Bumps
[org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit5)
from 5.11.2 to 5.11.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/junit-team/junit5/releases">org.junit.jupiter:junit-jupiter's
releases</a>.</em></p>
<blockquote>
<p>JUnit 5.11.3 = Platform 1.11.3 + Jupiter 5.11.3 + Vintage 5.11.3</p>
<p>See <a
href="http://junit.org/junit5/docs/5.11.3/release-notes/">Release
Notes</a>.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/junit-team/junit5/compare/r5.11.2...r5.11.3">https://github.com/junit-team/junit5/compare/r5.11.2...r5.11.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b20991e376"><code>b20991e</code></a>
Release 5.11.3</li>
<li><a
href="e57b508692"><code>e57b508</code></a>
Finalize 5.11.3 release notes</li>
<li><a
href="fb1254cb13"><code>fb1254c</code></a>
Allow repeating <code>ExtendWith</code> annotation on fields and
parameters</li>
<li><a
href="a3192bd97f"><code>a3192bd</code></a>
Fix package name comparison on Java 8 (<a
href="https://redirect.github.com/junit-team/junit5/issues/4077">#4077</a>)</li>
<li><a
href="fcb7b0197e"><code>fcb7b01</code></a>
Remove useless <code>Order</code> annotation</li>
<li><a
href="57dfcb515f"><code>57dfcb5</code></a>
Allow repeating <code>@…Source</code> annotations when used as meta
annotations</li>
<li><a
href="09cd8b3598"><code>09cd8b3</code></a>
Add ArchUnit test for consistency of repeatable annotations</li>
<li><a
href="fa46a92fc5"><code>fa46a92</code></a>
Hard-wrap at 90 characters</li>
<li><a
href="8f45eeab56"><code>8f45eea</code></a>
Find repeatable @ExtendWith meta-annotations on fields again</li>
<li><a
href="b451122115"><code>b451122</code></a>
Introduce release notes for 5.11.3</li>
<li>Additional commits viewable in <a
href="https://github.com/junit-team/junit5/compare/r5.11.2...r5.11.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit5)
from 5.11.1 to 5.11.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/junit-team/junit5/releases">org.junit.jupiter:junit-jupiter's
releases</a>.</em></p>
<blockquote>
<p>JUnit 5.11.2 = Platform 1.11.2 + Jupiter 5.11.2 + Vintage 5.11.2</p>
<p>See <a
href="http://junit.org/junit5/docs/5.11.2/release-notes/">Release
Notes</a>.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/junit-team/junit5/compare/r5.11.1...r5.11.2">https://github.com/junit-team/junit5/compare/r5.11.1...r5.11.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5b1a6d1f2f"><code>5b1a6d1</code></a>
Release 5.11.2</li>
<li><a
href="b7816b6e6a"><code>b7816b6</code></a>
Finalize 5.11.2 release notes</li>
<li><a
href="f8e22c7a32"><code>f8e22c7</code></a>
Finalize 5.10.5 release notes</li>
<li><a
href="8e6393803f"><code>8e63938</code></a>
Remove reference to 5.10.4 in 5.11.2 release notes</li>
<li><a
href="7e9d728f8b"><code>7e9d728</code></a>
Document <a
href="https://redirect.github.com/junit-team/junit5/issues/4043">#4043</a>
in 5.10.5 release notes</li>
<li><a
href="c11f224f82"><code>c11f224</code></a>
Create initial 5.10.5 release notes from template</li>
<li><a
href="ab94140970"><code>ab94140</code></a>
Fix global read-write lock handling when not declared on top level</li>
<li><a
href="9658fac066"><code>9658fac</code></a>
Add initial 5.11.2 release notes from template</li>
<li><a
href="5f52ced83a"><code>5f52ced</code></a>
Fix link to milestone page</li>
<li><a
href="558f480be5"><code>558f480</code></a>
Back to snapshots for further development</li>
<li>See full diff in <a
href="https://github.com/junit-team/junit5/compare/r5.11.1...r5.11.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit5)
from 5.11.0 to 5.11.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/junit-team/junit5/releases">org.junit.jupiter:junit-jupiter's
releases</a>.</em></p>
<blockquote>
<p>JUnit 5.11.1 = Platform 1.11.1 + Jupiter 5.11.1 + Vintage 5.11.1</p>
<p>See <a
href="http://junit.org/junit5/docs/5.11.1/release-notes/">Release
