-
Notifications
You must be signed in to change notification settings - Fork 2
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ci(deps): update gradle/gradle-build-action action to v2.12.0 #37
base: master
Are you sure you want to change the base?
Conversation
ecc9efd
to
10e608b
Compare
e9295e2
to
2f12750
Compare
44fcbf1
to
476dec8
Compare
Kudos, SonarCloud Quality Gate passed! |
160a17a
to
5b7ab5d
Compare
5b7ab5d
to
b8c547e
Compare
b8c547e
to
35b5d98
Compare
35b5d98
to
d5dcc7b
Compare
d5dcc7b
to
df512cd
Compare
df512cd
to
eb25307
Compare
eb25307
to
be8bb35
Compare
be8bb35
to
116265d
Compare
116265d
to
7feca97
Compare
Kudos, SonarCloud Quality Gate passed! 0 Bugs No Coverage information The version of Java (11.0.20.1) you have used to run this analysis is deprecated and we will stop accepting it soon. Please update to at least Java 17. |
7feca97
to
ba47255
Compare
ba47255
to
5131d8e
Compare
5131d8e
to
e2ef48e
Compare
Quality Gate passedKudos, no new issues were introduced! 0 New issues |
e2ef48e
to
9c25a05
Compare
This PR contains the following updates:
v2.3.3
->v2.12.0
Release Notes
gradle/gradle-build-action (gradle/gradle-build-action)
v2.12.0
Compare Source
Adds a new option to clear a previously submitted dependency-graph.
This may prove useful when migrating to a workflow using the upcoming
gradle/actions/dependency-submission
action.Full-changelog: gradle/gradle-build-action@v2.11.1...v2.12.0
v2.11.1
Compare Source
This patch release fixes an issue that prevented the
gradle-build-action
from executing with Gradle 1.12, and improves error reporting for dependency submission failures.Changelog
Full-changelog: gradle/gradle-build-action@v2.11.0...v2.11.1
v2.11.0
Compare Source
In addition to a number of dependency updates, this release:
Changelog
Full-changelog: gradle/gradle-build-action@v2.10.0...v2.11.0
v2.10.0
Compare Source
This release introduces a new
artifact-retention-days
parameter, which allows a user to configure how long the generated dependency-graph artifacts are retained by GitHub Actions. Adjusting the retention period can be useful to reduce storage costs associated with these dependency-graph artifacts.See the documentation for more details.
Changelog
artifact-retention-days
configuration parameter #903v1.0.0
of the github-dependency-graph-gradle-plugin@babel/traverse
to address reported security vulnerabilityFull-changelog: gradle/gradle-build-action@v2.9.0...v2.10.0
v2.9.0
Compare Source
The GitHub dependency-review-action helps you understand dependency changes (and the security impact of these changes) for a pull request. This release updates the GItHub Dependency Graph support to be compatible with the
dependency-review-action
.See the documentation for detailed examples.
Changelog
pull-request
events #882dependency-review-action
#879Full-changelog: gradle/gradle-build-action@v2.8.1...v2.9.0
v2.8.1
Compare Source
Fixes an issue that prevented Dependency Graph submission when running on GitHub Enterprise Server.
Fixes
Changelog
v2.8.0
Compare Source
The
v2.8.0
release of thegradle-build-action
introduces an easy mechanism to connect to Gradle Enterprise, as well improved support for self-hosted GitHub Actions runners.Automatic injection of Gradle Enterprise connectivity
It is now possible to connect a Gradle build to Gradle Enterprise without changing any of the Gradle project sources. This is achieved through Gradle Enterprise injection, where an init-script will apply the Gradle Enterprise plugin and associated configuration.
This feature can be useful to easily trial Gradle Enterprise on a project, or to centralize Gradle Enterprise configuration for all GitHub Actions workflows in an organization.
See Gradle Enterprise injection in the README for more info.
Restore Gradle User Home when directory already exists
Previously, the Gradle User Home would not be restored if the directory already exists. This wasn't normally an issue with GitHub-hosted runners, but limited the usefulness of the action for persistent, self-hosted runners.
This behaviour has been improved in this release:
Changes
Issues fixed: https://github.com/gradle/gradle-build-action/issues?q=milestone%3A2.8.0+is%3Aclosed
Full changelog: gradle/gradle-build-action@v2.7.1...v2.8.0
v2.7.1
Compare Source
This release contains no code changes, only dependency updates and documentation improvements.
Changelog
v2.7.0
Compare Source
GitHub Dependency Graph support
In this release, the GitHub Dependency Graph support is no longer considered "experimental", and should be considered ready for production use. You can read more about the Dependency Graph support in the README chapter.
Changes
github-dependency-graph-gradle-plugin@v0.2.0
dependency-graph-file
output to any step that generates a Dependency Graph fileChangelog
v2.6.1
Compare Source
Dependency Graph support
This patch release fixes and improves a couple of aspects of the experimental Dependency Graph support:
job.correlator
value for each Gradle invocation within a Job. This permits multiple Gradle invocations in a single job to generate and submit a separate dependency graph.github-dependency-graph-gradle-plugin@v0.1.0
, which brings a number of improvements to the generated dependency graph:v2.6.0
Compare Source
GitHub Dependency Graph support (Experimental)
This release brings experimental support for submitting a GitHub Dependency Graph snapshot via the GitHub Dependency Submission API.
The dependency graph snapshot is generated via integration with the GitHub Dependency Graph Gradle Plugin, and saved as a workflow artifact. The generated snapshot files can be submitted either in the same job, or in a subsequent job (in the same or a dependent workflow).
The generated dependency graph snapshot reports all of the dependencies that were resolved during a bulid execution, and is used by GitHub to generate Dependabot Alerts for vulnerable dependencies, as well as to populate the Dependency Graph insights view.
Check out the README chapter for more details on how this works and how to configure a workflow that submits a dependency graph.
Changelog
v2.5.1
Compare Source
Fixes a regression in v2.5.0 that resulted in failure when running a workflow that has a name containing a comma.
Fixes
Changelog
v2.5.0
Compare Source
This minor release fixes a couple of issues that affected the action in particular scenarios, and updates all dependencies to recent versions.
Fixes
settingsEvaluated
#626Full changelog: gradle/gradle-build-action@v2.4.2...v2.5.0
v2.4.2
Compare Source
This release disables the save/restore of configuration-cache data, since this functionality has been shown to be problematic.
Gradle 8.1 has made changes to this functionality which will require a more comprehensive rework of the action before we can re-enable this.
v2.4.1
Compare Source
This patch release updates a number of dependencies, including
xmljs
which was reported to have a security vulnerability (https://nvd.nist.gov/vuln/detail/CVE-2023-0842).There is no evidence that this vulnerability affected the
gradle-build-action
.Full changelog: gradle/gradle-build-action@v2.4.0...v2.4.1
v2.4.0
Compare Source
What's new
The
v.2.4.0
release contains various library updates and fixes to fully support Gradle 8.Notable changes:
@actions/cache: 3.1.3
should improve cache save/restore performance on Windows by using gnu tar and zstd when available.e444647
)Full Changelog: gradle/gradle-build-action@v2.3.3...v2.4.0
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.