[bot] Update dist directory

Bumps the gradle group with 1 update in the /sources/test/init-scripts
directory:
[com.fasterxml.jackson.dataformat:jackson-dataformat-smile](https://github.com/FasterXML/jackson-dataformats-binary).

Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-smile` from
2.21.1 to 2.21.2
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4abc5dc04a"><code>4abc5dc</code></a>
[maven-release-plugin] prepare release
jackson-dataformats-binary-2.21.2</li>
<li><a
href="c139eb76ca"><code>c139eb7</code></a>
Prep for 2.21.2 release</li>
<li><a
href="4a3327708a"><code>4a33277</code></a>
Merge branch '2.20' into 2.21</li>
<li><a
href="816df57981"><code>816df57</code></a>
Merge branch '2.19' into 2.20</li>
<li><a
href="3ae1b3102e"><code>3ae1b31</code></a>
Update release notes</li>
<li><a
href="c5f237894b"><code>c5f2378</code></a>
Post-release dep version bump</li>
<li><a
href="182a13afde"><code>182a13a</code></a>
[maven-release-plugin] prepare for next development iteration</li>
<li>See full diff in <a
href="https://github.com/FasterXML/jackson-dataformats-binary/compare/jackson-dataformats-binary-2.21.1...jackson-dataformats-binary-2.21.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.fasterxml.jackson.dataformat:jackson-dataformat-smile&package-manager=gradle&previous-version=2.21.1&new-version=2.21.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.github/workflows/ci-validate-typings.yml

@@ -0,0 +1,24 @@
+name: ci-validate-typings.yml
+on:
+  push:
+    branches:
+    - 'main'
+    - 'release/**'
+    paths-ignore:
+    - 'dist/**'
+  pull_request:
+
+permissions:
+  contents: read
+
+jobs:
+  validate-typings:
+    runs-on: "ubuntu-latest"
+    steps:
+    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+    - uses: typesafegithub/github-actions-typing@9ddf35b71a482be7d8922b28e8d00df16b77e315 # v2.2.2
+      with:
+        ignored-action-files: |
+          .github/actions/build-dist/action.yml
+          .github/actions/init-integ-test/action.yml
+          action.yml

.github/workflows/demo-job-summary.yml

@@ -131,3 +131,38 @@ jobs:
     - name: Build kotlin-dsl project
       working-directory: .github/workflow-samples/kotlin-dsl
       run: ./gradlew assemble
+
+  terms-of-use-accepted:
+    needs: build-distribution
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout sources
+      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+    - name: Initialize integ-test
+      uses: ./.github/actions/init-integ-test
+
+    - name: Setup Gradle
+      uses: ./setup-gradle
+      with:
+        build-scan-terms-of-use-url: https://gradle.com/help/legal-terms-of-use
+        build-scan-terms-of-use-agree: yes
+    - name: Build kotlin-dsl project
+      working-directory: .github/workflow-samples/kotlin-dsl
+      run: ./gradlew assemble
+
+  develocity-access-key-set:
+    needs: build-distribution
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout sources
+      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+    - name: Initialize integ-test
+      uses: ./.github/actions/init-integ-test
+
+    - name: Setup Gradle
+      uses: ./setup-gradle
+      with:
+        develocity-access-key: ${{ secrets.DV_SOLUTIONS_ACCESS_KEY }}
+    - name: Build kotlin-dsl project
+      working-directory: .github/workflow-samples/kotlin-dsl
+      run: ./gradlew assemble

README.md

@@ -15,6 +15,9 @@ This repository contains a set of GitHub Actions that are useful for building Gr
 > Use of the `gradle-actions-caching` component is subject to a separate license, available at https://gradle.com/legal/terms-of-use/. 
 > If you do not agree to these license terms, do not use the `gradle-actions-caching` component.
 
