iiYeung / zentao-plugin

zentao-intellj-plugin
Apache License 2.0
0 stars 0 forks source link

Bump gradle/wrapper-validation-action from 1.1.0 to 2.1.3 #23

Closed dependabot[bot] closed 6 months ago

dependabot[bot] commented 6 months ago

Bumps gradle/wrapper-validation-action from 1.1.0 to 2.1.3.

Release notes

Sourced from gradle/wrapper-validation-action's releases.

v2.1.3

What's Changed

  • Update various NPM dependencies
  • Update wrapper checksums to include Gradle 8.7

Full Changelog: https://github.com/gradle/wrapper-validation-action/compare/v2.1.2...v2.1.3

v2.1.2

What's Changed

  • Update various NPM dependencies
  • Update wrapper checksums

Full Changelog: https://github.com/gradle/wrapper-validation-action/compare/v2.1.1...v2.1.2

v2.1.1

Changelog

  • [FIX] Add hardcoded checksum for Gradle 7.6.4

Full Changelog: https://github.com/gradle/wrapper-validation-action/compare/v2...v2.1.1

v2.1.0

This release should vastly reduce the number of network requests made by the wrapper-validation-action, by hardcoding the checksums of all known Gradle wrapper jars at time of release. With this improvement, a number of long-standing issues should be addressed (#164, #162, #57).

The action should now only make network requests to validate the checksums of an unknown gradle-wrapper.jar. This can happen if:

  • The Gradle version was published after this action was released
  • The gradle-wrapper.jar is truly invalid

Changelog

  • [NEW] Hardcode list of known checksums to avoid network requests in most cases (#161)

Huge thanks to @​Marcono1234 for contributing this long-awaited improvement.

v2.0.1

This patch release fixes error reporting when failing to retrieve the checksums from services.gradle.org

  • [FIX] After migration from v1 to v2 silently fails (#174)

v2.0.0

What's Changed

The version of the Node.js runtime was updated to 20, and the majority of dependencies were updated to the latest versions. From now on, the wrapper-validation-action will require a Node.js 20 runtime environment.

There are no functional changes in this release. This release is tagged with the v2 version label.

  • [NEW] Update Node.js runtime to version 20 (#170)

... (truncated)

Commits
  • b5418f5 Build dist
  • 6613b81 Bump the npm-dependencies group with 2 updates
  • 35bb224 Bump undici from 5.28.3 to 5.28.4
  • ea90fd0 Update known wrapper checksums
  • b231772 Build outputs
  • ad66d65 Update known wrapper checksums
  • 34f4d9f Bump undici from 5.28.2 to 5.28.3
  • 4a956f6 Bump the npm-dependencies group with 6 updates
  • 63d15e7 Bump the npm-dependencies group with 1 update
  • 699bb18 Build outputs
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
github-actions[bot] commented 6 months ago

Qodana Community for JVM

12 new problems were found

Inspection name Severity Problems
Unused symbol 🔶 Warning 6
Incorrect string capitalization 🔶 Warning 1
Property naming convention ◽️ Notice 3
Class member can have 'private' visibility ◽️ Notice 1
Remove unnecessary parentheses ◽️ Notice 1

💡 Qodana analysis was run in the pull request mode: only the changed files were checked

View the detailed Qodana report To be able to view the detailed Qodana report, you can either: 1. Register at [Qodana Cloud](https://qodana.cloud/) and [configure the action](https://github.com/jetbrains/qodana-action#qodana-cloud) 2. Use [GitHub Code Scanning with Qodana](https://github.com/jetbrains/qodana-action#github-code-scanning) 3. Host [Qodana report at GitHub Pages](https://github.com/JetBrains/qodana-action/blob/3a8e25f5caad8d8b01c1435f1ef7b19fe8b039a0/README.md#github-pages) 4. Inspect and use `qodana.sarif.json` (see [the Qodana SARIF format](https://www.jetbrains.com/help/qodana/qodana-sarif-output.html#Report+structure) for details) To get `*.log` files or any other Qodana artifacts, run the action with `upload-result` option set to `true`, so that the action will upload the files as the job artifacts: ```yaml - name: 'Qodana Scan' uses: JetBrains/qodana-action@v2023.3.1 with: upload-result: true ```
Contact Qodana team Contact us at [qodana-support@jetbrains.com](mailto:qodana-support@jetbrains.com) - Or via our issue tracker: https://jb.gg/qodana-issue - Or share your feedback: https://jb.gg/qodana-discussions
dependabot[bot] commented 6 months ago

Superseded by #24.