chore(deps): update gradle/gradle-build-action action to v3 - autoclosed #88
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v2
->v3.1.0
Release Notes
gradle/gradle-build-action (gradle/gradle-build-action)
v3.1.0
Compare Source
For release details, see https://github.com/gradle/actions/releases/tag/v3.1.0
v3.0.0
Compare Source
This is the first release of
gradle/gradle-build-action
available with thev3
version tag.Changes from
gradle-build-action@v2
This release brings some useful and much requested features, including:
The only major breaking change from
[email protected]
is the update to require a Node 20 runtime environment.Aside from that change, this release should generally serve as a drop-in replacement for
gradle-build-action@v2
.Changelog
dependency-graph-continue-on-failure
input, which can be set tofalse
to force the Job to fail when dependency graph submission fails (https://github.com/gradle/gradle-build-action/issues/1036). Failure modes include:dependency-graph: clear
option to clear any dependency-graph previously submitted by the jobGitHub Dependency Graph Gradle Plugin
v1.2.0gradle-executable
input parameter. Use a separate workflow Step to execute a Gradle from a custom location.v2.12.0
Compare Source
Adds a new option to clear a previously submitted dependency-graph.
This may prove useful when migrating to a workflow using the upcoming
gradle/actions/dependency-submission
action.Full-changelog: gradle/gradle-build-action@v2.11.1...v2.12.0
v2.11.1
Compare Source
This patch release fixes an issue that prevented the
gradle-build-action
from executing with Gradle 1.12, and improves error reporting for dependency submission failures.Changelog
Full-changelog: gradle/gradle-build-action@v2.11.0...v2.11.1
v2.11.0
Compare Source
In addition to a number of dependency updates, this release:
Changelog
Full-changelog: gradle/gradle-build-action@v2.10.0...v2.11.0
v2.10.0
Compare Source
This release introduces a new
artifact-retention-days
parameter, which allows a user to configure how long the generated dependency-graph artifacts are retained by GitHub Actions. Adjusting the retention period can be useful to reduce storage costs associated with these dependency-graph artifacts.See the documentation for more details.
Changelog
artifact-retention-days
configuration parameter #903v1.0.0
of the github-dependency-graph-gradle-plugin@babel/traverse
to address reported security vulnerabilityFull-changelog: gradle/gradle-build-action@v2.9.0...v2.10.0
v2.9.0
Compare Source
The GitHub dependency-review-action helps you understand dependency changes (and the security impact of these changes) for a pull request. This release updates the GItHub Dependency Graph support to be compatible with the
dependency-review-action
.See the documentation for detailed examples.
Changelog
pull-request
events #882dependency-review-action
#879Full-changelog: gradle/gradle-build-action@v2.8.1...v2.9.0
v2.8.1
Compare Source
Fixes an issue that prevented Dependency Graph submission when running on GitHub Enterprise Server.
Fixes
Changelog
v2.8.0
Compare Source
The
v2.8.0
release of thegradle-build-action
introduces an easy mechanism to connect to Gradle Enterprise, as well improved support for self-hosted GitHub Actions runners.Automatic injection of Gradle Enterprise connectivity
It is now possible to connect a Gradle build to Gradle Enterprise without changing any of the Gradle project sources. This is achieved through Gradle Enterprise injection, where an init-script will apply the Gradle Enterprise plugin and associated configuration.
This feature can be useful to easily trial Gradle Enterprise on a project, or to centralize Gradle Enterprise configuration for all GitHub Actions workflows in an organization.
See Gradle Enterprise injection in the README for more info.
Restore Gradle User Home when directory already exists
Previously, the Gradle User Home would not be restored if the directory already exists. This wasn't normally an issue with GitHub-hosted runners, but limited the usefulness of the action for persistent, self-hosted runners.
This behaviour has been improved in this release:
Changes
Issues fixed: https://github.com/gradle/gradle-build-action/issues?q=milestone%3A2.8.0+is%3Aclosed
Full changelog: gradle/gradle-build-action@v2.7.1...v2.8.0
v2.7.1
Compare Source
This release contains no code changes, only dependency updates and documentation improvements.
Changelog
v2.7.0
Compare Source
GitHub Dependency Graph support
In this release, the GitHub Dependency Graph support is no longer considered "experimental", and should be considered ready for production use. You can read more about the Dependency Graph support in the README chapter.