+This license notice will be displayed in workflow logs and each job summary. To suppress this message, 
+either [accept the terms of use](docs/setup-gradle.md#publishing-to-scansgradlecom) in your workflow, or [provide a Develocity access key](docs/setup-gradle.md#managing-develocity-access-keys).
+
 ## The `setup-gradle` action
 
 The `setup-gradle` action can be used to configure Gradle for optimal execution on any platform supported by GitHub Actions.
@@ -36,9 +39,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout sources
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
     - name: Setup Java
-      uses: actions/setup-java@v4
+      uses: actions/setup-java@v5
       with:
         distribution: 'temurin'
         java-version: 17
@@ -74,9 +77,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout sources
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
     - name: Setup Java
-      uses: actions/setup-java@v4
+      uses: actions/setup-java@v5
       with:
         distribution: 'temurin'
         java-version: 17
@@ -109,7 +112,7 @@ jobs:
     name: "Validation"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - uses: gradle/actions/wrapper-validation@v5
 ```
 

RELEASING.md

@@ -20,8 +20,9 @@
   - Include a Full changelog link in the format https://github.com/gradle/actions/compare/v2.12.0...v3.0.0
 - Publish the release.
 - Force push the `v5` tag (or current major version) to point to the new release. It is conventional for users to bind to a major release version using this tag.
-  - From CLI: `git tag -f -s -a -m "v5.0.0" v5 v5.0.0 && git push -f --tags`
+  - From CLI: `git tag -f -s -a -m "v5.0.0" v5 && git push -f --tags`
   - Note that we sign the tag and set the commit message for the tag to the newly released version.
+  - Your HEAD must point at the commit to be tagged.
 
 ## Post release steps
 

dependency-submission/README.md

@@ -22,9 +22,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout sources
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
     - name: Setup Java
-      uses: actions/setup-java@v4
+      uses: actions/setup-java@v5
       with:
         distribution: 'temurin'
         java-version: 17

dependency-submission/action-types.yml

@@ -0,0 +1,146 @@
+# Type descriptors based on https://github.com/typesafegithub/github-actions-typing
+inputs:
+  # Gradle execution configuration
+  gradle-version:
+    type: string
+
+  build-root-directory:
+    type: string
+
+  dependency-resolution-task:
+    type: string
+
+  additional-arguments:
+    type: string
+
+  # Cache configuration
+  cache-disabled:
+    type: boolean
+
+  cache-read-only:
+    type: boolean
+
+  cache-write-only:
+    type: boolean
+
+  cache-overwrite-existing:
+    type: boolean
+
+  cache-encryption-key:
+    type: string
+
+  cache-cleanup:
+    type: enum
+    allowed-values:
+      - never
+      - on-success
+      - always
+
+  gradle-home-cache-cleanup:
+    type: boolean
+
+  gradle-home-cache-includes:
+    type: list
+    separator: '\n'
+    list-item:
+      type: string
+
+  gradle-home-cache-excludes:
+    type: list
+    separator: '\n'
+    list-item:
+      type: string
+
+  # Job summary configuration
+  add-job-summary:
+    type: enum
+    allowed-values:
+      - never
+      - always
+      - on-failure
+
+  add-job-summary-as-pr-comment:
+    type: enum
+    allowed-values:
+      - never
+      - always
+      - on-failure
+
+  # Dependency Graph configuration
+  dependency-graph:
+    type: enum
+    allowed-values:
+      - generate-and-submit
+      - generate-submit-and-upload
+      - generate-and-upload
+      - download-and-submit
+
+  dependency-graph-report-dir:
+    type: string
+
+  dependency-graph-continue-on-failure:
+    type: boolean
+
+  dependency-graph-exclude-projects:
+    type: string
+
+  dependency-graph-include-projects:
+    type: string
+
+  dependency-graph-exclude-configurations:
+    type: string
+
+  dependency-graph-include-configurations:
+    type: string
+
+  artifact-retention-days:
+    type: integer
+
+  # Build Scan configuration
+  build-scan-publish:
+    type: boolean
+
+  build-scan-terms-of-use-url:
+    type: enum
+    allowed-values:
+      - https://gradle.com/terms-of-service
+      - https://gradle.com/help/legal-terms-of-use
+
+  build-scan-terms-of-use-agree:
+    type: enum
+    allowed-values:
+      - 'yes'
+
+  develocity-access-key:
+    type: string
+
+  develocity-token-expiry:
+    type: integer
+
+  # Wrapper validation configuration
+  validate-wrappers:
+    type: boolean
+
+  allow-snapshot-wrappers:
+    type: boolean
+
+  # Experimental action inputs
+  gradle-home-cache-strict-match:
+    type: boolean
+
+  # Internal action inputs
+  workflow-job-context:
+    type: string
+
+  github-token:
+    type: string
+
+outputs:
+  build-scan-url:
+    type: string
+
+  dependency-graph-file:
+    type: string
+
+  gradle-version:
+    type: string

docs/dependency-submission.md

@@ -28,6 +28,9 @@ If you're confused by the behaviour you're seeing or have specific questions, pl
