amyu
7e2474009a
update actions/cache4.0.0 and migrate patch
2024-12-12 02:23:20 +09:00
Daz DeBoer
35af9b8791
Simplify Dependabot config using 'directories'
2024-12-11 07:50:05 -07:00
Daz DeBoer
375738a38b
Add link to GitHub docs
CI-check-and-unit-test / check-format-and-unit-test (push) Waiting to run
CI-codeql / Analyze (push) Waiting to run
CI-init-script-check / test-init-scripts (push) Waiting to run
CI-integ-test / build-distribution (push) Waiting to run
CI-integ-test / caching-integ-tests (push) Blocked by required conditions
CI-integ-test / other-integ-tests (push) Blocked by required conditions
CI-ossf-scorecard / Scorecard analysis (push) Waiting to run
CI-update-dist / update-dist (push) Waiting to run
CI-validate-wrappers / validation (push) Waiting to run
2024-12-10 10:50:29 -07:00
Sebastian Dyroff
00781cbaae
Fix typo in documentation
CI-check-and-unit-test / check-format-and-unit-test (push) Waiting to run
CI-init-script-check / test-init-scripts (push) Waiting to run
CI-ossf-scorecard / Scorecard analysis (push) Waiting to run
CI-update-dist / update-dist (push) Waiting to run
CI-codeql / Analyze (push) Waiting to run
CI-integ-test / build-distribution (push) Waiting to run
CI-integ-test / caching-integ-tests (push) Blocked by required conditions
CI-integ-test / other-integ-tests (push) Blocked by required conditions
CI-validate-wrappers / validation (push) Waiting to run
2024-12-09 08:41:16 -07:00
dependabot[bot]
4ba34e96c5
Bump gradle/actions from 4.2.0 to 4.2.1 in the github-actions group
...
CI-init-script-check / test-init-scripts (push) Has been cancelled
CI-integ-test / build-distribution (push) Has been cancelled
CI-ossf-scorecard / Scorecard analysis (push) Has been cancelled
CI-check-and-unit-test / check-format-and-unit-test (push) Has been cancelled
CI-codeql / Analyze (push) Has been cancelled
CI-update-dist / update-dist (push) Has been cancelled
CI-validate-wrappers / validation (push) Has been cancelled
CI-integ-test / caching-integ-tests (push) Has been cancelled
CI-integ-test / other-integ-tests (push) Has been cancelled
Bumps the github-actions group with 1 update: [gradle/actions](https://github.com/gradle/actions ).
Updates `gradle/actions` from 4.2.0 to 4.2.1
- [Release notes](https://github.com/gradle/actions/releases )
- [Commits](473878a77f...cc4fc85e6b
)
---
updated-dependencies:
- dependency-name: gradle/actions
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: github-actions
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-11-19 09:53:32 -07:00
dependabot[bot]
e29bc6725a
Bump cross-spawn in /sources
...
Bumps and [cross-spawn](https://github.com/moxystudio/node-cross-spawn ). These dependencies needed to be updated together.
Updates `cross-spawn` from 7.0.3 to 7.0.6
- [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md )
- [Commits](https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.6 )
Updates `cross-spawn` from 6.0.5 to 7.0.6
- [Changelog](https://github.com/moxystudio/node-cross-spawn/blob/master/CHANGELOG.md )
- [Commits](https://github.com/moxystudio/node-cross-spawn/compare/v7.0.3...v7.0.6 )
---
updated-dependencies:
- dependency-name: cross-spawn
dependency-type: indirect
- dependency-name: cross-spawn
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-11-19 09:53:22 -07:00
dependabot[bot]
cc4fc85e6b
Bump @vercel/ncc in /sources in the npm-dependencies group
...
CI-check-and-unit-test / check-format-and-unit-test (push) Waiting to run
CI-codeql / Analyze (push) Waiting to run
CI-init-script-check / test-init-scripts (push) Waiting to run
CI-integ-test / build-distribution (push) Waiting to run
CI-integ-test / caching-integ-tests (push) Blocked by required conditions
CI-integ-test / other-integ-tests (push) Blocked by required conditions
CI-ossf-scorecard / Scorecard analysis (push) Waiting to run
CI-update-dist / update-dist (push) Waiting to run
CI-validate-wrappers / validation (push) Waiting to run
Bumps the npm-dependencies group in /sources with 1 update: [@vercel/ncc](https://github.com/vercel/ncc ).
Updates `@vercel/ncc` from 0.38.2 to 0.38.3
- [Release notes](https://github.com/vercel/ncc/releases )
- [Commits](https://github.com/vercel/ncc/compare/0.38.2...0.38.3 )
---
updated-dependencies:
- dependency-name: "@vercel/ncc"
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: npm-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-11-18 10:36:18 -07:00
dependabot[bot]
e6a814661a
Bump the github-actions group with 3 updates
...
