chore(deps): bump actions/setup-java from 5.3.0 to 5.4.0 by dependabot[bot] · Pull Request #49 · NHSDigital/hometest-supplier-integration-framework

dependabot · 2026-06-26T06:43:06Z

Bumps actions/setup-java from 5.3.0 to 5.4.0.

Release notes

Sourced from actions/setup-java's releases.

v5.4.0

What's Changed

Bump @typescript-eslint/parser from 8.48.0 to 8.61.1 by @dependabot[bot] in actions/setup-java#1021

Fix codeql workflow permissions by @jsoref in actions/setup-java#993

fix CodeQL permissions by @gdams in actions/setup-java#1025

fix: reject non-semver candidate versions in isVersionSatisfies by @sproctor in actions/setup-java#1009

Bump @actions/cache to 5.1.0, handle cache write denied by @jasongin in actions/setup-java#1026

Add Maven Wrapper cache feature by @mahabaleshwars in actions/setup-java#1027

Spelling by @jsoref in actions/setup-java#713

add link to advanced configuration for JetBrains by @robstoll in actions/setup-java#850

docs(action): fix missing required or default fields by @kranthipoturaju in actions/setup-java#1007

feat: add microsoft openjdk 17.0.18 by @al-kau in actions/setup-java#1002

Update README.md - use "alert syntax for Markdown" for notes by @mhoffrog in actions/setup-java#924

Bump undici from 6.24.1 to 6.27.0 by @dependabot[bot] in actions/setup-java#1033

Update contributor guide with emoji for clarity by @brunoborges in actions/setup-java#1028

add javac problem matcher by @Trass3r in actions/setup-java#562

Clarify README version syntax and migration guidance by @brunoborges with @Copilot in actions/setup-java#1038

Update undici artifacts to 6.27.0 (license cache + dist) by @brunoborges in actions/setup-java#1040

docs: enhance custom jdk file installation by @stephanabel in actions/setup-java#996

Templates for new Java distributions by @panticmilos in actions/setup-java#429

Bump actions/checkout from 6 to 7 by @dependabot[bot] in actions/setup-java#1032

Bump @types/node from 25.9.3 to 26.0.0 by @dependabot[bot] in actions/setup-java#1031

docs: replace non-existent HelloWorldApp references with java --version by @brunoborges with @Copilot in actions/setup-java#1043

docs: add JavaFX Maven project configuration instructions by @brunoborges with @Copilot in actions/setup-java#1044

docs: self-signed certificate / internal CA handling for GitHub Enterprise by @brunoborges in actions/setup-java#1050

docs: document importing an internal CA into the installed JDK (cacerts) by @brunoborges in actions/setup-java#1051

chore: Harden workflows: least-privilege permissions + zizmor integration by @brunoborges in actions/setup-java#1039

dist: Add GraalVM Community distribution support by @brunoborges with @Copilot in actions/setup-java#1042

docs: note jdkfile approach for Early Access / unreleased JDK builds by @brunoborges in actions/setup-java#1058

dist: Apply Copilot review suggestions from PR #1042 (GraalVM Community) by @brunoborges in actions/setup-java#1059

New Contributors

@jsoref made their first contribution in actions/setup-java#993

@sproctor made their first contribution in actions/setup-java#1009

@jasongin made their first contribution in actions/setup-java#1026

@robstoll made their first contribution in actions/setup-java#850

@kranthipoturaju made their first contribution in actions/setup-java#1007

@al-kau made their first contribution in actions/setup-java#1002

@mhoffrog made their first contribution in actions/setup-java#924

@brunoborges made their first contribution in actions/setup-java#1028

@Trass3r made their first contribution in actions/setup-java#562

@stephanabel made their first contribution in actions/setup-java#996

Full Changelog: actions/setup-java@v5...v5.4.0

Commits

1bcf9fb dist: Address Copilot review suggestions from PR #1042 (GraalVM Community) (#...
fa2c650 docs: note jdkfile approach for Early Access / unreleased JDK builds (#1058)
1d56e31 dist: Add GraalVM Community distribution support (#1042)
1d25252 chore: Harden workflows: least-privilege permissions + zizmor integration (#1...
668c1ea docs: add post-install keytool import for the JDK cacerts trust store (#1051)
a9a46fb docs: document self-signed certificate / internal CA handling for GitHub Ente...
5431e71 docs: add JavaFX Maven project configuration instructions (#1044)
4baa9b4 docs: replace non-existent HelloWorldApp references with java --version (#1043)
eab4b08 Bump @types/node from 25.9.3 to 26.0.0 (#1031)
bf0c0e6 Bump actions/checkout from 6 to 7 (#1032)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [actions/setup-java](https://github.com/actions/setup-java) from 5.3.0 to 5.4.0. - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](actions/setup-java@v5.3.0...v5.4.0) --- updated-dependencies: - dependency-name: actions/setup-java dependency-version: 5.4.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2026-06-26T06:44:12Z

