Fix legacy test: override env var after init-integ-test

GITHUB_ENV from init-integ-test overwrites the workflow-level env. Re-set GRADLE_ACTIONS_CACHE_USE_VENDORED=false after init runs. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Add GRADLE_ACTIONS_CACHE_USE_VENDORED env var for test configuration
2026-06-01 09:31:59 +00:00 · 2026-04-01 15:10:10 -06:00 · 2026-04-01 15:03:35 -06:00 · 2026-04-01 14:47:31 -06:00 · 2026-04-01 14:30:14 -06:00 · 2026-04-01 14:20:34 -06:00
125 changed files with 5952 additions and 4002 deletions
@@ -3,11 +3,18 @@ name: 'Build and upload distribution'
 runs:
  using: "composite"
  steps: 
-    - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
+    - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
      with:
        node-version: 24
        cache: npm
        cache-dependency-path: sources/package-lock.json
+    - name: Build legacy caching module
+      shell: bash
+      run: |
+        npm install
+        npm run build
+      working-directory: sources/legacy-caching
+
    - name: Build distribution
      shell: bash
      run: |
@@ -20,10 +27,12 @@ runs:
    - name: Copy the generated sources/dist directory to the top-level dist
      shell: bash
      run: |
+        mkdir -p sources/dist/legacy-caching
+        cp sources/legacy-caching/dist/index.js sources/dist/legacy-caching/
        cp -r sources/dist .

    - name: Upload distribution
-      uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+      uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
      with:
        name: dist
        path: dist/
@@ -19,11 +19,12 @@ runs:
      shell: bash
      run: |
        echo "ALLOWED_GRADLE_WRAPPER_CHECKSUMS=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" >> "$GITHUB_ENV"
+        echo "GRADLE_ACTIONS_CACHE_USE_VENDORED=true" >> "$GITHUB_ENV"

    # Downloads a 'dist' directory artifact that was uploaded in an earlier 'build-dist' step
    - name: Download dist
      if: ${{ env.SKIP_DIST != 'true' && !env.ACT }}
-      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
+      uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
      with:
        name: dist
        path: dist/
@@ -1,7 +1,7 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionSha256Sum=b266d5ff6b90eada6dc3b20cb090e3731302e553a27c5d3e4df1f0d76beaff06
-distributionUrl=https\://services.gradle.org/distributions/gradle-9.3.1-bin.zip
+distributionSha256Sum=2ab2958f2a1e51120c326cad6f385153bb11ee93b3c216c5fccebfdfbb7ec6cb
+distributionUrl=https\://services.gradle.org/distributions/gradle-9.4.1-bin.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME
@@ -57,7 +57,7 @@
 #       Darwin, MinGW, and NonStop.
 #
 #   (3) This script is generated from the Groovy template
-#       https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+#       https://github.com/gradle/gradle/blob/2d6327017519d23b96af35865dc997fcb544fb40/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
 #       within the Gradle project.
 #
 #       You can find Gradle at https://github.com/gradle/gradle/.
@@ -1,7 +1,7 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionSha256Sum=b266d5ff6b90eada6dc3b20cb090e3731302e553a27c5d3e4df1f0d76beaff06
-distributionUrl=https\://services.gradle.org/distributions/gradle-9.3.1-bin.zip
+distributionSha256Sum=2ab2958f2a1e51120c326cad6f385153bb11ee93b3c216c5fccebfdfbb7ec6cb
+distributionUrl=https\://services.gradle.org/distributions/gradle-9.4.1-bin.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME
@@ -57,7 +57,7 @@
 #       Darwin, MinGW, and NonStop.
 #
 #   (3) This script is generated from the Groovy template
-#       https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+#       https://github.com/gradle/gradle/blob/2d6327017519d23b96af35865dc997fcb544fb40/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
 #       within the Gradle project.
 #
 #       You can find Gradle at https://github.com/gradle/gradle/.
@@ -1,5 +1,5 @@
 plugins {
-    id "com.gradle.develocity" version "4.3.2"
+    id "com.gradle.develocity" version "4.4.0"
    id "com.gradle.common-custom-user-data-gradle-plugin" version "2.4.0"
 }

@@ -1,7 +1,7 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionSha256Sum=b266d5ff6b90eada6dc3b20cb090e3731302e553a27c5d3e4df1f0d76beaff06
-distributionUrl=https\://services.gradle.org/distributions/gradle-9.3.1-bin.zip
+distributionSha256Sum=2ab2958f2a1e51120c326cad6f385153bb11ee93b3c216c5fccebfdfbb7ec6cb
+distributionUrl=https\://services.gradle.org/distributions/gradle-9.4.1-bin.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME
@@ -57,7 +57,7 @@
 #       Darwin, MinGW, and NonStop.
 #
 #   (3) This script is generated from the Groovy template
-#       https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+#       https://github.com/gradle/gradle/blob/2d6327017519d23b96af35865dc997fcb544fb40/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
 #       within the Gradle project.
 #
 #       You can find Gradle at https://github.com/gradle/gradle/.
@@ -1,7 +1,7 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionSha256Sum=b266d5ff6b90eada6dc3b20cb090e3731302e553a27c5d3e4df1f0d76beaff06
-distributionUrl=https\://services.gradle.org/distributions/gradle-9.3.1-bin.zip
+distributionSha256Sum=2ab2958f2a1e51120c326cad6f385153bb11ee93b3c216c5fccebfdfbb7ec6cb
+distributionUrl=https\://services.gradle.org/distributions/gradle-9.4.1-bin.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME
@@ -57,7 +57,7 @@
 #       Darwin, MinGW, and NonStop.
 #
 #   (3) This script is generated from the Groovy template
-#       https://github.com/gradle/gradle/blob/HEAD/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
+#       https://github.com/gradle/gradle/blob/2d6327017519d23b96af35865dc997fcb544fb40/platforms/jvm/plugins-application/src/main/resources/org/gradle/api/internal/plugins/unixStartScript.txt
 #       within the Gradle project.
 #
 #       You can find Gradle at https://github.com/gradle/gradle/.
@@ -1,5 +1,5 @@
 plugins {
-    id("com.gradle.develocity") version "4.3.2"
+    id("com.gradle.develocity") version "4.4.0"
    id("com.gradle.common-custom-user-data-gradle-plugin") version "2.4.0"
 }

@@ -1,5 +1,5 @@
 plugins {
-    id "com.gradle.develocity" version "4.3.2" 
+    id "com.gradle.develocity" version "4.4.0" 
 }

 develocity {
@@ -1,5 +1,5 @@
 plugins {
-    id "com.gradle.develocity" version "4.3.2"
+    id "com.gradle.develocity" version "4.4.0"
 }

 develocity {
@@ -1,5 +1,5 @@
 plugins {
-    id "com.gradle.develocity" version "4.3.2"
+    id "com.gradle.develocity" version "4.4.0"
 }

 develocity {
@@ -19,14 +19,14 @@ jobs:
    steps:
    - name: Checkout sources
      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-    - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
+    - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
      with:
        node-version: 20
        cache: npm
        cache-dependency-path: sources/package-lock.json
    - name: Setup Gradle
      # Use a released version to avoid breakages
-      uses: gradle/actions/setup-gradle@f29f5a9d7b09a7c6b29859002d29d24e1674c884 # v5.0.1
+      uses: gradle/actions/setup-gradle@39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f # v6.0.1
      env:
        ALLOWED_GRADLE_WRAPPER_CHECKSUMS: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 # Invalid wrapper jar used for testing
      with:
@@ -21,7 +21,7 @@ jobs:

    - name: Get changed files
      id: changed-files
-      uses: tj-actions/changed-files@7dee1b0c1557f278e5c7dc244927139d78c0e22a # v47.0.4
+      uses: tj-actions/changed-files@22103cc46bda19c2b464ffe86db46df6922fd323 # v47.0.5
      with:
        files: |
          dist/**
@@ -35,7 +35,7 @@ jobs:

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@89a39a4e59826350b863aa6b6252a07ad50cf83e # v3.29.5
+      uses: github/codeql-action/init@38697555549f1db7851b81482ff19f1fa5c4fedc # v3.29.5
      with:
        languages: ${{ matrix.language }}
        config: |
@@ -43,4 +43,4 @@ jobs:
          - sources/src

    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@89a39a4e59826350b863aa6b6252a07ad50cf83e # v3.29.5
+      uses: github/codeql-action/analyze@38697555549f1db7851b81482ff19f1fa5c4fedc # v3.29.5
@@ -30,7 +30,7 @@ jobs:
        java-version: 17
    - name: Setup Gradle
      # Use a released version to avoid breakages
-      uses: gradle/actions/setup-gradle@f29f5a9d7b09a7c6b29859002d29d24e1674c884 # v5.0.1
+      uses: gradle/actions/setup-gradle@39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f # v6.0.1
      env:
        ALLOWED_GRADLE_WRAPPER_CHECKSUMS: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 # Invalid wrapper jar used for testing
    - name: Run integration tests
@@ -5,12 +5,10 @@ on:
  push:
    branches:
    - 'main'
+    - 'bot/gradle-actions-caching'
    paths:
    - 'dist/**'
-
-concurrency:
-  group: integ-test
-  cancel-in-progress: false
+    - 'sources/vendor/gradle-actions-caching/**'

 permissions:
  contents: read
@@ -11,10 +11,6 @@ on:
    paths-ignore:
    - 'dist/**'

-concurrency:
-  group: integ-test
-  cancel-in-progress: false
-
 permissions:
  contents: read

@@ -31,6 +27,9 @@ jobs:
  caching-integ-tests:
    needs: build-distribution
    uses: ./.github/workflows/suite-integ-test-caching.yml
+    concurrency:
+      group: CI-integ-test
+      cancel-in-progress: false
    with:
      skip-dist: false
    secrets: inherit
@@ -40,6 +39,9 @@ jobs:
      contents: write
    needs: build-distribution
    uses: ./.github/workflows/suite-integ-test-other.yml
+    concurrency:
+      group: CI-integ-test
+      cancel-in-progress: false
    with:
      skip-dist: false
    secrets: inherit
@@ -44,14 +44,8 @@ jobs:
      # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
      # format to the repository Actions tab.
      - name: 'Upload artifact'
-        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
+        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
        with:
          name: SARIF file
          path: results.sarif
          retention-days: 5
-
-      # Upload the results to GitHub's code scanning dashboard.
-      - name: 'Upload to code-scanning'
-        uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v3.29.5
-        with:
-          sarif_file: results.sarif
@@ -28,7 +28,7 @@ jobs:
        token: ${{ secrets.BOT_GITHUB_TOKEN }}

    - name: Set up Node.js
-      uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
+      uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
      with:
        node-version: 20
        cache: npm
@@ -38,6 +38,12 @@ jobs:
      run: |
        npm exec -y -- pacote extract @gradle-tech/develocity-agent@3.0.1 ~/.node_libraries/@gradle-tech/develocity-agent

+    - name: Build legacy caching module
+      run: |
+        npm clean-install
+        npm run build
+      working-directory: sources/legacy-caching
+
    - name: Install npm dependencies
      run: |
        npm clean-install
@@ -58,10 +64,12 @@ jobs:

    - name: Copy the generated sources/dist directory to the top-level dist
      run: |
+        mkdir -p sources/dist/legacy-caching
+        cp sources/legacy-caching/dist/index.js sources/dist/legacy-caching/
        cp -r sources/dist .

