Dependapool updates for Oct 4 2024

.github/workflows/dependency-review.yml

@@ -38,7 +38,7 @@ jobs:
           egress-policy: audit
 
       - name: 'Checkout Repository'
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
       - name: 'Dependency Review'
         uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4
         with:

.github/workflows/giithub-pages.yml

@@ -49,9 +49,9 @@ jobs:
         with:
           egress-policy: audit
       - name: Checkout
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
       - name: Setup Ruby
-        uses: ruby/setup-ruby@f321cf5a4d1533575411f8752cf25b86478b0442 # v1.193.0
+        uses: ruby/setup-ruby@c04af2bb7258bb6a03df1d3c1865998ac9390972 # v1.194.0
         with:
           ruby-version: '3.1' # Not needed with a .ruby-version file
           bundler-cache: true # runs 'bundle install' and caches installed gems automatically

.github/workflows/main.yml

@@ -42,7 +42,7 @@ jobs:
         uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v3.5.2
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v3.5.2
       - name: Set up Build
         uses: ./.github/actions/setup-build
         with:
@@ -61,7 +61,7 @@ jobs:
         uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v3.5.2
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v3.5.2
       - name: Set up Build
         uses: ./.github/actions/setup-build
         with:
@@ -77,11 +77,11 @@ jobs:
         uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v3.5.2
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v3.5.2
       - name: "Set environment variables"
         run: |
           echo "ORG_GRADLE_PROJECT_DesignComposeMavenRepo=$GITHUB_WORKSPACE/designcompose_m2repo" >> "$GITHUB_ENV"
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v3.5.2
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v3.5.2
       - name: Set up Build
         uses: ./.github/actions/setup-build
         with:
@@ -104,7 +104,7 @@ jobs:
         uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v3.5.2
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v3.5.2
       - name: Set up Build
         uses: ./.github/actions/setup-build
         with:
@@ -135,7 +135,7 @@ jobs:
         uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
       - name: Set up Build
         uses: ./.github/actions/setup-build
         with:
@@ -166,7 +166,7 @@ jobs:
         uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
       - name: Set up Build
         uses: ./.github/actions/setup-build
         with:
@@ -205,7 +205,7 @@ jobs:
         uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
       - name: Set up Build
         uses: ./.github/actions/setup-build
         with:
@@ -238,7 +238,7 @@ jobs:
         uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v3.5.2
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v3.5.2
       - run: rustup toolchain install stable --profile minimal
       - name: Set up Build
         uses: ./.github/actions/setup-build
@@ -257,7 +257,7 @@ jobs:
         uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v3.5.2
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v3.5.2
       - uses: ./.github/actions/build-figma-resource
         with:
           resource: auto-content-preview-widget

.github/workflows/release.yml

@@ -32,7 +32,7 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v3.5.2
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v3.5.2
 
       - name: Set version for Widget
         working-directory: support-figma/auto-content-preview-widget
@@ -59,7 +59,7 @@ jobs:
         run: |
           echo "ORG_GRADLE_PROJECT_DesignComposeMavenRepo=$GITHUB_WORKSPACE/designcompose_m2repo" >> "$GITHUB_ENV"
 
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v3.5.2
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v3.5.2
       - name: Set up Build
         uses: ./.github/actions/setup-build
         with:
@@ -87,7 +87,7 @@ jobs:
         with:
           egress-policy: audit
 
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v3.5.2
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v3.5.2
       # Download all artifacts
       - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
 

.github/workflows/roborazzi-compare-screenshot.yml

@@ -38,7 +38,7 @@ jobs:
           egress-policy: audit
 
       - name: Checkout
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
 
       - name: Set up Build
         uses: ./.github/actions/setup-build
@@ -97,7 +97,7 @@ jobs:
 
       - name: Checkout base
         id: checkout-base
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
         with:
           ref: ${{ github.event.pull_request.base.ref }}
 