 > Use of the `gradle-actions-caching` component is subject to a separate license, available at https://gradle.com/legal/terms-of-use/. 
 > If you do not agree to these license terms, do not use the `gradle-actions-caching` component.
 
+This license notice will be displayed in workflow logs and each job summary. To suppress this message, 
+either [accept the terms of use](setup-gradle.md#publishing-to-scansgradlecom) in your workflow, or [provide a Develocity access key](setup-gradle.md#managing-develocity-access-keys).
+
 ## General usage
 
 The following workflow will generate a dependency graph for a Gradle project and submit it immediately to the repository via the
@@ -49,8 +52,8 @@ jobs:
   dependency-submission:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-java@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-java@v5
       with:
         distribution: temurin
         java-version: 17
@@ -363,8 +366,8 @@ jobs:
   dependency-submission:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-java@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-java@v5
       with:
         distribution: temurin
         java-version: 17
@@ -425,8 +428,8 @@ jobs:
   dependency-submission:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-java@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-java@v5
       with:
         distribution: temurin
         java-version: 17
@@ -463,7 +466,7 @@ jobs:
 # Gradle version compatibility
 
 Dependency-graph generation is compatible with most versions of Gradle >= `5.2`, and is tested regularly against 
-Gradle versions `5.2.1`, `5.6.4`, `6.0.1`, `6.9.4`, `7.1.1` and `7.6.3`, as well as all patched versions of Gradle 8.x.
+Gradle versions `5.2.1`, `5.6.4`, `6.0.1`, `6.9.4`, `7.1.1`, `7.6.6`, `8.0.2` and `8.14.4`, as well as all patched versions of Gradle 9.x.
 
 A known exception to this is that Gradle `7.0`, `7.0.1` and `7.0.2` are not supported.
 

docs/setup-gradle.md

@@ -15,9 +15,12 @@ This GitHub Action can be used to configure Gradle for optimal execution on any
 > Use of the `gradle-actions-caching` component is subject to a separate license, available at https://gradle.com/legal/terms-of-use/. 
 > If you do not agree to these license terms, do not use the `gradle-actions-caching` component.
 
+This license notice will be displayed in workflow logs and each job summary. To suppress this message, 
+either [accept the terms of use](#publishing-to-scansgradlecom) in your workflow, or [provide a Develocity access key](#managing-develocity-access-keys).
+
 ## Why use the `setup-gradle` action?
 
-It is possible to directly invoke Gradle in your workflow, and the `actions/setup-java@v4` action provides a simple way to cache Gradle dependencies.
+It is possible to directly invoke Gradle in your workflow, and the `actions/setup-java@v5` action provides a simple way to cache Gradle dependencies.
 
 However, the `setup-gradle` action offers a several advantages over this approach:
 
@@ -51,8 +54,8 @@ jobs:
         os: [ubuntu-latest, macos-latest, windows-latest]
     runs-on: ${{ matrix.os }}
     steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-java@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-java@v5
       with:
         distribution: temurin
         java-version: 17
@@ -103,8 +106,8 @@ jobs:
   gradle-rc:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-java@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-java@v5
       with:
         distribution: temurin
         java-version: 17
@@ -225,8 +228,8 @@ jobs:
   gradle-with-configuration-cache:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-java@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-java@v5
       with:
         distribution: temurin
         java-version: 17
@@ -478,8 +481,8 @@ jobs:
   run-gradle-build:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-java@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-java@v5
       with:
         distribution: temurin
         java-version: 17
@@ -515,8 +518,8 @@ jobs:
   gradle:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-java@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-java@v5
       with:
         distribution: temurin
         java-version: 17
@@ -623,8 +626,8 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-java@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-java@v5
       with:
         distribution: temurin
         java-version: 17
@@ -675,8 +678,8 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-java@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-java@v5
       with:
         distribution: temurin
         java-version: 17
@@ -705,8 +708,8 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-java@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-java@v5
       with:
         distribution: temurin
         java-version: 17

docs/wrapper-validation.md

@@ -72,7 +72,7 @@ jobs:
     name: "Validation"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - uses: gradle/actions/wrapper-validation@v5
 ```
 