🔬 FHIR Validation Results

⚠️ Validation passed with warnings — 0 error(s) · 4 warning(s) · 16 info

observation_reactive_with_contact.example.json

Severity	Location	Message
ℹ️ `information`	`—`	All OK

observation_non_reactive.example.json

Severity	Location	Message
ℹ️ `information`	`—`	All OK

observation_non_definitive_result.example.json

Severity	Location	Message
ℹ️ `information`	`—`	All OK

get_test_results_non_reactive.example.json

Severity	Location	Message
ℹ️ `information`	`Bundle`	No types could be determined from the search string, so the types can't be checked

task_update_received-at-lab.example.json

Severity	Location	Message
⚠️ `warning`	`Task.statusReason.text`	value should not start or finish with whitespace ' Test kit has been received at the lab and is being processed'
⚠️ `warning`	`Task`	Constraint failed: dom-6: 'A resource should have narrative for robust management' (defined in http://hl7.org/fhir/StructureDefinition/DomainResource) (Best Practice Recommendation)
ℹ️ `information`	`Task.statusReason`	Binding for path Task.statusReason in profile StructureDefinition[http://hl7.org/fhir/StructureDefinition/Task
ℹ️ `information`	`Task.businessStatus`	Binding for path Task.businessStatus in profile StructureDefinition[http://hl7.org/fhir/StructureDefinition/Task

observation_reactive_without_contact.example.json

Severity	Location	Message
ℹ️ `information`	`—`	All OK

ordereligibility_ineligible_operationoutcome.example.json

Severity	Location	Message
ℹ️ `information`	`—`	All OK

task_update_test-processed.example.json

Severity	Location	Message
⚠️ `warning`	`Task.statusReason.text`	value should not start or finish with whitespace ' Test kit has been processed'
⚠️ `warning`	`Task`	Constraint failed: dom-6: 'A resource should have narrative for robust management' (defined in http://hl7.org/fhir/StructureDefinition/DomainResource) (Best Practice Recommendation)
ℹ️ `information`	`Task.statusReason`	Binding for path Task.statusReason in profile StructureDefinition[http://hl7.org/fhir/StructureDefinition/Task
ℹ️ `information`	`Task.businessStatus`	Binding for path Task.businessStatus in profile StructureDefinition[http://hl7.org/fhir/StructureDefinition/Task

ordereligibility_servicerequest.example.json

Severity	Location	Message
ℹ️ `information`	`—`	All OK

task_update_dispatched.example.json

Severity	Location	Message
ℹ️ `information`	`Task.statusReason`	Binding for path Task.statusReason in profile StructureDefinition[http://hl7.org/fhir/StructureDefinition/Task
ℹ️ `information`	`Task.businessStatus`	Binding for path Task.businessStatus in profile StructureDefinition[http://hl7.org/fhir/StructureDefinition/Task

order_cancelled.example.json

Severity	Location	Message
ℹ️ `information`	`—`	All OK

order_servicerequest.example.json

Severity	Location	Message
ℹ️ `information`	`—`	All OK

operationoutcome_business_rule.example.json

Severity	Location	Message
ℹ️ `information`	`—`	All OK

Full HTML report available in the workflow run artifacts.

…-5.4.0

sonarqubecloud · 2026-06-26T09:45:41Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 26, 2026

dependabot Bot requested a review from a team as a code owner June 26, 2026 06:43

dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 26, 2026

Merge branch 'main' into dependabot/github_actions/actions/setup-java…

b227346

…-5.4.0

lewisbirks approved these changes Jun 26, 2026

View reviewed changes

lewisbirks merged commit d6daea5 into main Jun 26, 2026
4 checks passed

lewisbirks deleted the dependabot/github_actions/actions/setup-java-5.4.0 branch June 26, 2026 09:45

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps): bump actions/setup-java from 5.3.0 to 5.4.0#49

chore(deps): bump actions/setup-java from 5.3.0 to 5.4.0#49
lewisbirks merged 2 commits into
mainfrom
dependabot/github_actions/actions/setup-java-5.4.0

dependabot Bot commented on behalf of github Jun 26, 2026

Uh oh!

github-actions Bot commented Jun 26, 2026 •

edited

Loading

Uh oh!

Uh oh!

sonarqubecloud Bot commented Jun 26, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Conversation

dependabot Bot commented on behalf of github Jun 26, 2026

v5.4.0

What's Changed

New Contributors

Uh oh!

github-actions Bot commented Jun 26, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

🔬 FHIR Validation Results

Uh oh!

Uh oh!

sonarqubecloud Bot commented Jun 26, 2026

Quality Gate passed

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

github-actions Bot commented Jun 26, 2026 •

edited

Loading