    - name: Import GPG key to sign commits
-      uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0
+      uses: crazy-max/ghaction-import-gpg@2dc316deee8e90f13e1a351ab510b4d5bc0c82cd # v7.0.0
      with:
        gpg_private_key: ${{ secrets.GH_BOT_PGP_PRIVATE_KEY }}
        passphrase: ${{ secrets.GH_BOT_PGP_PASSPHRASE }}
@@ -0,0 +1,24 @@
+name: ci-validate-typings.yml
+on:
+  push:
+    branches:
+    - 'main'
+    - 'release/**'
+    paths-ignore:
+    - 'dist/**'
+  pull_request:
+
+permissions:
+  contents: read
+
+jobs:
+  validate-typings:
+    runs-on: "ubuntu-latest"
+    steps:
+    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+    - uses: typesafegithub/github-actions-typing@9ddf35b71a482be7d8922b28e8d00df16b77e315 # v2.2.2
+      with:
+        ignored-action-files: |
+          .github/actions/build-dist/action.yml
+          .github/actions/init-integ-test/action.yml
+          action.yml
@@ -12,6 +12,6 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-      - uses: gradle/actions/wrapper-validation@f29f5a9d7b09a7c6b29859002d29d24e1674c884 # v5.0.1
+      - uses: gradle/actions/wrapper-validation@39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f # v6.0.1
        with:
          allow-checksums: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
@@ -114,3 +114,55 @@ jobs:
    - name: Build kotlin-dsl project
      working-directory: .github/workflow-samples/kotlin-dsl
      run: ./gradlew assemble
+
+  cache-disabled:
+    needs: build-distribution
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout sources
+      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+    - name: Initialize integ-test
+      uses: ./.github/actions/init-integ-test
+
+    - name: Setup Gradle
+      uses: ./setup-gradle
+      with:
+        cache-disabled: true
+    - name: Build kotlin-dsl project
+      working-directory: .github/workflow-samples/kotlin-dsl
+      run: ./gradlew assemble
+
+  terms-of-use-accepted:
+    needs: build-distribution
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout sources
+      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+    - name: Initialize integ-test
+      uses: ./.github/actions/init-integ-test
+
+    - name: Setup Gradle
+      uses: ./setup-gradle
+      with:
+        build-scan-terms-of-use-url: https://gradle.com/help/legal-terms-of-use
+        build-scan-terms-of-use-agree: yes
+    - name: Build kotlin-dsl project
+      working-directory: .github/workflow-samples/kotlin-dsl
+      run: ./gradlew assemble
+
+  develocity-access-key-set:
+    needs: build-distribution
+    runs-on: ubuntu-latest
+    steps:
+    - name: Checkout sources
+      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+    - name: Initialize integ-test
+      uses: ./.github/actions/init-integ-test
+
+    - name: Setup Gradle
+      uses: ./setup-gradle
+      with:
+        develocity-access-key: ${{ secrets.DV_SOLUTIONS_ACCESS_KEY }}
+    - name: Build kotlin-dsl project
+      working-directory: .github/workflow-samples/kotlin-dsl
+      run: ./gradlew assemble
@@ -41,7 +41,7 @@ jobs:
      with:
        cache-read-only: false # For testing, allow writing cache entries on non-default branches
    - name: Build with 3.1
-      working-directory: sources/test/jest/resources/cache-cleanup
+      working-directory: .github/workflow-samples/cache-cleanup
      run: ./gradlew --no-daemon --build-cache -Dcommons_math3_version="3.1" build

  # Second build will use the cache from the first build, but cleanup should remove unused artifacts
@@ -67,7 +67,7 @@ jobs:
        cache-read-only: false
        cache-cleanup: 'on-success'
    - name: Build with 3.1.1
-      working-directory: sources/test/jest/resources/cache-cleanup
+      working-directory: .github/workflow-samples/cache-cleanup
      run: ./gradlew --no-daemon --build-cache -Dcommons_math3_version="3.1.1" build

  # Third build will restore cache entry from second, and verify stale content removed
@@ -178,7 +178,7 @@ jobs:
    runs-on: "ubuntu-latest"
    steps:
    - name: Download dependency-graph artifact
-      uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
+      uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
      with:
        path: downloaded-dependency-graphs
        pattern: dependency-graph_*dependency-graph-generate-submit-and-upload.json
@@ -30,7 +30,7 @@ jobs:
      matrix:
        gradle: ['current', '8.14.3', '7.6.2', '6.9.4', '5.6.4']
        os: ${{fromJSON(inputs.runner-os)}}
-        plugin-version: ['3.16.2', '4.3.2']
+        plugin-version: ['3.16.2', '4.4.0']
        include:
          - java-version: 17
          - gradle: '8.14.3'
@@ -43,7 +43,7 @@ jobs:
            java-version: 11
          - plugin-version: '3.16.2'
            accessKeyEnv: GRADLE_ENTERPRISE_ACCESS_KEY
-          - plugin-version: '4.3.2'
+          - plugin-version: '4.4.0'
            accessKeyEnv: DEVELOCITY_ACCESS_KEY
    runs-on: ${{ matrix.os }}
    env:
@@ -92,7 +92,7 @@ jobs:
      matrix:
        gradle: ['current', '8.14.3', '7.6.2', '6.9.4', '5.6.4']
        os: ${{fromJSON(inputs.runner-os)}}
-        plugin-version: ['3.16.2', '4.3.2']
+        plugin-version: ['3.16.2', '4.4.0']
        include:
          - java-version: 17
          - gradle: '8.14.3'
@@ -148,7 +148,7 @@ jobs:
      matrix:
        gradle: ['current', '8.14.3', '7.6.2', '6.9.4', '5.6.4']
        os: ${{fromJSON(inputs.runner-os)}}
-        plugin-version: [ '3.16.2', '4.3.2' ]
+        plugin-version: [ '3.16.2', '4.4.0' ]
        include:
          - java-version: 17
          - gradle: '8.14.3'
@@ -191,7 +191,7 @@ jobs:
      matrix:
        gradle: ['current', '8.14.3', '7.6.2', '6.9.4', '5.6.4']
        os: ${{fromJSON(inputs.runner-os)}}
-        plugin-version: [ '3.16.2', '4.3.2' ]
+        plugin-version: [ '3.16.2', '4.4.0' ]
        include:
          - java-version: 17
          - gradle: '8.14.3'
@@ -0,0 +1,72 @@
+name: Test legacy caching module
+
+on:
+  workflow_call:
+    inputs:
+      cache-key-prefix:
+        type: string
+        default: '0'
+      runner-os:
+        type: string
+        default: '["ubuntu-latest"]'
+      skip-dist:
+        type: boolean
+        default: false
+
+env:
+  SKIP_DIST: ${{ inputs.skip-dist }}
+  GRADLE_BUILD_ACTION_CACHE_KEY_PREFIX: legacy-caching-${{ inputs.cache-key-prefix }}
+  GRADLE_ACTIONS_CACHE_USE_VENDORED: false
+
+permissions:
+  contents: read
+
+jobs:
+  legacy-caching-seed-build:
+    strategy:
+      max-parallel: 1
+      fail-fast: false
+      matrix:
+        os: ${{fromJSON(inputs.runner-os)}}
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Checkout sources
+      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+    - name: Initialize integ-test
+      uses: ./.github/actions/init-integ-test
+    - name: Use legacy caching module
+      shell: bash
+      run: echo "GRADLE_ACTIONS_CACHE_USE_VENDORED=false" >> "$GITHUB_ENV"
+
+    - name: Setup Gradle
+      uses: ./setup-gradle
+      with:
+        cache-read-only: false # For testing, allow writing cache entries on non-default branches
+    - name: Build kotlin-dsl project
+      working-directory: .github/workflow-samples/kotlin-dsl
+      run: ./gradlew build
+
+  legacy-caching-verify-build:
+    needs: legacy-caching-seed-build
+    strategy:
+      max-parallel: 1
+      fail-fast: false
+      matrix:
+        os: ${{fromJSON(inputs.runner-os)}}
+    runs-on: ${{ matrix.os }}
+    steps:
+    - name: Checkout sources
+      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+    - name: Initialize integ-test
+      uses: ./.github/actions/init-integ-test
+    - name: Use legacy caching module
+      shell: bash
+      run: echo "GRADLE_ACTIONS_CACHE_USE_VENDORED=false" >> "$GITHUB_ENV"
+
+    - name: Setup Gradle
+      uses: ./setup-gradle
+      with:
+        cache-read-only: true
+    - name: Build kotlin-dsl project
+      working-directory: .github/workflow-samples/kotlin-dsl
+      run: ./gradlew build --offline
@@ -1,235 +0,0 @@
-name: Test restore configuration-cache
-
-on:
-  workflow_call:
-    inputs:
-      cache-key-prefix:
-        type: string
-        default: '0'
-      runner-os:
-        type: string
-        default: '["ubuntu-latest"]'
-      skip-dist:
-        type: boolean
-        default: false
-    secrets:
-      GRADLE_ENCRYPTION_KEY:
-        required: true
-
-env:
-  SKIP_DIST: ${{ inputs.skip-dist }}
-  GRADLE_BUILD_ACTION_CACHE_KEY_PREFIX: restore-configuration-cache-${{ inputs.cache-key-prefix }}
-
-permissions:
-  contents: read
-
-jobs:
-  restore-cc-seed-build-groovy:
-    env:
-      GRADLE_BUILD_ACTION_CACHE_KEY_JOB: restore-cc-groovy
-    strategy:
-      max-parallel: 1
-      fail-fast: false
-      matrix:
-        os: ${{fromJSON(inputs.runner-os)}}
-    runs-on: ${{ matrix.os }}
-    steps:
-    - name: Checkout sources
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-    - name: Initialize integ-test
-      uses: ./.github/actions/init-integ-test
-
-    - name: Setup Gradle
-      uses: ./setup-gradle
-      with:
-        cache-read-only: false # For testing, allow writing cache entries on non-default branches
-        cache-write-only: true # Ensure we start with a clean cache entry
-        cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
-    - name: Groovy build with configuration-cache enabled
-      working-directory: .github/workflow-samples/groovy-dsl
-      run: gradle test --configuration-cache
-
-  restore-cc-verify-build-groovy:
-    env:
-      GRADLE_BUILD_ACTION_CACHE_KEY_JOB: restore-cc-groovy
-      GRADLE_BUILD_ACTION_CACHE_KEY_JOB_EXECUTION: ${{github.sha}}_1
-    needs: restore-cc-seed-build-groovy
-    strategy:
-      max-parallel: 1
-      fail-fast: false
-      matrix:
-        os: ${{fromJSON(inputs.runner-os)}}
-    runs-on: ${{ matrix.os }}
-    steps:
-    - name: Checkout sources
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-    - name: Initialize integ-test
-      uses: ./.github/actions/init-integ-test
-
-    - name: Setup Gradle
-      uses: ./setup-gradle
-      with:
-        cache-read-only: false
-        cache-cleanup: on-success
-        cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
-    - name: Groovy build with configuration-cache enabled
-      id: execute
-      working-directory: .github/workflow-samples/groovy-dsl
-      run: gradle test --configuration-cache
-    - name: Verify configuration-cache hit
-      shell: bash
-      run: |
-        if [ -e ".github/workflow-samples/groovy-dsl/task-configured.txt" ]; then
-            echo "Configuration cache was not used - task was configured unexpectedly"
-            exit 1
-        fi
-
-  # Ensure that cache-cleanup doesn't remove all necessary files
-  restore-cc-verify-no-cache-cleanup-groovy:
-    env:
-      GRADLE_BUILD_ACTION_CACHE_KEY_JOB: restore-cc-groovy
-      GRADLE_BUILD_ACTION_CACHE_KEY_JOB_EXECUTION: ${{github.sha}}_2
-    needs: restore-cc-verify-build-groovy
-    strategy:
-      max-parallel: 1
-      fail-fast: false
-      matrix:
-        os: ${{fromJSON(inputs.runner-os)}}
-    runs-on: ${{ matrix.os }}
-    steps:
-    - name: Checkout sources
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-    - name: Initialize integ-test
-      uses: ./.github/actions/init-integ-test
-
-    - name: Setup Gradle
-      uses: ./setup-gradle
-      with:
-        cache-read-only: true
-        cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
-    - name: Groovy build with configuration-cache enabled
-      id: execute
-      working-directory: .github/workflow-samples/groovy-dsl
-      run: gradle test --configuration-cache
-    - name: Verify configuration-cache hit
-      shell: bash
-      run: |
-        if [ -e ".github/workflow-samples/groovy-dsl/task-configured.txt" ]; then
-            echo "Configuration cache was not used - task was configured unexpectedly"
-            exit 1
-        fi
-
-  # Check that the build can run when no extracted cache entries are restored
-  restore-cc-gradle-user-home-not-fully-restored:
-    env:
-      GRADLE_BUILD_ACTION_CACHE_KEY_JOB: restore-cc-groovy
-      GRADLE_BUILD_ACTION_CACHE_KEY_JOB_EXECUTION: ${{github.sha}}_x
-    needs: restore-cc-seed-build-groovy
-    strategy:
-      max-parallel: 1
-      fail-fast: false
-      matrix:
-        os: ${{fromJSON(inputs.runner-os)}}
-    runs-on: ${{ matrix.os }}
-    steps:
-    - name: Checkout sources
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-    - name: Initialize integ-test
-      uses: ./.github/actions/init-integ-test
-
-    - name: Setup Gradle with no extracted cache entries restored
-      uses: ./setup-gradle
-      env: 
-        GRADLE_BUILD_ACTION_SKIP_RESTORE: "generated-gradle-jars|wrapper-zips|java-toolchains|instrumented-jars|dependencies|kotlin-dsl"
-      with:
-        cache-read-only: true
-        cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
-    - name: Check execute Gradle build with configuration cache enabled (but not restored)
-      working-directory: .github/workflow-samples/groovy-dsl
-      run: gradle test --configuration-cache
-
-  restore-cc-seed-build-kotlin:
-    env:
-      GRADLE_BUILD_ACTION_CACHE_KEY_JOB: restore-cc-kotlin
-    strategy:
-      max-parallel: 1
-      fail-fast: false
-      matrix:
-        os: ${{fromJSON(inputs.runner-os)}}
-    runs-on: ${{ matrix.os }}
-    steps:
-    - name: Checkout sources
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-    - name: Initialize integ-test
-      uses: ./.github/actions/init-integ-test
-
-    - name: Setup Gradle
-      uses: ./setup-gradle
-      with:
-        cache-read-only: false # For testing, allow writing cache entries on non-default branches
-        cache-write-only: true # Ensure we start with a clean cache entry
-        cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
-    - name: Execute 'help' with configuration-cache enabled
-      working-directory: .github/workflow-samples/kotlin-dsl
-      run: gradle help --configuration-cache
-
-  restore-cc-modify-build-kotlin:
-    env:
-      GRADLE_BUILD_ACTION_CACHE_KEY_JOB: restore-cc-kotlin
-      GRADLE_BUILD_ACTION_CACHE_KEY_JOB_EXECUTION: ${{github.sha}}_1
-    needs: restore-cc-seed-build-kotlin
-    strategy:
-      max-parallel: 1
-      fail-fast: false
-      matrix:
-        os: ${{fromJSON(inputs.runner-os)}}
-    runs-on: ${{ matrix.os }}
-    steps:
-    - name: Checkout sources
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-    - name: Initialize integ-test
-      uses: ./.github/actions/init-integ-test
-
-    - name: Setup Gradle
-      uses: ./setup-gradle
-      with:
-        cache-read-only: false # For testing, allow writing cache entries on non-default branches
-        cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
-    - name: Execute 'test' with configuration-cache enabled
-      working-directory: .github/workflow-samples/kotlin-dsl
-      run: gradle test --configuration-cache
-
-  # Test restore configuration-cache from the third build invocation
-  restore-cc-verify-build-kotlin:
-    env:
-      GRADLE_BUILD_ACTION_CACHE_KEY_JOB: restore-cc-kotlin
-      GRADLE_BUILD_ACTION_CACHE_KEY_JOB_EXECUTION: ${{github.sha}}_2
-    needs: restore-cc-modify-build-kotlin
-    strategy:
-      max-parallel: 1
-      fail-fast: false
-      matrix:
-        os: ${{fromJSON(inputs.runner-os)}}
-    runs-on: ${{ matrix.os }}
-    steps:
-    - name: Checkout sources
-      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-    - name: Initialize integ-test
-      uses: ./.github/actions/init-integ-test
-
-    - name: Setup Gradle
-      uses: ./setup-gradle
-      with:
-        cache-read-only: true
-        cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
-    - name: Execute 'test' again with configuration-cache enabled
-      id: execute
-      working-directory: .github/workflow-samples/kotlin-dsl
-      run: gradle test --configuration-cache
-    - name: Verify configuration-cache hit
-      shell: bash
-      run: |
-        if [ -e ".github/workflow-samples/kotlin-dsl/task-configured.txt" ]; then
-            echo "Configuration cache was not used - task was configured unexpectedly"
-            exit 1
-        fi
@@ -12,6 +12,7 @@ on:

