build(deps): bump the dependencies group across 1 directory with 6 updates

[dependabot[bot]]

Bumps the dependencies group with 6 updates in the / directory:

Package	From	To
actions/setup-java	4.2.1	4.2.2
fossas/fossa-action	1.3.3	1.4.0
actions/upload-artifact	4.3.3	4.3.6
actions/download-artifact	4.1.7	4.1.8
ChrisCarini/intellij-platform-plugin-verifier-action	2.0.1	2.0.2
gradle/actions	3.4.2	4.0.0

Updates actions/setup-java from 4.2.1 to 4.2.2

Release notes

Sourced from actions/setup-java's releases.

v4.2.2

What's Changed



Bug fixes:

• Fix macos latest check failures by @​HarithaVattikuti in actions/setup-java#634
• Fix dragonwell distribution parsing issues by @​Accelerator1996 in actions/setup-java#643

Documentation changes

• Update advanced documentation for java-version-file by @​mahabaleshwars in actions/setup-java#622

Dependency updates:

• Bump undici from 5.28.3 to 5.28.4 and other dependency updates by @​dependabot in actions/setup-java#616

Full Changelog: https://github.com/actions/setup-java/compare/v4...v4.2.2

Commits

• 6a0805f Fix the bug about parsing dragonwell version (#642) (#643)
• fd08b9c Bump undici from 5.28.3 to 5.28.4 (#616)
• 2e74cbc Fix versions check failures (#634)
• a1c6c9c Updated advanced-usage.md (#622)
• See full diff in compare view

Updates fossas/fossa-action from 1.3.3 to 1.4.0

Release notes

Sourced from fossas/fossa-action's releases.

v1.4.0

What's Changed

• Support FOSSA CLI's --diff flag. by @​csasarak in fossas/fossa-action#41

Full Changelog: https://github.com/fossas/fossa-action/compare/v1.3.3...v1.4.0

Commits

• 09bcf12 Make build artifacts. (#42)
• a4bc36a Test diff. (#41)
• See full diff in compare view

Updates actions/upload-artifact from 4.3.3 to 4.3.6

Release notes

Sourced from actions/upload-artifact's releases.

v4.3.6

What's Changed

• Revert to @​actions/artifact 2.1.8 by @​robherley in actions/upload-artifact#594

Full Changelog: https://github.com/actions/upload-artifact/compare/v4...v4.3.6

v4.3.5

What's Changed

• Bump @​actions/artifact to v2.1.9 by @​robherley in actions/upload-artifact#588
  • Fixed artifact upload chunk timeout logic #1774
  • Use lazy stream to prevent issues with open file limits #1771

Full Changelog: https://github.com/actions/upload-artifact/compare/v4.3.4...v4.3.5

v4.3.4

What's Changed

• Update @​actions/artifact version, bump dependencies by @​robherley in actions/upload-artifact#584

Full Changelog: https://github.com/actions/upload-artifact/compare/v4.3.3...v4.3.4

Commits

• 834a144 Merge pull request #594 from actions/robherley/4.3.6
• 134dcf3 v4.3.6
• 73a0b9c revert back to @​actions/artifact 2.1.8
• 89ef406 Merge pull request #588 from actions/robherley/4.3.5
• 23d796d license updates
• e445c64 bump @​actions/artifact to v2.1.9
• 0b2256b Merge pull request #584 from actions/robherley/bump-pkgs
• 488dcef licensed cache
• 04c51f5 ncc
• 32a9e27 bump @​actions/artifact and npm audit
• Additional commits viewable in compare view

Updates actions/download-artifact from 4.1.7 to 4.1.8

Release notes

Sourced from actions/download-artifact's releases.

v4.1.8

What's Changed

• Update @​actions/artifact version, bump dependencies by @​robherley in actions/download-artifact#341

Full Changelog: https://github.com/actions/download-artifact/compare/v4...v4.1.8

Commits

• fa0a91b Merge pull request #341 from actions/robherley/bump-pkgs
• b54d088 Update @​actions/artifact version, bump dependencies
• See full diff in compare view

Updates ChrisCarini/intellij-platform-plugin-verifier-action from 2.0.1 to 2.0.2

Release notes

Sourced from ChrisCarini/intellij-platform-plugin-verifier-action's releases.

v2.0.2

What's Changed

• docs: add le-yams as a contributor for bug, and code by @​allcontributors in ChrisCarini/intellij-platform-plugin-verifier-action#67
• Bump idna from 3.3 to 3.7 in /bin by @​dependabot in ChrisCarini/intellij-platform-plugin-verifier-action#71
• Bump requests from 2.31.0 to 2.32.0 in /bin by @​dependabot in ChrisCarini/intellij-platform-plugin-verifier-action#72
• Bump urllib3 from 1.26.18 to 1.26.19 in /bin by @​dependabot in ChrisCarini/intellij-platform-plugin-verifier-action#75
• Add dependabot to ChrisCarini/intellij-platform-plugin-verifier-action by @​ChrisCarini in ChrisCarini/intellij-platform-plugin-verifier-action#80
• Bump certifi from 2023.7.22 to 2024.7.4 in /bin by @​dependabot in ChrisCarini/intellij-platform-plugin-verifier-action#79
• #76 Adds support for mute args by @​drewbrokke in ChrisCarini/intellij-platform-plugin-verifier-action#77
• docs: add drewbrokke as a contributor for code, and doc by @​allcontributors in ChrisCarini/intellij-platform-plugin-verifier-action#81
• Adding retry logic for all curl calls with more explicit error handling for each. by @​ChrisCarini in ChrisCarini/intellij-platform-plugin-verifier-action#82