@@ -120,7 +120,7 @@ restore these Jars on checkout. Without this, only a pointer to the Wrapper Jar
 
 ```
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
         with:
           lfs: true  # gradle-wrapper.jar verification will fail without this
 ```

setup-gradle/README.md

@@ -19,9 +19,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout sources
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
     - name: Setup Java
-      uses: actions/setup-java@v4
+      uses: actions/setup-java@v5
       with:
         distribution: 'temurin'
         java-version: 17

setup-gradle/action-types.yml

@@ -0,0 +1,171 @@
+# Type descriptors based on https://github.com/typesafegithub/github-actions-typing
+inputs:
+  gradle-version:
+    type: string
+
+  # Cache configuration
+  cache-disabled:
+    type: boolean
+
+  cache-read-only:
+    type: boolean
+
+  cache-write-only:
+    type: boolean
+
+  cache-overwrite-existing:
+    type: boolean
+
+  cache-encryption-key:
+    type: string
+
+  cache-cleanup:
+    type: enum
+    allowed-values:
+      - never
+      - on-success
+      - always
+
+  gradle-home-cache-cleanup:
+    type: boolean
+
+  gradle-home-cache-includes:
+    type: list
+    separator: '\n'
+    list-item:
+      type: string
+
+  gradle-home-cache-excludes:
+    type: list
+    separator: '\n'
+    list-item:
+      type: string
+
+  # Job summary configuration
+  add-job-summary:
+    type: enum
+    allowed-values:
+      - never
+      - always
+      - on-failure
+
+  add-job-summary-as-pr-comment:
+    type: enum
+    allowed-values:
+      - never
+      - always
+      - on-failure
+
+  # Dependency Graph configuration
+  dependency-graph:
+    type: enum
+    allowed-values:
+      - disabled
+      - generate
+      - generate-and-submit
+      - generate-and-upload
+      - download-and-submit
+
+  dependency-graph-report-dir:
+    type: string
+
+  dependency-graph-continue-on-failure:
+    type: boolean
+
+  dependency-graph-exclude-projects:
+    type: string
+
+  dependency-graph-include-projects:
+    type: string
+
+  dependency-graph-exclude-configurations:
+    type: string
+
+  dependency-graph-include-configurations:
+    type: string
+
+  artifact-retention-days:
+    type: integer
+
+  # Build Scan configuration
+  build-scan-publish:
+    type: boolean
+
+  build-scan-terms-of-use-url:
+    type: enum
+    allowed-values:
+      - https://gradle.com/terms-of-service
+      - https://gradle.com/help/legal-terms-of-use
+
+  build-scan-terms-of-use-agree:
+    type: enum
+    allowed-values:
+      - 'yes'
+
+  develocity-access-key:
+    type: string
+
+  develocity-token-expiry:
+    type: integer
+
+  develocity-injection-enabled:
+    type: boolean
+
+  develocity-url:
+    type: string
+
+  develocity-allow-untrusted-server:
+    type: boolean
+
+  develocity-capture-file-fingerprints:
+    type: boolean
+
+  develocity-enforce-url:
+    type: boolean
+
+  develocity-plugin-version:
+    type: string
+
+  develocity-ccud-plugin-version:
+    type: string
+
+  gradle-plugin-repository-url:
+    type: string
+
+  gradle-plugin-repository-username:
+    type: string
+
+  gradle-plugin-repository-password:
+    type: string
+
+  # Wrapper validation configuration
+  validate-wrappers:
+    type: boolean
+
+  allow-snapshot-wrappers:
+    type: boolean
+
+  # Deprecated action inputs
+  arguments:
+    type: string
+
+  # Experimental action inputs
+  gradle-home-cache-strict-match:
+    type: boolean
+
+  # Internal action inputs
+  workflow-job-context:
+    type: string
+
+  github-token:
+    type: string
+
+outputs:
+  build-scan-url:
+    type: string
+
+  dependency-graph-file:
+    type: string
+
+  gradle-version:
+    type: string

sources/src/actions/dependency-submission/main.ts

@@ -5,7 +5,7 @@ import * as dependencyGraph from '../../dependency-graph'
 
 import {parseArgsStringToArgv} from 'string-argv'
 import {
-    BuildScanConfig,
+    DevelocityConfig,
     CacheConfig,
     DependencyGraphConfig,
     DependencyGraphOption,
@@ -25,7 +25,7 @@ export async function run(): Promise<void> {
         setActionId('gradle/actions/dependency-submission')
 