Notes</a>.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/junit-team/junit5/compare/r5.11.0...r5.11.1">https://github.com/junit-team/junit5/compare/r5.11.0...r5.11.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e4b2c0c138"><code>e4b2c0c</code></a>
Release 5.11.1</li>
<li><a
href="c37b179f74"><code>c37b179</code></a>
Finalize 5.11.1 release notes</li>
<li><a
href="a7b1c49702"><code>a7b1c49</code></a>
Include 5.10.4 release notes</li>
<li><a
href="3646b7d37e"><code>3646b7d</code></a>
Document benefits of <code>messageSupplier</code> in
<code>Assertions</code> (<a
href="https://redirect.github.com/junit-team/junit5/issues/3938">#3938</a>)</li>
<li><a
href="6b9f15d9d5"><code>6b9f15d</code></a>
Delete unnecessary (and potentially misleading) comment in User
Guide</li>
<li><a
href="98dafd3746"><code>98dafd3</code></a>
Reduce flakiness</li>
<li><a
href="6529d8d4b1"><code>6529d8d</code></a>
Allow for work stealing when only holding read locks (<a
href="https://redirect.github.com/junit-team/junit5/issues/4012">#4012</a>)</li>
<li><a
href="0d25a5a0dd"><code>0d25a5a</code></a>
Fix YAML syntax</li>
<li><a
href="28dd375d31"><code>28dd375</code></a>
Fix step label</li>
<li><a
href="348ef61d6b"><code>348ef61</code></a>
Switch to Temurin for JDK 23 (<a
href="https://redirect.github.com/junit-team/junit5/issues/4005">#4005</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/junit-team/junit5/compare/r5.11.0...r5.11.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
The current implementation of the hashCode() method for `Tuple2` has a significant flaw that can easily lead to hash collisions, particularly in data structures like `LinkedHashMap`.
```java
LinkedHashMap<String, Integer> m1 = LinkedHashMap.of("a", 1, "b", 2);
LinkedHashMap<String, Integer> m2 = LinkedHashMap.of("a", 2, "b", 1);
System.out.println(m1.hashCode() == m2.hashCode()); // true
```
In this case, _m1_ and _m2_ should ideally produce different hash codes,
but they don't. This is because the current implementation of
`Tuple#hashCode()` simply sums the hash codes of all elements, which can
result in identical hash codes for different tuples.
A potential solution is to apply the XOR (^) operator to the hash codes
of all elements. XOR is order-sensitive, so it would resolve the issue
in the example above, where the order of elements differs between
tuples.
However, XOR has its limitations and is only a suitable solution for
tuples with up to two elements. This is because XOR is a commutative and
associative operation, meaning that the XOR of multiple elements can
still result in rather bad collisions:
```java
Tuple3<Integer, Integer, Integer> t1 = Tuple.of(1, 2, 3);
Tuple3<Integer, Integer, Integer> t2 = Tuple.of(1, 3, 2);
System.out.println(t1.hashCode() == t2.hashCode()); // true
```
The new implementation is not perfect as well:
```java
HashMap<Integer, Integer> hm1 = HashMap.of(0, 1, 1, 2);
HashMap<Integer, Integer> hm2 = HashMap.of(0, 2, 1, 3);
System.out.println(hm1.hashCode() == hm2.hashCode()); // true
```
But it is imperfect in the same way as standard library:
```java
java.util.HashMap<Integer, Integer> jhm1 = new java.util.HashMap<>();
jhm1.put(0, 1);
jhm1.put(1, 2);
java.util.HashMap<Integer, Integer> jhm2 = new java.util.HashMap<>();
jhm2.put(0, 2);
jhm2.put(1, 3);
System.out.println(jhm1.hashCode() == jhm2.hashCode()); // true
```
----
Related: https://github.com/vavr-io/vavr/issues/2733
Bumps [gradle/actions](https://github.com/gradle/actions) from 3 to 4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gradle/actions/releases">gradle/actions's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.0-rc.1</h2>
<p>First release candidate for <code>v4</code> of the
<code>setup-gradle</code>, <code>dependency-submission</code> and
<code>wrapper-validation</code> actions provided under
<code>gradle/actions</code>.