Changes
[email protected]
dependency-graph-file
output to any step that generates a Dependency Graph fileChangelog
v2.6.1
Compare Source
Dependency Graph support
This patch release fixes and improves a couple of aspects of the experimental Dependency Graph support:
job.correlator
value for each Gradle invocation within a Job. This permits multiple Gradle invocations in a single job to generate and submit a separate dependency graph.[email protected]
, which brings a number of improvements to the generated dependency graph:v2.6.0
Compare Source
GitHub Dependency Graph support (Experimental)
This release brings experimental support for submitting a GitHub Dependency Graph snapshot via the GitHub Dependency Submission API.
The dependency graph snapshot is generated via integration with the GitHub Dependency Graph Gradle Plugin, and saved as a workflow artifact. The generated snapshot files can be submitted either in the same job, or in a subsequent job (in the same or a dependent workflow).
The generated dependency graph snapshot reports all of the dependencies that were resolved during a bulid execution, and is used by GitHub to generate Dependabot Alerts for vulnerable dependencies, as well as to populate the Dependency Graph insights view.
Check out the README chapter for more details on how this works and how to configure a workflow that submits a dependency graph.
Changelog
v2.5.1
Compare Source
Fixes a regression in v2.5.0 that resulted in failure when running a workflow that has a name containing a comma.
Fixes
Changelog
v2.5.0
Compare Source
This minor release fixes a couple of issues that affected the action in particular scenarios, and updates all dependencies to recent versions.
Fixes
settingsEvaluated
#626Full changelog: gradle/gradle-build-action@v2.4.2...v2.5.0
v2.4.2
Compare Source
This release disables the save/restore of configuration-cache data, since this functionality has been shown to be problematic.
Gradle 8.1 has made changes to this functionality which will require a more comprehensive rework of the action before we can re-enable this.
v2.4.1
Compare Source
This patch release updates a number of dependencies, including
xmljs
which was reported to have a security vulnerability (https://nvd.nist.gov/vuln/detail/CVE-2023-0842).There is no evidence that this vulnerability affected the
gradle-build-action
.Full changelog: gradle/gradle-build-action@v2.4.0...v2.4.1
v2.4.0
Compare Source
What's new
The
v.2.4.0
release contains various library updates and fixes to fully support Gradle 8.Notable changes:
@actions/cache: 3.1.3
should improve cache save/restore performance on Windows by using gnu tar and zstd when available.e444647
)Full Changelog: gradle/gradle-build-action@v2.3.3...v2.4.0
v2.3.3
Compare Source
This patch release removes all uses of the deprecated
set-output
andset-state
commands, and should remove deprecation warnings from build logs. See #461 and #477 for more details.Full Changelog: gradle/gradle-build-action@v2.3.2...v2.3.3
v2.3.2
Compare Source
This patch release fixes an issue which could result in errors in the post-action step. See #441 for details.
Full Changelog: gradle/gradle-build-action@v2.3.1...v2.3.2
v2.3.1
Compare Source
This patch release addresses some security vulnerabilities reported by the CodeQL check:
sourcemap-register.js
: this triggered Incorrect suffix check@azure/logger
library to avoid logging an environment variable value: this triggered Clear-text logging of sensitive informationThe release contains no functional changes.
Full Changelog: gradle/gradle-build-action@v2.3.0...v2.3.1
v2.3.0
Compare Source
What's new
With
v2.3.0
, thegradle-build-action
can now attempt to remove any unused files from the Gradle User Home directory before storing to the GitHub Actions cache. This can prevent cases where the size of cache entry grows over time.Gradle Home cache cleanup is disabled by default. You can enable this feature for the action as follows:
See the README for more details.
Full Changelog: gradle/gradle-build-action@v2.2.5...v2.3.0
v2.2.5
Compare Source
What's fixed
Fixes a bug where a corrupted cache entry caused an error in
beforeSave
(#408). This meant that the entry was never purged.By allowing
@actions/globber
to follow symlinks and ignore broken symlinks, the bad files in the cache entry are ignored and the corrupted cache entry can be replaced by a good one.Full Changelog: gradle/gradle-build-action@v2.2.4...v2.2.5
v2.2.4
Compare Source
What's fixed
The fix for #383 introduced a bug that caused the post-action to fail when attempting to resolve cache-read-only for scheduled jobs.
