owen/moshidon
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Minor maintenance things (#501)

Browse Source 
* validate gradle wrapper jar file

this is extremely important. see the following:

https://blog.gradle.org/wrapper-attack-report
https://github.com/gradle/wrapper-validation-action#the-gradle-wrapper-problem-in-open-source

Signed-off-by: r3g_5z <june@girlboss.ceo>

* update gradle wrapper to 8.1.1

it is necessary to run the gradlew update command twice to actually
update the jar file properly, e.g.:

./gradlew wrapper --gradle-version=8.1.1 --gradle-distribution-sha256-sum=e111cb9948407e26351227dabce49822fb88c37ee72f1d1582a69c68af2e702f
./gradlew wrapper --gradle-version=8.1.1 --gradle-distribution-sha256-sum=e111cb9948407e26351227dabce49822fb88c37ee72f1d1582a69c68af2e702f

Signed-off-by: r3g_5z <june@girlboss.ceo>

* use Gradle toolchain

this allows for better build reproducibility and avoid mix and matching
JDKs from other projects

https://docs.gradle.org/current/userguide/toolchains.html

Signed-off-by: r3g_5z <june@girlboss.ceo>

* update dependencies and fix build errors

Signed-off-by: r3g_5z <june@girlboss.ceo>

---------

Signed-off-by: r3g_5z <june@girlboss.ceo>
Co-authored-by: sk22 <sk22@mailbox.org>
This commit is contained in:
r3g_5z
2023-04-22 11:28:16 -04:00
committed by GitHub
parent 4d7c4aed4c
commit 226e2a7cdc
8 changed files with 212 additions and 127 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
.github/workflows/validate-gradle-wrapper.yml vendored Normal file
View File

@@ -0,0 +1,11 @@
name: Validate Gradle Wrapper
on: [pull_request, push]
jobs:
validation:
name: Validation
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: gradle/wrapper-validation-action@v1