gradle/gradle-build-action (gradle/gradle-build-action)
### [`v2.6.0`](https://togithub.com/gradle/gradle-build-action/releases/tag/v2.6.0)
[Compare Source](https://togithub.com/gradle/gradle-build-action/compare/v2.5.1...v2.6.0)
##### GitHub Dependency Graph support (Experimental)
This release brings experimental support for submitting a [GitHub Dependency Graph](https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph) snapshot via the [GitHub Dependency Submission API](https://docs.github.com/en/rest/dependency-graph/dependency-submission?apiVersion=2022-11-28).
The dependency graph snapshot is generated via integration with the [GitHub Dependency Graph Gradle Plugin](https://plugins.gradle.org/plugin/org.gradle.github-dependency-graph-gradle-plugin), and saved as a workflow artifact. The generated snapshot files can be submitted either in the same job, or in a subsequent job (in the same or a dependent workflow).
The generated dependency graph snapshot reports all of the dependencies that were resolved during a bulid execution, and is used by GitHub to generate [Dependabot Alerts](https://docs.github.com/en/code-security/dependabot/dependabot-alerts/about-dependabot-alerts) for vulnerable dependencies, as well as to populate the [Dependency Graph insights view](https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#viewing-the-dependency-graph).
Check out the README chapter for more details on how this works and how to configure a workflow that submits a dependency graph.
##### Changelog
### [`v2.5.1`](https://togithub.com/gradle/gradle-build-action/releases/tag/v2.5.1)
[Compare Source](https://togithub.com/gradle/gradle-build-action/compare/v2.5.0...v2.5.1)
Fixes a regression in v2.5.0 that resulted in failure when running a workflow that has a name containing a comma.
##### Fixes
- Cache key Validation Error when workflow name contains a comma [#756](https://togithub.com/gradle/gradle-build-action/issues/756)
##### Changelog
Configuration
π Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
v2.5.0->v2.6.0Release Notes
gradle/gradle-build-action (gradle/gradle-build-action)
### [`v2.6.0`](https://togithub.com/gradle/gradle-build-action/releases/tag/v2.6.0) [Compare Source](https://togithub.com/gradle/gradle-build-action/compare/v2.5.1...v2.6.0) ##### GitHub Dependency Graph support (Experimental) This release brings experimental support for submitting a [GitHub Dependency Graph](https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-the-dependency-graph) snapshot via the [GitHub Dependency Submission API](https://docs.github.com/en/rest/dependency-graph/dependency-submission?apiVersion=2022-11-28). The dependency graph snapshot is generated via integration with the [GitHub Dependency Graph Gradle Plugin](https://plugins.gradle.org/plugin/org.gradle.github-dependency-graph-gradle-plugin), and saved as a workflow artifact. The generated snapshot files can be submitted either in the same job, or in a subsequent job (in the same or a dependent workflow). The generated dependency graph snapshot reports all of the dependencies that were resolved during a bulid execution, and is used by GitHub to generate [Dependabot Alerts](https://docs.github.com/en/code-security/dependabot/dependabot-alerts/about-dependabot-alerts) for vulnerable dependencies, as well as to populate the [Dependency Graph insights view](https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/exploring-the-dependencies-of-a-repository#viewing-the-dependency-graph). Check out the README chapter for more details on how this works and how to configure a workflow that submits a dependency graph. ##### Changelog ### [`v2.5.1`](https://togithub.com/gradle/gradle-build-action/releases/tag/v2.5.1) [Compare Source](https://togithub.com/gradle/gradle-build-action/compare/v2.5.0...v2.5.1) Fixes a regression in v2.5.0 that resulted in failure when running a workflow that has a name containing a comma. ##### Fixes - Cache key Validation Error when workflow name contains a comma [#756](https://togithub.com/gradle/gradle-build-action/issues/756) ##### ChangelogConfiguration
π Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
π¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
β» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.