 'pull_request', upload build scan data.
       # The actual publishing must be done in a separate job (see ci-report.yml).
       # We don't write to the remote cache as that would be unsafe.
       - name: Upload GitHub Actions artifact for the Develocity build scan
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # 4.6.2
         if: "${{ github.event_name == 'pull_request' && !cancelled() }}"
         with:
           name: build-scan-data-standalone-${{ matrix.os.name }}
@@ -127,9 +128,10 @@ jobs:
           -Dincontainer -Dincontainer-prepared
         env:
           DEVELOCITY_ACCESS_KEY: "${{ secrets.DEVELOCITY_ACCESS_KEY || '' }}"
+          DEVELOCITY_BASE_URL: "${{ env.DEVELOCITY_BASE_URL || 'https://develocity.commonhaus.dev' }}"
 
       - name: Upload GitHub Actions artifact for the Develocity build scan
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # 4.6.2
         if: "${{ github.event_name == 'pull_request' && !cancelled() }}"
         with:
           name: build-scan-data-incontainer-${{ matrix.os.name }}
 
@@ -2,7 +2,7 @@
         xmlns="https://www.gradle.com/develocity-maven" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="https://www.gradle.com/develocity-maven https://www.gradle.com/schema/develocity-maven.xsd">
     <server>
-        <url>https://ge.hibernate.org</url>
+        <url>#{env['DEVELOCITY_BASE_URL']?:'https://develocity.commonhaus.dev'}</url>
         <allowUntrusted>false</allowUntrusted>
     </server>
     <buildScan>
 
@@ -2,7 +2,7 @@
     <extension>
         <groupId>com.gradle</groupId>
         <artifactId>develocity-maven-extension</artifactId>
-        <version>1.23</version>
+        <version>2.0</version>
     </extension>
     <extension>
         <groupId>com.gradle</groupId>
@@ -12,6 +12,6 @@
     <extension>
         <groupId>org.hibernate.infra.develocity</groupId>
         <artifactId>hibernate-develocity-maven-extension</artifactId>
-        <version>3.0.1.Final</version>
+        <version>3.0.3.Final</version>
     </extension>
 </extensions>