gradle/gradle (gradle)
### [`v7.6.4`](https://togithub.com/gradle/gradle/releases/tag/v7.6.4): 7.6.4
[Compare Source](https://togithub.com/gradle/gradle/compare/v7.6.3...v7.6.4)
This is a patch release for 7.6. We recommend using 7.6.4 instead of 7.6.
[Read the Release Notes](https://docs.gradle.org/7.6.4/release-notes.html)
#### Upgrade instructions
Switch your build to use Gradle 7.6.4 by updating your wrapper:
./gradlew wrapper --gradle-version=7.6.4
See the Gradle [7.x upgrade guide](https://docs.gradle.org/7.6.4/userguide/upgrading_version\_7.html) to learn about deprecations, breaking changes and other considerations when upgrading.
For Java, Groovy, Kotlin and Android compatibility, see the [full compatibility notes](https://docs.gradle.org/7.6.4/userguide/compatibility.html).
#### Reporting problems
If you find a problem with this release, please file a bug on [GitHub Issues](https://togithub.com/gradle/gradle/issues) adhering to our issue guidelines.
If you're not sure you're encountering a bug, please use the [forum](https://discuss.gradle.org/c/help-discuss).
We hope you will build happiness with Gradle, and we look forward to your feedback via [Twitter](https://twitter.com/gradle) or on [GitHub](https://togithub.com/gradle).
### [`v7.6.3`](https://togithub.com/gradle/gradle/releases/tag/v7.6.3): 7.6.3
[Compare Source](https://togithub.com/gradle/gradle/compare/v7.6.2...v7.6.3)
This is a patch release for 7.6. We recommend using 7.6.3 instead of 7.6.
This release addresses two security vulnerabilities:
- [Incorrect permission assignment for symlinked files used in copy or archiving operations](https://togithub.com/gradle/gradle/security/advisories/GHSA-43r3-pqhv-f7h9)
- [Possible local text file exfiltration by XML External entity injection](https://togithub.com/gradle/gradle/security/advisories/GHSA-mrff-q8qj-xvg8)
It also fixes the following issues:
- [#25781](https://togithub.com/gradle/gradle/issues/25781) Backport finalized task performance fix to 7.6.x
- [#25802](https://togithub.com/gradle/gradle/issues/25802) Backport cgroups fix to 7.6.x
[Read the Release Notes](https://docs.gradle.org/7.6.3/release-notes.html)
#### Upgrade Instructions
Switch your build to use Gradle 7.6.3 by updating your wrapper:
./gradlew wrapper --gradle-version=7.6.3
See the [Gradle 7.x upgrade guide](https://docs.gradle.org/7.6.3/userguide/upgrading_version\_7.html#changes\_7.6) to learn about deprecations, breaking changes and other considerations when upgrading to Gradle 7.6.3.
#### Reporting Problems
If you find a problem with this release, please file a bug on [GitHub Issues](https://togithub.com/gradle/gradle/issues) adhering to our issue guidelines.
If you're not sure you're encountering a bug, please use the [forum](https://discuss.gradle.org/c/help-discuss).
### [`v7.6.2`](https://togithub.com/gradle/gradle/releases/tag/v7.6.2): 7.6.2
[Compare Source](https://togithub.com/gradle/gradle/compare/v7.6.1...v7.6.2)
This is a patch release for 7.6. We recommend using 7.6.2 instead of 7.6.