 env:
  SKIP_DIST: ${{ inputs.skip-dist }}
+  GRADLE_BUILD_ACTION_CACHE_KEY_PREFIX: wrapper-validation- # Avoid loading cache entries from other tests, that may have cached allowed wrapper checksums

 permissions:
  contents: read
@@ -111,6 +112,12 @@ jobs:
    steps:
    - name: Checkout sources
      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+      with:
+        sparse-checkout: |
+          .github
+          dist
+          wrapper-validation
+
    - name: Initialize integ-test
      uses: ./.github/actions/init-integ-test

@@ -118,10 +125,8 @@ jobs:
      id: action-test
      uses: ./wrapper-validation
      with:
-        # to allow the invalid wrapper jar present in test data
-        allow-checksums: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
-        min-wrapper-count: 11
-      # Expected to fail; validated below
+        min-wrapper-count: 7
+      # There are only 6 wrappers in workflow-samples, so expected to fail
      continue-on-error: true

    - name: Check outcome
@@ -26,14 +26,6 @@ jobs:
      runner-os: '${{ inputs.runner-os }}'
      skip-dist: ${{ inputs.skip-dist }}

-  restore-configuration-cache:
-    if: ${{ ! github.event.pull_request.head.repo.fork }}
-    uses: ./.github/workflows/integ-test-restore-configuration-cache.yml
-    with:
-      skip-dist: ${{ inputs.skip-dist }}
-    secrets:
-      GRADLE_ENCRYPTION_KEY: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
-
  restore-containerized-gradle-home:
    uses: ./.github/workflows/integ-test-restore-containerized-gradle-home.yml
    with:
@@ -53,3 +45,8 @@ jobs:
    uses: ./.github/workflows/integ-test-restore-java-toolchain.yml
    with:
      skip-dist: ${{ inputs.skip-dist }}
+
+  legacy-caching:
+    uses: ./.github/workflows/integ-test-legacy-caching.yml
+    with:
+      skip-dist: ${{ inputs.skip-dist }}
@@ -22,7 +22,7 @@ jobs:
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

      - name: Set up Node.js
-        uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
+        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
        with:
          node-version: 20
          cache: npm
@@ -38,7 +38,7 @@ jobs:
        working-directory: sources

      - name: Import GPG key to sign commits
-        uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0
+        uses: crazy-max/ghaction-import-gpg@2dc316deee8e90f13e1a351ab510b4d5bc0c82cd # v7.0.0
        with:
          gpg_private_key: ${{ secrets.GH_BOT_PGP_PRIVATE_KEY }}
          passphrase: ${{ secrets.GH_BOT_PGP_PASSPHRASE }}
@@ -0,0 +1,28 @@
+# Workspace Instructions
+
+## Vendored Library Flow
+
+This repository uses a proprietary caching library: `gradle-actions-caching`.
+
+- The vendored copy lives at `sources/vendor/gradle-actions-caching`
+- The source code is at `../actions-caching` and https://github.com/gradle/actions-caching
+
+When a task involves building, updating, validating, or testing the vendored `gradle-actions-caching` library, use this sequence:
+
+1. Run `npm run build` in `actions-caching`.
+2. Copy (overwrite) the contents of `actions-caching/dist/` onto `sources/vendor/gradle-actions-caching/`. (No need to rm the existing contents)
+3. Then continue with any build, test, or validation steps in this repository.
+
+Do not treat `actions/sources/vendor/gradle-actions-caching` as the source of truth. The source of truth is `actions-caching`, and the vendor directory must be refreshed from its `dist/` output after rebuilding.
+
+## Building
+
+To build this repository, run the `build` script at the root of that repository with no arguments:
+
+```sh
+./build
+```
+
+## dist directory
+
+Never make direct changes to the 'dist' directory. Building with npm will populate 'sources/dist' which is enough. There is a CI workflow that will update the 'dist' directory when required.
@@ -0,0 +1,11 @@
+NOTICE
+
+The software in this repository, except for the bundled `gradle-actions-caching` component, is licensed under the MIT License.
+
+The caching functionality in this project has been extracted into `gradle-actions-caching`, a proprietary commercial component that is not covered by the MIT License for this repository. 
+The bundled `gradle-actions-caching` component is licensed and governed by a separate license, available at https://gradle.com/legal/terms-of-use/.
+
+The `gradle-actions-caching` component is used only when caching is enabled and is not loaded or used when caching is disabled.
+
+Use of the `gradle-actions-caching` component is subject to a separate license, available at https://gradle.com/legal/terms-of-use/. 
+If you do not agree to these license terms, do not use the gradle-actions-caching component.
@@ -1,9 +1,23 @@
 # GitHub Actions for Gradle builds

-[![OpenSSF Scorecard](https://api.scorecard.dev/projects/github.com/gradle/actions/badge)](https://scorecard.dev/viewer/?uri=github.com/gradle/actions)
-
 This repository contains a set of GitHub Actions that are useful for building Gradle projects on GitHub.

+> [!IMPORTANT]
+> ## Licensing notice
+>
+> The software in this repository is licensed under the [MIT License](LICENSE).
+>
+> The caching functionality in this project has been extracted into `gradle-actions-caching`, a proprietary commercial component that is not covered by the MIT License for this repository. 
+> The bundled `gradle-actions-caching` component is licensed and governed by a separate license, available at https://gradle.com/legal/terms-of-use/.
+>
+> The `gradle-actions-caching` component is used only when caching is enabled and is not loaded or used when caching is disabled.
+>
+> Use of the `gradle-actions-caching` component is subject to a separate license, available at https://gradle.com/legal/terms-of-use/. 
+> If you do not agree to these license terms, do not use the `gradle-actions-caching` component.
+
+This license notice will be displayed in workflow logs and each job summary. To suppress this message, 
+either [accept the terms of use](docs/setup-gradle.md#publishing-to-scansgradlecom) in your workflow, or [provide a Develocity access key](docs/setup-gradle.md#managing-develocity-access-keys).
+
 ## The `setup-gradle` action

