Closed JLLeitschuh closed 4 years ago
Friendly ping?
Thanks for the contribution!
Oh, first time I know about wrapper-validation-action - it would be helpful to protect us from malicious gradle-wrapper.jar. How do you know about it @JLLeitschuh ?
@anticafe I'm one of the authors (mostly did documentation for it though) and I also work for Gradle.
I wrote our blog post about it: https://blog.gradle.org/gradle-wrapper-checksum-verification-github-action
:loudspeaker: Type of change
:scroll: Description
Add a GitHub Action for verifying that the
gradle-wrapper.jar
is an official Gradle release.:bulb: Motivation and Context
See: https://github.com/gradle/wrapper-validation-action
:green_heart: How did you test it?
:pencil: Checklist
./gradlew spotlessApply
before submitting the PR:crystal_ball: Next steps