Description
I noticed JNA is using an older version of actions/checkout@v3. But v4 was released in September (and is now at v4.1.1).
This can be avoided in the future by using Dependabot to monitor your GitHub Actions. It will periodically scan the project's workflows and see if any Actions have new versions. In this particular case, it's just one workflow with two Actions, so you likely won't see these PRs very often, but they'll pop up whenever there's something new to keep an eye on.
I'll send a PR bumping the version of actions/checkout and setting up dependabot to keep an eye on your actions moving forward.
I also noticed that create-export-package-metadata-pom.xml has a dependency on the maven-bundle-plugin v5.1.8. There is a more recent version (5.1.9, released in May) of this dependency as well. However, dependabot currently can't handle this case because it only scans files named exactly pom.xml, unfortunately (dependabot/dependabot-core#4425).