Skip to content

Bump gradle/gradle-build-action from 2.4.0 to 2.4.2 #2658

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Apr 17, 2023
Merged

Bump gradle/gradle-build-action from 2.4.0 to 2.4.2 #2658

merged 2 commits into from
Apr 17, 2023

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 17, 2023

Bumps gradle/gradle-build-action from 2.4.0 to 2.4.2.

Release notes

Sourced from gradle/gradle-build-action's releases.

v2.4.2

This release disables the save/restore of configuration-cache data, since this functionality has been shown to be problematic. Gradle 8.1 has made changes to this functionality which will require a more comprehensive rework of the action before we can re-enable this.

v2.4.1

This patch release updates a number of dependencies, including xmljs which was reported to have a security vulnerability (https://nvd.nist.gov/vuln/detail/CVE-2023-0842). There is no evidence that this vulnerability affected the gradle-build-action.

Full changelog: gradle/gradle-build-action@v2.4.0...v2.4.1

Commits
  • 749f47b Update README.md for changes in release
  • eb126d7 Update for Gradle 8.1 release
  • 5056fa9 Patch @​azure/logger to address CodeQL violations
  • 8a0051f Specify current Gradle version via ASDF
  • 4f87177 Build outputs
  • ff62946 Update development dependencies
  • 2eddd20 Bump xml2js, @​azure/ms-rest-js and @​azure/core-http
  • 887e0bd Fix typo (#655)
  • dac0b87 Bump @​typescript-eslint/parser from 5.56.0 to 5.57.0 (#654)
  • a8f0f0d NPM dependency updates
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump gradle/gradle-build-action from 2.4.0 to 2.4.2
13285d5 
Bumps [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action) from 2.4.0 to 2.4.2.
- [Release notes](https://github.com/gradle/gradle-build-action/releases)
- [Commits](gradle/gradle-build-action@6095a76...749f47b)

---
updated-dependencies:
- dependency-name: gradle/gradle-build-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 17, 2023
@codecov
Copy link

codecov bot commented Apr 17, 2023
edited
Loading

Codecov Report

Patch and project coverage have no change.

Comparison is base (003076d) 81.39% compared to head (13285d5) 81.39%.

❗ Current head 13285d5 differs from pull request most recent head c8a3a3a. Consider uploading reports for the commit c8a3a3a to get more accurate results

Additional details and impacted files 
@@            Coverage Diff            @@
##               main    #2658   +/-   ##
=========================================
  Coverage     81.39%   81.39%           
  Complexity     4227     4227           
=========================================
  Files           337      337           
  Lines         15622    15622           
  Branches       2039     2039           
=========================================
  Hits          12715    12715           
  Misses         2112     2112           
  Partials        795      795

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

@romtsn romtsn enabled auto-merge (squash) April 17, 2023 08:09
@github-actions
Copy link
Contributor

github-actions bot commented Apr 17, 2023

Fails
🚫 Please consider adding a changelog entry for the next release.

Instructions and example for changelog

Please add an entry to CHANGELOG.md to the "Unreleased" section. Make sure the entry includes this PR's number.

Example:

## Unreleased

- Bump gradle/gradle-build-action from 2.4.0 to 2.4.2 ([#2658](https://github.com/getsentry/sentry-java/pull/2658))

If none of the above apply, you can opt out of this check by adding #skip-changelog to the PR description.

Generated by 🚫 dangerJS against c8a3a3a

@romtsn romtsn merged commit a91c3e1 into main Apr 17, 2023
@romtsn romtsn deleted the dependabot/github_actions/gradle/gradle-build-action-2.4.2 branch April 17, 2023 08:19
@github-actions
Copy link
Contributor

github-actions bot commented Apr 17, 2023

Performance metrics 🚀

  Plain With Sentry Diff
Startup time 338.12 ms 367.72 ms 29.60 ms
Size 1.73 MiB 2.26 MiB 550.35 KiB

Baseline results on branch: main

Startup times

Revision Plain With Sentry Diff
33c80c7 318.88 ms 348.14 ms 29.26 ms
17ab223 427.65 ms 484.31 ms 56.65 ms
d81684e 235.73 ms 328.76 ms 93.03 ms
33c80c7 331.94 ms 370.54 ms 38.60 ms

App size

Revision Plain With Sentry Diff
33c80c7 1.73 MiB 2.26 MiB 551.46 KiB
17ab223 1.73 MiB 2.34 MiB 626.85 KiB
d81684e 1.73 MiB 2.26 MiB 547.78 KiB
33c80c7 1.73 MiB 2.26 MiB 551.46 KiB

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@romtsn romtsn romtsn approved these changes

@adinauer adinauer Awaiting requested review from adinauer adinauer is a code owner

@stefanosiano stefanosiano Awaiting requested review from stefanosiano stefanosiano is a code owner

@markushi markushi Awaiting requested review from markushi markushi is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@romtsn