Bumps the github-actions group with 3 updates: [actions/checkout](https://github.com/actions/checkout ), [github/codeql-action](https://github.com/github/codeql-action ) and [actions/upload-artifact](https://github.com/actions/upload-artifact ).
Updates `actions/checkout` from 4.1.7 to 4.2.2
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v4.1.7...11bd71901bbe5b1630ceea73d27597364c9af683 )
Updates `github/codeql-action` from 3.26.6 to 3.27.4
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v3.26.6...ea9e4e37992a54ee68a9622e985e60c8e8f12d9f )
Updates `actions/upload-artifact` from 4.4.0 to 4.4.3
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](50769540e7...b4b15b8c7c
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: github-actions
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: github-actions
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: github-actions
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-11-18 10:35:58 -07:00
daz
e55599fc4d
Adapt build-result-capture script for GE plugin 3.17+
...
CI-ossf-scorecard / Scorecard analysis (push) Has been cancelled
CI-update-dist / update-dist (push) Has been cancelled
CI-validate-wrappers / validation (push) Has been cancelled
CI-check-and-unit-test / check-format-and-unit-test (push) Has been cancelled
CI-codeql / Analyze (push) Has been cancelled
CI-init-script-check / test-init-scripts (push) Has been cancelled
CI-integ-test / build-distribution (push) Has been cancelled
CI-integ-test / caching-integ-tests (push) Has been cancelled
CI-integ-test / other-integ-tests (push) Has been cancelled
The build-result-capture.init.gradle script was making some assumptions about
extensions and plugin application that do not apply with the newest GE plugin.
Fixes #449
2024-11-17 07:26:28 -07:00
bigdaz
d85b0068a7
[bot] Update dist directory
CI-check-and-unit-test / check-format-and-unit-test (push) Waiting to run
CI-codeql / Analyze (push) Waiting to run
CI-init-script-check / test-init-scripts (push) Waiting to run
CI-integ-test / build-distribution (push) Waiting to run
CI-integ-test / caching-integ-tests (push) Blocked by required conditions
CI-integ-test / other-integ-tests (push) Blocked by required conditions
CI-ossf-scorecard / Scorecard analysis (push) Waiting to run
CI-update-dist / update-dist (push) Waiting to run
CI-validate-wrappers / validation (push) Waiting to run
CI-integ-test-full / caching-integ-tests (push) Has been cancelled
CI-integ-test-full / other-integ-tests (push) Has been cancelled
2024-11-16 20:53:42 +00:00
Daz DeBoer
a09a3104fe
Develocity injection fixes ( #448 )
2024-11-16 13:52:38 -07:00
daz
333e9d9750
Do not ignore input parameters when build-scan-publish
is enabled
...
Fixes #447
2024-11-15 14:35:41 -07:00
daz
2aa49bf6a9
Set the correct env var for develocity-ccud-plugin-version
...
Fixes #446
2024-11-15 14:31:56 -07:00
daz
9ab6ee6757
Bump to version 2.0.2 of CCUDGP
2024-11-15 14:10:13 -07:00
Daz DeBoer
fb5165dcd4
Add note about cache-encryption-key being required
CI-ossf-scorecard / Scorecard analysis (push) Has been cancelled
CI-update-dist / update-dist (push) Has been cancelled
CI-validate-wrappers / validation (push) Has been cancelled
CI-check-and-unit-test / check-format-and-unit-test (push) Has been cancelled
CI-codeql / Analyze (push) Has been cancelled
CI-init-script-check / test-init-scripts (push) Has been cancelled
CI-integ-test-full / caching-integ-tests (push) Has been cancelled
CI-integ-test-full / other-integ-tests (push) Has been cancelled
CI-integ-test / build-distribution (push) Has been cancelled
CI-integ-test / caching-integ-tests (push) Has been cancelled
CI-integ-test / other-integ-tests (push) Has been cancelled
2024-11-14 21:09:29 -07:00
daz
0e27ea7e6c
Improve local development script
...
- Avoid running `npm install` on every execution
- Add a separate `install` task that runs `npm clean-install`
2024-11-14 17:00:58 -07:00
daz
f4845d289c
Use npm clean-install
2024-11-14 16:36:23 -07:00
bigdaz
094f2191c5
[bot] Update dist directory
2024-11-14 22:45:12 +00:00
Daz DeBoer
83709b49fe
Fix checksum test by reducing network calls ( #444 )
...
This test was originally starting with an empty set of checksums,
leading to the download of a checksum for every released and snapshot
version. This resulted in in sporadic test failures.
