chore(deps): bump gradle/gradle-build-action from 2 to 3

[dependabot]

Bumps gradle/gradle-build-action from 2 to 3.

Release notes

Sourced from gradle/gradle-build-action's releases.

v3.0.0-rc.1

First release candidate of gradle/[email protected]. This release candidate will the first release available under the v3 version tag.

[!IMPORTANT] As of v3 this action has been superceded by gradle/actions/setup-gradle. Any workflow that uses gradle/gradle-build-action@v3 will transparently delegate to gradle/actions/setup-gradle@v3.

Users are encouraged to update their workflows, replacing:

uses: gradle/gradle-build-action@v3

with

uses: gradle/actions/setup-gradle@v3

See the setup-gradle documentation for up-to-date documentation for gradle/actons/setup-gradle.

Changes from gradle-build-action@v2

This release brings some useful and much requested features, including:

• save and restore the Gradle configuration-cache data
• add the Job summary content as a PR comment
• easily publish Build Scans® to the free Gradle Build Scan service
• compatibility with Node 20

The only major breaking change from [email protected] is the update to require a Node 20 runtime environment. Aside from that change, this release should generally serve as a drop-in replacement for gradle-build-action@v2.

Changelog

• [NEW] - Run with NodeJs 20.x (gradle/gradle-build-action#946)
• [NEW] - Support for save & restore of configuration-cache data (gradle/gradle-build-action#966)
• [NEW] - Support for automatic adding PR comment with Job Summary content (gradle/gradle-build-action#1020)
• [NEW] - Make it easy to publish a Build Scan® to https://scans.gradle.com (gradle/gradle-build-action#1044)
• [NEW] - Added dependency-graph-continue-on-failure input, which can be set to false to force the Job to fail when dependency graph submission fails (gradle/gradle-build-action#1036). Failure modes include:
  • Fail build step if version of Gradle being executed is not supported for dependency-graph generation (gradle/gradle-build-action#1034)
  • Fail job if permissions are insufficient to submit dependency graph via Dependency Submission API (gradle/gradle-build-action#997)
• [NEW] - Add dependency-graph: clear option to clear any dependency-graph previously submitted by the job
• [FIX] Allow cache entries to be reused by jobs with the same ID in different workflows (gradle/gradle-build-action#1017)
  • Workflow name remains part of the cache key, but cache entries generated by the same job id in a different workflow may be restored
• [FIX] Register pre-installed JDKs in Maven toolchains.xml file (gradle/gradle-build-action#1024)
  • This allows pre-installed JDKs to be auto-detected by Gradle Toolchain support on Windows
• [FIX] - Update the Gradle Enterprise injection configuration for product rename to Develocity (gradle/gradle-build-action#995)
• [FIX] - Avoid submitting an empty dependency graph when state is loaded from configuration-cache
• [DEPRECATION] - Deprecation of the arguments parameter (gradle/gradle-build-action#996)
• [BREAKING CHANGE] - Remove the gradle-executable input parameter. Use a separate workflow Step to execute a Gradle from a custom location.

... (truncated)

Commits

• 4a8703f Delegate to '[email protected]'
• 4a39eed Mention setup-gradle in README
• 272883a Remove all action sources: these have been migrated to 'gradle/actions'
• 2a8bfcf Delegate action implementation to gradle/actions/setup-gradle
• e1ada08 Bump the github-actions group with 1 update (#1047)
• a8e3e5e Apply dependency version updates
• 2be01ca Build outputs
• a00827e Bump the npm-dependencies group with 7 updates
• ad80850 Bump the github-actions group with 2 updates
• bd6d0a7 Configure explicit java version for config-cache test
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[nya-elimu]

@coderabbitai analyze

[coderabbitai]

@nya-elimu, based on the analysis of the pull request, here are the findings:

1. Files Changed: The pull request includes changes to the following files:

   • .github/workflows/gradle-build.yml

2. Areas of Interest:

   • There are several TODO comments found across different files, indicating areas that might require further implementation or improvement:
     • app/src/main/AndroidManifest.xml mentions removing a permission request in the future.
     • app/src/main/java/ai/elimu/vitabu/MainActivity.java contains two TODO comments, one of which also refers to removing a permission request once an alternative solution is implemented.
     • app/src/main/java/ai/elimu/vitabu/BaseApplication.java includes a TODO comment without further details.

These findings suggest that while the pull request makes specific changes to the Gradle build configuration, there are also pending tasks within the codebase that may need attention. The TODO comments, especially those mentioning permission requests, indicate areas that might be part of a larger work-in-progress or future enhancements. If you have any specific areas you'd like to delve deeper into or need further analysis on, please let me know!

Analysis chain

Scripts executed

The following scripts were executed for the analysis:

---

Script:

#!/bin/bash
# List the files changed in the pull request.
git diff --name-only HEAD~1
# Search for common patterns or keywords that might indicate areas of interest.
rg $'TODO|FIXME|SECURITY'

Length of output: 555

[nya-elimu]

@coderabbitai can you summarize this PR?

[coderabbitai]

@nya-elimu, based on the provided output, here's a summary of the pull request:

Title

chore(deps): bump gradle/gradle-build-action from 2 to 3

Description

This pull request updates the gradle/gradle-build-action GitHub Action from version 2 to version 3. The update includes several new features and improvements, such as:

• Running with NodeJs 20.x
• Support for saving & restoring configuration-cache data
• Automatic addition of PR comment with Job Summary content
• Easy publishing of Build Scans® to the free Gradle Build Scan service
• Compatibility with Node 20

It also mentions a major breaking change requiring a Node 20 runtime environment. The action has been superseded by gradle/actions/setup-gradle, and users are encouraged to update their workflows accordingly.

Changes in .github/workflows/gradle-build.yml

The specific change made in the .github/workflows/gradle-build.yml file is the update of the gradle/gradle-build-action usage from version 2 to version 3.

This pull request seems focused on improving the build process by updating dependencies and making use of the latest features and improvements provided by the gradle-build-action update.

Analysis chain

Scripts executed

The following scripts were executed for the analysis:

---

Script:

#!/bin/bash
# Fetch the pull request's title and description.
gh pr view 107 --json title,body -R https://github.com/elimu-ai/vitabu

# Display the changes made to `.github/workflows/gradle-build.yml`.
git diff HEAD~1 -- .github/workflows/gradle-build.yml

Length of output: 9801

[nya-elimu]

@coderabbitai Please merge this PR.

[coderabbitai]

@nya-elimu, I'm unable to merge pull requests directly. Please consider using GitHub's interface or the GitHub CLI to merge the pull request. If you need any further analysis or assistance with the code, feel free to ask!