 The `setup-gradle` action can be used to configure Gradle for optimal execution on any platform supported by GitHub Actions.
@@ -25,9 +39,9 @@ jobs:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout sources
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
    - name: Setup Java
-      uses: actions/setup-java@v4
+      uses: actions/setup-java@v5
      with:
        distribution: 'temurin'
        java-version: 17
@@ -63,9 +77,9 @@ jobs:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout sources
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
    - name: Setup Java
-      uses: actions/setup-java@v4
+      uses: actions/setup-java@v5
      with:
        distribution: 'temurin'
        java-version: 17
@@ -98,7 +112,7 @@ jobs:
    name: "Validation"
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
      - uses: gradle/actions/wrapper-validation@v5
 ```

@@ -20,8 +20,9 @@
  - Include a Full changelog link in the format https://github.com/gradle/actions/compare/v2.12.0...v3.0.0
 - Publish the release.
 - Force push the `v5` tag (or current major version) to point to the new release. It is conventional for users to bind to a major release version using this tag.
-  - From CLI: `git tag -f -s -a -m "v5.0.0" v5 v5.0.0 && git push -f --tags`
+  - From CLI: `git tag -f -s -a -m "v5.0.0" v5 && git push -f --tags`
  - Note that we sign the tag and set the commit message for the tag to the newly released version.
+  - Your HEAD must point at the commit to be tagged.

 ## Post release steps

@@ -1,13 +1,30 @@
 #!/bin/bash

+build_legacy_caching() {
+    echo "Building legacy caching module..."
+    cd sources/legacy-caching
+    npm clean-install
+    npm run build
+    cd ../..
+    # Copy legacy caching bundle into sources/dist so the CI bot picks it up
+    mkdir -p sources/dist/legacy-caching
+    cp sources/legacy-caching/dist/index.js sources/dist/legacy-caching/
+}
+
 cd sources

 case "$1" in
    all)
+        cd ..
+        build_legacy_caching
+        cd sources
        npm run all
        ;;
    act)
        # Build and copy outputs to the dist directory
+        cd ..
+        build_legacy_caching
+        cd sources
        npm run build
        cd ..
        cp -r sources/dist .
@@ -17,6 +34,9 @@ case "$1" in
        git checkout -- dist
        ;;
    dist)
+        cd ..
+        build_legacy_caching
+        cd sources
        npm clean-install
        npm run build
        cd ..
@@ -27,6 +47,9 @@ case "$1" in
        ./gradlew check
        ;;
    install)
+        cd ..
+        build_legacy_caching
+        cd sources
        npm clean-install
        npm run build
        ;;
@@ -35,6 +58,9 @@ case "$1" in
        npm test -- $@
        ;;
    *)
+        cd ..
+        build_legacy_caching
+        cd sources
        npm run build
        ;;
 esac
@@ -22,9 +22,9 @@ jobs:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout sources
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
    - name: Setup Java
-      uses: actions/setup-java@v4
+      uses: actions/setup-java@v5
      with:
        distribution: 'temurin'
        java-version: 17
@@ -0,0 +1,146 @@
+# Type descriptors based on https://github.com/typesafegithub/github-actions-typing
+inputs:
+  # Gradle execution configuration
+  gradle-version:
+    type: string
+
+  build-root-directory:
+    type: string
+
+  dependency-resolution-task:
+    type: string
+
+  additional-arguments:
+    type: string
+
+  # Cache configuration
+  cache-disabled:
+    type: boolean
+
+  cache-read-only:
+    type: boolean
+
+  cache-write-only:
+    type: boolean
+
+  cache-overwrite-existing:
+    type: boolean
+
+  cache-encryption-key:
+    type: string
+
+  cache-cleanup:
+    type: enum
+    allowed-values:
+      - never
+      - on-success
+      - always
+
+  gradle-home-cache-cleanup:
+    type: boolean
+
+  gradle-home-cache-includes:
+    type: list
+    separator: '\n'
+    list-item:
+      type: string
+
+  gradle-home-cache-excludes:
+    type: list
+    separator: '\n'
+    list-item:
+      type: string
+
+  # Job summary configuration
+  add-job-summary:
+    type: enum
+    allowed-values:
+      - never
+      - always
+      - on-failure
+
+  add-job-summary-as-pr-comment:
+    type: enum
+    allowed-values:
+      - never
+      - always
+      - on-failure
+
+  # Dependency Graph configuration
+  dependency-graph:
+    type: enum
+    allowed-values:
+      - generate-and-submit
+      - generate-submit-and-upload
+      - generate-and-upload
+      - download-and-submit
+
+  dependency-graph-report-dir:
+    type: string
+
+  dependency-graph-continue-on-failure:
+    type: boolean
+
+  dependency-graph-exclude-projects:
+    type: string
+
+  dependency-graph-include-projects:
+    type: string
+
+  dependency-graph-exclude-configurations:
+    type: string
+
+  dependency-graph-include-configurations:
+    type: string
+
+  artifact-retention-days:
+    type: integer
+
+  # Build Scan configuration
+  build-scan-publish:
+    type: boolean
+
+  build-scan-terms-of-use-url:
+    type: enum
+    allowed-values:
+      - https://gradle.com/terms-of-service
+      - https://gradle.com/help/legal-terms-of-use
+
+  build-scan-terms-of-use-agree:
+    type: enum
+    allowed-values:
+      - 'yes'
+
+  develocity-access-key:
+    type: string
+
+  develocity-token-expiry:
+    type: integer
+
+  # Wrapper validation configuration
+  validate-wrappers:
+    type: boolean
+
+  allow-snapshot-wrappers:
+    type: boolean
+
+  # Experimental action inputs
+  gradle-home-cache-strict-match:
+    type: boolean
+
+  # Internal action inputs
+  workflow-job-context:
+    type: string
+
+  github-token:
+    type: string
+
+outputs:
+  build-scan-url:
+    type: string
+
+  dependency-graph-file:
+    type: string
+
+  gradle-version:
+    type: string
@@ -15,6 +15,22 @@ for vulnerable dependencies, as well as to populate the

 If you're confused by the behaviour you're seeing or have specific questions, please check out [the FAQ](dependency-submission-faq.md) before raising an issue.

+> [!IMPORTANT]
+> ## Licensing notice
+>
+> The software in this repository is licensed under the [MIT License](LICENSE).
+>
+> The caching functionality in this project has been extracted into `gradle-actions-caching`, a proprietary commercial component that is not covered by the MIT License for this repository. 
+> The bundled `gradle-actions-caching` component is licensed and governed by a separate license, available at https://gradle.com/legal/terms-of-use/.
+>
+> The `gradle-actions-caching` component is used only when caching is enabled and is not loaded or used when caching is disabled.
+>
+> Use of the `gradle-actions-caching` component is subject to a separate license, available at https://gradle.com/legal/terms-of-use/. 
+> If you do not agree to these license terms, do not use the `gradle-actions-caching` component.
+
+This license notice will be displayed in workflow logs and each job summary. To suppress this message, 
+either [accept the terms of use](setup-gradle.md#publishing-to-scansgradlecom) in your workflow, or [provide a Develocity access key](setup-gradle.md#managing-develocity-access-keys).
+
 ## General usage

 The following workflow will generate a dependency graph for a Gradle project and submit it immediately to the repository via the
@@ -36,8 +52,8 @@ jobs:
  dependency-submission:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-java@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-java@v5
      with:
        distribution: temurin
        java-version: 17
@@ -60,6 +76,13 @@ on the command-line will be used.
 The action provides the ability to override the Gradle version and task to execute, as well as provide 
 additional arguments that will be passed to Gradle on the command-line. See [Configuration Parameters](#configuration-parameters) below.

+### Disabling caching
+
+Caching is enabled by default. You can disable caching for the action as follows:
+```yaml
+cache-disabled: true
+```
+
 ### Publishing a Develocity Build Scan® from your dependency submission workflow

 You can automatically publish a free Develocity Build Scan on every run of `gradle/actions/dependency-submission`. 
@@ -343,8 +366,8 @@ jobs:
  dependency-submission:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-java@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-java@v5
      with:
        distribution: temurin
        java-version: 17
@@ -405,8 +428,8 @@ jobs:
  dependency-submission:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-java@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-java@v5
      with:
        distribution: temurin
        java-version: 17
@@ -443,7 +466,7 @@ jobs:
 # Gradle version compatibility

 Dependency-graph generation is compatible with most versions of Gradle >= `5.2`, and is tested regularly against 
-Gradle versions `5.2.1`, `5.6.4`, `6.0.1`, `6.9.4`, `7.1.1` and `7.6.3`, as well as all patched versions of Gradle 8.x.
+Gradle versions `5.2.1`, `5.6.4`, `6.0.1`, `6.9.4`, `7.1.1`, `7.6.6`, `8.0.2` and `8.14.4`, as well as all patched versions of Gradle 9.x.

 A known exception to this is that Gradle `7.0`, `7.0.1` and `7.0.2` are not supported.

@@ -454,4 +477,3 @@ See [here](https://github.com/gradle/github-dependency-graph-gradle-plugin?tab=r
 - Dependency Submission Demo repository: https://github.com/gradle/github-dependency-submission-demo
 - GitHub Dependency Graph Gradle Plugin: https://github.com/gradle/github-dependency-graph-gradle-plugin
 - Webinar - Gradle at Scale with GitHub and GitHub Actions at Allegro: https://www.youtube.com/watch?v=gV94I28FPos
-
@@ -2,13 +2,30 @@

 This GitHub Action can be used to configure Gradle for optimal execution on any platform supported by GitHub Actions.

+> [!IMPORTANT]
+> ## Licensing notice
+>
+> The software in this repository is licensed under the [MIT License](LICENSE).
+>
+> The caching functionality in this project has been extracted into `gradle-actions-caching`, a proprietary commercial component that is not covered by the MIT License for this repository. 
+> The bundled `gradle-actions-caching` component is licensed and governed by a separate license, available at https://gradle.com/legal/terms-of-use/.
+>
+> The `gradle-actions-caching` component is used only when caching is enabled and is not loaded or used when caching is disabled.
+>
+> Use of the `gradle-actions-caching` component is subject to a separate license, available at https://gradle.com/legal/terms-of-use/. 
+> If you do not agree to these license terms, do not use the `gradle-actions-caching` component.
+
+This license notice will be displayed in workflow logs and each job summary. To suppress this message, 
+either [accept the terms of use](#publishing-to-scansgradlecom) in your workflow, or [provide a Develocity access key](#managing-develocity-access-keys).
+
 ## Why use the `setup-gradle` action?

-It is possible to directly invoke Gradle in your workflow, and the `actions/setup-java@v4` action provides a simple way to cache Gradle dependencies.
+It is possible to directly invoke Gradle in your workflow, and the `actions/setup-java@v5` action provides a simple way to cache Gradle dependencies.

 However, the `setup-gradle` action offers a several advantages over this approach:

 - Easily [configure your workflow to use a specific version of Gradle](#build-with-a-specific-gradle-version) using the `gradle-version` parameter. Gradle distributions are automatically downloaded and cached.
+- [Gradle Wrapper files are automatically validated](#gradle-wrapper-validation) against known checksums
 - More sophisticated and more efficient caching of Gradle User Home between invocations, compared to `setup-java` and most custom configurations using `actions/cache`. [More details below](#caching-build-state-between-jobs).
 - Detailed reporting of cache usage and cache configuration options allow you to [optimize the use of the GitHub actions cache](#optimizing-cache-effectiveness).
 - [Generate and Submit a GitHub Dependency Graph](#github-dependency-graph-support) for your project, enabling Dependabot security alerts.
@@ -38,8 +55,8 @@ jobs:
        os: [ubuntu-latest, macos-latest, windows-latest]
    runs-on: ${{ matrix.os }}
    steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-java@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-java@v5
      with:
        distribution: temurin
        java-version: 17
@@ -90,8 +107,8 @@ jobs:
  gradle-rc:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-java@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-java@v5
      with:
        distribution: temurin
        java-version: 17
@@ -212,8 +229,8 @@ jobs:
  gradle-with-configuration-cache:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-java@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-java@v5
      with:
        distribution: temurin
        java-version: 17
@@ -465,8 +482,8 @@ jobs:
  run-gradle-build:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-java@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-java@v5
      with:
        distribution: temurin
        java-version: 17
@@ -502,8 +519,8 @@ jobs:
  gradle:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-java@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-java@v5
      with:
        distribution: temurin
        java-version: 17
@@ -610,8 +627,8 @@ jobs:
  build:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-java@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-java@v5
      with:
        distribution: temurin
        java-version: 17
@@ -662,8 +679,8 @@ jobs:
  build:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-java@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-java@v5
      with:
        distribution: temurin
        java-version: 17
@@ -692,8 +709,8 @@ jobs:
  build:
    runs-on: ubuntu-latest
    steps:
-    - uses: actions/checkout@v4
-    - uses: actions/setup-java@v4
+    - uses: actions/checkout@v6
+    - uses: actions/setup-java@v5
      with:
        distribution: temurin
        java-version: 17
@@ -847,7 +864,7 @@ Here's a minimal example:
      run: ./gradlew build
 ```

-This configuration will automatically apply `v4.3.2` of the [Develocity Gradle plugin](https://docs.gradle.com/develocity/gradle-plugin/), and publish build scans to https://develocity.your-server.com.
+This configuration will automatically apply `v4.4.0` of the [Develocity Gradle plugin](https://docs.gradle.com/develocity/gradle-plugin/), and publish build scans to https://develocity.your-server.com.