         // Configure Gradle environment (Gradle User Home)
-        await setupGradle.setup(new CacheConfig(), new BuildScanConfig(), new WrapperValidationConfig())
+        await setupGradle.setup(new CacheConfig(), new DevelocityConfig(), new WrapperValidationConfig())
 
         // Capture the enabled state of dependency-graph
         const originallyEnabled = process.env['GITHUB_DEPENDENCY_GRAPH_ENABLED']

sources/src/actions/setup-gradle/main.ts

@@ -2,7 +2,7 @@ import * as setupGradle from '../../setup-gradle'
 import * as provisioner from '../../execution/provision'
 import * as dependencyGraph from '../../dependency-graph'
 import {
-    BuildScanConfig,
+    DevelocityConfig,
     CacheConfig,
     DependencyGraphConfig,
     GradleExecutionConfig,
@@ -28,7 +28,7 @@ export async function run(): Promise<void> {
         setActionId('gradle/actions/setup-gradle')
 
         // Configure Gradle environment (Gradle User Home)
-        await setupGradle.setup(new CacheConfig(), new BuildScanConfig(), new WrapperValidationConfig())
+        await setupGradle.setup(new CacheConfig(), new DevelocityConfig(), new WrapperValidationConfig())
 
         // Configure the dependency graph submission
         await dependencyGraph.setup(new DependencyGraphConfig())

sources/src/cache-service-loader.ts

@@ -21,6 +21,8 @@ The \`gradle-actions-caching\` component is used only when caching is enabled an
 
 Use of the \`gradle-actions-caching\` component is subject to a separate license, available at https://gradle.com/legal/terms-of-use/. 
 If you do not agree to these license terms, do not use the \`gradle-actions-caching\` component.
+
+You can suppress this message by accepting the terms in your action configuration: see https://github.com/gradle/actions/blob/main/README.md
 ***********************************************************
 `
 
@@ -35,6 +37,8 @@ const CACHE_LICENSE_SUMMARY = `
 >
 > Use of the \`gradle-actions-caching\` component is subject to a separate license, available at https://gradle.com/legal/terms-of-use/. 
 > If you do not agree to these license terms, do not use the \`gradle-actions-caching\` component.
+>
+>You can suppress this message by [accepting the terms in your action configuration](https://github.com/gradle/actions/blob/main/README.md).
 `
 
 class NoOpCacheService implements CacheService {
@@ -68,8 +72,14 @@ export async function getCacheService(cacheConfig: CacheConfig): Promise<CacheSe
     if (cacheConfig.isCacheDisabled()) {
         return new NoOpCacheService()
     }
+
+    const cacheService = await loadVendoredCacheService()
+    if (cacheConfig.isCacheLicenseAccepted()) {
+        return cacheService
+    }
+
     await logCacheLicenseWarning()
-    return new LicenseWarningCacheService(await loadVendoredCacheService())
+    return new LicenseWarningCacheService(cacheService)
 }
 
 export async function loadVendoredCacheService(): Promise<CacheService> {
@@ -90,5 +100,5 @@ function findVendoredLibraryPath(): string {
 }
 
 export async function logCacheLicenseWarning(): Promise<void> {
-    console.warn(CACHE_LICENSE_WARNING)
+    console.info(CACHE_LICENSE_WARNING)
 }

sources/src/configuration.ts

@@ -166,6 +166,11 @@ export class CacheConfig {
     getCacheExcludes(): string[] {
         return core.getMultilineInput('gradle-home-cache-excludes')
     }
+
+    isCacheLicenseAccepted(): boolean {
+        const dvConfig = new DevelocityConfig()
+        return dvConfig.getDevelocityAccessKey() !== '' || dvConfig.hasTermsOfUseAgreement()
+    }
 }
 
 export enum CacheCleanupOption {
@@ -229,7 +234,7 @@ export enum JobSummaryOption {
     OnFailure = 'on-failure'
 }
 
-export class BuildScanConfig {
+export class DevelocityConfig {
     static DevelocityAccessKeyEnvVar = 'DEVELOCITY_ACCESS_KEY'
     static GradleEnterpriseAccessKeyEnvVar = 'GRADLE_ENTERPRISE_ACCESS_KEY'
 
@@ -237,19 +242,19 @@ export class BuildScanConfig {
         return getBooleanInput('build-scan-publish') && this.verifyTermsOfUseAgreement()
     }
 
-    getBuildScanTermsOfUseUrl(): string {
+    getTermsOfUseUrl(): string {
         return core.getInput('build-scan-terms-of-use-url')
     }
 
-    getBuildScanTermsOfUseAgree(): string {
+    getTermsOfUseAgree(): string {
         return core.getInput('build-scan-terms-of-use-agree')
     }
 
     getDevelocityAccessKey(): string {
         return (
             core.getInput('develocity-access-key') ||
-            process.env[BuildScanConfig.DevelocityAccessKeyEnvVar] ||
-            process.env[BuildScanConfig.GradleEnterpriseAccessKeyEnvVar] ||
+            process.env[DevelocityConfig.DevelocityAccessKeyEnvVar] ||
+            process.env[DevelocityConfig.GradleEnterpriseAccessKeyEnvVar] ||
             ''
         )
     }
@@ -290,12 +295,17 @@ export class BuildScanConfig {
         return new PluginRepositoryConfig()
     }
 
+    hasTermsOfUseAgreement(): boolean {
+        const develocityAccessKeySet = this.getDevelocityAccessKey() !== ''
+        const termsUrlSet =
+            this.getTermsOfUseUrl() === 'https://gradle.com/terms-of-service' ||
+            this.getTermsOfUseUrl() === 'https://gradle.com/help/legal-terms-of-use'
+        const termsAgreed = this.getTermsOfUseAgree() === 'yes'
+        return develocityAccessKeySet || (termsUrlSet && termsAgreed)
+    }
+
     private verifyTermsOfUseAgreement(): boolean {
-        if (
-            (this.getBuildScanTermsOfUseUrl() !== 'https://gradle.com/terms-of-service' &&
-                this.getBuildScanTermsOfUseUrl() !== 'https://gradle.com/help/legal-terms-of-use') ||
-            this.getBuildScanTermsOfUseAgree() !== 'yes'
-        ) {
+        if (!this.hasTermsOfUseAgreement()) {
             core.warning(
                 `Terms of use at 'https://gradle.com/help/legal-terms-of-use' must be agreed in order to publish build scans.`
             )

sources/src/develocity/build-scan.ts

@@ -1,8 +1,8 @@
 import * as core from '@actions/core'
-import {BuildScanConfig} from '../configuration'
+import {DevelocityConfig} from '../configuration'
 import {setupToken} from './short-lived-token'
 
-export async function setup(config: BuildScanConfig): Promise<void> {
+export async function setup(config: DevelocityConfig): Promise<void> {
     maybeExportVariable('DEVELOCITY_INJECTION_INIT_SCRIPT_NAME', 'gradle-actions.inject-develocity.init.gradle')
     maybeExportVariable('DEVELOCITY_INJECTION_CUSTOM_VALUE', 'gradle-actions')
 
@@ -36,8 +36,8 @@ export async function setup(config: BuildScanConfig): Promise<void> {
         maybeExportVariable('DEVELOCITY_INJECTION_ENABLED', 'true')
         maybeExportVariable('DEVELOCITY_INJECTION_DEVELOCITY_PLUGIN_VERSION', '4.3.2')
         maybeExportVariable('DEVELOCITY_INJECTION_CCUD_PLUGIN_VERSION', '2.1')
-        maybeExportVariable('DEVELOCITY_INJECTION_TERMS_OF_USE_URL', config.getBuildScanTermsOfUseUrl())
-        maybeExportVariable('DEVELOCITY_INJECTION_TERMS_OF_USE_AGREE', config.getBuildScanTermsOfUseAgree())
+        maybeExportVariable('DEVELOCITY_INJECTION_TERMS_OF_USE_URL', config.getTermsOfUseUrl())
+        maybeExportVariable('DEVELOCITY_INJECTION_TERMS_OF_USE_AGREE', config.getTermsOfUseAgree())
     }
 