This is the first release available under the <code>v4</code> tag.</p>
<h2>Major changes from the <code>v3</code> release</h2>
<h3>Cache cleanup enabled by default</h3>
<p>After a number of fixes and improvements, this release enables <a
href="https://github.com/gradle/actions/blob/v4.0.0-rc.1/docs/setup-gradle.md#configuring-cache-cleanup">cache-cleanup</a>
by default for all Jobs using the <code>setup-gradle</code> and
<code>dependency-submission</code> actions.</p>
<p>Improvements and bugfixes related cache cleanup:</p>
<ul>
<li>By default, cache cleanup is not run if any Gradle build fails (<a
href="https://redirect.github.com/gradle/actions/issues/71">#71</a>)</li>
<li>Cache cleanup is not run after configuration-cache reuse (<a
href="https://redirect.github.com/gradle/actions/issues/19">#19</a>)</li>
</ul>
<p>This feature should help to minimize the size of entries written to
the GitHub Actions cache, speeding up builds and reducing cache
usage.</p>
<h3>Wrapper validation enabled by default</h3>
<p>In <code>v3</code>, the <code>setup-gradle</code> action was enhanced
to support Gradle wrapper validation, removing the need to use a
separate workflow
file with the <code>gradle/actions/wrapper-validation</code> action.</p>
<p>With this release, wrapper validation has been significantly
improved, and is now enabled by default (<a
href="https://redirect.github.com/gradle/actions/issues/12">#12</a>):</p>
<ul>
<li>The <code>allow-snapshot-wrappers</code> makes it possible to
validate snapshot wrapper jars using <code>setup-gradle</code>.</li>
<li>Checksums for <a
href="https://services.gradle.org/distributions-snapshots/">nightly and
snapshot Gradle versions</a> are now validated (<a
href="https://redirect.github.com/gradle/actions/issues/281">#281</a>).</li>
<li>Valid wrapper checksums are cached in Gradle User Home, reducing the
need to retrieve checksum values remotely (<a
href="https://redirect.github.com/gradle/actions/issues/172">#172</a>).</li>
<li>Reduce network calls in <code>wrapper-validation</code> for new
Gradle versions: By only fetching wrapper checksums for Gradle versions
that were not known when this action was released, this release reduces
the likelihood that a network failure could cause failure in wrapper
validation (<a
href="https://redirect.github.com/gradle/actions/issues/171">#171</a>)</li>
<li>Improved error message when <code>wrapper-validation</code> finds no
wrapper jars (<a
href="https://redirect.github.com/gradle/actions/issues/284">#284</a>)</li>
</ul>
<p>Wrapper validation is important for supply-chain integrity. Enabling
this feature by default will increase the coverage of wrapper
validation on projects using GitHub Actions.</p>
<h3>New input parameters for Dependency Graph generation</h3>
<p>Some dependency-graph inputs that could previously only be configured
via environment variables now have dedicated action inputs:</p>
<ul>
<li><code>dependency-graph-report-dir</code>: sets the location where
dependency-graph reports will be generated</li>
<li><code>dependency-graph-exclude-projects</code> and
<code>dependency-graph-include-projects</code>: <a
href="https://github.com/gradle/actions/blob/v4.0.0-rc.1/docs/dependency-submission.md#selecting-gradle-projects-that-will-contribute-to-the-dependency-graph">select
which Gradle projects will contribute to the generated dependency
graph</a>.</li>
<li><code>dependency-graph-exclude-configurations</code> and
<code>dependency-graph-include-configurations</code>: <a
href="https://github.com/gradle/actions/blob/v4.0.0-rc.1/docs/dependency-submission.md#selecting-gradle-configurations-that-will-contribute-to-the-dependency-graph">select