 This example assumes that the `develocity.your-server.com` server allows anonymous publishing of build scans.
 In the likely scenario that your Develocity server requires authentication, you will also need to pass a valid [Develocity access key](https://docs.gradle.com/develocity/gradle-plugin/#via_environment_variable) taken from a secret:
@@ -933,4 +950,3 @@ Each of the plugins is signed by Gradle, and you can simply add the following sn
   </trusted-key>
 </trusted-keys>
 ```
-
@@ -72,7 +72,7 @@ jobs:
    name: "Validation"
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
      - uses: gradle/actions/wrapper-validation@v5
 ```

@@ -120,7 +120,7 @@ restore these Jars on checkout. Without this, only a pointer to the Wrapper Jar

 ```
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
        with:
          lfs: true  # gradle-wrapper.jar verification will fail without this
 ```
@@ -0,0 +1,27 @@
+Software License Agreement Copyright (c) 2026 Gradle, Inc. All rights
+reserved.
+
+1. PROPRIETARY AND CONFIDENTIAL. This software and its source code are the
+proprietary and confidential property of Gradle, Inc.
+
+2. LICENSE GRANT AND TERMS OF USE. Subject to your compliance with the Terms
+of Use referenced below, Gradle, Inc. grants you a non-exclusive,
+non-transferable license to use this library solely for internal CI/CD
+purposes. Your use, installation, and distribution of this software are
+strictly governed by the Gradle, Inc. Terms of Use, which can be found at the
+following URL: https://gradle.com/legal/terms-of-use/. By downloading,
+installing, or using this software, you agree to be bound by the terms and
+conditions set forth in the link above.
+
+3. RESTRICTIONS. Unless expressly permitted in the Terms of Use referenced
+above, you may not: (a) Modify, decompile, or reverse engineer this software.
+(b) Redistribute the source code or binaries without prior written consent.
+(c) Use this software for any purpose not authorized by the Terms of Use.
+
+4. NO WARRANTY. AS SET FORTH IN THE GRADLE, INC. TERMS OF USE, THIS SOFTWARE IS
+PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING
+BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
+PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
+BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF
+CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
@@ -19,9 +19,9 @@ jobs:
    runs-on: ubuntu-latest
    steps:
    - name: Checkout sources
-      uses: actions/checkout@v4
+      uses: actions/checkout@v6
    - name: Setup Java
-      uses: actions/setup-java@v4
+      uses: actions/setup-java@v5
      with:
        distribution: 'temurin'
        java-version: 17
@@ -0,0 +1,171 @@
+# Type descriptors based on https://github.com/typesafegithub/github-actions-typing
+inputs:
+  gradle-version:
+    type: string
+
+  # Cache configuration
+  cache-disabled:
+    type: boolean
+
+  cache-read-only:
+    type: boolean
+
+  cache-write-only:
+    type: boolean
+
+  cache-overwrite-existing:
+    type: boolean
+
+  cache-encryption-key:
+    type: string
+
+  cache-cleanup:
+    type: enum
+    allowed-values:
+      - never
+      - on-success
+      - always
+
+  gradle-home-cache-cleanup:
+    type: boolean
+
+  gradle-home-cache-includes:
+    type: list
+    separator: '\n'
+    list-item:
+      type: string
+
+  gradle-home-cache-excludes:
+    type: list
+    separator: '\n'
+    list-item:
+      type: string
+
+  # Job summary configuration
+  add-job-summary:
+    type: enum
+    allowed-values:
+      - never
+      - always
+      - on-failure
+
+  add-job-summary-as-pr-comment:
+    type: enum
+    allowed-values:
+      - never
+      - always
+      - on-failure
+
+  # Dependency Graph configuration
+  dependency-graph:
+    type: enum
+    allowed-values:
+      - disabled
+      - generate
+      - generate-and-submit
+      - generate-and-upload
+      - download-and-submit
+
+  dependency-graph-report-dir:
+    type: string
+
+  dependency-graph-continue-on-failure:
+    type: boolean
+
+  dependency-graph-exclude-projects:
+    type: string
+
+  dependency-graph-include-projects:
+    type: string
+
+  dependency-graph-exclude-configurations:
+    type: string
+
+  dependency-graph-include-configurations:
+    type: string
+
+  artifact-retention-days:
+    type: integer
+
+  # Build Scan configuration
+  build-scan-publish:
+    type: boolean
+
+  build-scan-terms-of-use-url:
+    type: enum
+    allowed-values:
+      - https://gradle.com/terms-of-service
+      - https://gradle.com/help/legal-terms-of-use
+
+  build-scan-terms-of-use-agree:
+    type: enum
+    allowed-values:
+      - 'yes'
+
+  develocity-access-key:
+    type: string
+
+  develocity-token-expiry:
+    type: integer
+
+  develocity-injection-enabled:
+    type: boolean
+
+  develocity-url:
+    type: string
+
+  develocity-allow-untrusted-server:
+    type: boolean
+
+  develocity-capture-file-fingerprints:
+    type: boolean
+
+  develocity-enforce-url:
+    type: boolean
+
+  develocity-plugin-version:
+    type: string
+
+  develocity-ccud-plugin-version:
+    type: string
+
+  gradle-plugin-repository-url:
+    type: string
+
+  gradle-plugin-repository-username:
+    type: string
+
+  gradle-plugin-repository-password:
+    type: string
+
+  # Wrapper validation configuration
+  validate-wrappers:
+    type: boolean
+
+  allow-snapshot-wrappers:
+    type: boolean
+
+  # Deprecated action inputs
+  arguments:
+    type: string
+
+  # Experimental action inputs
+  gradle-home-cache-strict-match:
+    type: boolean
+
+  # Internal action inputs
+  workflow-job-context:
+    type: string
+
+  github-token:
+    type: string
+
+outputs:
+  build-scan-url:
+    type: string
+
+  dependency-graph-file:
+    type: string
+
+  gradle-version:
+    type: string
@@ -0,0 +1,26 @@
+{
+  "name": "gradle-actions-legacy-caching",
+  "version": "1.0.0",
+  "private": true,
+  "type": "module",
+  "main": "./dist/index.js",
+  "scripts": {
+    "postinstall": "patch-package",
+    "build": "esbuild src/index.ts --bundle --platform=node --target=node24 --format=esm --banner:js=\"import {createRequire} from 'module';const require=createRequire(import.meta.url);\" --outfile=dist/index.js --sourcemap --minify"
+  },
+  "dependencies": {
+    "@actions/cache": "4.0.5",
+    "@actions/core": "3.0.0",
+    "@actions/exec": "3.0.0",
+    "@actions/github": "9.0.0",
+    "@actions/glob": "0.6.1",
+    "@actions/http-client": "4.0.0",
+    "@actions/tool-cache": "4.0.0",
+    "semver": "7.7.4",
+    "which": "6.0.1"
+  },
+  "devDependencies": {
+    "esbuild": "0.27.4",
+    "patch-package": "8.0.0"
+  }
+}
@@ -0,0 +1,52 @@
+import {versionIsAtLeast} from './gradle-utils'
+
+/**
+ * Mirrors the BuildResult interface from the main package.
+ */
+export interface BuildResult {
+    get rootProjectName(): string
+    get rootProjectDir(): string
+    get requestedTasks(): string
+    get gradleVersion(): string
+    get gradleHomeDir(): string
+    get buildFailed(): boolean
+    get configCacheHit(): boolean
+    get buildScanUri(): string
+    get buildScanFailed(): boolean
+}
+
+/**
+ * Wraps BuildResult[] to provide the helper methods expected by the old caching code.
+ */
+export class BuildResults {
+    results: BuildResult[]
+
+    constructor(results: BuildResult[]) {
+        this.results = results
+    }
+
+    anyFailed(): boolean {
+        return this.results.some(result => result.buildFailed)
+    }
+
+    anyConfigCacheHit(): boolean {
+        return this.results.some(result => result.configCacheHit)
+    }
+
+    uniqueGradleHomes(): string[] {
+        const allHomes = this.results.map(buildResult => buildResult.gradleHomeDir)
+        return Array.from(new Set(allHomes))
+    }
+
+    highestGradleVersion(): string | null {
+        if (this.results.length === 0) {
+            return null
+        }
+        return this.results
+            .map(result => result.gradleVersion)
+            .reduce((maxVersion: string, currentVersion: string) => {
+                if (!maxVersion) return currentVersion
+                return versionIsAtLeast(currentVersion, maxVersion) ? currentVersion : maxVersion
+            })
+    }
+}
@@ -3,10 +3,10 @@ import * as exec from '@actions/exec'

 import fs from 'fs'
 import path from 'path'
-import * as provisioner from '../execution/provision'
-import {BuildResult, BuildResults} from '../build-results'
-import {versionIsAtLeast} from '../execution/gradle'
-import {gradleWrapperScript} from '../execution/gradlew'
+import {BuildResults} from './build-results-adapter'
+import {versionIsAtLeast, provisionGradleWithVersionAtLeast} from './gradle-utils'
+
+const MINIMUM_CLEANUP_GRADLE_VERSION = '8.11'

 export class CacheCleaner {
    private readonly gradleUserHome: string
@@ -36,35 +36,12 @@ export class CacheCleaner {
     * This will avoid the need to provision a Gradle version for the cleanup when not necessary.
     */
    private async gradleExecutableForCleanup(buildResults: BuildResults): Promise<string> {
-        const preferredVersion = buildResults.highestGradleVersion()
-        if (preferredVersion && versionIsAtLeast(preferredVersion, '8.11')) {
-            try {
-                const wrapperScripts = buildResults.results
-                    .map(result => this.findGradleWrapperScript(result))
-                    .filter(Boolean) as string[]
-
-                return await provisioner.provisionGradleWithVersionAtLeast(preferredVersion, wrapperScripts)
-            } catch (_) {
-                // Ignore the case where the preferred version cannot be located in https://services.gradle.org/versions/all.
-                // This can happen for snapshot Gradle versions.
-                core.info(
-                    `Failed to provision Gradle ${preferredVersion} for cache cleanup. Falling back to default version.`
-                )
-            }
-        }
-
-        // Fallback to the minimum version required for cache-cleanup
-        return await provisioner.provisionGradleWithVersionAtLeast('8.11')
-    }
-
-    private findGradleWrapperScript(result: BuildResult): string | null {
-        try {
-            const wrapperScript = gradleWrapperScript(result.rootProjectDir)
-            return path.resolve(result.rootProjectDir, wrapperScript)
-        } catch (error) {
-            core.debug(`No Gradle Wrapper found for ${result.rootProjectName}: ${error}`)
-            return null
-        }
+        const highestVersion = buildResults.highestGradleVersion()
+        const version =
+            highestVersion && versionIsAtLeast(highestVersion, MINIMUM_CLEANUP_GRADLE_VERSION)
+                ? highestVersion
+                : MINIMUM_CLEANUP_GRADLE_VERSION
+        return await provisionGradleWithVersionAtLeast(version)
    }

    // Visible for testing
@@ -0,0 +1,86 @@
+import * as core from '@actions/core'
+
+export const ACTION_METADATA_DIR = '.setup-gradle'
+
+/**
+ * Represents the cache options passed from the main action.
+ * This mirrors the CacheOptions interface from the main package.
+ */
+export interface CacheOptions {
+    disabled: boolean
+    readOnly: boolean
+    writeOnly: boolean
+    overwriteExisting: boolean
+    strictMatch: boolean
+    cleanup: string
+    encryptionKey?: string
+    includes: string[]
+    excludes: string[]
+}
+
+/**
+ * Adapts the CacheOptions interface to the old CacheConfig method-based API
+ * expected by the recovered caching code.
+ */
+export class CacheConfig {
+    private readonly options: CacheOptions
+
+    constructor(options: CacheOptions) {
+        this.options = options
+    }
+
+    isCacheDisabled(): boolean {
+        return this.options.disabled
+    }
+
+    isCacheReadOnly(): boolean {
+        return this.options.readOnly
+    }
+
+    isCacheWriteOnly(): boolean {
+        return this.options.writeOnly
+    }
+
+    isCacheOverwriteExisting(): boolean {
+        return this.options.overwriteExisting
+    }
+
+    isCacheStrictMatch(): boolean {
+        return this.options.strictMatch
+    }
+
+    isCacheCleanupEnabled(): boolean {
+        return this.options.cleanup !== 'never'
+    }
+
+    shouldPerformCacheCleanup(hasFailure: boolean): boolean {
+        const cleanup = this.options.cleanup
+        if (cleanup === 'always') {
+            return true
+        }
+        if (cleanup === 'on-success') {
+            return !hasFailure
+        }
+        return false
+    }
+
+    getCacheCleanupOption(): string {
+        return this.options.cleanup
+    }
+
+    getCacheEncryptionKey(): string | undefined {
+        return this.options.encryptionKey
+    }
+
+    getCacheIncludes(): string[] {
+        return [...this.options.includes]
+    }
+
+    getCacheExcludes(): string[] {
+        return [...this.options.excludes]
+    }
+}
+
+export function getJobMatrix(): string {
+    return core.getInput('workflow-job-context')
+}
@@ -1,6 +1,6 @@
 import * as github from '@actions/github'

-import {CacheConfig, getJobMatrix} from '../configuration'
+import {CacheConfig, getJobMatrix} from './cache-config-adapter'
 import {hashStrings} from './cache-utils'

 const CACHE_PROTOCOL_VERSION = 'v1'
@@ -7,9 +7,9 @@ import {
 } from './cache-reporting'
 import {GradleUserHomeCache} from './gradle-user-home-cache'
 import {CacheCleaner} from './cache-cleaner'
-import {DaemonController} from '../daemon-controller'
-import {CacheConfig} from '../configuration'
-import {BuildResults} from '../build-results'
+import {DaemonController} from './daemon-controller'
+import {CacheConfig} from './cache-config-adapter'
+import {BuildResults} from './build-results-adapter'

 const CACHE_RESTORED_VAR = 'GRADLE_BUILD_ACTION_CACHE_RESTORED'

