Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update gradle/actions action to v4 #710

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Aug 12, 2024

This PR contains the following updates:

Package Type Update Change
gradle/actions action major v3.3.2 -> v4.2.2

Release Notes

gradle/actions (gradle/actions)

v4.2.2

Compare Source

This patch release updates a bunch of dependency versions and fixes a deprecation warning emitted with Gradle 8.12.

What's Changed
New Contributors

Full Changelog: gradle/actions@v4.2.1...v4.2.2

v4.2.1

Compare Source

This patch release fixes some issues with Develocity and Build Scan integration:

  • Build scan links not captured in project using plugin com.gradle.enteprise:3.18.2 (#​449)
  • Enabling build-scan-publish causes some Develocity injection parameters to be ignored (#​447)
  • Setting develocity-ccud-plugin-version parameter is ignored (#​446)
What's Changed
New Contributors

Full Changelog: gradle/actions@v4.2.0...v4.2.1

v4.2.0

Compare Source

This release fixes a bug that prevents cache-cleanup from working with Gradle 8.11.
A number of improvements to cache reporting are also included.

What's Changed

Full Changelog: gradle/actions@v4.1.0...v4.2.0

v4.1.0

Compare Source

This release brings some minor improvements:

  • The latest release of Gradle is no longer required to perform cache-cleanup. If Gradle is found to on the PATH and the version meets minimum version requirements, then the version on PATH is used for cache-cleanup and Gradle is not downloaded.
  • Fixes a bug where setting the develocity-token-expiry parameter had no effect (#​381)
  • Numerous NPM dependency updates

Full Changelog: gradle/actions@v4.0.1...v4.1.0

v4.0.1

Compare Source

This patch release updates a number of dependencies, and fixes a bug that caused Gradle version '8.1' to be confused with '8.10'.

What's Changed

Full Changelog: gradle/actions@v4.0.0...v4.0.1

v4.0.0

Compare Source

Final release of v4.0.0 of the setup-gradle, dependency-submission and wrapper-validation actions provided under gradle/actions.
This release is available under the v4 tag.

Major changes from the v3 release
The arguments parameter has been removed

Using the action to execute Gradle via the arguments parameter was deprecated in v3 and this parameter has been removed.
See here for more details.

Cache cleanup enabled by default

After a number of fixes and improvements, this release enables cache-cleanup by default for all Jobs using the setup-gradle and dependency-submission actions.

Improvements and bugfixes related cache cleanup:

  • By default, cache cleanup is not run if any Gradle build fails (#​71)
  • Cache cleanup is not run after configuration-cache reuse (#​19)

This feature should help to minimize the size of entries written to the GitHub Actions cache, speeding up builds and reducing cache usage.

Wrapper validation enabled by default

In v3, the setup-gradle action was enhanced to support Gradle wrapper validation, removing the need to use a separate workflow
file with the gradle/actions/wrapper-validation action.

With this release, wrapper validation has been significantly improved, and is now enabled by default (#​12):

  • The allow-snapshot-wrappers makes it possible to validate snapshot wrapper jars using setup-gradle.
  • Checksums for nightly and snapshot Gradle versions are now validated (#​281).
  • Valid wrapper checksums are cached in Gradle User Home, reducing the need to retrieve checksum values remotely (#​172).
  • Reduce network calls in wrapper-validation for new Gradle versions: By only fetching wrapper checksums for Gradle versions that were not known when this action was released, this release reduces the likelihood that a network failure could cause failure in wrapper validation (#​171)
  • Improved error message when wrapper-validation finds no wrapper jars (#​284)

Wrapper validation is important for supply-chain integrity. Enabling this feature by default will increase the coverage of wrapper
validation on projects using GitHub Actions.

New input parameters for Dependency Graph generation

Some dependency-graph inputs that could previously only be configured via environment variables now have dedicated action inputs:

Other improvements
  • In Job summary, the action now provides an explanation when cache is set to read-only or disabled (#​255)
  • When setup-gradle requests a specific Gradle version, the action will no longer download and install that version if it is already available on the PATH of the runner (#​270)
  • To attempt to speed up builds, the setup-gradle and dependency-submission actions now attempt to use the D: drive for Gradle User Home if it is available (#​290)
Deprecations and breaking changes
Changelog

Full Changelog: gradle/actions@v3.5.0...v4.0.0

v3.5.0

Compare Source

This release contains a major upgrade to gradle-home-cache-cleanup as well as improvements to dependency-submission.

What's Changed

Full Changelog: gradle/actions@v3.4.2...v3.5.0

v3.4.2

Compare Source

This patch release fixes a race condition that resulted in the DEVELOCITY_ACCESS_KEY variable not being set in the environment.

What's Changed

Full Changelog: gradle/actions@v3.4.1...v3.4.2

v3.4.1

Compare Source

This patch release fixes a bug introduced in v3.4.0, that prevents build scan publication to Develocity.
The bug results in the removal of the DEVELOCITY_ACCESS_KEY variable being removed, so that Gradle cannot authenticate with the Develocity server.

What's Changed

Full Changelog: gradle/actions@v3.4.0...v3.4.1

v3.4.0

Compare Source

This release improves the integration with Gradle Develocity®, as well as updating a number of key dependencies.

  • The new develocity-access-key input parameter allows the action to generate a short-lived access token for subsequent
    communication with Develocity. This reduces the risk of the full (long-lived) access key being compromised,
    either accidentally or by a malicious action.
  • New input parameters are available to configure Develocity injection. Previously Develocity injection could only be
    enabled by setting environment variables.
  • Checksums for Gradle 8.8 are now included, so that no network request is required for wrapper-validation with Gradle 8.8 wrappers.
What's Changed
New Contributors

Full Changelog: gradle/actions@v3.3.2...v3.4.0


Configuration

📅 Schedule: Branch creation - "* 0-3 * * 1" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot requested a review from a team as a code owner August 12, 2024 00:27
Copy link

codecov bot commented Aug 12, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 8.61%. Comparing base (c70988c) to head (9720eaf).

Additional details and impacted files
@@             Coverage Diff             @@
##               main    #710      +/-   ##
===========================================
- Coverage     10.05%   8.61%   -1.45%     
+ Complexity     1944    1479     -465     
===========================================
  Files          6832    6832              
  Lines         66723   66723              
  Branches        279     279              
===========================================
- Hits           6709    5746     -963     
- Misses        59840   60832     +992     
+ Partials        174     145      -29     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@renovate renovate bot force-pushed the renovate/gradle-actions-4.x branch from 6d47c20 to 893ba8e Compare August 26, 2024 23:14
@renovate renovate bot force-pushed the renovate/gradle-actions-4.x branch from 893ba8e to e3616a3 Compare September 13, 2024 03:42
@renovate renovate bot changed the title chore(deps): update gradle/actions action to v4 Update gradle/actions action to v4 Oct 10, 2024
@renovate renovate bot changed the title Update gradle/actions action to v4 chore(deps): update gradle/actions action to v4 Nov 1, 2024
@renovate renovate bot force-pushed the renovate/gradle-actions-4.x branch 2 times, most recently from 1623580 to 67c7dfc Compare November 18, 2024 18:44
@renovate renovate bot changed the title chore(deps): update gradle/actions action to v4 Update gradle/actions action to v4 Nov 26, 2024
@renovate renovate bot changed the title Update gradle/actions action to v4 chore(deps): update gradle/actions action to v4 Dec 9, 2024
@renovate renovate bot force-pushed the renovate/gradle-actions-4.x branch from 67c7dfc to 9720eaf Compare December 18, 2024 02:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants