Merge pull request #67 from OakvilleDynamics/dependabot/github_action…

…s/gradle/actions-4 Bump gradle/actions from 3 to 4
OakvilleDynamics · Aug 16, 2024 · aa49bc4 · aa49bc4
2 parents 073714e + ca0c70e
commit aa49bc4
Show file tree

Hide file tree

Showing 4 changed files with 11 additions and 42 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -35,7 +35,7 @@ jobs:
 
     # Setup Gradle
     - name: Setup Gradle
-      uses: gradle/actions/setup-gradle@v3
+      uses: gradle/actions/setup-gradle@v4
 
     # Runs a single command using the runners shell
     - name: Compile and run tests on robot code
@@ -61,7 +61,7 @@ jobs:
 
     # Setup Gradle
     - name: Setup Gradle
-      uses: gradle/actions/setup-gradle@v3
+      uses: gradle/actions/setup-gradle@v4
 
     # Runs a single command using the runners shell
     - name: Run tests on robot code

diff --git a/.github/workflows/gradle-wrapper-validation.yml b/.github/workflows/gradle-wrapper-validation.yml
diff --git a/.github/workflows/syntax-check.yml b/.github/workflows/syntax-check.yml
@@ -41,7 +41,7 @@ jobs:
 
       # Setup Gradle
       - name: Setup Gradle
-        uses: gradle/actions/setup-gradle@v3
+        uses: gradle/actions/setup-gradle@v4
 
       # Runs our formatter for easier code review
       - name: Run spotlessApply

diff --git a/README.md b/README.md
@@ -6,13 +6,12 @@ Prepackaged with GitHub Actions for CI/CD, Qodana for static analysis, CodeQL fo
 
 ## Build Status
 
-| Action            | Status                                                                                                                                                                                                                                                 |
-| ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ |
-| CI                | [![Build](https://github.com/OakvilleDynamics/frc-robot-template/actions/workflows/ci.yml/badge.svg)](https://github.com/OakvilleDynamics/frc-robot-template/actions/workflows/ci.yml)                                                           |
-| Qodana            | [![Qodana](https://github.com/OakvilleDynamics/frc-robot-template/actions/workflows/qodana.yml/badge.svg)](https://github.com/OakvilleDynamics/frc-robot-template/actions/workflows/qodana.yml)                                                        |
-| CodeQL            | [![CodeQL Scanning](https://github.com/OakvilleDynamics/frc-robot-template/actions/workflows/codeql.yml/badge.svg)](https://github.com/OakvilleDynamics/frc-robot-template/actions/workflows/codeql.yml)                                               |
-| Spotless          | [![Syntax Check](https://github.com/OakvilleDynamics/frc-robot-template/actions/workflows/syntax-check.yml/badge.svg)](https://github.com/OakvilleDynamics/frc-robot-template/actions/workflows/syntax-check.yml)                                      |
-| Gradle Validation | [![Validate Gradle Wrapper](https://github.com/OakvilleDynamics/frc-robot-template/actions/workflows/gradle-wrapper-validation.yml/badge.svg)](https://github.com/OakvilleDynamics/frc-robot-template/actions/workflows/gradle-wrapper-validation.yml) |
+| Action   | Status                                                                                                                                                                                                            |
+| -------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| CI       | [![Build](https://github.com/OakvilleDynamics/frc-robot-template/actions/workflows/ci.yml/badge.svg)](https://github.com/OakvilleDynamics/frc-robot-template/actions/workflows/ci.yml)                            |
+| Qodana   | [![Qodana](https://github.com/OakvilleDynamics/frc-robot-template/actions/workflows/qodana.yml/badge.svg)](https://github.com/OakvilleDynamics/frc-robot-template/actions/workflows/qodana.yml)                   |
+| CodeQL   | [![CodeQL Scanning](https://github.com/OakvilleDynamics/frc-robot-template/actions/workflows/codeql.yml/badge.svg)](https://github.com/OakvilleDynamics/frc-robot-template/actions/workflows/codeql.yml)          |
+| Spotless | [![Syntax Check](https://github.com/OakvilleDynamics/frc-robot-template/actions/workflows/syntax-check.yml/badge.svg)](https://github.com/OakvilleDynamics/frc-robot-template/actions/workflows/syntax-check.yml) |
 
 ## How to use
 
@@ -36,7 +35,7 @@ Prepackaged with GitHub Actions for CI/CD, Qodana for static analysis, CodeQL fo
   - [Qodana](https://www.jetbrains.com/qodana/) action for static analysis (helpful for finding bugs and code smells)
   - [CodeQL](https://codeql.github.com/) action for static analysis and security scanning (helpful for finding bugs and security vulnerabilities)
   - [Spotless](https://github.com/diffplug/spotless) enforcement action for code formatting (helpful for keeping code cleanly formatted after commits)
-  - [Gradle Validation](https://github.com/gradle/wrapper-validation-action/tree/v1/?tab=readme-ov-file#the-gradle-wrapper-problem-in-open-source) action for validating the Gradle wrapper (helpful for ensuring [supply chain](https://en.wikipedia.org/wiki/Supply_chain_attack) security)
+  - [Gradle Validation](https://github.com/gradle/actions/blob/main/docs/wrapper-validation.md) action for validating the Gradle wrapper (helpful for ensuring [supply chain](https://en.wikipedia.org/wiki/Supply_chain_attack) security)
 - Preconfigured setup for [Command-Based Robot](https://docs.wpilib.org/en/stable/docs/software/commandbased/index.html) projects (helpful for getting started)
 - [Dependabot](https://docs.github.com/en/code-security/dependabot) for dependency updates (helpful for keeping dependencies up to date)
 - Preconfigured setup for [Spotless](https://github.com/diffplug/spotless) inside of Gradle (helpful for keeping code cleanly formatted during development)
@@ -52,7 +51,7 @@ Prepackaged with GitHub Actions for CI/CD, Qodana for static analysis, CodeQL fo
 > - Create a new [personal access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens) to [scope the repository](https://docs.github.com/en/codespaces/managing-codespaces-for-your-organization/managing-development-environment-secrets-for-your-repository-or-organization#adding-secrets-for-a-repository) itself
 > - Create a new [personal access token](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens) to [scope the organization](https://docs.github.com/en/codespaces/managing-codespaces-for-your-organization/managing-development-environment-secrets-for-your-repository-or-organization#adding-secrets-for-an-organization) to be used elsewhere (helpful if using this template on multiple different projects)
 >
-> If using a PAT in an organization, it is recommended to create a sock account that is generic but still has access to push to the repository, as this will be given [least privilege](https://en.wikipedia.org/wiki/Principle_of_least_privilege) to do other harm if that PAT were to be inadvertenly public
+> If using a PAT in an organization, it is recommended to create a sock account that is generic but still has access to push to the repository, as this will be given [least privilege](https://en.wikipedia.org/wiki/Principle_of_least_privilege) to do other harm if that PAT were to be inadvertently public
 >
 > Make sure you also grant the sock account proper access to the repository, that includes branch protections and write access to the repository