which Gradle configurations will contribute to the generated dependency
graph</a>.</li>
</ul>
<h3>Other improvements</h3>
<ul>
<li>In Job summary, the action now provides an explanation when cache is
set to <code>read-only</code> or <code>disabled</code> (<a
href="https://redirect.github.com/gradle/actions/issues/255">#255</a>)</li>
<li>When <code>setup-gradle</code> requests a specific Gradle version,
the action will no longer download and install that version if it is
already available on the <code>PATH</code> of the runner (<a
href="https://redirect.github.com/gradle/actions/issues/270">#270</a>)</li>
<li>To attempt to speed up builds, the <code>setup-gradle</code> and
<code>dependency-submission</code> actions now attempt to use the
<code>D:</code> drive for Gradle User Home if it is available (<a
href="https://redirect.github.com/gradle/actions/issues/290">#290</a>)</li>
</ul>
<h2>Deprecations and breaking changes</h2>
<ul>
<li>The <code>gradle-home-cache-cleanup</code> input parameter has been
deprecated and replaced by <code>cache-cleanup</code></li>
<li>The undocumented <code>dependency-graph: clear</code> parameter has
been removed without replacement</li>
<li>The following parameters deprecated in <code>v3</code> have been
removed:
<ul>
<li><a
href="https://github.com/gradle/actions/blob/v4.0.0-rc.1/docs/deprecation-upgrade-guide.md#using-the-action-to-execute-gradle-via-the-arguments-parameter-is-deprecated">arguments</a></li>
</ul>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="af1da67850"><code>af1da67</code></a>
Prevent concurrent jobs in integ-test-full</li>
<li><a
href="f8ba43cf0a"><code>f8ba43c</code></a>
Better names for suite workflows</li>
<li><a
href="bcd07e6643"><code>bcd07e6</code></a>
Refactor integ-tests into suites</li>
<li><a
href="d74ee73e9f"><code>d74ee73</code></a>
Refactor integ-tests</li>
<li><a
href="fb2e6938b6"><code>fb2e693</code></a>
[bot] Update dist directory</li>
<li><a
href="07190022f8"><code>0719002</code></a>
Improve error messages for min-wrapper-count (<a
href="https://redirect.github.com/gradle/actions/issues/321">#321</a>)</li>
<li><a
href="ac3aebda93"><code>ac3aebd</code></a>
Improve error messages for min-wrapper-count</li>
<li><a
href="d473db0899"><code>d473db0</code></a>
Add tests for wrapper-validation with insufficient wrappers</li>
<li><a
href="833b05f3e6"><code>833b05f</code></a>
[bot] Update dist directory</li>
<li><a
href="06905c7a0f"><code>06905c7</code></a>
Enable wrapper-validation by default in setup-gradle (<a
href="https://redirect.github.com/gradle/actions/issues/318">#318</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/gradle/actions/compare/v3...v4">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[gradle/wrapper-validation-action](https://github.com/gradle/wrapper-validation-action)
from 1 to 3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gradle/wrapper-validation-action/releases">gradle/wrapper-validation-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Update various NPM dependencies</li>
<li>Update wrapper checksums to include Gradle 8.7</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gradle/wrapper-validation-action/compare/v2.1.2...v2.1.3">https://github.com/gradle/wrapper-validation-action/compare/v2.1.2...v2.1.3</a></p>
<h2>v2.1.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Update various NPM dependencies</li>
<li>Update wrapper checksums</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gradle/wrapper-validation-action/compare/v2.1.1...v2.1.2">https://github.com/gradle/wrapper-validation-action/compare/v2.1.1...v2.1.2</a></p>
