From 47fe794b804e4ac17a27ab93e9a250659779e961 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 21 Nov 2024 17:28:47 +0000
Subject: [PATCH 1/3] Bump codecov/codecov-action from 5.0.2 to 5.0.7

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.0.2 to 5.0.7.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v5.0.2...v5.0.7)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/coverage.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml
index 57c98cb3f..a163c9bb6 100644
--- a/.github/workflows/coverage.yml
+++ b/.github/workflows/coverage.yml
@@ -28,7 +28,7 @@ jobs:
       - name: Generate coverage with JaCoCo
         run: mvn -V --color always -ntp clean verify -Pci
       - name: Upload coverage to Codecov
-        uses: codecov/codecov-action@v5.0.2
+        uses: codecov/codecov-action@v5.0.7
         with:
           file: 'target/site/jacoco/jacoco.xml'
           disable_search: true

From 270fa57e344cf8c64241f57be222b739887029f9 Mon Sep 17 00:00:00 2001
From: Ulli Hafner <ullrich.hafner@gmail.com>
Date: Wed, 27 Nov 2024 11:08:48 +0100
Subject: [PATCH 2/3] Fix commit ID for CI.

---
 .github/workflows/ci.yml       | 5 +++++
 .github/workflows/codeql.yml   | 8 ++++++--
 .github/workflows/coverage.yml | 5 +++++
 3 files changed, 16 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index caa2281f7..1f1c35c57 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -19,6 +19,11 @@ jobs:
 
     steps:
       - uses: actions/checkout@v4
+        if: github.event_name == 'push'
+      - uses: actions/checkout@v4
+        with:
+          ref: "${{ github.event.pull_request.merge_commit_sha }}"
+        if: github.event_name == 'pull_request_target'
       - name: Set up JDK ${{ matrix.jdk }}
         uses: actions/setup-java@v4
         with:
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index c1e547419..9a2e1a458 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -23,8 +23,12 @@ jobs:
         language: [ java ]
 
     steps:
-      - name: Checkout
-        uses: actions/checkout@v4
+      - uses: actions/checkout@v4
+        if: github.event_name == 'push'
+      - uses: actions/checkout@v4
+        with:
+          ref: "${{ github.event.pull_request.merge_commit_sha }}"
+        if: github.event_name == 'pull_request_target'
 
       - name: Setup Java
         uses: actions/setup-java@v4
diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml
index a163c9bb6..032e883d5 100644
--- a/.github/workflows/coverage.yml
+++ b/.github/workflows/coverage.yml
@@ -14,6 +14,11 @@ jobs:
 
     steps:
       - uses: actions/checkout@v4
+        if: github.event_name == 'push'
+      - uses: actions/checkout@v4
+        with:
+          ref: "${{ github.event.pull_request.merge_commit_sha }}"
+        if: github.event_name == 'pull_request_target'
       - name: Set up JDK 21
         uses: actions/setup-java@v4
         with:

From 9ebf26ab14af2d5b1dbec2e6ee398b770c2c91aa Mon Sep 17 00:00:00 2001
From: Ulli Hafner <ullrich.hafner@gmail.com>
Date: Wed, 27 Nov 2024 11:11:24 +0100
Subject: [PATCH 3/3] Fix commit ID for CI.

---
 .github/workflows/quality-monitor.yml | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/quality-monitor.yml b/.github/workflows/quality-monitor.yml
index c57a702ce..f9eac1fc5 100644
--- a/.github/workflows/quality-monitor.yml
+++ b/.github/workflows/quality-monitor.yml
@@ -10,9 +10,12 @@ jobs:
     name: Build, test and monitor quality on Ubuntu
 
     steps:
+      - uses: actions/checkout@v4
+        if: github.event_name == 'push'
       - uses: actions/checkout@v4
         with:
-          ref: "refs/pull/${{ github.event.number }}/merge"
+          ref: "${{ github.event.pull_request.merge_commit_sha }}"
+        if: github.event_name == 'pull_request_target'
       - name: Set up JDK 21
         uses: actions/setup-java@v4
         with:
@@ -78,12 +81,12 @@ jobs:
                       "id": "spotbugs",
                       "sourcePath": "src/main/java",
                       "pattern": "**/target/spotbugsXml.xml"
-                  },
-                  {
-                    "id": "error-prone",
-                    "pattern": "**/maven.log"
-                  }
-                ]
+                    },
+                    {
+                      "id": "error-prone",
+                      "pattern": "**/maven.log"
+                    }
+                  ]
                 },
                 {
                   "name": "Vulnerabilities",