build(deps): bump eskatos/gradle-command-action from 1.3.3 to 2.1.6

[dependabot[bot]]

Bumps eskatos/gradle-command-action from 1.3.3 to 2.1.6.

Release notes

Sourced from eskatos/gradle-command-action's releases.

v2.1.6

This release contains an fix for changed behaviour in Gradle 7.6, as well as numerous library upgrades.

Earlier versions of the gradle-build-action were saving and restoring the downloaded Gradle wrapper zip file as part of caching the Gradle User Home. This will no longer work with Gradle 7.6, as the wrapper zip is now removed after expanding. This release of gradle-build-action contains a fix for this change in Gradle 7.6. Using an older version of the GitHub action with Gradle 7.6 will likely result in the wrapper being downloaded on every GitHub actions invocation.

What's Changed

• [FIX] Save/restore exploded Gradle dist rather than zip
• [FIX] Update to the latest versions of @actions/core, @actions/cache, @actions/github, @actions/http-client and @actions/tool-cache.

Full changelog: https://github.com/gradle/gradle-build-action/compare/v2.1.5...v2.1.6

v2.1.5

This release addresses a potential security issue by upgrading minimist, and fixes a bug with very large cache entries by upgrading @actions/cache. No other changes are included.

What's Changed

• [FIX] - Upgrade minimist from 1.2.5 -> 1.2.6
• [FIX] - Support cache entries > 2Gb via library upgrade to @​actions/cache from 1.0.10 -> 2.0.0.

Full changelog: https://github.com/gradle/gradle-build-action/compare/v2.1.4...v2.1.5

v2.1.4

What's Changed

• Updated dependency versions: d700906a155ae3ddc36d15f41d1ac83e8623287c.
• Log stack trace for cache errors that are reported as warnings.

Full Changelog: https://github.com/gradle/gradle-build-action/compare/v2.1.3...v2.1.4

v2.1.3

This patch release fixes an issue that prevented the Gradle User Home from being restored from cache on macos-latest runners. #155

What's Changed

• Fix detection of Gradle User Home on macOS runners by @​bigdaz in gradle/gradle-build-action#156

Full Changelog: https://github.com/gradle/gradle-build-action/compare/v2.1.2...v2.1.3

v2.1.2

This patch release fixes a minor bug and updates some NPM dependencies, including one dependency with a reported security advisory.

What's Changed

• Fixed #147: existing gradle.properties is no longer overwritten by action initialization
• Updated all NPM dependencies to the latest version
  • This included updating node-fetch to a version that isn't impacted by https://github.com/advisories/GHSA-r683-j2x4-v87g. Note that this CVE has been determined not to impact the action.

Full Changelog: https://github.com/gradle/gradle-build-action/compare/v2.1.1...v2.1.2

v2.1.1

This release improves logging and fixes a number of minor issues.

• Fix misleading error message when gradlew script is not executable #76

... (truncated)

Commits

• 116ac10 Bump dependencies
• 9f1e4d5 Allow 10 Dependabot PRs in parallel
• f1c309a Simplify Jest setup
• 202e4e0 Bump various dependencies
• c3afc51 Merge pull request #250 from gradle/dependabot/npm_and_yarn/eslint-8.14.0
• 1072fff Bump eslint from 8.13.0 to 8.14.0
• 04df35b Update changes for upcoming release
• 0fa1a8d Merge pull request #243 from osfanbuff63/main
• 78039b1 Bump com.gradle.enterprise from 3.9 to 3.10
• b147a59 Bump @​actions/glob to v0.3.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

Superseded by #76.