daz
203ed600ea
Bump tj-actions/changed-files to 46.0.3
2025-03-25 14:10:36 -06:00
dependabot[bot]
d2985e6cc7
Bump the github-actions group across 2 directories with 6 updates
...
Bumps the github-actions group with 6 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [actions/setup-node](https://github.com/actions/setup-node ) | `4.2.0` | `4.3.0` |
| [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) | `dcc7a0cba800f454d79fff4b993e8c3555bcc0a8` | `0fee5fb278312d962ff465bb38dc4cae9f446de2` |
| [github/codeql-action](https://github.com/github/codeql-action ) | `3.28.9` | `3.28.11` |
| [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) | `2.4.0` | `2.4.1` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact ) | `4.6.0` | `4.6.1` |
| [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) | `7.0.6` | `7.0.8` |
Bumps the github-actions group with 2 updates in the /.github/actions/build-dist directory: [actions/setup-node](https://github.com/actions/setup-node ) and [actions/upload-artifact](https://github.com/actions/upload-artifact ).
Updates `actions/setup-node` from 4.2.0 to 4.3.0
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](1d0ff469b7...cdca7365b2https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](dcc7a0cba8...0fee5fb278https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](9e8d0789d4...6bb031afddhttps://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](62b2cac7ed...f49aabe0b5https://github.com/actions/upload-artifact/releases )
- [Commits](65c4c4a1dd...4cec3d8aa0https://github.com/peter-evans/create-pull-request/releases )
- [Commits](67ccf781d6...271a8d0340https://github.com/actions/setup-node/releases )
- [Commits](1d0ff469b7...cdca7365b2https://github.com/actions/upload-artifact/releases )
- [Commits](65c4c4a1dd...4cec3d8aa0
2025-03-25 14:06:06 -06:00
dependabot[bot]
3d9adb8ecd
Bump the gradle group across 1 directory with 2 updates
...
Bumps the gradle group with 2 updates in the /.github/workflow-samples/kotlin-dsl directory: [com.google.guava:guava](https://github.com/google/guava ) and [org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit5 ).
Updates `com.google.guava:guava` from 33.4.0-jre to 33.4.5-jre
- [Release notes](https://github.com/google/guava/releases )
- [Commits](https://github.com/google/guava/commits )
Updates `org.junit.jupiter:junit-jupiter` from 5.11.4 to 5.12.1
- [Release notes](https://github.com/junit-team/junit5/releases )
- [Commits](https://github.com/junit-team/junit5/compare/r5.11.4...r5.12.1 )
---
updated-dependencies:
- dependency-name: com.google.guava:guava
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: gradle
- dependency-name: org.junit.jupiter:junit-jupiter
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: gradle
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-03-25 14:01:20 -06:00
bot-githubaction
29f0d0a78a
Update to use Gradle 8.13
...
Release notes of Gradle 8.13 can be found here:
https://docs.gradle.org/8.13/release-notes.html
2025-03-25 13:51:49 -06:00
bot-githubaction
bd8a9b1582
Bump references to Develocity Gradle plugin from 3.19.1 to 3.19.2
2025-02-19 02:27:57 +00:00
daz
7b5af35d9a
Set author to bot for generated commits
2025-02-18 14:10:09 -07:00
dependabot[bot]
7f0ccac579
Bump the github-actions group across 1 directory with 2 updates
...
Bumps the github-actions group with 2 updates in the / directory: [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `tj-actions/changed-files` from 45.0.6 to 45.0.7
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](d6e91a2266...dcc7a0cba8https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](dd746615b3...9e8d0789d4
2025-02-18 13:21:46 -07:00
dependabot[bot]
70f4302913
Bump the github-actions group across 2 directories with 3 updates
...
Bumps the github-actions group with 3 updates in the / directory: [gradle/actions](https://github.com/gradle/actions ), [github/codeql-action](https://github.com/github/codeql-action ) and [actions/setup-java](https://github.com/actions/setup-java ).
Bumps the github-actions group with 1 update in the /.github/actions/init-integ-test directory: [actions/setup-java](https://github.com/actions/setup-java ).
Updates `gradle/actions` from 4.2.2 to 4.3.0
- [Release notes](https://github.com/gradle/actions/releases )
- [Commits](0bdd871935...94baf225fehttps://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](17a820bf2e...dd746615b3https://github.com/actions/setup-java/releases )
- [Commits](7a6d8a8234...3a4f6e1af5https://github.com/actions/setup-java/releases )
- [Commits](7a6d8a8234...3a4f6e1af5
2025-02-04 11:52:48 -07:00
daz
6f10c21ec5
Make it easier to produce 'prerelease' versions
2025-01-30 09:02:58 -07:00
dependabot[bot]
7560c304a6
Bump the github-actions group across 2 directories with 2 updates
...