<h2>v2.1.1</h2>
<h2>Changelog</h2>
<ul>
<li>[FIX] Add hardcoded checksum for Gradle 7.6.4</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gradle/wrapper-validation-action/compare/v2...v2.1.1">https://github.com/gradle/wrapper-validation-action/compare/v2...v2.1.1</a></p>
<h2>v2.1.0</h2>
<p>This release should vastly reduce the number of network requests made
by the <code>wrapper-validation-action</code>, by hardcoding the
checksums of all known Gradle wrapper jars at time of release. With this
improvement, a number of long-standing issues should be addressed (<a
href="https://redirect.github.com/gradle/wrapper-validation-action/issues/164">#164</a>,
<a
href="https://redirect.github.com/gradle/wrapper-validation-action/issues/162">#162</a>,
<a
href="https://redirect.github.com/gradle/wrapper-validation-action/issues/57">#57</a>).</p>
<p>The action should now only make network requests to validate the
checksums of an unknown <code>gradle-wrapper.jar</code>. This can happen
if:</p>
<ul>
<li>The Gradle version was published after this action was released</li>
<li>The <code>gradle-wrapper.jar</code> is truly invalid</li>
</ul>
<h2>Changelog</h2>
<ul>
<li>[NEW] Hardcode list of known checksums to avoid network requests in
most cases (<a
href="https://redirect.github.com/gradle/wrapper-validation-action/issues/161">#161</a>)</li>
</ul>
<p>Huge thanks to <a
href="https://github.com/Marcono1234"><code>@Marcono1234</code></a> for
contributing this long-awaited improvement.</p>
<h2>v2.0.1</h2>
<p>This patch release fixes error reporting when failing to retrieve the
checksums from services.gradle.org</p>
<ul>
<li>[FIX] After migration from v1 to v2 silently fails (<a
href="https://redirect.github.com/gradle/wrapper-validation-action/issues/174">#174</a>)</li>
</ul>
<h2>v2.0.0</h2>
<h2>What's Changed</h2>
<p>The version of the Node.js runtime was updated to 20, and the
majority of dependencies were updated to the latest versions.
From now on, the <code>wrapper-validation-action</code> will require a
Node.js 20 runtime environment.</p>
<p>There are no functional changes in this release.
This release is tagged with the <code>v2</code> version label.</p>
<ul>
<li>[NEW] Update Node.js runtime to version 20 (<a
href="https://redirect.github.com/gradle/wrapper-validation-action/issues/170">#170</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f9c9c575b8"><code>f9c9c57</code></a>
Bump to v3.5.0</li>
<li><a
href="88425854a3"><code>8842585</code></a>
Bump to v3.4.2</li>
<li><a
href="9ba54b687b"><code>9ba54b6</code></a>
Bump to v3.4.1</li>
<li><a
href="26ffd686ec"><code>26ffd68</code></a>
Bump to v3.4.0</li>
<li><a
href="216d1ad2b3"><code>216d1ad</code></a>
Bump to v3.3.2</li>
<li><a
href="5188e9b552"><code>5188e9b</code></a>
Bump to use v3.3.1</li>
<li><a
href="460a3ca55f"><code>460a3ca</code></a>
Delegate to 'gradle/actions/wrapper-validation' (<a
href="https://redirect.github.com/gradle/wrapper-validation-action/issues/200">#200</a>)</li>
<li><a
href="b5418f5a58"><code>b5418f5</code></a>
Build dist</li>
<li><a
href="6613b81c19"><code>6613b81</code></a>
Bump the npm-dependencies group with 2 updates</li>
<li><a
href="35bb224882"><code>35bb224</code></a>
Bump undici from 5.28.3 to 5.28.4</li>
<li>Additional commits viewable in <a
href="https://github.com/gradle/wrapper-validation-action/compare/v1...v3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Replace inactive TravisCI build with GitHub Actions - Maven Central
deployment will be implemented as a separate job
----
Resolves https://github.com/vavr-io/vavr/issues/2684