We now start with a known set of checksums and ensure that those that
are missing are downloaded. This involved some refactoring and
improvement in the way snapshot checksums are processed.
2024-11-14 15:44:07 -07:00
Daz DeBoer
5f21a9bb99
Bump Gradle from 8.10.2 to 8.11 ( #443 )
...
CI-check-and-unit-test / check-format-and-unit-test (push) Waiting to run
CI-codeql / Analyze (push) Waiting to run
CI-init-script-check / test-init-scripts (push) Waiting to run
CI-integ-test-full / caching-integ-tests (push) Waiting to run
CI-integ-test-full / other-integ-tests (push) Waiting to run
CI-integ-test / build-distribution (push) Waiting to run
CI-integ-test / caching-integ-tests (push) Blocked by required conditions
CI-integ-test / other-integ-tests (push) Blocked by required conditions
CI-ossf-scorecard / Scorecard analysis (push) Waiting to run
CI-update-dist / update-dist (push) Waiting to run
CI-validate-wrappers / validation (push) Waiting to run
Co-authored-by: bot-githubaction <bot-githubaction@gradle.com>
2024-11-14 13:48:42 -07:00
Daz DeBoer
52ee405746
Run CodeQL on all commits
2024-11-14 13:44:22 -07:00
Daz DeBoer
7f20d0bf71
Pin versions for GitHub Actions ( #442 )
2024-11-14 13:24:19 -07:00
daz
b6bc8c2f17
Pin gradle/actions versions
2024-11-14 13:05:02 -07:00
daz
b12c3a65f2
Pin version of 3rd party actions
2024-11-14 12:35:29 -07:00
daz
d191577859
Pin actions/setup-node@v4
2024-11-14 12:23:02 -07:00
daz
e726a12472
Pin actions/setup-java@v4
2024-11-14 12:21:03 -07:00
daz
d30cc9ecf2
Pin actions/checkout@v4
2024-11-14 12:19:48 -07:00
daz
d0efa7b0e7
Avoid duplicate actions/setup-java
2024-11-14 12:12:54 -07:00
daz
8422a6a674
Avoid running workflow on forks
2024-11-14 11:44:20 -07:00
daz
19ff74e0a6
Revert "Disable uploading OSSF scorecard to GitHub Security"
...
This reverts commit 1e2142185e
.
2024-11-14 11:31:03 -07:00
bigdaz
e03a1f068e
[bot] Update dist directory
2024-11-14 16:27:59 +00:00
bot-githubaction
084b95f65a
Bump references to Develocity Gradle plugin from 3.18.1 to 3.18.2
2024-11-14 09:26:53 -07:00
Daz DeBoer
1e2142185e
Disable uploading OSSF scorecard to GitHub Security
CI-check-and-unit-test / check-format-and-unit-test (push) Waiting to run
CI-codeql / Analyze (push) Waiting to run
CI-init-script-check / test-init-scripts (push) Waiting to run
CI-integ-test / build-distribution (push) Waiting to run
CI-integ-test / caching-integ-tests (push) Blocked by required conditions
CI-integ-test / other-integ-tests (push) Blocked by required conditions
CI-ossf-scorecard / Scorecard analysis (push) Waiting to run
CI-update-dist / update-dist (push) Waiting to run
CI-validate-wrappers / validation (push) Waiting to run
2024-11-13 19:11:45 -07:00
Daz DeBoer
07e0f1c008
Limit token permissions in GitHub workflows ( #440 )
...
See
ea7e27ed41/docs/checks.md (token-permissions)
2024-11-13 19:01:45 -07:00
daz
af45dcfe3c
Add wrapper-validation workflow
...
Although we run `setup-gradle` with all/most wrapper files, this global
workflow will ensure that all wrapper files in the repo are valid.
