Daz DeBoer
a0ee12f71e
Extract caching logic into a separate gradle-actions-caching component ( #885 )
...
With this change, the caching functionality of `setup-gradle` and
`dependency-submission` is now provided by `gradle-actions-caching`, a
closed-source library distributed under our [Terms of
Use](https://gradle.com/legal/terms-of-use/ ). The rest of the action
implementation remains open source.
Using `setup-gradle` or `dependency-submission` with caching enabled
involves loading and using the `gradle-actions-caching` component,
requiring acceptance of the [Terms of
Use](https://gradle.com/legal/terms-of-use/ ). There are no functional
changes to caching provided by these actions: all workflows will
continue to function as before.
The non-caching aspects of action implementation remain open source. By
running these actions with caching disabled they can be used without
ever loading `gradle-actions-caching` or accepting the license terms.
Supporting the caching infrastructure in this project requires a
substantial engineering investment by Gradle Technologies, which we can
sustain thanks to Develocity, our commercial offering. Caching
technologies are a core part of the Develocity offering, and the caching
in `setup-gradle` fits squarely in that space.
This licensing change lets us continue to build advanced capabilities
that go beyond what we would offer as open source. Proper
production-ready Configuration Cache support will be the first
capability. Improving build performance for self-hosted runners will
follow.
We may introduce functionality restrictions in future updates. However,
caching functionality will remain free for public repositories.
We have a long-standing commitment to open source, as maintainers of
Gradle Build Tool, and by [sponsoring the open source
community](https://gradle.com/oss-sponsored-by-develocity/ ) with free
Develocity licenses. Public repositories are primarily used by open
source projects, and we remain committed to supporting them.
- Implementation of caching logic to save and restore Gradle User Home
content has been removed, replaced by the `gradle-actions-caching`
component.
- The `@actions/caching` library is still used to cache Gradle
distributions that are downloaded and provisioned by `setup-gradle`.
This PR updates to the latest version of `@actions/caching`, and removes
the patch that is no longer required.
- License notices are now displayed in documentation, logs and the
generated Job Summary.
2026-03-18 14:57:27 -06:00
dependabot[bot]
baabf402fa
Bump the github-actions group across 2 directories with 5 updates
...
Bumps the github-actions group with 5 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout ) | `6.0.1` | `6.0.2` |
| [actions/setup-node](https://github.com/actions/setup-node ) | `6.1.0` | `6.2.0` |
| [github/codeql-action](https://github.com/github/codeql-action ) | `4.31.9` | `4.31.10` |
| [actions/setup-java](https://github.com/actions/setup-java ) | `5.1.0` | `5.2.0` |
| [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) | `8.0.0` | `8.1.0` |
Bumps the github-actions group with 1 update in the /.github/actions/build-dist directory: [actions/setup-node](https://github.com/actions/setup-node ).
Updates `actions/checkout` from 6.0.1 to 6.0.2
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8e8c483db8...de0fac2e45https://github.com/actions/setup-node/releases )
- [Commits](395ad32622...6044e13b5dhttps://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](5d4e8d1aca...cdefb33c0fhttps://github.com/actions/setup-java/releases )
- [Commits](f2beeb24e1...be666c2fcdhttps://github.com/peter-evans/create-pull-request/releases )
- [Commits](98357b18bf...c0f553fe54https://github.com/actions/setup-node/releases )
- [Commits](395ad32622...6044e13b5dhttps://github.com/actions/setup-node/releases )
- [Commits](395ad32622...6044e13b5dhttps://github.com/actions/setup-node/releases )
- [Commits](395ad32622...6044e13b5dsupport@github.com >
2026-01-27 07:21:57 -07:00
dependabot[bot]
d131a98eed
Bump the github-actions group across 3 directories with 5 updates
...
Bumps the github-actions group with 5 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout ) | `6.0.0` | `6.0.1` |
| [actions/setup-node](https://github.com/actions/setup-node ) | `6.0.0` | `6.1.0` |
| [github/codeql-action](https://github.com/github/codeql-action ) | `4.31.5` | `4.31.7` |
| [actions/setup-java](https://github.com/actions/setup-java ) | `5.0.0` | `5.1.0` |
| [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) | `7.0.9` | `7.0.11` |
Bumps the github-actions group with 1 update in the /.github/actions/build-dist directory: [actions/setup-node](https://github.com/actions/setup-node ).