@@ -2,10 +2,10 @@ import * as core from '@actions/core'
 import * as exec from '@actions/exec'
 import * as fs from 'fs'
 import * as path from 'path'
-import {BuildResults} from './build-results'
+import {BuildResults} from './build-results-adapter'

 export class DaemonController {
-    private readonly gradleHomes
+    private readonly gradleHomes: string[]

    constructor(buildResults: BuildResults) {
        this.gradleHomes = buildResults.uniqueGradleHomes()
@@ -6,10 +6,8 @@ import * as glob from '@actions/glob'
 import {CacheEntryListener, CacheListener} from './cache-reporting'
 import {cacheDebug, hashFileNames, isCacheDebuggingEnabled, restoreCache, saveCache, tryDelete} from './cache-utils'

-import {BuildResult, loadBuildResults} from '../build-results'
-import {CacheConfig, ACTION_METADATA_DIR} from '../configuration'
+import {CacheConfig, ACTION_METADATA_DIR} from './cache-config-adapter'
 import {getCacheKeyBase} from './cache-key'
-import {versionIsAtLeast} from '../execution/gradle'

 const SKIP_RESTORE_VAR = 'GRADLE_BUILD_ACTION_SKIP_RESTORE'
 const CACHE_PROTOCOL_VERSION = 'v1'
@@ -65,15 +63,6 @@ class ExtractedCacheEntryDefinition {
        this.uniqueFileNames = false
        return this
    }
-
-    /**
-     * Specify that the cache entry, should not be saved for some reason, even though the contents exist.
-     * This is used to prevent configuration-cache entries being cached when they were generated by Gradle < 8.6,
-     */
-    notCacheableBecause(reason: string): ExtractedCacheEntryDefinition {
-        this.notCacheableReason = reason
-        return this
-    }
 }

 /**
@@ -362,106 +351,3 @@ export class GradleHomeEntryExtractor extends AbstractEntryExtractor {
        ]
    }
 }
-
-export class ConfigurationCacheEntryExtractor extends AbstractEntryExtractor {
-    constructor(gradleUserHome: string, cacheConfig: CacheConfig) {
-        super(gradleUserHome, 'configuration-cache', cacheConfig)
-    }
-
-    /**
-     * Handle the case where Gradle User Home has not been fully restored, so that the configuration-cache
-     * entry is not reusable.
-     */
-    async restore(listener: CacheListener): Promise<void> {
-        if (!listener.fullyRestored) {
-            this.markNotRestored(listener, 'Gradle User Home was not fully restored')
-            return
-        }
-
-        if (!this.cacheConfig.getCacheEncryptionKey()) {
-            this.markNotRestored(listener, 'Encryption Key was not provided')
-            return
-        }
-
-        return await super.restore(listener)
-    }
-
-    private markNotRestored(listener: CacheListener, reason: string): void {
-        const cacheEntries = this.loadExtractedCacheEntries()
-        if (cacheEntries.length > 0) {
-            core.info(`Not restoring configuration-cache state, as ${reason}`)
-            for (const cacheEntry of cacheEntries) {
-                listener.entry(cacheEntry.pattern).markNotRestored(reason)
-            }
-
-            // Update the results file based on no entries restored
-            this.saveMetadataForCacheResults([])
-        }
-    }
-
-    async extract(listener: CacheListener): Promise<void> {
-        if (!this.cacheConfig.getCacheEncryptionKey()) {
-            const cacheEntryDefinitions = this.getExtractedCacheEntryDefinitions()
-            if (cacheEntryDefinitions.length > 0) {
-                core.info('Not saving configuration-cache state, as no encryption key was provided')
-                for (const cacheEntry of cacheEntryDefinitions) {
-                    listener.entry(cacheEntry.pattern).markNotSaved('No encryption key provided')
-                }
-            }
-            return
-        }
-
-        await super.extract(listener)
-    }
-
-    /**
-     * Extract cache entries for the configuration cache in each project.
-     */
-    protected getExtractedCacheEntryDefinitions(): ExtractedCacheEntryDefinition[] {
-        // Group BuildResult by existing configCacheDir
-        const groupedResults = this.getConfigCacheDirectoriesWithAssociatedBuildResults()
-
-        return Object.entries(groupedResults).map(([configCachePath, pathResults]) => {
-            // Create a entry definition for each unique configuration cache directory
-            const definition = new ExtractedCacheEntryDefinition(
-                'configuration-cache',
-                configCachePath,
-                true
-            ).withNonUniqueFileNames()
-
-            // If any associated build result used Gradle < 8.6, then mark it as not cacheable
-            if (
-                pathResults.find(result => {
-                    return !versionIsAtLeast(result.gradleVersion, '8.6.0')
-                })
-            ) {
-                core.info(
-                    `Not saving config-cache data for ${configCachePath}. Configuration cache data is only saved for Gradle 8.6+`
-                )
-                definition.notCacheableBecause('Configuration cache data only saved for Gradle 8.6+')
-            }
-            return definition
-        })
-    }
-
-    private getConfigCacheDirectoriesWithAssociatedBuildResults(): Record<string, BuildResult[]> {
-        return loadBuildResults().results.reduce(
-            (acc, buildResult) => {
-                // For each build result, find the config-cache dir
-                const configCachePath = path.resolve(buildResult.rootProjectDir, '.gradle/configuration-cache')
-                // Ignore case where config-cache dir doesn't exist
-                if (!fs.existsSync(configCachePath)) {
-                    return acc
-                }
-
-                // Group by unique config cache directories and collect associated build results
-                if (!acc[configCachePath]) {
-                    acc[configCachePath] = []
-                }
-                acc[configCachePath].push(buildResult)
-                return acc
-            },
-            {} as Record<string, BuildResult[]>
-        )
-    }
-}
@@ -7,9 +7,8 @@ import fs from 'fs'
 import {generateCacheKey} from './cache-key'
 import {CacheListener} from './cache-reporting'
 import {saveCache, restoreCache, cacheDebug, isCacheDebuggingEnabled, tryDelete} from './cache-utils'
-import {CacheConfig, ACTION_METADATA_DIR} from '../configuration'
-import {GradleHomeEntryExtractor, ConfigurationCacheEntryExtractor} from './gradle-home-extry-extractor'
-import {getPredefinedToolchains, mergeToolchainContent, readResourceFileAsString} from './gradle-user-home-utils'
+import {CacheConfig, ACTION_METADATA_DIR} from './cache-config-adapter'
+import {GradleHomeEntryExtractor} from './gradle-home-extry-extractor'

 const RESTORED_CACHE_KEY_KEY = 'restored-cache-key'

@@ -82,7 +81,6 @@ export class GradleUserHomeCache {
    async afterRestore(listener: CacheListener): Promise<void> {
        await this.debugReportGradleUserHomeSize('as restored from cache')
        await new GradleHomeEntryExtractor(this.gradleUserHome, this.cacheConfig).restore(listener)
-        await new ConfigurationCacheEntryExtractor(this.gradleUserHome, this.cacheConfig).restore(listener)
        await this.deleteExcludedPaths()
        await this.debugReportGradleUserHomeSize('after restoring common artifacts')
    }
@@ -130,10 +128,7 @@ export class GradleUserHomeCache {
    async beforeSave(listener: CacheListener): Promise<void> {
        await this.debugReportGradleUserHomeSize('before saving common artifacts')
        await this.deleteExcludedPaths()
-        await Promise.all([
-            new GradleHomeEntryExtractor(this.gradleUserHome, this.cacheConfig).extract(listener),
-            new ConfigurationCacheEntryExtractor(this.gradleUserHome, this.cacheConfig).extract(listener)
-        ])
+        await new GradleHomeEntryExtractor(this.gradleUserHome, this.cacheConfig).extract(listener)
        await this.debugReportGradleUserHomeSize(
            "after extracting common artifacts (only 'caches' and 'notifications' will be stored)"
        )
@@ -181,78 +176,15 @@ export class GradleUserHomeCache {
        return path.resolve(this.gradleUserHome, rawPath)
    }

+    /**
+     * Initialize the Gradle User Home directory for caching.
+     * Note: init scripts, toolchain registration, and debug log level are handled by
+     * initializeGradleUserHome() in the main package before cacheService.restore() is called.
+     */
    private initializeGradleUserHome(): void {
        // Create a directory for storing action metadata
        const actionCacheDir = path.resolve(this.gradleUserHome, ACTION_METADATA_DIR)
        fs.mkdirSync(actionCacheDir, {recursive: true})
-
-        this.copyInitScripts()
-
-        // Copy the default toolchain definitions to `~/.m2/toolchains.xml`
-        this.registerToolchains()
-
-        if (core.isDebug()) {
-            this.configureInfoLogLevel()
-        }
-    }
-
-    private copyInitScripts(): void {
-        // Copy init scripts from src/resources to Gradle UserHome
-        const initScriptsDir = path.resolve(this.gradleUserHome, 'init.d')
-        fs.mkdirSync(initScriptsDir, {recursive: true})
-        const initScriptFilenames = [
-            'gradle-actions.build-result-capture.init.gradle',
-            'gradle-actions.build-result-capture-service.plugin.groovy',
-            'gradle-actions.github-dependency-graph.init.gradle',
-            'gradle-actions.github-dependency-graph-gradle-plugin-apply.groovy',
-            'gradle-actions.inject-develocity.init.gradle'
-        ]
-        for (const initScriptFilename of initScriptFilenames) {
-            const initScriptContent = readResourceFileAsString('init-scripts', initScriptFilename)
-            const initScriptPath = path.resolve(initScriptsDir, initScriptFilename)
-            fs.writeFileSync(initScriptPath, initScriptContent)
-        }
-    }
-
-    private registerToolchains(): void {
-        const preInstalledToolchains: string | null = getPredefinedToolchains()
-        if (preInstalledToolchains == null) return
-
-        const m2dir = path.resolve(this.userHome, '.m2')
-        const toolchainXmlTarget = path.resolve(m2dir, 'toolchains.xml')
-        if (!fs.existsSync(toolchainXmlTarget)) {
-            // Write a new toolchains.xml file if it doesn't exist
-            fs.mkdirSync(m2dir, {recursive: true})
-            fs.writeFileSync(toolchainXmlTarget, preInstalledToolchains)
-
-            core.info(`Wrote default JDK locations to ${toolchainXmlTarget}`)
-        } else {
-            // Merge into an existing toolchains.xml file
-            const existingToolchainContent = fs.readFileSync(toolchainXmlTarget, 'utf8')
-            const mergedContent = mergeToolchainContent(existingToolchainContent, preInstalledToolchains)
-
-            fs.writeFileSync(toolchainXmlTarget, mergedContent)
-            core.info(`Merged default JDK locations into ${toolchainXmlTarget}`)
-        }
-    }
-
-    /**
-     * When the GitHub environment ACTIONS_RUNNER_DEBUG is true, run Gradle with --info and --stacktrace.
-     * see https://docs.github.com/en/actions/monitoring-and-troubleshooting-workflows/enabling-debug-logging
-     *
-     * @VisibleForTesting
-     */
-    configureInfoLogLevel(): void {
-        const infoProperties = `org.gradle.logging.level=info\norg.gradle.logging.stacktrace=all\n`
-        const propertiesFile = path.resolve(this.gradleUserHome, 'gradle.properties')
-        if (fs.existsSync(propertiesFile)) {
-            core.info(`Merged --info and --stacktrace into existing ${propertiesFile} file`)
-            const existingProperties = fs.readFileSync(propertiesFile, 'utf-8')
-            fs.writeFileSync(propertiesFile, `${infoProperties}\n${existingProperties}`)
-        } else {
-            core.info(`Created a new ${propertiesFile} with --info and --stacktrace`)
-            fs.writeFileSync(propertiesFile, infoProperties)
-        }
    }