New Contributors

• @​drewbrokke made their first contribution in ChrisCarini/intellij-platform-plugin-verifier-action#77

Full Changelog: https://github.com/ChrisCarini/intellij-platform-plugin-verifier-action/compare/v2.0.1...v2.0.2

Commits

• 9e042b5 Adding retry logic for all curl calls with more explicit error handling for...
• aae60a6 docs: add drewbrokke as a contributor for code, and doc (#81)
• 021e941 #76 Adds support for mute args via mute-plugin-problems input option (#77)
• f198b16 Bump certifi from 2023.7.22 to 2024.7.4 in /bin (#79)
• b52e625 Add dependabot to ChrisCarini/intellij-platform-plugin-verifier-action (#80)
• d4677a9 Bump urllib3 from 1.26.18 to 1.26.19 in /bin (#75)
• b3851ea Bump requests from 2.31.0 to 2.32.0 (#72)
• 740c9f9 Bump idna from 3.3 to 3.7 in /bin (#71)
• a408ee9 Add retry when downloading intellij-plugin-verifier latest version from GitHu...
• 218143d docs: add le-yams as a contributor for bug, and code (#67)
• See full diff in compare view

Updates gradle/actions from 3.4.2 to 4.0.0

Release notes

Sourced from gradle/actions's releases.

v4.0.0

Final release of v4.0.0 of the setup-gradle, dependency-submission and wrapper-validation actions provided under gradle/actions. This release is available under the v4 tag.

Major changes from the v3 release

The arguments parameter has been removed

Using the action to execute Gradle via the arguments parameter was deprecated in v3 and this parameter has been removed. See here for more details.

Cache cleanup enabled by default

After a number of fixes and improvements, this release enables cache-cleanup by default for all Jobs using the setup-gradle and dependency-submission actions.

Improvements and bugfixes related cache cleanup:

• By default, cache cleanup is not run if any Gradle build fails (#71)
• Cache cleanup is not run after configuration-cache reuse (#19)

This feature should help to minimize the size of entries written to the GitHub Actions cache, speeding up builds and reducing cache usage.

Wrapper validation enabled by default

In v3, the setup-gradle action was enhanced to support Gradle wrapper validation, removing the need to use a separate workflow file with the gradle/actions/wrapper-validation action.

With this release, wrapper validation has been significantly improved, and is now enabled by default (#12):

• The allow-snapshot-wrappers makes it possible to validate snapshot wrapper jars using setup-gradle.
• Checksums for nightly and snapshot Gradle versions are now validated (#281).
• Valid wrapper checksums are cached in Gradle User Home, reducing the need to retrieve checksum values remotely (#172).
• Reduce network calls in wrapper-validation for new Gradle versions: By only fetching wrapper checksums for Gradle versions that were not known when this action was released, this release reduces the likelihood that a network failure could cause failure in wrapper validation (#171)
• Improved error message when wrapper-validation finds no wrapper jars (#284)

Wrapper validation is important for supply-chain integrity. Enabling this feature by default will increase the coverage of wrapper validation on projects using GitHub Actions.

New input parameters for Dependency Graph generation

Some dependency-graph inputs that could previously only be configured via environment variables now have dedicated action inputs:

• dependency-graph-report-dir: sets the location where dependency-graph reports will be generated
• dependency-graph-exclude-projects and dependency-graph-include-projects: select which Gradle projects will contribute to the generated dependency graph.
• dependency-graph-exclude-configurations and dependency-graph-include-configurations: select which Gradle configurations will contribute to the generated dependency graph.

Other improvements

• In Job summary, the action now provides an explanation when cache is set to read-only or disabled (#255)
• When setup-gradle requests a specific Gradle version, the action will no longer download and install that version if it is already available on the PATH of the runner (#270)
• To attempt to speed up builds, the setup-gradle and dependency-submission actions now attempt to use the D: drive for Gradle User Home if it is available (#290)

Deprecations and breaking changes

... (truncated)

Commits

• af1da67 Prevent concurrent jobs in integ-test-full
• f8ba43c Better names for suite workflows
• bcd07e6 Refactor integ-tests into suites
• d74ee73 Refactor integ-tests
• fb2e693 [bot] Update dist directory
• 0719002 Improve error messages for min-wrapper-count (#321)
• ac3aebd Improve error messages for min-wrapper-count
• d473db0 Add tests for wrapper-validation with insufficient wrappers
• 833b05f [bot] Update dist directory
• 06905c7 Enable wrapper-validation by default in setup-gradle (#318)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[evansims]

@dependabot rebase

[dependabot[bot]]

Looks like this PR is already up-to-date with main! If you'd still like to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.