Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update gradle/gradle-build-action action to v2.7.0 #865

Merged
merged 1 commit into from
Aug 1, 2023
Merged

Update gradle/gradle-build-action action to v2.7.0 #865

merged 1 commit into from
Aug 1, 2023

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jul 10, 2023
edited
Loading

Mend Renovate

This PR contains the following updates:

Package Type Update Change
gradle/gradle-build-action action minor v2.5.1 -> v2.7.0

⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information.

Release Notes

gradle/gradle-build-action (gradle/gradle-build-action)

v2.7.0

Compare Source

GitHub Dependency Graph support

In this release, the GitHub Dependency Graph support is no longer considered "experimental", and should be considered ready for production use. You can read more about the Dependency Graph support in the README chapter.

Changes
  • Update to github-dependency-graph-gradle-plugin@v0.2.0
    • Dependency graph uses Gradle Settings file as manifest location (if Settings file exists)
  • Adds a dependency-graph-file output to any step that generates a Dependency Graph file
Changelog

v2.6.1

Compare Source

Dependency Graph support

This patch release fixes and improves a couple of aspects of the experimental Dependency Graph support:

  • The action will now generate a unique job.correlator value for each Gradle invocation within a Job. This permits multiple Gradle invocations in a single job to generate and submit a separate dependency graph.
  • Update to use github-dependency-graph-gradle-plugin@v0.1.0, which brings a number of improvements to the generated dependency graph:
    • Each Gradle build invocation is mapped to a single GitHub Dependency Graph manifest. This should result in fewer duplicate security alerts being generated.
    • Configurations that contribute to the GitHub Dependency Graph can be filtered by regular expression

v2.6.0

Compare Source

GitHub Dependency Graph support (Experimental)

This release brings experimental support for submitting a GitHub Dependency Graph snapshot via the GitHub Dependency Submission API.

The dependency graph snapshot is generated via integration with the GitHub Dependency Graph Gradle Plugin, and saved as a workflow artifact. The generated snapshot files can be submitted either in the same job, or in a subsequent job (in the same or a dependent workflow).

The generated dependency graph snapshot reports all of the dependencies that were resolved during a bulid execution, and is used by GitHub to generate Dependabot Alerts for vulnerable dependencies, as well as to populate the Dependency Graph insights view.

Check out the README chapter for more details on how this works and how to configure a workflow that submits a dependency graph.

Changelog

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot force-pushed the renovate/gradle-gradle-build-action-2.x branch from 24c7c0c to c86e2a0 Compare July 11, 2023 17:05
@renovate renovate bot changed the title Update gradle/gradle-build-action action to v2.6.0 Update gradle/gradle-build-action action to v2.6.1 Jul 17, 2023
@renovate renovate bot force-pushed the renovate/gradle-gradle-build-action-2.x branch from c86e2a0 to f1725f1 Compare July 17, 2023 22:40
@renovate renovate bot changed the title Update gradle/gradle-build-action action to v2.6.1 Update gradle/gradle-build-action action to v2.7.0 Jul 24, 2023
@renovate renovate bot force-pushed the renovate/gradle-gradle-build-action-2.x branch 4 times, most recently from f294d12 to ead39bc Compare July 31, 2023 17:12
@renovate renovate bot force-pushed the renovate/gradle-gradle-build-action-2.x branch from ead39bc to d81443b Compare August 1, 2023 11:34
@renovate renovate bot force-pushed the renovate/gradle-gradle-build-action-2.x branch from d81443b to 92b2f06 Compare August 1, 2023 11:41
@jakepurple13 jakepurple13 merged commit 17de43b into develop Aug 1, 2023
@renovate renovate bot deleted the renovate/gradle-gradle-build-action-2.x branch August 1, 2023 12:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@jakepurple13