.github/workflows/roborazzi-record-screenshot.yml

@@ -43,7 +43,7 @@ jobs:
           egress-policy: audit
 
       - name: Checkout
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
       - name: Set up Build
         uses: ./.github/actions/setup-build
         with:

.github/workflows/scorecard.yml

@@ -51,7 +51,7 @@ jobs:
           egress-policy: audit
 
       - name: "Checkout code"
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
         with:
           persist-credentials: false
 
@@ -86,6 +86,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8
+        uses: github/codeql-action/upload-sarif@6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea # v3.26.11
         with:
           sarif_file: results.sarif

.github/workflows/super-lint.yml

@@ -38,7 +38,7 @@ jobs:
           egress-policy: audit
 
       - name: Checkout code
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
         with:
           # super-linter needs the full git history to get the
           # list of files that changed across commits
@@ -61,7 +61,7 @@ jobs:
         uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
       - name: Set up Build
         uses: ./.github/actions/setup-build
         with:
@@ -74,7 +74,7 @@ jobs:
         uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
   cargo-deny:
     runs-on: ubuntu-22.04
     strategy:
@@ -89,7 +89,7 @@ jobs:
         uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
       - uses: EmbarkStudios/cargo-deny-action@8371184bd11e21dcf8ac82ebf8c9c9f74ebf7268 # v2.0.1
         with:
           command: check ${{ matrix.checks }}

gradle/libs.versions.toml

@@ -5,7 +5,7 @@ designcompose = "0.31.0-SNAPSHOT"
 jvmToolchain = "17"
 ndk = "27.0.12077973"
 #Android Gradle Plugin
-agp = "8.4.2"
+agp = "8.7.0"
 # The minimum supported AGP version for DesignCompose Apps
 agp-minSupported = "8.4.2"
 
@@ -20,7 +20,7 @@ kotlin = "1.9.23"
 ksp = "1.9.23-1.0.20"
 androidx-compose-compiler = "1.5.11"
 androidx-compose-bom = "2024.03.00"
-androidx-compose-components = "1.7.2"
+androidx-compose-components = "1.7.3"
 androidx-compose-runtime-tracing = "1.7.0-rc01"
 
 # Everything else
@@ -38,25 +38,25 @@ androidx-test-espresso = "3.6.1"
 androidx-test-ext-junit = "1.2.1"
 androidx-datastore = "1.1.1"
 androidx-rules = "1.6.1"
-androidx-profileinstaller = "1.4.0"
+androidx-profileinstaller = "1.4.1"
 androidx-uiautomator = "2.3.0"
 androidx-benchmarkMacroJunit4 = "1.3.1"
 androidx-tracing = "1.2.0"
 androidx-tracing-perfetto = "1.0.0"
 dokka = "1.9.20"
 gson = "2.11.0"
-guavaAndroid = "33.3.0-android"
+guavaAndroid = "33.3.1-android"
 javax-annotation = "1.3.2"
 junit = "4.13.2"
 # Keep in sync with build-logic/src/main/kotlin/designcompose/conventions/base.gradle.kts
 ktfmt = "0.47"
 material = "1.12.0"
 mockk = "1.13.12"
-junit5 = "5.11.0"
+junit5 = "5.11.1"
 truth = "1.4.4"
 spotless = "6.25.0"
 robolectric = "4.13"
-roborazzi = "1.26.0"
+roborazzi = "1.27.0"
 androidx-material3 = "1.3.0"
 # Keep in sync with the "Install Protoc" steps in .github/workflows
 protoc = "4.28.2"

support-figma/auto-content-preview-widget/package.json

@@ -23,7 +23,7 @@
     "style-loader": "^4.0.0",
     "ts-loader": "^9.5.1",
     "typescript": "^5.6.2",
-    "webpack": "^5.94.0",
+    "webpack": "^5.95.0",
     "webpack-cli": "^5.1.4"
   }
 }