From f362801b9de8989c9a39de9f755a09e8f94679f4 Mon Sep 17 00:00:00 2001 From: Gabriel Pan Gantes Date: Tue, 30 Jun 2026 13:37:41 +0200 Subject: [PATCH] fix(ci): revert action bumps in maven-publish workflow The same major action bumps that broke Build & Test (#85 setup-java v1->v5, #90 dopplerhq/cli-action v1->v4) also landed in maven-publish.yml, but #103 only fixed maven.yml. dopplerhq/cli-action@v4 is not on the repo's allowed-actions list (only @v1), so the publish workflow fails at startup and v1.12.0 never deploys to GitHub Packages. Revert both actions to @v1, matching the last known-good publish (v1.11.0). checkout stays at @v4 (GitHub-owned, allowed). --- .github/workflows/maven-publish.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/maven-publish.yml b/.github/workflows/maven-publish.yml index b4b0ad5..d10d8b8 100644 --- a/.github/workflows/maven-publish.yml +++ b/.github/workflows/maven-publish.yml @@ -22,7 +22,7 @@ jobs: ref: ${{ github.event.release.tag_name || github.event.inputs.tag_version || 'master' }} - name: Set up JDK 1.8 - uses: actions/setup-java@v5 + uses: actions/setup-java@v1 with: java-version: 1.8 server-id: github # Value of the distributionManagement/repository/id field of the pom.xml @@ -40,7 +40,7 @@ jobs: ref: ${{ github.event.release.tag_name || github.event.inputs.tag_version || 'master' }} - name: Install Doppler CLI - uses: dopplerhq/cli-action@v4 + uses: dopplerhq/cli-action@v1 - name: Login in Doppler run: doppler setup --token=${{ secrets.DOPPLER_TOKEN_PROD }} --no-prompt @@ -80,7 +80,7 @@ jobs: ref: ${{ github.event.release.tag_name || github.event.inputs.tag_version || 'master' }} - name: Set up JDK 1.8 - uses: actions/setup-java@v5 + uses: actions/setup-java@v1 with: java-version: 1.8 server-id: github # Value of the distributionManagement/repository/id field of the pom.xml