gradle/gradle (gradle)
### [`v7.6.2`](https://togithub.com/gradle/gradle/releases/tag/v7.6.2): 7.6.2
[Compare Source](https://togithub.com/gradle/gradle/compare/v7.6.1...v7.6.2)
This is a patch release for 7.6. We recommend using 7.6.2 instead of 7.6.
This release addresses two security vulnerabilities:
- [Dependency cache path traversal](https://togithub.com/gradle/gradle/security/advisories/GHSA-2h6c-rv6q-494v)
- [Path traversal vulnerabilities in handling of Tar archives](https://togithub.com/gradle/gradle/security/advisories/GHSA-84mw-qh6q-v842)
It also fixes the following issues:
- [#23201](https://togithub.com/gradle/gradle/issues/23201) Backport dependency upgrades to 7.x
- [#23202](https://togithub.com/gradle/gradle/issues/23202) Backport Scala incremental compilation fixes
- [#23325](https://togithub.com/gradle/gradle/issues/23325) Backport JSoup update to resolve CVE-2022-36033
- [#23458](https://togithub.com/gradle/gradle/issues/23458) Backport JUnit5 dynamic test logging bug fix
- [#23681](https://togithub.com/gradle/gradle/issues/23681) Dependency graph resolution: Equivalent excludes can cause un-necessary graph mutations \[backport 7.x]
- [#23922](https://togithub.com/gradle/gradle/issues/23922) Backport "Use Compiler API data for incremental compilation after a failure" to 7.x
- [#23951](https://togithub.com/gradle/gradle/issues/23951) Exclude rule merging: missing optimization \[Backport 7.x]
- [#24132](https://togithub.com/gradle/gradle/issues/24132) Extending an already resolved configuration no longer works correctly \[backport 7.x]
- [#24234](https://togithub.com/gradle/gradle/issues/24234) 7.6.1 breaks gradle-consistent-versions
- [#24390](https://togithub.com/gradle/gradle/issues/24390) Gradle 7.4 fails on multi release jar's with JDK 19 code
- [#24439](https://togithub.com/gradle/gradle/issues/24439) Gradle complains about invalid tool chain - picking up the source package location - it should just ignore them \[Backport]
- [#24443](https://togithub.com/gradle/gradle/issues/24443) Maven artifact referenced only in dependency constraints raises IllegalStateException: Corrupt serialized resolution result \[backport]
- [#24901](https://togithub.com/gradle/gradle/issues/24901) Backport fix for test exception that cannot be deserialized to 7.x
[Read the Release Notes](https://docs.gradle.org/7.6.2/release-notes.html)
#### Upgrade Instructions
Switch your build to use Gradle 7.6.2 by updating your wrapper:
./gradlew wrapper --gradle-version=7.6.2
See the [Gradle 7.x upgrade guide](https://docs.gradle.org/7.6.2/userguide/upgrading_version\_7.html#changes\_7.6) to learn about deprecations, breaking changes and other considerations when upgrading to Gradle 7.6.2.
#### Reporting Problems
If you find a problem with this release, please file a bug on [GitHub Issues](https://togithub.com/gradle/gradle/issues) adhering to our issue guidelines.
If you're not sure you're encountering a bug, please use the [forum](https://discuss.gradle.org/c/help-discuss).
Configuration
š Schedule: Branch creation - "before 3am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).
š¦ Automerge: Enabled.
ā» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
š Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
7.6.1
->7.6.2
Release Notes
gradle/gradle (gradle)
### [`v7.6.2`](https://togithub.com/gradle/gradle/releases/tag/v7.6.2): 7.6.2 [Compare Source](https://togithub.com/gradle/gradle/compare/v7.6.1...v7.6.2) This is a patch release for 7.6. We recommend using 7.6.2 instead of 7.6. This release addresses two security vulnerabilities: - [Dependency cache path traversal](https://togithub.com/gradle/gradle/security/advisories/GHSA-2h6c-rv6q-494v) - [Path traversal vulnerabilities in handling of Tar archives](https://togithub.com/gradle/gradle/security/advisories/GHSA-84mw-qh6q-v842) It also fixes the following issues: - [#23201](https://togithub.com/gradle/gradle/issues/23201) Backport dependency upgrades to 7.x - [#23202](https://togithub.com/gradle/gradle/issues/23202) Backport Scala incremental compilation fixes - [#23325](https://togithub.com/gradle/gradle/issues/23325) Backport JSoup update to resolve CVE-2022-36033 - [#23458](https://togithub.com/gradle/gradle/issues/23458) Backport JUnit5 dynamic test logging bug fix - [#23681](https://togithub.com/gradle/gradle/issues/23681) Dependency graph resolution: Equivalent excludes can cause un-necessary graph mutations \[backport 7.x] - [#23922](https://togithub.com/gradle/gradle/issues/23922) Backport "Use Compiler API data for incremental compilation after a failure" to 7.x - [#23951](https://togithub.com/gradle/gradle/issues/23951) Exclude rule merging: missing optimization \[Backport 7.x] - [#24132](https://togithub.com/gradle/gradle/issues/24132) Extending an already resolved configuration no longer works correctly \[backport 7.x] - [#24234](https://togithub.com/gradle/gradle/issues/24234) 7.6.1 breaks gradle-consistent-versions - [#24390](https://togithub.com/gradle/gradle/issues/24390) Gradle 7.4 fails on multi release jar's with JDK 19 code - [#24439](https://togithub.com/gradle/gradle/issues/24439) Gradle complains about invalid tool chain - picking up the source package location - it should just ignore them \[Backport] - [#24443](https://togithub.com/gradle/gradle/issues/24443) Maven artifact referenced only in dependency constraints raises IllegalStateException: Corrupt serialized resolution result \[backport] - [#24901](https://togithub.com/gradle/gradle/issues/24901) Backport fix for test exception that cannot be deserialized to 7.x [Read the Release Notes](https://docs.gradle.org/7.6.2/release-notes.html) #### Upgrade Instructions Switch your build to use Gradle 7.6.2 by updating your wrapper: ./gradlew wrapper --gradle-version=7.6.2 See the [Gradle 7.x upgrade guide](https://docs.gradle.org/7.6.2/userguide/upgrading_version\_7.html#changes\_7.6) to learn about deprecations, breaking changes and other considerations when upgrading to Gradle 7.6.2. #### Reporting Problems If you find a problem with this release, please file a bug on [GitHub Issues](https://togithub.com/gradle/gradle/issues) adhering to our issue guidelines. If you're not sure you're encountering a bug, please use the [forum](https://discuss.gradle.org/c/help-discuss).Configuration
š Schedule: Branch creation - "before 3am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).
š¦ Automerge: Enabled.
ā» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
š Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.