hytsnbr / Spring-Test

0 stars 0 forks source link

update(deps): bump gradle/gradle-build-action from 2.6.0 to 2.6.1 #62

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps gradle/gradle-build-action from 2.6.0 to 2.6.1.

Release notes

Sourced from gradle/gradle-build-action's releases.

v2.6.1

Dependency Graph support

This patch release fixes and improves a couple of aspects of the experimental Dependency Graph support:

  • The action will now generate a unique job.correlator value for each Gradle invocation within a Job. This permits multiple Gradle invocations in a single job to generate and submit a separate dependency graph.
  • Update to use github-dependency-graph-gradle-plugin@v0.1.0, which brings a number of improvements to the generated dependency graph:
    • Each Gradle build invocation is mapped to a single GitHub Dependency Graph manifest. This should result in fewer duplicate security alerts being generated.
    • Configurations that contribute to the GitHub Dependency Graph can be filtered by regular expression
Commits
  • 915a66c Bump dependency-graph version number
  • 8e5c878 Build outputs
  • 9f977db Update to latest plugin version
  • fa27d06 Test configuration-cache compatibility
  • a0fdbb0 Fix issue locating wrapper bat on windows
  • f59a6d4 Avoid log messages for included builds
  • b69de5f Support multiple invocations in dependency-graph init script
  • 3c11eee Don't use full path when executing gradlew
  • 4301451 Bump to Gradle 8.2.1
  • 295170c Remove dists for removed actions
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
sonarcloud[bot] commented 1 year ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information