Bump eskatos/gradle-command-action from 1 to 2.1.2 #134

dependabot · 2022-01-31T03:14:44Z

Bumps eskatos/gradle-command-action from 1 to 2.1.2.

Release notes

Sourced from eskatos/gradle-command-action's releases.

v2.1.2

This patch release fixes a minor bug and updates some NPM dependencies, including one dependency with a reported security advisory.

What's Changed

Fixed #147: existing gradle.properties is no longer overwritten by action initialization

Updated all NPM dependencies to the latest version

This included updating node-fetch to a version that isn't impacted by GHSA-r683-j2x4-v87g. Note that this CVE has been determined not to impact the action.

Full Changelog: gradle/gradle-build-action@v2.1.1...v2.1.2

v2.1.1

This release improves logging and fixes a number of minor issues.

Fix misleading error message when gradlew script is not executable #76

Differentiate between build scan links generated for different steps in the same Job #124

Avoid overwriting existing Gradle User Home #138

Capture build scan links even when cache is disabled #139

In addition, 2 experimental configuration parameters have been added:

gradle-home-cache-strict-match: Only reuse cache entries generated by previous invocations for the same job

cache-write-only: Do not restore cache entries but save on Job completion

Full Changelog: gradle/gradle-build-action@v2.1.0...v2.1.1

v2.1.0

Overview

This release brings a major improvement in usability, allowing the action to be used to "setup Gradle" without requiring all Gradle invocations to be managed by the action.
jobs:
  build-my-app:
    steps:
    - uses: actions/checkout@v2
    - name: Setup Gradle
      uses: gradle/gradle-build-action@v2
    - name: Execute Gradle build
      run: ./gradlew build
Any Gradle invocation after the first gradle-build-action step will benefit from caching and build-scan capture just as if it was invoked through a subsequent gradle-build-action. This is achieved via init scripts added when initializing/restoring the Gradle User Home.

This change makes it easier to adopt the gradle-build-action into an existing GitHub Actions workflow and enables usages such as:

Redirect all Gradle log output to a file #72

Run a script to configure the environment prior to Gradle invocation #15

Capture Gradle output for use in a subsequent step #112

Usability improvements

... (truncated)

Commits

bc3340a Tell dependabot to ignore @types/node
5f1def5 Enable dependabot updates
5a71915 Merge pull request #144 from gradle/npm-hygiene
893f0e1 Build outputs
d5e58c8 Update many NPM dependencies to newer versions
2920a48 Run npm audit fix
1904e7e Upgradle to use node v16
702bb97 Do not overwrite existing gradle.properties
b9c806c Fix example in action.yml
d2799e6 Merge pull request #142 from gradle/strict-cache-match
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [eskatos/gradle-command-action](https://github.com/eskatos/gradle-command-action) from 1 to 2.1.2. - [Release notes](https://github.com/eskatos/gradle-command-action/releases) - [Commits](gradle/gradle-build-action@v1...v2.1.2) --- updated-dependencies: - dependency-name: eskatos/gradle-command-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2022-02-04T03:15:43Z

Superseded by #136.

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code labels Jan 31, 2022

dependabot bot mentioned this pull request Jan 31, 2022

Bump eskatos/gradle-command-action from 1 to 2.1.1 #131

Closed

dependabot bot closed this Feb 4, 2022

dependabot bot deleted the dependabot/github_actions/eskatos/gradle-command-action-2.1.2 branch February 4, 2022 03:15

Stanislav1975 mentioned this pull request Nov 27, 2023

[Snyk] Security upgrade rewire from 3.0.2 to 4.0.0 #837

Open

Stanislav1975 mentioned this pull request Jan 28, 2024

[Snyk] Security upgrade rewire from 3.0.2 to 4.0.0 #889

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump eskatos/gradle-command-action from 1 to 2.1.2 #134

Bump eskatos/gradle-command-action from 1 to 2.1.2 #134

dependabot bot commented on behalf of github Jan 31, 2022

dependabot bot commented on behalf of github Feb 4, 2022

Bump eskatos/gradle-command-action from 1 to 2.1.2 #134

Bump eskatos/gradle-command-action from 1 to 2.1.2 #134

Conversation

dependabot bot commented on behalf of github Jan 31, 2022

v2.1.2

What's Changed

v2.1.1

v2.1.0

Overview

Usability improvements

dependabot bot commented on behalf of github Feb 4, 2022