Bumps the github-actions group with 1 update in the /.github/actions/init-integ-test directory: [actions/setup-java](https://github.com/actions/setup-java ).
Updates `actions/checkout` from 6.0.0 to 6.0.1
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](1af3b93b68...8e8c483db8https://github.com/actions/setup-node/releases )
- [Commits](2028fbc5c2...395ad32622https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](fdbfb4d275...cf1bb45a27https://github.com/actions/setup-java/releases )
- [Commits](dded088883...f2beeb24e1https://github.com/peter-evans/create-pull-request/releases )
- [Commits](84ae59a2cd...22a9089034https://github.com/actions/setup-node/releases )
- [Commits](2028fbc5c2...395ad32622https://github.com/actions/setup-java/releases )
- [Commits](dded088883...f2beeb24e1support@github.com >
2025-12-08 23:16:52 +00:00
dependabot[bot]
d2d4dbc936
Bump the github-actions group across 1 directory with 3 updates
...
Bumps the github-actions group with 3 updates in the / directory: [actions/checkout](https://github.com/actions/checkout ), [github/codeql-action](https://github.com/github/codeql-action ) and [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ).
Updates `actions/checkout` from 5.0.0 to 6.0.0
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](08c6903cd8...1af3b93b68https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0499de31b9...fdbfb4d275https://github.com/peter-evans/create-pull-request/releases )
- [Commits](271a8d0340...84ae59a2cdsupport@github.com >
2025-11-24 23:46:19 +00:00
dependabot[bot]
a74a056dbc
Bump the github-actions group across 2 directories with 4 updates
...
Bumps the github-actions group with 4 updates in the / directory: [actions/checkout](https://github.com/actions/checkout ), [gradle/actions](https://github.com/gradle/actions ), [github/codeql-action](https://github.com/github/codeql-action ) and [actions/download-artifact](https://github.com/actions/download-artifact ).
Bumps the github-actions group with 1 update in the /.github/actions/init-integ-test directory: [actions/download-artifact](https://github.com/actions/download-artifact ).
Updates `actions/checkout` from 4.2.2 to 5.0.0
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](11bd71901b...08c6903cd8https://github.com/gradle/actions/releases )
- [Commits](ac638b010c...017a9effdbhttps://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](51f77329af...96f518a34fhttps://github.com/actions/download-artifact/releases )
- [Commits](d3f86a106a...634f93cb29https://github.com/actions/download-artifact/releases )
- [Commits](d3f86a106a...634f93cb29https://github.com/actions/download-artifact/releases )
- [Commits](d3f86a106a...634f93cb29https://github.com/actions/download-artifact/releases )
- [Commits](d3f86a106a...634f93cb29support@github.com >
2025-08-19 10:17:44 +00:00
daz
d30cc9ecf2
Pin actions/checkout@v4
2024-11-14 12:19:48 -07:00
Daz DeBoer
07e0f1c008
Limit token permissions in GitHub workflows ( #440 )
...
See
ea7e27ed41/docs/checks.md (token-permissions)
2024-11-13 19:01:45 -07:00
daz
bcd07e6643
Refactor integ-tests into suites
...
- Extract 2 suites to make it possible to reduce concurrency
- Add separate workflow for integ-test and integ-test-full
2024-08-03 14:56:37 -06:00
daz
d74ee73e9f
Refactor integ-tests
...
- Include test name in all job names
- Remove cache key delegation as it is unused
2024-08-03 14:56:37 -06:00
daz
d473db0899
Add tests for wrapper-validation with insufficient wrappers
...
- Test min-wrapper-count greater than wrappers
- Test caswrapper-validation with insufficient wrappers
2024-08-02 15:50:28 -06:00
daz
b644be617f
Enable wrapper validation by default
...
- Add 'allow-snapshot-wrappers' input parameter
- Default 'validate-wrappers' to 'true'
Fixes #12
2024-08-01 10:51:02 -06:00
daz
fb14e0ee5b
Skip the 'download-dist' step for full integ-test
...
After the '[bot] update dist directory' commit, we run a full test suite.
This will now use the content from the 'dist' directory, rather than
regenerating this content in the test.
2024-04-12 00:24:44 -06:00
daz
62557f3635
Enable wrapper validation with setup-gradle action
2024-04-11 11:56:55 -06:00
daz
39cecc54d0
Add wrapper-validation workflows
2024-04-11 08:39:21 -06:00
