solrbot opened a new pull request, #4541: URL: https://github.com/apache/solr/pull/4541
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [gradle/actions](https://redirect.github.com/gradle/actions) | action | minor | `v6.1.0` → `v6.2.0` | --- ### Release Notes <details> <summary>gradle/actions (gradle/actions)</summary> ### [`v6.2.0`](https://redirect.github.com/gradle/actions/releases/tag/v6.2.0) [Compare Source](https://redirect.github.com/gradle/actions/compare/v6.1.1...v6.2.0) ##### Highlights This release brings significant behaviour improvements to **Enhanced caching**, improvements to the generated Job Summary, and a number of correctness and security fixes. 1. **Improved cache-cleanup mechanism.** Cleanup of stale files from the Gradle User Home is now faster, and no longer depends on Gradle or a JVM. It works by inspecting the local file state directly, removing the Gradle invocation from the post-build step. 2. **More granular, more stable caching.** The local build cache is stored as a separate cache entry, so it can be restored and invalidated independently of the main Gradle User Home entry. Transient Gradle housekeeping files are excluded from the cache, reducing its size and improving stability. 3. **Hide obsolete Job summaries in PR commments**: When a new Job summary comment is added to a PR, previous outdated Job summaries are now hidden. 4. **Improved caching report in the job summary.** The cache report now uses a single, consistent layout across all cache states and providers. Provider information is integrated directly into the report, and per-entry details are available in an expandable section. ([#​985](https://redirect.github.com/gradle/actions/issues/985)) 5. **Correctness and security fixes.** A unique cache key is now used per run attempt, so re-runs no longer collide; the job summary shows the cache key string rather than an internal id; and bundled dependencies have been updated, including a ReDoS fix and a fast-xml CVE fix. ##### What's Changed - Remove unnecessary dependency overrides by [@​bigdaz](https://redirect.github.com/bigdaz) in [#​981](https://redirect.github.com/gradle/actions/pull/981) - Scope CI-integ-test concurrency groups per-branch by [@​bigdaz](https://redirect.github.com/bigdaz) in [#​983](https://redirect.github.com/gradle/actions/pull/983) - Improve typings by [@​Vampire](https://redirect.github.com/Vampire) in [#​938](https://redirect.github.com/gradle/actions/pull/938) - Hide obsolete Job summaries by [@​SimonMarquis](https://redirect.github.com/SimonMarquis) in [#​902](https://redirect.github.com/gradle/actions/pull/902) - CI: add requireable aggregate/no-op checks for branch protection by [@​bigdaz](https://redirect.github.com/bigdaz) in [#​984](https://redirect.github.com/gradle/actions/pull/984) - Redesign the caching Job Summary by [@​bigdaz](https://redirect.github.com/bigdaz) in [#​985](https://redirect.github.com/gradle/actions/pull/985) ##### New Contributors - [@​Vampire](https://redirect.github.com/Vampire) made their first contribution in [#​938](https://redirect.github.com/gradle/actions/pull/938) **Full Changelog**: <https://github.com/gradle/actions/compare/v6.1.1...v6.2.0> ### [`v6.1.1`](https://redirect.github.com/gradle/actions/releases/tag/v6.1.1) [Compare Source](https://redirect.github.com/gradle/actions/compare/v6.1.0...v6.1.1) This release updates various dependency versions, resolving several reported security vulnerabilities. No functional changes are included ##### What's Changed - Bump Gradle Wrapper from 9.4.1 to 9.5.1 in /sources/test/init-scripts by [@​bot-githubaction](https://redirect.github.com/bot-githubaction) in [#​961](https://redirect.github.com/gradle/actions/pull/961) - Bump Gradle Wrapper from 9.4.1 to 9.5.1 in /.github/workflow-samples/gradle-plugin by [@​bot-githubaction](https://redirect.github.com/bot-githubaction) in [#​962](https://redirect.github.com/gradle/actions/pull/962) - Bump Gradle Wrapper from 9.4.1 to 9.5.1 in /.github/workflow-samples/groovy-dsl by [@​bot-githubaction](https://redirect.github.com/bot-githubaction) in [#​963](https://redirect.github.com/gradle/actions/pull/963) - Bump Gradle Wrapper from 9.4.1 to 9.5.1 in /.github/workflow-samples/java-toolchain by [@​bot-githubaction](https://redirect.github.com/bot-githubaction) in [#​964](https://redirect.github.com/gradle/actions/pull/964) - Bump Gradle Wrapper from 9.4.1 to 9.5.1 in /.github/workflow-samples/kotlin-dsl by [@​bot-githubaction](https://redirect.github.com/bot-githubaction) in [#​965](https://redirect.github.com/gradle/actions/pull/965) - Update known wrapper checksums by [@​github-actions](https://redirect.github.com/github-actions)\[bot] in [#​937](https://redirect.github.com/gradle/actions/pull/937) - Bump the github-actions group across 2 directories with 8 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​976](https://redirect.github.com/gradle/actions/pull/976) - Bump the npm-dependencies group across 1 directory with 14 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​970](https://redirect.github.com/gradle/actions/pull/970) - Bump references to Develocity Gradle plugin from 4.4.0 to 4.4.2 by [@​bot-githubaction](https://redirect.github.com/bot-githubaction) in [#​973](https://redirect.github.com/gradle/actions/pull/973) - Bump the npm-dependencies group in /sources with 5 updates by [@​dependabot](https://redirect.github.com/dependabot)\[bot] in [#​977](https://redirect.github.com/gradle/actions/pull/977) - Update [@​actions/cache](https://redirect.github.com/actions/cache) and [@​actions/artifact](https://redirect.github.com/actions/artifact), stop ignoring them in Dependabot by [@​bigdaz](https://redirect.github.com/bigdaz) in [#​978](https://redirect.github.com/gradle/actions/pull/978) - Resolve npm security vulnerabilities via dependency overrides by [@​bigdaz](https://redirect.github.com/bigdaz) in [#​980](https://redirect.github.com/gradle/actions/pull/980) **Full Changelog**: <https://github.com/gradle/actions/compare/v6.1.0...v6.1.1> </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - Only on Sunday (`* * * * 0`) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/solrbot/renovate-github-action) <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xNzAuMTgiLCJ1cGRhdGVkSW5WZXIiOiI0My4xNzAuMTgiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImV4ZW1wdC1zdGFsZSJdfQ==--> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