    /**
@@ -0,0 +1,163 @@
+import * as core from '@actions/core'
+import * as path from 'path'
+import * as fs from 'fs'
+import * as os from 'os'
+import * as semver from 'semver'
+import * as httpm from '@actions/http-client'
+import * as toolCache from '@actions/tool-cache'
+
+import which from 'which'
+
+const IS_WINDOWS = process.platform === 'win32'
+const gradleVersionsBaseUrl = 'https://services.gradle.org/versions'
+
+class GradleVersion {
+    static PATTERN = /((\d+)(\.\d+)+)(-([a-z]+)-(\w+))?(-(SNAPSHOT|\d{14}([-+]\d{4})?))?/
+
+    versionPart: string
+    stagePart: string
+    snapshotPart: string
+
+    constructor(readonly version: string) {
+        const matcher = GradleVersion.PATTERN.exec(version)
+        if (!matcher) {
+            throw new Error(`'${version}' is not a valid Gradle version string (examples: '1.0', '1.0-rc-1')`)
+        }
+
+        this.versionPart = matcher[1]
+        this.stagePart = matcher[4]
+        this.snapshotPart = matcher[7]
+    }
+}
+
+export function versionIsAtLeast(actualVersion: string, requiredVersion: string): boolean {
+    if (actualVersion === requiredVersion) {
+        return true
+    }
+
+    const actual = new GradleVersion(actualVersion)
+    const required = new GradleVersion(requiredVersion)
+
+    const actualSemver = semver.coerce(actual.versionPart)!
+    const comparisonSemver = semver.coerce(required.versionPart)!
+
+    if (semver.gt(actualSemver, comparisonSemver)) {
+        return true
+    }
+    if (semver.lt(actualSemver, comparisonSemver)) {
+        return false
+    }
+
+    if (actual.snapshotPart || required.snapshotPart) {
+        if (actual.snapshotPart && !required.snapshotPart && !required.stagePart) {
+            return false
+        }
+        if (required.snapshotPart && !actual.snapshotPart && !actual.stagePart) {
+            return true
+        }
+        return false
+    }
+
+    if (actual.stagePart) {
+        if (required.stagePart) {
+            return actual.stagePart >= required.stagePart
+        }
+        return false
+    }
+
+    return true
+}
+
+function installScriptFilename(): string {
+    return IS_WINDOWS ? 'gradle.bat' : 'gradle'
+}
+
+async function findGradleExecutableOnPath(): Promise<string | null> {
+    return await which('gradle', {nothrow: true})
+}
+
+async function determineGradleVersion(gradleExecutable: string): Promise<string | undefined> {
+    const {exec} = await import('@actions/exec')
+    const output = await (await import('@actions/exec')).getExecOutput(gradleExecutable, ['-v'], {silent: true})
+    const regex = /Gradle (\d+\.\d+(\.\d+)?(-.*)?)/
+    return output.stdout.match(regex)?.[1]
+}
+
+interface GradleVersionInfo {
+    version: string
+    downloadUrl: string
+}
+
+/**
+ * Find (or install) a Gradle executable that meets the specified version requirement.
+ * Checks Gradle on PATH and any candidates first, then downloads if needed.
+ */
+export async function provisionGradleWithVersionAtLeast(
+    minimumVersion: string,
+    candidates: string[] = []
+): Promise<string> {
+    const gradleOnPath = await findGradleExecutableOnPath()
+    const allCandidates = gradleOnPath ? [gradleOnPath, ...candidates] : candidates
+
+    return core.group(`Provision Gradle >= ${minimumVersion}`, async () => {
+        for (const candidate of allCandidates) {
+            const candidateVersion = await determineGradleVersion(candidate)
+            if (candidateVersion && versionIsAtLeast(candidateVersion, minimumVersion)) {
+                core.info(
+                    `Gradle version ${candidateVersion} is available at ${candidate} and >= ${minimumVersion}. Not installing.`
+                )
+                return candidate
+            }
+        }
+
+        return locateGradleAndDownloadIfRequired(await gradleRelease(minimumVersion))
+    })
+}
+
+async function gradleRelease(version: string): Promise<GradleVersionInfo> {
+    const allVersions: GradleVersionInfo[] = JSON.parse(
+        await httpGetString(`${gradleVersionsBaseUrl}/all`)
+    )
+    const versionInfo = allVersions.find(entry => entry.version === version)
+    if (!versionInfo) {
+        throw new Error(`Gradle version ${version} does not exist`)
+    }
+    return versionInfo
+}
+
+async function locateGradleAndDownloadIfRequired(versionInfo: GradleVersionInfo): Promise<string> {
+    const installsDir = path.join(getProvisionDir(), 'installs')
+    const installDir = path.join(installsDir, `gradle-${versionInfo.version}`)
+    if (fs.existsSync(installDir)) {
+        core.info(`Gradle installation already exists at ${installDir}`)
+        return executableFrom(installDir)
+    }
+
+    const downloadPath = path.join(getProvisionDir(), `downloads/gradle-${versionInfo.version}-bin.zip`)
+    await toolCache.downloadTool(versionInfo.downloadUrl, downloadPath)
+    core.info(`Downloaded ${versionInfo.downloadUrl} to ${downloadPath} (size ${fs.statSync(downloadPath).size})`)
+
+    await toolCache.extractZip(downloadPath, installsDir)
+    core.info(`Extracted Gradle ${versionInfo.version} to ${installDir}`)
+
+    const executable = executableFrom(installDir)
+    fs.chmodSync(executable, '755')
+    core.info(`Provisioned Gradle executable ${executable}`)
+
+    return executable
+}
+
+function getProvisionDir(): string {
+    const tmpDir = process.env['RUNNER_TEMP'] ?? os.tmpdir()
+    return path.join(tmpDir, '.gradle-actions/gradle-installations')
+}
+
+function executableFrom(installDir: string): string {
+    return path.join(installDir, 'bin', installScriptFilename())
+}
+
+async function httpGetString(url: string): Promise<string> {
+    const httpClient = new httpm.HttpClient('gradle/actions')
+    const response = await httpClient.get(url)
+    return response.readBody()
+}
@@ -0,0 +1,41 @@
+import * as core from '@actions/core'
+import * as os from 'os'
+
+import {CacheConfig, CacheOptions} from './cache-config-adapter'
+import {BuildResult, BuildResults} from './build-results-adapter'
+import {CacheListener, generateCachingReport} from './cache-reporting'
+import {DaemonController} from './daemon-controller'
+import * as caches from './caches'
+
+const CACHE_LISTENER_STATE_KEY = 'legacy-cache-listener'
+
+export async function restore(gradleUserHome: string, cacheOptions: CacheOptions): Promise<void> {
+    const userHome = os.homedir()
+    const cacheListener = new CacheListener()
+    const cacheConfig = new CacheConfig(cacheOptions)
+
+    await caches.restore(userHome, gradleUserHome, cacheListener, cacheConfig)
+
+    // Persist the listener so it can be rehydrated in save()
+    core.saveState(CACHE_LISTENER_STATE_KEY, cacheListener.stringify())
+}
+
+export async function save(
+    gradleUserHome: string,
+    buildResults: BuildResult[],
+    cacheOptions: CacheOptions
+): Promise<string> {
+    const userHome = os.homedir()
+    const cacheConfig = new CacheConfig(cacheOptions)
+
+    // Rehydrate the listener from the restore phase
+    const listenerState = core.getState(CACHE_LISTENER_STATE_KEY)
+    const cacheListener = CacheListener.rehydrate(listenerState)
+
+    const buildResultsWrapper = new BuildResults(buildResults)
+    const daemonController = new DaemonController(buildResultsWrapper)
+
+    await caches.save(userHome, gradleUserHome, cacheListener, daemonController, buildResultsWrapper, cacheConfig)
+
+    return generateCachingReport(cacheListener)
+}
@@ -0,0 +1,15 @@
+{
+  "compilerOptions": {
+    "target": "ES2022",
+    "module": "Node16",
+    "moduleResolution": "Node16",
+    "strict": true,
+    "esModuleInterop": true,
+    "skipLibCheck": true,
+    "outDir": "./dist",
+    "rootDir": "./src",
+    "declaration": false,
+    "sourceMap": true
+  },
+  "include": ["src/**/*.ts"]
+}
@@ -5,7 +5,6 @@
  "type": "module",
  "description": "Execute Gradle Build",
  "scripts": {
-    "postinstall": "patch-package",
    "prettier-write": "prettier --write 'src/**/*.ts'",
    "prettier-check": "prettier --check 'src/**/*.ts'",
    "lint": "eslint 'src/**/*.ts'",
@@ -37,7 +36,7 @@
  },
  "dependencies": {
    "@actions/artifact": "6.1.0",
-    "@actions/cache": "4.0.5",
+    "@actions/cache": "6.0.0",
    "@actions/core": "3.0.0",
    "@actions/exec": "3.0.0",
    "@actions/github": "9.0.0",
@@ -52,21 +51,20 @@
    "which": "6.0.1"
  },
  "devDependencies": {
-    "@jest/globals": "30.2.0",
+    "@jest/globals": "30.3.0",
    "@types/jest": "30.0.0",
-    "@types/node": "25.3.0",
+    "@types/node": "25.5.0",
    "@types/semver": "7.7.1",
    "@types/unzipper": "0.10.11",
    "@types/which": "3.0.4",
-    "@typescript-eslint/eslint-plugin": "8.56.1",
-    "dedent": "1.7.1",
-    "esbuild": "0.27.3",
-    "eslint": "10.0.1",
-    "globals": "17.3.0",
-    "jest": "30.2.0",
+    "@typescript-eslint/eslint-plugin": "8.57.2",
+    "dedent": "1.7.2",
+    "esbuild": "0.27.4",
+    "eslint": "10.1.0",
+    "globals": "17.4.0",
+    "jest": "30.3.0",
    "nock": "15.0.0",
    "npm-run-all": "4.1.5",
-    "patch-package": "8.0.1",
    "prettier": "3.8.1",
    "ts-jest": "29.4.6",
    "typescript": "5.9.3"
@@ -5,7 +5,7 @@ import * as dependencyGraph from '../../dependency-graph'

 import {parseArgsStringToArgv} from 'string-argv'
 import {
-    BuildScanConfig,
+    DevelocityConfig,
    CacheConfig,
    DependencyGraphConfig,
    DependencyGraphOption,
@@ -15,6 +15,7 @@ import {
 } from '../../configuration'
 import {saveDeprecationState} from '../../deprecation-collector'
 import {handleMainActionError} from '../../errors'
+import {forceExit} from '../../force-exit'

 /**
 * The main entry point for the action, called by Github Actions for the step.
@@ -24,7 +25,7 @@ export async function run(): Promise<void> {
        setActionId('gradle/actions/dependency-submission')

        // Configure Gradle environment (Gradle User Home)
-        await setupGradle.setup(new CacheConfig(), new BuildScanConfig(), new WrapperValidationConfig())
+        await setupGradle.setup(new CacheConfig(), new DevelocityConfig(), new WrapperValidationConfig())

        // Capture the enabled state of dependency-graph
        const originallyEnabled = process.env['GITHUB_DEPENDENCY_GRAPH_ENABLED']
@@ -67,7 +68,7 @@ export async function run(): Promise<void> {
    }

    // Explicit process.exit() to prevent waiting for hanging promises.
-    process.exit()
+    await forceExit()
 }

 run()
@@ -2,6 +2,7 @@ import * as setupGradle from '../../setup-gradle'

 import {CacheConfig, SummaryConfig} from '../../configuration'
 import {handlePostActionError} from '../../errors'
+import {forceExit} from '../../force-exit'

 // Catch and log any unhandled exceptions.  These exceptions can leak out of the uploadChunk method in
 // @actions/toolkit when a failed upload closes the file descriptor causing any in-process reads to
@@ -19,7 +20,7 @@ export async function run(): Promise<void> {
    }

    // Explicit process.exit() to prevent waiting for promises left hanging by `@actions/cache` on save.
-    process.exit()
+    await forceExit()
 }

 run()
@@ -2,7 +2,7 @@ import * as setupGradle from '../../setup-gradle'
 import * as provisioner from '../../execution/provision'
 import * as dependencyGraph from '../../dependency-graph'
 import {
-    BuildScanConfig,
+    DevelocityConfig,
    CacheConfig,
    DependencyGraphConfig,
    GradleExecutionConfig,
@@ -12,6 +12,7 @@ import {
 } from '../../configuration'
 import {failOnUseOfRemovedFeature, saveDeprecationState} from '../../deprecation-collector'
 import {handleMainActionError} from '../../errors'
+import {forceExit} from '../../force-exit'