This release addresses two security vulnerabilities:
- [Dependency cache path traversal](https://togithub.com/gradle/gradle/security/advisories/GHSA-2h6c-rv6q-494v)
- [Path traversal vulnerabilities in handling of Tar archives](https://togithub.com/gradle/gradle/security/advisories/GHSA-84mw-qh6q-v842)
It also fixes the following issues:
- [#23201](https://togithub.com/gradle/gradle/issues/23201) Backport dependency upgrades to 7.x
- [#23202](https://togithub.com/gradle/gradle/issues/23202) Backport Scala incremental compilation fixes
- [#23325](https://togithub.com/gradle/gradle/issues/23325) Backport JSoup update to resolve CVE-2022-36033
- [#23458](https://togithub.com/gradle/gradle/issues/23458) Backport JUnit5 dynamic test logging bug fix
- [#23681](https://togithub.com/gradle/gradle/issues/23681) Dependency graph resolution: Equivalent excludes can cause un-necessary graph mutations \[backport 7.x]
- [#23922](https://togithub.com/gradle/gradle/issues/23922) Backport "Use Compiler API data for incremental compilation after a failure" to 7.x
- [#23951](https://togithub.com/gradle/gradle/issues/23951) Exclude rule merging: missing optimization \[Backport 7.x]
- [#24132](https://togithub.com/gradle/gradle/issues/24132) Extending an already resolved configuration no longer works correctly \[backport 7.x]
- [#24234](https://togithub.com/gradle/gradle/issues/24234) 7.6.1 breaks gradle-consistent-versions
- [#24390](https://togithub.com/gradle/gradle/issues/24390) Gradle 7.4 fails on multi release jar's with JDK 19 code
- [#24439](https://togithub.com/gradle/gradle/issues/24439) Gradle complains about invalid tool chain - picking up the source package location - it should just ignore them \[Backport]
- [#24443](https://togithub.com/gradle/gradle/issues/24443) Maven artifact referenced only in dependency constraints raises IllegalStateException: Corrupt serialized resolution result \[backport]
- [#24901](https://togithub.com/gradle/gradle/issues/24901) Backport fix for test exception that cannot be deserialized to 7.x
[Read the Release Notes](https://docs.gradle.org/7.6.2/release-notes.html)
#### Upgrade Instructions
Switch your build to use Gradle 7.6.2 by updating your wrapper:
./gradlew wrapper --gradle-version=7.6.2
See the [Gradle 7.x upgrade guide](https://docs.gradle.org/7.6.2/userguide/upgrading_version\_7.html#changes\_7.6) to learn about deprecations, breaking changes and other considerations when upgrading to Gradle 7.6.2.
#### Reporting Problems
If you find a problem with this release, please file a bug on [GitHub Issues](https://togithub.com/gradle/gradle/issues) adhering to our issue guidelines.
If you're not sure you're encountering a bug, please use the [forum](https://discuss.gradle.org/c/help-discuss).
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
[ ] If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
This PR contains the following updates:
7.6.1->7.6.4Release Notes
gradle/gradle (gradle)
### [`v7.6.4`](https://togithub.com/gradle/gradle/releases/tag/v7.6.4): 7.6.4 [Compare Source](https://togithub.com/gradle/gradle/compare/v7.6.3...v7.6.4) This is a patch release for 7.6. We recommend using 7.6.4 instead of 7.6. [Read the Release Notes](https://docs.gradle.org/7.6.4/release-notes.html) #### Upgrade instructions Switch your build to use Gradle 7.6.4 by updating your wrapper: ./gradlew wrapper --gradle-version=7.6.4 See the Gradle [7.x upgrade guide](https://docs.gradle.org/7.6.4/userguide/upgrading_version\_7.html) to learn about deprecations, breaking changes and other considerations when upgrading. For Java, Groovy, Kotlin and Android compatibility, see the [full compatibility notes](https://docs.gradle.org/7.6.4/userguide/compatibility.html). #### Reporting problems If you find a problem with this release, please file a bug on [GitHub Issues](https://togithub.com/gradle/gradle/issues) adhering to our issue guidelines. If you're not sure you're encountering a bug, please use the [forum](https://discuss.gradle.org/c/help-discuss). We hope you will build happiness with Gradle, and we look forward to your feedback via [Twitter](https://twitter.com/gradle) or on [GitHub](https://togithub.com/gradle). ### [`v7.6.3`](https://togithub.com/gradle/gradle/releases/tag/v7.6.3): 7.6.3 [Compare Source](https://togithub.com/gradle/gradle/compare/v7.6.2...v7.6.3) This is a patch release for 7.6. We recommend using 7.6.3 instead of 7.6. This release addresses two security vulnerabilities: - [Incorrect permission assignment for symlinked files used in copy or archiving operations](https://togithub.com/gradle/gradle/security/advisories/GHSA-43r3-pqhv-f7h9) - [Possible local text file exfiltration by XML External entity injection](https://togithub.com/gradle/gradle/security/advisories/GHSA-mrff-q8qj-xvg8) It also fixes the following issues: - [#25781](https://togithub.com/gradle/gradle/issues/25781) Backport finalized task performance fix to 7.6.x - [#25802](https://togithub.com/gradle/gradle/issues/25802) Backport cgroups fix to 7.6.x [Read the Release Notes](https://docs.gradle.org/7.6.3/release-notes.html) #### Upgrade Instructions Switch your build to use Gradle 7.6.3 by updating your wrapper: ./gradlew wrapper --gradle-version=7.6.3 See the [Gradle 7.x upgrade guide](https://docs.gradle.org/7.6.3/userguide/upgrading_version\_7.html#changes\_7.6) to learn about deprecations, breaking changes and other considerations when upgrading to Gradle 7.6.3. #### Reporting Problems If you find a problem with this release, please file a bug on [GitHub Issues](https://togithub.com/gradle/gradle/issues) adhering to our issue guidelines. If you're not sure you're encountering a bug, please use the [forum](https://discuss.gradle.org/c/help-discuss). ### [`v7.6.2`](https://togithub.com/gradle/gradle/releases/tag/v7.6.2): 7.6.2 [Compare Source](https://togithub.com/gradle/gradle/compare/v7.6.1...v7.6.2) This is a patch release for 7.6. We recommend using 7.6.2 instead of 7.6. This release addresses two security vulnerabilities: - [Dependency cache path traversal](https://togithub.com/gradle/gradle/security/advisories/GHSA-2h6c-rv6q-494v) - [Path traversal vulnerabilities in handling of Tar archives](https://togithub.com/gradle/gradle/security/advisories/GHSA-84mw-qh6q-v842) It also fixes the following issues: - [#23201](https://togithub.com/gradle/gradle/issues/23201) Backport dependency upgrades to 7.x - [#23202](https://togithub.com/gradle/gradle/issues/23202) Backport Scala incremental compilation fixes - [#23325](https://togithub.com/gradle/gradle/issues/23325) Backport JSoup update to resolve CVE-2022-36033 - [#23458](https://togithub.com/gradle/gradle/issues/23458) Backport JUnit5 dynamic test logging bug fix - [#23681](https://togithub.com/gradle/gradle/issues/23681) Dependency graph resolution: Equivalent excludes can cause un-necessary graph mutations \[backport 7.x] - [#23922](https://togithub.com/gradle/gradle/issues/23922) Backport "Use Compiler API data for incremental compilation after a failure" to 7.x - [#23951](https://togithub.com/gradle/gradle/issues/23951) Exclude rule merging: missing optimization \[Backport 7.x] - [#24132](https://togithub.com/gradle/gradle/issues/24132) Extending an already resolved configuration no longer works correctly \[backport 7.x] - [#24234](https://togithub.com/gradle/gradle/issues/24234) 7.6.1 breaks gradle-consistent-versions - [#24390](https://togithub.com/gradle/gradle/issues/24390) Gradle 7.4 fails on multi release jar's with JDK 19 code - [#24439](https://togithub.com/gradle/gradle/issues/24439) Gradle complains about invalid tool chain - picking up the source package location - it should just ignore them \[Backport] - [#24443](https://togithub.com/gradle/gradle/issues/24443) Maven artifact referenced only in dependency constraints raises IllegalStateException: Corrupt serialized resolution result \[backport] - [#24901](https://togithub.com/gradle/gradle/issues/24901) Backport fix for test exception that cannot be deserialized to 7.x [Read the Release Notes](https://docs.gradle.org/7.6.2/release-notes.html) #### Upgrade Instructions Switch your build to use Gradle 7.6.2 by updating your wrapper: ./gradlew wrapper --gradle-version=7.6.2 See the [Gradle 7.x upgrade guide](https://docs.gradle.org/7.6.2/userguide/upgrading_version\_7.html#changes\_7.6) to learn about deprecations, breaking changes and other considerations when upgrading to Gradle 7.6.2. #### Reporting Problems If you find a problem with this release, please file a bug on [GitHub Issues](https://togithub.com/gradle/gradle/issues) adhering to our issue guidelines. If you're not sure you're encountering a bug, please use the [forum](https://discuss.gradle.org/c/help-discuss).Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.