Bump the react-native group across 1 directory with 2 updates #68989

dependabot · 2025-01-31T13:59:01Z

Bumps the react-native group with 2 updates in the / directory: gradle/actions and actions/setup-java.

Updates gradle/actions from 4.2.2 to 4.3.0

Release notes

Sourced from gradle/actions's releases.

v4.3.0

This release brings some significant improvements to cache-cleanup and dependency-submission:

Cleanup cache entries written by newly released Gradle versions (#436)

Use existing Gradle wrapper distribution for cache-cleanup where possible (#515)

Automatically save each dependency-graph that is submitted by dependency-submission (#519)

Fix deprecation warnings emitted by Gradle 8.12+ when:

Using build-scan-publish: true or Develocity injection (#543)

Using dependency-submission with an authenticated plugin repository with Gradle (#541)

Fix warning when using toolchain support with Gradle 7.x (#511)

What's Changed

Update known wrapper checksums by @github-actions in gradle/actions#493

Fix typo in cache-reporting.ts by @SimonMarquis in gradle/actions#492

Bump Gradle Wrappers by @github-actions in gradle/actions#499

Bump the github-actions group across 3 directories with 7 updates by @dependabot in gradle/actions#510

Bump the npm-dependencies group across 1 directory with 6 updates by @dependabot in gradle/actions#512

Clean-up missing imports for tests by @bigdaz in gradle/actions#513

Bump the npm-dependencies group in /sources with 3 updates by @dependabot in gradle/actions#521

Add npm build scans by @bigdaz in gradle/actions#517

Avoid env-var interpolation in toolchains.xml by @bigdaz in gradle/actions#518

Avoid saving build-results for cache cleanup by @bigdaz in gradle/actions#520

Save dependency graph as workflow artifact by @bigdaz in gradle/actions#522

Update to CCUDGP 2.1 by @bigdaz in gradle/actions#524

Bump references to Develocity Gradle plugin from 3.19 to 3.19.1 by @bot-githubaction in gradle/actions#527

Choose best Gradle version to use for cache cleanup by @bigdaz in gradle/actions#526

Uppercase cache-encryption-key by @Goooler in gradle/actions#528

Attempt to use gradle wrapper for cache cleanup by @bigdaz in gradle/actions#525

Document GRADLE_ACTIONS_SKIP_BUILD_RESULT_CAPTURE by @bigdaz in gradle/actions#529

Update known wrapper checksums by @github-actions in gradle/actions#509

Bump Gradle Wrappers by @github-actions in gradle/actions#535

Bump the github-actions group across 2 directories with 2 updates by @dependabot in gradle/actions#538

Update undici to resolve vulnerability by @bigdaz in gradle/actions#536

Bump the npm-dependencies group across 1 directory with 2 updates by @dependabot in gradle/actions#539

Update docs for dependency review by @bigdaz in gradle/actions#540

Fix space assignment deprecations in init-scripts by @bigdaz in gradle/actions#542

New Contributors

@SimonMarquis made their first contribution in gradle/actions#492

Full Changelog: gradle/actions@v4.2.2...v4.3.0

Commits

94baf22 Fix space assignment deprecations in init-scripts (#542)
6f10c21 Make it easier to produce 'prerelease' versions
0b492c4 Fix deprecation warnings in develocity init-script
79bad90 Fix deprecation warnings in dependency-graph init-script
986922f Update docs for dependency review (#540)
65a3beb [bot] Update dist directory
0e67f6d Bump the npm-dependencies group across 1 directory with 2 updates
b6ac71f [bot] Update dist directory
9053a59 Update undici to resolve vulnerability
7560c30 Bump the github-actions group across 2 directories with 2 updates
Additional commits viewable in compare view

Updates actions/setup-java from 4.6.0 to 4.7.0

Release notes

Sourced from actions/setup-java's releases.

v4.7.0

What's Changed

Configure Dependabot settings by @HarithaVattikuti in actions/setup-java#722

README Update: Added a permissions section by @benwells in actions/setup-java#723

Upgrade cache from version 3.2.4 to 4.0.0 by @aparnajyothi-y in actions/setup-java#724

Upgrade @actions/http-client from 2.2.1 to 2.2.3 by @dependabot in actions/setup-java#728

Upgrade actions/publish-immutable-action from 0.0.3 to 0.0.4 by @dependabot in actions/setup-java#727

Upgrade @types/jest from 29.5.12 to 29.5.14 by @dependabot in actions/setup-java#729

New Contributors

@benwells made their first contribution in actions/setup-java#723

Full Changelog: actions/setup-java@v4...v4.7.0

Commits

3a4f6e1 Bump @types/jest from 29.5.12 to 29.5.14 (#729)
25f376e Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (#727)
d4e4b6b Bump @actions/http-client from 2.2.1 to 2.2.3 (#728)
28b532b Create dependabot.yml (#722)
51ab6d2 Update cache from 3.2.4 to 4.0.0 (#724)
99d3141 Update README.md (#723)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the react-native group with 2 updates in the / directory: [gradle/actions](https://github.com/gradle/actions) and [actions/setup-java](https://github.com/actions/setup-java). Updates `gradle/actions` from 4.2.2 to 4.3.0 - [Release notes](https://github.com/gradle/actions/releases) - [Commits](gradle/actions@0bdd871...94baf22) Updates `actions/setup-java` from 4.6.0 to 4.7.0 - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](actions/setup-java@7a6d8a8...3a4f6e1) --- updated-dependencies: - dependency-name: gradle/actions dependency-type: direct:production update-type: version-update:semver-minor dependency-group: react-native - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-minor dependency-group: react-native ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot requested a review from desrosj as a code owner January 31, 2025 13:59

dependabot bot added [Type] Build Tooling Issues or PRs related to build tooling GitHub Actions Pull requests that update GitHub Actions code labels Jan 31, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the react-native group across 1 directory with 2 updates #68989

Bump the react-native group across 1 directory with 2 updates #68989

dependabot bot commented on behalf of github Jan 31, 2025

Bump the react-native group across 1 directory with 2 updates #68989

Are you sure you want to change the base?

Bump the react-native group across 1 directory with 2 updates #68989

Conversation

dependabot bot commented on behalf of github Jan 31, 2025

v4.3.0

What's Changed

New Contributors

v4.7.0

What's Changed

New Contributors