dependabot[bot] opened a new pull request, #5989: URL: https://github.com/apache/fineract/pull/5989
Bumps [gradle/actions](https://github.com/gradle/actions) from 5.0.2 to 6.1.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/gradle/actions/releases";>gradle/actions's releases</a>.</em></p> <blockquote> <h2>v6.1.1</h2> <p>This release updates various dependency versions, resolving several reported security vulnerabilities. No functional changes are included</p> <h2>What's Changed</h2> <ul> <li>Bump Gradle Wrapper from 9.4.1 to 9.5.1 in /sources/test/init-scripts by <a href="https://github.com/bot-githubaction";><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/961";>gradle/actions#961</a></li> <li>Bump Gradle Wrapper from 9.4.1 to 9.5.1 in /.github/workflow-samples/gradle-plugin by <a href="https://github.com/bot-githubaction";><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/962";>gradle/actions#962</a></li> <li>Bump Gradle Wrapper from 9.4.1 to 9.5.1 in /.github/workflow-samples/groovy-dsl by <a href="https://github.com/bot-githubaction";><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/963";>gradle/actions#963</a></li> <li>Bump Gradle Wrapper from 9.4.1 to 9.5.1 in /.github/workflow-samples/java-toolchain by <a href="https://github.com/bot-githubaction";><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/964";>gradle/actions#964</a></li> <li>Bump Gradle Wrapper from 9.4.1 to 9.5.1 in /.github/workflow-samples/kotlin-dsl by <a href="https://github.com/bot-githubaction";><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/965";>gradle/actions#965</a></li> <li>Update known wrapper checksums by <a href="https://github.com/github-actions";><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/gradle/actions/pull/937";>gradle/actions#937</a></li> <li>Bump the github-actions group across 2 directories with 8 updates by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/gradle/actions/pull/976";>gradle/actions#976</a></li> <li>Bump the npm-dependencies group across 1 directory with 14 updates by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/gradle/actions/pull/970";>gradle/actions#970</a></li> <li>Bump references to Develocity Gradle plugin from 4.4.0 to 4.4.2 by <a href="https://github.com/bot-githubaction";><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/973";>gradle/actions#973</a></li> <li>Bump the npm-dependencies group in /sources with 5 updates by <a href="https://github.com/dependabot";><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/gradle/actions/pull/977";>gradle/actions#977</a></li> <li>Update <code>@actions/cache</code> and <code>@actions/artifact</code>, stop ignoring them in Dependabot by <a href="https://github.com/bigdaz";><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/978";>gradle/actions#978</a></li> <li>Resolve npm security vulnerabilities via dependency overrides by <a href="https://github.com/bigdaz";><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/980";>gradle/actions#980</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/gradle/actions/compare/v6.1.0...v6.1.1";>https://github.com/gradle/actions/compare/v6.1.0...v6.1.1</a></p> <h2>v6.1.0</h2> <h2>New: Basic Cache Provider</h2> <p>A new MIT-licensed <strong>Basic Caching</strong> provider is now available as an alternative to the proprietary <strong>Enhanced Caching</strong> provided by <code>gradle-actions-caching</code>. Choose Basic Caching by setting <code>cache-provider: basic</code> on <code>setup-gradle</code> or <code>dependency-submission</code> actions.</p> <ul> <li>Built on <code>@actions/cache</code> -- fully open source</li> <li>Caches <code>~/.gradle/caches</code> and <code>~/.gradle/wrapper</code> directories</li> <li>Cache key derived from build files (<code>*.gradle*</code>, <code>gradle-wrapper.properties</code>, etc.)</li> <li>Clean cache on build file changes (no restore keys, preventing stale entry accumulation)</li> </ul> <p><strong>Limitations vs Enhanced Caching:</strong> No cache cleanup, no deduplication of cached content, cached content is fixed unless build files change.