(This should help with the OSSF scorecard)
2024-11-13 18:46:57 -07:00
daz
d8b3a9fb11
Rename OSSF scorecard workflow
2024-11-13 18:46:51 -07:00
nitrocode
9e8f2bcf56
docs: add badge
2024-11-13 16:37:41 -07:00
nitrocode
5ac3e361a2
ci: add scorecard
2024-11-13 16:37:41 -07:00
bigdaz
4a0951b3dc
[bot] Update dist directory
CI-check-and-unit-test / check-format-and-unit-test (push) Has been cancelled
CI-codeql / Analyze (push) Has been cancelled
CI-init-script-check / test-init-scripts (push) Has been cancelled
CI-integ-test-full / caching-integ-tests (push) Has been cancelled
CI-integ-test-full / other-integ-tests (push) Has been cancelled
CI-integ-test / build-distribution (push) Has been cancelled
CI-update-dist / update-dist (push) Has been cancelled
CI-integ-test / caching-integ-tests (push) Has been cancelled
CI-integ-test / other-integ-tests (push) Has been cancelled
2024-11-12 18:29:16 +00:00
daz
48353a25ca
Do not fail wrapper-validation on filename with illegal characters
2024-11-12 11:28:09 -07:00
bigdaz
473878a77f
[bot] Update dist directory
CI-check-and-unit-test / check-format-and-unit-test (push) Waiting to run
CI-codeql / Analyze (push) Waiting to run
CI-init-script-check / test-init-scripts (push) Waiting to run
CI-integ-test-full / caching-integ-tests (push) Waiting to run
CI-integ-test-full / other-integ-tests (push) Waiting to run
CI-integ-test / build-distribution (push) Waiting to run
CI-integ-test / caching-integ-tests (push) Blocked by required conditions
CI-integ-test / other-integ-tests (push) Blocked by required conditions
CI-update-dist / update-dist (push) Waiting to run
2024-11-12 03:55:37 +00:00
daz
f22ac61fd1
Use Gradle 8.11 as the minimum version for cache-cleanup
...
The cache-cleanup API has changed, so the init-script that worked with
Gradle 8.9 no longer works with 8.11.
We now provision and use Gradle 8.11 for cache cleanup.
This provides a band-aid fix for #417 but that issue will still impact
any build configured to run with Gradle > 8.11
2024-11-11 20:54:29 -07:00
daz
4ec844e551
npm audit fix
2024-11-11 20:54:29 -07:00
bigdaz
24ca383271
[bot] Update dist directory
CI-check-and-unit-test / check-format-and-unit-test (push) Waiting to run
CI-codeql / Analyze (push) Waiting to run
CI-init-script-check / test-init-scripts (push) Waiting to run
CI-integ-test-full / caching-integ-tests (push) Waiting to run
CI-integ-test-full / other-integ-tests (push) Waiting to run
CI-integ-test / caching-integ-tests (push) Blocked by required conditions
CI-integ-test / other-integ-tests (push) Blocked by required conditions
CI-update-dist / update-dist (push) Waiting to run
CI-integ-test / build-distribution (push) Waiting to run
2024-11-11 19:51:02 +00:00
Daz DeBoer
4ca2d5d749
Dependency updates ( #429 )
2024-11-11 12:49:55 -07:00
daz
f31476bde2
Update test for real-world data
...
This test assumed that at least one 'snapshot' wrapper checksum was unique,
and not contained in the set of wrapper checksums for released distributions.
This is no longer the case, so the assumption has been modified.
2024-11-11 12:18:11 -07:00
bigdaz
c345cfbe93
Update known wrapper checksums
2024-11-11 12:18:11 -07:00
dependabot[bot]
b526f6673b
Bump com.fasterxml.jackson.dataformat:jackson-dataformat-smile
...
Bumps [com.fasterxml.jackson.dataformat:jackson-dataformat-smile](https://github.com/FasterXML/jackson-dataformats-binary ) from 2.18.0 to 2.18.1.
- [Commits](https://github.com/FasterXML/jackson-dataformats-binary/compare/jackson-dataformats-binary-2.18.0...jackson-dataformats-binary-2.18.1 )
---
updated-dependencies:
- dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-smile
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-11-11 12:18:11 -07:00
daz
93415e6645
Update patch for actions/cache 3.3.0
2024-11-11 12:18:11 -07:00
dependabot[bot]
6bc218d5d0
Bump the npm-dependencies group across 1 directory with 4 updates
...
Bumps the npm-dependencies group with 4 updates in the /sources directory: [@actions/cache](https://github.com/actions/toolkit/tree/HEAD/packages/cache ), [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ), [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest ) and [nock](https://github.com/nock/nock ).
Updates `@actions/cache` from 3.2.4 to 3.3.0
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/cache/RELEASES.md )
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/cache )
Updates `@types/node` from 20.17.3 to 20.17.6
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
Updates `eslint-plugin-jest` from 28.8.3 to 28.9.0
- [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases )
- [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md )
- [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v28.8.3...v28.9.0 )
Updates `nock` from 13.5.5 to 13.5.6
- [Release notes](https://github.com/nock/nock/releases )
- [Changelog](https://github.com/nock/nock/blob/main/CHANGELOG.md )
- [Commits](https://github.com/nock/nock/compare/v13.5.5...v13.5.6 )
---
updated-dependencies:
- dependency-name: "@actions/cache"
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: npm-dependencies
- dependency-name: "@types/node"
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: npm-dependencies
- dependency-name: eslint-plugin-jest
dependency-type: direct:development
update-type: version-update:semver-minor
dependency-group: npm-dependencies
- dependency-name: nock
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: npm-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-11-11 11:34:26 -07:00