Bumps the github-actions group with 2 updates in the / directory: [actions/setup-node](https://github.com/actions/setup-node ) and [github/codeql-action](https://github.com/github/codeql-action ).
Bumps the github-actions group with 1 update in the /.github/actions/build-dist directory: [actions/setup-node](https://github.com/actions/setup-node ).
Updates `actions/setup-node` from 4.1.0 to 4.2.0
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](39370e3970...1d0ff469b7https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b6a472f63d...17a820bf2ehttps://github.com/actions/setup-node/releases )
- [Commits](39370e3970...1d0ff469b7
2025-01-28 08:18:31 -07:00
daz
dcf3ce7005
Bump to Gradle 8.12.1
2025-01-25 09:21:22 -07:00
github-actions[bot]
31f6205373
Bump Gradle Wrappers ( #535 )
...
# Combined PRs ➡️ 📦 ⬅️
✅ The following pull requests have been successfully combined on this
PR:
- Closes #534 Bump Gradle Wrapper from 8.12 to 8.12.1 in
/.github/workflow-samples/kotlin-dsl
- Closes #533 Bump Gradle Wrapper from 8.12 to 8.12.1 in
/.github/workflow-samples/java-toolchain
- Closes #532 Bump Gradle Wrapper from 8.12 to 8.12.1 in
/.github/workflow-samples/groovy-dsl
- Closes #531 Bump Gradle Wrapper from 8.12 to 8.12.1 in
/.github/workflow-samples/gradle-plugin
- Closes #530 Bump Gradle Wrapper from 8.12 to 8.12.1 in
/sources/test/init-scripts
> This PR was created by the
[`github/combine-prs`](https://github.com/github/combine-prs ) action
---------
Signed-off-by: bot-githubaction <bot-githubaction@gradle.com>
Co-authored-by: bot-githubaction <bot-githubaction@gradle.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
2025-01-25 09:08:57 -07:00
Daz DeBoer
d068148857
Choose best Gradle version to use for cache cleanup ( #526 )
...
The cache-cleanup operation works by executing Gradle on a dummy project
and a custom init-script. The init-script requires at least Gradle 8.11
to work.
Ideally, the version of Gradle used for cleanup should be no older than
the newest one that wrote entries to Gradle User Home. If an older
Gradle version is used for cache-cleanup, it will not remove entries
written specifically for newer versions.
With this change, we now attempt to ensure that cache-cleanup is run
with the best Gradle version available. We inspect the Gradle version on
PATH to see if it is new enough, otherwise we will provision a Gradle
version equal to the newest one that ran in the Job.
The logic is:
- Determine the newest version of Gradle that was executed during the
Job. This is the 'minimum version' for cache cleanup.
- Inspect the Gradle version on PATH (if any) to see if it is equal to
or newer than the 'minimum version'.
- If the version Gradle on PATH is new enough, use that version for
cache-cleanup.
- If not, attempt to provision Gradle with the 'minimum version'.
Fixes #436
2025-01-24 06:16:52 -07:00
bot-githubaction
b426ffebae
Bump references to Develocity Gradle plugin from 3.19 to 3.19.1
2025-01-24 06:16:18 -07:00
daz
ec4681f7f5
Test provision of rc and milestone versions
2025-01-23 12:09:21 -07:00
Daz DeBoer
3bfa1140fc
Update to CCUDGP 2.1 ( #524 )
...
This change primarily impacts test projects and documentation. The only
material impact is that CCUD 2.1 will now be auto-applied when
publishing Build Scans automatically with `build-scan-publish: true`.
(Develocity injection does not hard-code any CCUD version)
2025-01-21 21:34:02 -07:00
daz
245c8a24de
Save dependency-graph file as workflow artifact
...
Diagnosing unexpected dependencies in the GitHub Dependency Graph can
be difficult. In order to aid with diagnosis, the `dependency-submission`
action will now save each dependency-graph file as a workflow artifact.
If this is undesirable, the prior behaviour can be restored by explicitly setting
`dependency-graph: generate-and-submit`.
Fixes #519
2025-01-21 14:34:49 -07:00
daz
74628b9f13
Fix npm for update-dist
2025-01-21 09:55:18 -07:00
daz
e6f332ecb1
Publish build scans for CI builds
2025-01-20 09:56:42 -07:00
dependabot[bot]
bccddaec22
Bump the github-actions group across 3 directories with 7 updates
...
