sschuberth
commented
4 years ago or to add their SHA-256 hashes as valid
That probably depends on https://github.com/gradle/actions/issues/281.
Closed sschuberth closed 4 years ago
sschuberth
commented
4 years ago or to add their SHA-256 hashes as valid
That probably depends on https://github.com/gradle/actions/issues/281.
JLLeitschuh
commented
4 years ago I'm guessing that you are probably right. @eskatos @bamboo, can we transition our samples in that repository to always use non-snapshot versions, or is it not a safe assumption that we won't ever use snapshot versions in that repository?
eskatos
commented
4 years ago Yes. PR updating the wrappers and adding the wrapper validation action #1399
eskatos
commented
4 years ago PR merged, closing
Expected Behavior
All
gradle-wrapper.jarfiles commit to this repository, e.g.kotlin-dsl-samples/samples/multi-kotlin-project/gradle/wrapper/gradle-wrapper.jar, should validate with the official GitHub Action, see https://blog.gradle.org/gradle-wrapper-checksum-verification-github-action.Current Behavior
At least
kotlin-dsl-samples/samples/multi-kotlin-project/gradle/wrapper/gradle-wrapper.jardoes not pass validation.Context
We are using
multi-kotlin-projectas a Git submodule in a project that uses the GitHub Action to validate all Gradle wrappers.I'm not sure whether the fix is to update the wrapper JARs, or to add their SHA-256 hashes as valid, but in any case I'd appreciate if this could be fixed.