     return setupToken(

sources/src/develocity/short-lived-token.ts

@@ -1,6 +1,6 @@
 import * as core from '@actions/core'
 import * as httpm from '@actions/http-client'
-import {BuildScanConfig} from '../configuration'
+import {DevelocityConfig} from '../configuration'
 import {recordDeprecation} from '../deprecation-collector'
 
 export async function setupToken(
@@ -28,7 +28,7 @@ export async function setupToken(
 }
 
 function exportAccessKeyEnvVars(value: string): void {
-    ;[BuildScanConfig.DevelocityAccessKeyEnvVar, BuildScanConfig.GradleEnterpriseAccessKeyEnvVar].forEach(key =>
+    ;[DevelocityConfig.DevelocityAccessKeyEnvVar, DevelocityConfig.GradleEnterpriseAccessKeyEnvVar].forEach(key =>
         core.exportVariable(key, value)
     )
 }
@@ -36,12 +36,14 @@ function exportAccessKeyEnvVars(value: string): void {
 function handleMissingAccessToken(): void {
     core.warning(`Failed to fetch short-lived token for Develocity`)
 
-    if (process.env[BuildScanConfig.GradleEnterpriseAccessKeyEnvVar]) {
+    if (process.env[DevelocityConfig.GradleEnterpriseAccessKeyEnvVar]) {
         // We do not clear the GRADLE_ENTERPRISE_ACCESS_KEY env var in v3, to let the users upgrade to DV 2024.1
-        recordDeprecation(`The ${BuildScanConfig.GradleEnterpriseAccessKeyEnvVar} env var is deprecated`)
+        recordDeprecation(`The ${DevelocityConfig.GradleEnterpriseAccessKeyEnvVar} env var is deprecated`)
     }
-    if (process.env[BuildScanConfig.DevelocityAccessKeyEnvVar]) {
-        core.warning(`The ${BuildScanConfig.DevelocityAccessKeyEnvVar} env var should be mapped to a short-lived token`)
+    if (process.env[DevelocityConfig.DevelocityAccessKeyEnvVar]) {
+        core.warning(
+            `The ${DevelocityConfig.DevelocityAccessKeyEnvVar} env var should be mapped to a short-lived token`
+        )
     }
 }
 

sources/src/setup-gradle.ts

@@ -10,7 +10,7 @@ import {loadBuildResults, markBuildResultsProcessed} from './build-results'
 import {getCacheService} from './cache-service-loader'
 import {CacheOptions} from './cache-service'
 import {
-    BuildScanConfig,
+    DevelocityConfig,
     CacheConfig,
     SummaryConfig,
     WrapperValidationConfig,
@@ -24,7 +24,7 @@ const GRADLE_USER_HOME = 'GRADLE_USER_HOME'
 
 export async function setup(
     cacheConfig: CacheConfig,
-    buildScanConfig: BuildScanConfig,
+    develocityConfig: DevelocityConfig,
     wrapperValidationConfig: WrapperValidationConfig
 ): Promise<boolean> {
     const userHome = await determineUserHome()
@@ -49,7 +49,7 @@ export async function setup(
 
     await wrapperValidator.validateWrappers(wrapperValidationConfig, getWorkspaceDirectory(), gradleUserHome)
 
-    await buildScan.setup(buildScanConfig)
+    await buildScan.setup(develocityConfig)
 
     return true
 }

sources/test/init-scripts/build.gradle

@@ -20,7 +20,7 @@ dependencies {
     testImplementation ('io.ratpack:ratpack-groovy-test:1.9.0') {
         exclude group: 'org.codehaus.groovy', module: 'groovy-all'
     }
-    testImplementation 'com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.21.1'
+    testImplementation 'com.fasterxml.jackson.dataformat:jackson-dataformat-smile:2.21.2'
 
     testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
 }

wrapper-validation/README.md

@@ -24,7 +24,7 @@ jobs:
     name: "Validation"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
       - uses: gradle/actions/wrapper-validation@v5
 ```
 

wrapper-validation/action-types.yml

@@ -0,0 +1,17 @@
+# Type descriptors based on https://github.com/typesafegithub/github-actions-typing
+inputs:
+  min-wrapper-count:
+    type: integer
+
+  allow-snapshots:
+    type: boolean
+
+  allow-checksums:
+    type: list
+    separator: ','
+    list-item:
+      type: string
+
+outputs:
+  failed-wrapper:
+    type: string