This has been fixed with an explicit (rather than implicit) check for 'event.repository != null'. (#409)
Full Changelog: gradle/gradle-build-action@v2.2.3...v2.2.4
v2.2.3
Compare Source
What's fixed
This release updates a number of key dependencies and fixes some cache-related issues:
cache-read-only=true
for scheduled workflows on default branch (#383)v2.2.2
(#407)Full Changelog: gradle/gradle-build-action@v2.2.2...v2.2.3
v2.2.2
Compare Source
What's fixed
This release fixes some issues that were discovered in the
v2.2.1
release, and updates a number of dependencies.Full Changelog: gradle/gradle-build-action@v2.2.1...v2.2.2
v2.2.1
Compare Source
What's fixed
This release fixes some issues that were exposed by the
v2.2.0
release, as well as improving the content and layout of the Job Summary.Entry not saved: reason unknown
message in Job Summary cache details: #309Full Changelog: gradle/gradle-build-action@v2.2.0...v2.2.1
v2.2.0
Compare Source
Summary
This release brings a new Job Summary report, as well as numerous improvements and bug fixes:
cache-read-only
for non-default branches (see0a36ca9
)Issues resolved
https://github.com/gradle/gradle-build-action/milestone/7?closed=1
What's Changed
cache-read-only
for non-default branches by @bigdaz in https://github.com/gradle/gradle-build-action/pull/149Full Changelog: gradle/gradle-build-action@v2.1.7...v2.2.0
v2.1.7
Compare Source
Fixes #293, which prevented
v2.1.6
from allowing Gradle to re-use previously downloaded wrapper distributions. This slowed down build executions and could result in build flakiness when the wrapper zip failed to download.wrapper
folder of Gradle User Home, avoiding re-download of wrapper distributions.v2.1.6
Compare Source
This release contains an fix for changed behaviour in Gradle 7.6, as well as numerous library upgrades.
Earlier versions of the
gradle-build-action
were saving and restoring the downloaded Gradle wrapper zip file as part of caching the Gradle User Home. This will no longer work with Gradle 7.6, as the wrapper zip is now removed after expanding. This release ofgradle-build-action
contains a fix for this change in Gradle 7.6. Using an older version of the GitHub action with Gradle 7.6 will likely result in the wrapper being downloaded on every GitHub actions invocation.What's Changed
@actions/core
,@actions/cache
,@actions/github
,@actions/http-client
and@actions/tool-cache
.Full changelog: gradle/gradle-build-action@v2.1.5...v2.1.6
v2.1.5
Compare Source
This release addresses a potential security issue by upgrading
minimist
, and fixes a bug with very large cache entries by upgrading@actions/cache
. No other changes are included.What's Changed
Full changelog: gradle/gradle-build-action@v2.1.4...v2.1.5
v2.1.4
Compare Source
What's Changed
d700906
.Full Changelog: gradle/gradle-build-action@v2.1.3...v2.1.4
v2.1.3
Compare Source
This patch release fixes an issue that prevented the Gradle User Home from being restored from cache on
macos-latest
runners. #155What's Changed
Full Changelog: gradle/gradle-build-action@v2.1.2...v2.1.3
v2.1.2
Compare Source
This patch release fixes a minor bug and updates some NPM dependencies, including one dependency with a reported security advisory.
What's Changed
gradle.properties
is no longer overwritten by action initializationnode-fetch
to a version that isn't impacted by GHSA-r683-j2x4-v87g. Note that this CVE has been determined not to impact the action.Full Changelog: gradle/gradle-build-action@v2.1.1...v2.1.2
v2.1.1
Compare Source
This release improves logging and fixes a number of minor issues.
gradlew
script is not executable #76In addition, 2 experimental configuration parameters have been added:
gradle-home-cache-strict-match
: Only reuse cache entries generated by previous invocations for the same jobcache-write-only
: Do not restore cache entries but save on Job completionFull Changelog: gradle/gradle-build-action@v2.1.0...v2.1.1
v2.1.0
Compare Source
Overview
This release brings a major improvement in usability, allowing the action to be used to "setup Gradle" without requiring all Gradle invocations to be managed by the action.
Any Gradle invocation after the first
gradle-build-action
step will benefit from caching and build-scan capture just as if it was invoked through a subsequentgradle-build-action
. This is achieved viainit
scripts added when initializing/restoring the Gradle User Home.This change makes it easier to adopt the
gradle-build-action
into an existing GitHub Actions workflow and enables usages such as:Usability improvements
run
step to invoke Gradle and still benefit from Gradle User Home caching as well as build-scan integration.Caching improvements
Changes in detail
Full Changelog: gradle/gradle-build-action@v2.0.0...v2.1.0
v2.0.1
Compare Source
What's Changed
This patch release fixes a couple of cases where a failure to store caches would cause the entire Job to fail. The goal of the
gradle-build-action
is to warn-and-continue on all recoverable cache failures.Issues fixed
Full Changelog: gradle/gradle-build-action@v2.0.0...v2.0.1
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.