search

gradle / gradle-build-action

Execute your Gradle build and trigger dependency submission
https://github.com/marketplace/actions/gradle-build-action
MIT License
679 stars 97 forks source link

Bump the github-actions group with 1 update #913

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps the github-actions group with 1 update: gradle/gradle-build-action.

Release notes

Sourced from gradle/gradle-build-action's releases.

v2.9.0

The GitHub dependency-review-action helps you understand dependency changes (and the security impact of these changes) for a pull request. This release updates the GItHub Dependency Graph support to be compatible with the dependency-review-action.

See the documentation for detailed examples.

Changelog

  • [FIX] Use correct SHA for pull-request events #882
  • [FIX] Avoid generating dependency graph during cache cleanup #905
  • [NEW] Improve warning on failure to submit dependency graph
  • [NEW] Compatibility with GitHub dependency-review-action #879

Full-changelog: https://github.com/gradle/gradle-build-action/compare/v2.8.1...v2.9.0

Commits
  • 842c587 Merge pull request #911 - Improve dependency review support
  • 4241e05 Document configuration for dependency-review-action
  • bfa3c05 Build outputs
  • c3bdce8 Warn on dependency-graph-submit failure
  • f92e7c3 Improve compat with dependency-review-action
  • d1b726d Do not generate dependency graph in cache-cleanup
  • 6fcc109 Dependency updates (#904)
  • fde5b4f fix README.md internal references
  • 324fbdc Update to dep-graph plugin 0.4.1
  • 5658338 Build outputs
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
dependabot[bot] commented 1 year ago

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.