chore(deps): bump commons-io:commons-io from 2.16.1 to 2.17.0 #256

	name: Staging

	on:
	push:
	branches: [ master ]
	pull_request:
	branches: [ '**' ]

	jobs:
	build:
	name: Build
	runs-on: ubuntu-latest

	steps:
	- uses: actions/checkout@v4
	- name: Set up JDK 11
	uses: actions/setup-java@v4
	with:
	java-version: '11'
	distribution: 'temurin'
	- name: Build with Gradle
	# Build and dry-run maven-publish (metadata and pom, but no signing)
	run: ./gradlew build generateMetadataFileForMavenJavaPublication generatePomFileForMavenJavaPublication --no-daemon
	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/trivy-action@master
	with:
	ignore-unfixed: true
	scan-ref: 'build/publications/mavenJava'
	scan-type: 'fs'
	scanners: 'vuln'
	severity: 'MEDIUM,HIGH,CRITICAL'
	env:
	TRIVY_FILE_PATTERNS: "pom:pom.*.xml"

	publish:
	name: Publish Artifacts
	runs-on: ubuntu-latest
	needs: [build]

	if: github.event_name != 'pull_request' && github.ref == 'refs/heads/master'
	steps:
	- uses: actions/checkout@v4
	- name: Set up JDK 11
	uses: actions/setup-java@v4
	with:
	java-version: '11'
	distribution: 'temurin'
	- name: Publish with Gradle
	env:
	ORG_GRADLE_PROJECT_sonatypeUsername: ${{ secrets.SONATYPE_USERNAME }}
	ORG_GRADLE_PROJECT_sonatypePassword: ${{ secrets.SONATYPE_PASSWORD }}
	ORG_GRADLE_PROJECT_signingKey: ${{ secrets.PGP_SECRET }}
	ORG_GRADLE_PROJECT_signingPassword: ${{ secrets.PGP_PASSPHRASE }}
	run: ./gradlew publishToSonatype --no-daemon

Provide feedback