Bumps the github-actions group with 7 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [gradle/actions](https://github.com/gradle/actions ) | `4.2.1` | `4.2.2` |
| [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) | `45.0.5` | `45.0.6` |
| [github/codeql-action](https://github.com/github/codeql-action ) | `3.27.9` | `3.28.1` |
| [actions/setup-java](https://github.com/actions/setup-java ) | `4.5.0` | `4.6.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact ) | `4.4.3` | `4.6.0` |
| [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action ) | `5.0.1` | `5.1.0` |
| [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) | `7.0.5` | `7.0.6` |
Bumps the github-actions group with 1 update in the /.github/actions/build-dist directory: [actions/upload-artifact](https://github.com/actions/upload-artifact ).
Bumps the github-actions group with 1 update in the /.github/actions/init-integ-test directory: [actions/setup-java](https://github.com/actions/setup-java ).
Updates `gradle/actions` from 4.2.1 to 4.2.2
- [Release notes](https://github.com/gradle/actions/releases )
- [Commits](cc4fc85e6b...0bdd871935https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](bab30c2299...d6e91a2266https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](df409f7d92...b6a472f63dhttps://github.com/actions/setup-java/releases )
- [Commits](8df1039502...7a6d8a8234https://github.com/actions/upload-artifact/releases )
- [Commits](b4b15b8c7c...65c4c4a1ddhttps://github.com/stefanzweifel/git-auto-commit-action/releases )
- [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md )
- [Commits](8621497c8c...e348103e90https://github.com/peter-evans/create-pull-request/releases )
- [Commits](5e914681df...67ccf781d6https://github.com/actions/upload-artifact/releases )
- [Commits](b4b15b8c7c...65c4c4a1ddhttps://github.com/actions/setup-java/releases )
- [Commits](8df1039502...7a6d8a8234
2025-01-14 13:31:38 -07:00
github-actions[bot]
04f1562da5
Bump Gradle Wrappers ( #499 )
...
# Combined PRs ➡️ 📦 ⬅️
✅ The following pull requests have been successfully combined on this
PR:
- Closes #498 Bump Gradle Wrapper from 8.11.1 to 8.12 in
/.github/workflow-samples/kotlin-dsl
- Closes #497 Bump Gradle Wrapper from 8.11.1 to 8.12 in
/.github/workflow-samples/java-toolchain
- Closes #496 Bump Gradle Wrapper from 8.11.1 to 8.12 in
/.github/workflow-samples/groovy-dsl
- Closes #495 Bump Gradle Wrapper from 8.11.1 to 8.12 in
/.github/workflow-samples/gradle-plugin
- Closes #494 Bump Gradle Wrapper from 8.11.1 to 8.12 in
/sources/test/init-scripts
> This PR was created by the
[`github/combine-prs`](https://github.com/github/combine-prs ) action
---------
Signed-off-by: bot-githubaction <bot-githubaction@gradle.com>
Co-authored-by: bot-githubaction <bot-githubaction@gradle.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: daz <daz@gradle.com>
2024-12-20 18:23:34 -07:00
Daz DeBoer
0bdd871935
Pin version in ci-combine-bot-prs.yml
2024-12-17 18:26:12 -07:00
dependabot[bot]
bc78598590
Bump github/codeql-action in the github-actions group across 1 directory
...
Bumps the github-actions group with 1 update in the / directory: [github/codeql-action](https://github.com/github/codeql-action ).
Updates `github/codeql-action` from 3.27.7 to 3.27.9
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](babb554ede...df409f7d92
2024-12-17 11:46:27 -07:00
dependabot[bot]
9934046c6d
Bump the gradle group across 1 directory with 2 updates
...
Bumps the gradle group with 2 updates in the /.github/workflow-samples/kotlin-dsl directory: [com.google.guava:guava](https://github.com/google/guava ) and [org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit5 ).