</p> <h2>Revamped Licensing & Distribution Documentation</h2> <ul> <li>New <strong>DISTRIBUTION.md</strong> documents the licensing of each component (particularly Basic Caching vs Enhanced Caching)</li> <li>Simplified licensing notices in README, docs, and runtime log output</li> <li>Clear usage tiers: Enhanced Caching is free for public repos and in Free Preview for private repos</li> </ul> <h2>What's Changed</h2> <ul> <li>Use a unique cache entry for wrapper-validation test by <a href="https://github.com/bigdaz";><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/921";>gradle/actions#921</a></li> <li>Update Dependencies by <a href="https://github.com/bigdaz";><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/922";>gradle/actions#922</a></li> <li>Update dependencies and resolve npm vulnerabilities by <a href="https://github.com/bigdaz";><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/933";>gradle/actions#933</a></li> <li>Add open-source 'basic' cache provider and revamp licensing documentation by <a href="https://github.com/bigdaz";><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/930";>gradle/actions#930</a></li> <li>Restructure caching documentation for basic and enhanced providers by <a href="https://github.com/bigdaz";><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/934";>gradle/actions#934</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/gradle/actions/compare/v6.0.1...v6.1.0";>https://github.com/gradle/actions/compare/v6.0.1...v6.1.0</a></p> <h2>v6.0.1</h2> <blockquote> <p>[!IMPORTANT] The release of <code>gradle/actions@v6</code> contains important changes to the license terms. More details in <a href="https://blog.gradle.org/github-actions-for-gradle-v6";>this blog post</a>.</p> </blockquote> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/gradle/actions/commit/5e2ebd065dc2488b7a6ad670704656cbbe1e8f60";><code>5e2ebd0</code></a> [bot] Update dist directory</li> <li><a href="https://github.com/gradle/actions/commit/9e2c1cc01db33004a01841dce07f112bc26ed8ea";><code>9e2c1cc</code></a> Resolve npm security vulnerabilities via dependency overrides (<a href="https://redirect.github.com/gradle/actions/issues/980";>#980</a>)</li> <li><a href="https://github.com/gradle/actions/commit/657f690528177d12a68986429495f3df2a4010fa";><code>657f690</code></a> [bot] Update dist directory</li> <li><a href="https://github.com/gradle/actions/commit/9d6bacde378b012d550b83e54da355eb38e44bd9";><code>9d6bacd</code></a> Update <code>@actions/cache</code> and <code>@actions/artifact</code>, stop ignoring them in Dependabot...</li> <li><a href="https://github.com/gradle/actions/commit/79f6b196a715b9ba02b2dfad56f622e58ed4bcae";><code>79f6b19</code></a> [bot] Update dist directory</li> <li><a href="https://github.com/gradle/actions/commit/6781648d2b1ada397658f0ccd39a47d983817721";><code>6781648</code></a> Bump the npm-dependencies group in /sources with 5 updates (<a href="https://redirect.github.com/gradle/actions/issues/977";>#977</a>)</li> <li><a href="https://github.com/gradle/actions/commit/a3b40d2308272dcf9c3290169376c74ddd8769d5";><code>a3b40d2</code></a> [bot] Update dist directory</li> <li><a href="https://github.com/gradle/actions/commit/f37016fb25ccb3df1b08238add8706e4c9c8bdd6";><code>f37016f</code></a> Bump references to Develocity Gradle plugin from 4.4.0 to 4.4.2 (<a href="https://redirect.github.com/gradle/actions/issues/973";>#973</a>)</li> <li><a href="https://github.com/gradle/actions/commit/2afdab2a02d5731bb7661f7e94ff91cfc71278c3";><code>2afdab2</code></a> [bot] Update dist directory</li> <li><a href="https://github.com/gradle/actions/commit/1046ffaf33b5a496f27873e820521d9ca5456b90";><code>1046ffa</code></a> Bump the npm-dependencies group across 1 directory with 14 updates (<a href="https://redirect.github.com/gradle/actions/issues/970";>#970</a>)</li> <li>Additional commits viewable in <a href="https://github.com/gradle/actions/compare/0723195856401067f7a2779048b490ace7a47d7c...5e2ebd065dc2488b7a6ad670704656cbbe1e8f60";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