Updates `com.google.guava:guava` from 33.3.1-jre to 33.4.0-jre
- [Release notes](https://github.com/google/guava/releases )
- [Commits](https://github.com/google/guava/commits )
Updates `org.junit.jupiter:junit-jupiter` from 5.11.3 to 5.11.4
- [Release notes](https://github.com/junit-team/junit5/releases )
- [Commits](https://github.com/junit-team/junit5/compare/r5.11.3...r5.11.4 )
---
updated-dependencies:
- dependency-name: com.google.guava:guava
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: gradle
- dependency-name: org.junit.jupiter:junit-jupiter
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: gradle
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-12-17 11:45:30 -07:00
bot-githubaction
eda5a3331f
Bump references to Develocity Gradle plugin from 3.18.2 to 3.19
2024-12-13 09:02:59 -07:00
daz
69215f1c52
Restrict permissions for combine-prs job
2024-12-11 12:31:33 -07:00
Daz DeBoer
06e95bfb12
Merge branch 'main' into dependabot/github_actions/github-actions-e9dd73a904
2024-12-11 10:17:04 -07:00
Daz DeBoer
6089ee95bf
Update to Gradle 8.11.1 ( #477 )
2024-12-11 10:16:28 -07:00
Daz DeBoer
b80eee1bc3
Remove schedule for combine-prs until it's working properley
2024-12-11 10:05:44 -07:00
daz
51109c9e9e
Update to Gradle 8.11.1
2024-12-11 10:04:45 -07:00
daz
686515ed83
Fix combine PRs workflow
2024-12-11 09:47:11 -07:00
daz
ce25fde741
Add workflow to combine wrapperbot PRs
2024-12-11 09:07:09 -07:00
dependabot[bot]
1c71d2134f
Bump the github-actions group across 1 directory with 2 updates
...
Bumps the github-actions group with 2 updates in the / directory: [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `tj-actions/changed-files` from 45.0.4 to 45.0.5
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](4edd678ac3...bab30c2299https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](ea9e4e3799...babb554ede
2024-12-11 14:52:10 +00:00
Daz DeBoer
35af9b8791
Simplify Dependabot config using 'directories'
2024-12-11 07:50:05 -07:00
dependabot[bot]
4ba34e96c5
Bump gradle/actions from 4.2.0 to 4.2.1 in the github-actions group
...
Bumps the github-actions group with 1 update: [gradle/actions](https://github.com/gradle/actions ).
Updates `gradle/actions` from 4.2.0 to 4.2.1
- [Release notes](https://github.com/gradle/actions/releases )
- [Commits](473878a77f...cc4fc85e6b
2024-11-19 09:53:32 -07:00
dependabot[bot]
e6a814661a
Bump the github-actions group with 3 updates
...
Bumps the github-actions group with 3 updates: [actions/checkout](https://github.com/actions/checkout ), [github/codeql-action](https://github.com/github/codeql-action ) and [actions/upload-artifact](https://github.com/actions/upload-artifact ).
Updates `actions/checkout` from 4.1.7 to 4.2.2
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v4.1.7...11bd71901bbe5b1630ceea73d27597364c9af683 )
Updates `github/codeql-action` from 3.26.6 to 3.27.4
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v3.26.6...ea9e4e37992a54ee68a9622e985e60c8e8f12d9f )
Updates `actions/upload-artifact` from 4.4.0 to 4.4.3
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](50769540e7...b4b15b8c7c
2024-11-18 10:35:58 -07:00
daz
9ab6ee6757
Bump to version 2.0.2 of CCUDGP
2024-11-15 14:10:13 -07:00
daz
f4845d289c
Use npm clean-install
2024-11-14 16:36:23 -07:00
Daz DeBoer
5f21a9bb99
Bump Gradle from 8.10.2 to 8.11 ( #443 )
...
Co-authored-by: bot-githubaction <bot-githubaction@gradle.com>
2024-11-14 13:48:42 -07:00
Daz DeBoer
52ee405746
Run CodeQL on all commits
2024-11-14 13:44:22 -07:00
daz
b6bc8c2f17
Pin gradle/actions versions
2024-11-14 13:05:02 -07:00
daz
b12c3a65f2
Pin version of 3rd party actions
2024-11-14 12:35:29 -07:00
daz
d191577859
Pin actions/setup-node@v4
2024-11-14 12:23:02 -07:00
daz
e726a12472
Pin actions/setup-java@v4
2024-11-14 12:21:03 -07:00
daz
d30cc9ecf2
Pin actions/checkout@v4
2024-11-14 12:19:48 -07:00
daz
d0efa7b0e7
Avoid duplicate actions/setup-java
2024-11-14 12:12:54 -07:00
daz
8422a6a674
Avoid running workflow on forks
2024-11-14 11:44:20 -07:00
daz
19ff74e0a6
Revert "Disable uploading OSSF scorecard to GitHub Security"
...
This reverts commit 1e2142185e4f34e92f6863dac9813f2f6072507a.
2024-11-14 11:31:03 -07:00
bot-githubaction
084b95f65a
Bump references to Develocity Gradle plugin from 3.18.1 to 3.18.2
2024-11-14 09:26:53 -07:00
Daz DeBoer
1e2142185e
Disable uploading OSSF scorecard to GitHub Security
2024-11-13 19:11:45 -07:00