 /**
 * The main entry point for the action, called by Github Actions for the step.
@@ -27,7 +28,7 @@ export async function run(): Promise<void> {
        setActionId('gradle/actions/setup-gradle')

        // Configure Gradle environment (Gradle User Home)
-        await setupGradle.setup(new CacheConfig(), new BuildScanConfig(), new WrapperValidationConfig())
+        await setupGradle.setup(new CacheConfig(), new DevelocityConfig(), new WrapperValidationConfig())

        // Configure the dependency graph submission
        await dependencyGraph.setup(new DependencyGraphConfig())
@@ -42,7 +43,7 @@ export async function run(): Promise<void> {
    }

    // Explicit process.exit() to prevent waiting for hanging promises.
-    process.exit()
+    await forceExit()
 }

 run()
@@ -4,6 +4,7 @@ import * as dependencyGraph from '../../dependency-graph'
 import {CacheConfig, DependencyGraphConfig, SummaryConfig} from '../../configuration'
 import {handlePostActionError} from '../../errors'
 import {emitDeprecationWarnings, restoreDeprecationState} from '../../deprecation-collector'
+import {forceExit} from '../../force-exit'

 // Catch and log any unhandled exceptions.  These exceptions can leak out of the uploadChunk method in
 // @actions/toolkit when a failed upload closes the file descriptor causing any in-process reads to
@@ -27,7 +28,7 @@ export async function run(): Promise<void> {
    }

    // Explicit process.exit() to prevent waiting for promises left hanging by `@actions/cache` on save.
-    process.exit()
+    await forceExit()
 }

 run()
@@ -1,6 +1,5 @@
 import * as fs from 'fs'
 import * as path from 'path'
-import {versionIsAtLeast} from './execution/gradle'

 export interface BuildResult {
    get rootProjectName(): string
@@ -14,47 +13,14 @@ export interface BuildResult {
    get buildScanFailed(): boolean
 }

-export class BuildResults {
-    results: BuildResult[]
-
-    constructor(results: BuildResult[]) {
-        this.results = results
-    }
-
-    anyFailed(): boolean {
-        return this.results.some(result => result.buildFailed)
-    }
-
-    anyConfigCacheHit(): boolean {
-        return this.results.some(result => result.configCacheHit)
-    }
-
-    uniqueGradleHomes(): string[] {
-        const allHomes = this.results.map(buildResult => buildResult.gradleHomeDir)
-        return Array.from(new Set(allHomes))
-    }
-
-    highestGradleVersion(): string | null {
-        if (this.results.length === 0) {
-            return null
-        }
-        return this.results
-            .map(result => result.gradleVersion)
-            .reduce((maxVersion: string, currentVersion: string) => {
-                if (!maxVersion) return currentVersion
-                return versionIsAtLeast(currentVersion, maxVersion) ? currentVersion : maxVersion
-            })
-    }
-}
-
-export function loadBuildResults(): BuildResults {
+export function loadBuildResults(): BuildResult[] {
    const results = getUnprocessedResults().map(filePath => {
        const content = fs.readFileSync(filePath, 'utf8')
        const buildResult = JSON.parse(content) as BuildResult
        addScanResults(filePath, buildResult)
        return buildResult
    })
-    return new BuildResults(results)
+    return results
 }

 export function markBuildResultsProcessed(): void {
@@ -0,0 +1,96 @@
+import * as core from '@actions/core'
+import * as fs from 'fs'
+import * as path from 'path'
+import {pathToFileURL} from 'url'
+
+import {CacheConfig} from './configuration'
+import {BuildResult} from './build-results'
+import {CacheOptions, CacheService} from './cache-service'
+
+const NOOP_CACHING_REPORT = `
+[Cache was disabled](https://github.com/gradle/actions/blob/main/docs/setup-gradle.md#disabling-caching). Gradle User Home was not restored from or saved to the cache.
+`
+
+const LEGACY_CACHE_LOG_MESSAGE = 'Using the legacy caching module'
+const VENDORED_CACHE_LOG_MESSAGE = 'Using the `gradle-actions-caching` caching module'
+
+const LEGACY_CACHE_REPORT_NOTICE = `
+> _Using the legacy caching module._
+`
+
+const VENDORED_CACHE_REPORT_NOTICE = `
+> _Using the 'gradle-actions-caching' caching module._
+`
+
+class NoOpCacheService implements CacheService {
+    async restore(_gradleUserHome: string, _cacheOptions: CacheOptions): Promise<void> {
+        return
+    }
+
+    async save(_gradleUserHome: string, _buildResults: BuildResult[], _cacheOptions: CacheOptions): Promise<string> {
+        return NOOP_CACHING_REPORT
+    }
+}
+
+class LoggingCacheService implements CacheService {
+    private delegate: CacheService
+    private logMessage: string
+    private reportNotice: string
+
+    constructor(delegate: CacheService, logMessage: string, reportNotice: string) {
+        this.delegate = delegate
+        this.logMessage = logMessage
+        this.reportNotice = reportNotice
+    }
+
+    async restore(gradleUserHome: string, cacheOptions: CacheOptions): Promise<void> {
+        core.info(this.logMessage)
+        await this.delegate.restore(gradleUserHome, cacheOptions)
+    }
+
+    async save(gradleUserHome: string, buildResults: BuildResult[], cacheOptions: CacheOptions): Promise<string> {
+        const cachingReport = await this.delegate.save(gradleUserHome, buildResults, cacheOptions)
+        return `${cachingReport}\n${this.reportNotice}`
+    }
+}
+
+export async function getCacheService(cacheConfig: CacheConfig): Promise<CacheService> {
+    if (cacheConfig.isCacheDisabled()) {
+        return new NoOpCacheService()
+    }
+
+    if (useVendoredCacheModule() || cacheConfig.isCacheLicenseAccepted()) {
+        const vendoredService = await loadVendoredCacheService()
+        return new LoggingCacheService(vendoredService, VENDORED_CACHE_LOG_MESSAGE, VENDORED_CACHE_REPORT_NOTICE)
+    }
+
+    const legacyService = await loadLegacyCacheService()
+    return new LoggingCacheService(legacyService, LEGACY_CACHE_LOG_MESSAGE, LEGACY_CACHE_REPORT_NOTICE)
+}
+
+function useVendoredCacheModule(): boolean {
+    return process.env['GRADLE_ACTIONS_CACHE_USE_VENDORED'] === 'true'
+}
+
+export async function loadVendoredCacheService(): Promise<CacheService> {
+    const vendoredLibraryPath = findLibraryPath('sources/vendor/gradle-actions-caching/index.js')
+    const moduleUrl = pathToFileURL(vendoredLibraryPath).href
+    return (await import(moduleUrl)) as CacheService
+}
+
+export async function loadLegacyCacheService(): Promise<CacheService> {
+    const legacyLibraryPath = findLibraryPath('dist/legacy-caching/index.js')
+    const moduleUrl = pathToFileURL(legacyLibraryPath).href
+    return (await import(moduleUrl)) as CacheService
+}
+
+function findLibraryPath(relativePath: string): string {
+    const moduleDir = import.meta.dirname
+    const absolutePath = path.resolve(moduleDir, '../../..', relativePath)
+
+    if (fs.existsSync(absolutePath)) {
+        return absolutePath
+    }
+
+    throw new Error(`Unable to locate cache library at ${absolutePath}.`)
+}
@@ -0,0 +1,18 @@
+import {BuildResult} from './build-results'
+
+export interface CacheOptions {
+    disabled: boolean
+    readOnly: boolean
+    writeOnly: boolean
+    overwriteExisting: boolean
+    strictMatch: boolean
+    cleanup: string
+    encryptionKey?: string
+    includes: string[]
+    excludes: string[]
+}
+
+export interface CacheService {
+    restore(gradleUserHome: string, cacheOptions: CacheOptions): Promise<void>
+    save(gradleUserHome: string, buildResults: BuildResult[], cacheOptions: CacheOptions): Promise<string>
+}
@@ -1,54 +0,0 @@
-import path from 'path'
-import fs from 'fs'
-import {fileURLToPath} from 'url'
-
-export function readResourceFileAsString(...paths: string[]): string {
-    // Resolving relative to __dirname will allow node to find the resource at runtime
-    const moduleDir = path.dirname(fileURLToPath(import.meta.url))
-    const absolutePath = path.resolve(moduleDir, '..', '..', '..', 'sources', 'src', 'resources', ...paths)
-    return fs.readFileSync(absolutePath, 'utf8')
-}
-
-/**
- * Iterate over all `JAVA_HOME_{version}_{arch}` envs and construct the toolchain.xml.
- *
- * @VisibleForTesting
- */
-export function getPredefinedToolchains(): string | null {
-    // Get the version and path for each JAVA_HOME env var
-    const javaHomeEnvs = Object.entries(process.env)
-        .filter(([key]) => key.startsWith('JAVA_HOME_') && process.env[key])
-        .map(([key, value]) => ({
-            jdkVersion: key.match(/JAVA_HOME_(\d+)_/)?.[1] ?? null,
-            jdkPath: value as string
-        }))
-        .filter(env => env.jdkVersion !== null)
-
-    if (javaHomeEnvs.length === 0) {
-        return null
-    }
-
-    // language=XML
-    return `<?xml version="1.0" encoding="UTF-8"?>
-<toolchains>
-<!-- JDK Toolchains installed by default on GitHub-hosted runners -->
-${javaHomeEnvs
-    .map(
-        ({jdkVersion, jdkPath}) => `  <toolchain>
-    <type>jdk</type>
-    <provides>
-      <version>${jdkVersion}</version>
-    </provides>
-    <configuration>
-      <jdkHome>${jdkPath}</jdkHome>
-    </configuration>
-  </toolchain>`
-    )
-    .join('\n')}
-</toolchains>\n`
-}
-
-export function mergeToolchainContent(existingToolchainContent: string, preInstalledToolchains: string): string {
-    const appendedContent = preInstalledToolchains.split('<toolchains>').pop()!
-    return existingToolchainContent.replace('</toolchains>', appendedContent)
-}
@@ -132,42 +132,23 @@ export class CacheConfig {
        return getBooleanInput('gradle-home-cache-strict-match')
    }

-    isCacheCleanupEnabled(): boolean {
-        if (this.isCacheReadOnly()) {
-            return false
-        }
-        const cleanupOption = this.getCacheCleanupOption()
-        return cleanupOption === CacheCleanupOption.Always || cleanupOption === CacheCleanupOption.OnSuccess
-    }
-
-    shouldPerformCacheCleanup(hasFailure: boolean): boolean {
-        const cleanupOption = this.getCacheCleanupOption()
-        if (cleanupOption === CacheCleanupOption.Always) {
-            return true
-        }
-        if (cleanupOption === CacheCleanupOption.OnSuccess) {
-            return !hasFailure
-        }
-        return false
-    }
-
-    private getCacheCleanupOption(): CacheCleanupOption {
+    getCacheCleanupOption(): string {
        const legacyVal = getOptionalBooleanInput('gradle-home-cache-cleanup')
        if (legacyVal !== undefined) {
            deprecator.recordDeprecation(
                'The `gradle-home-cache-cleanup` input parameter has been replaced by `cache-cleanup`'
            )
-            return legacyVal ? CacheCleanupOption.Always : CacheCleanupOption.Never
+            return legacyVal ? CacheCleanupOption.Always.toString() : CacheCleanupOption.Never.toString()
        }

        const val = core.getInput('cache-cleanup')
        switch (val.toLowerCase().trim()) {
            case 'always':
-                return CacheCleanupOption.Always
+                return CacheCleanupOption.Always.toString()
            case 'on-success':
-                return CacheCleanupOption.OnSuccess
+                return CacheCleanupOption.OnSuccess.toString()
            case 'never':
-                return CacheCleanupOption.Never
+                return CacheCleanupOption.Never.toString()
        }
        throw TypeError(
            `The value '${val}' is not valid for cache-cleanup. Valid values are: [never, always, on-success].`
@@ -185,6 +166,11 @@ export class CacheConfig {
    getCacheExcludes(): string[] {
        return core.getMultilineInput('gradle-home-cache-excludes')
    }
+
+    isCacheLicenseAccepted(): boolean {
+        const dvConfig = new DevelocityConfig()
+        return dvConfig.getDevelocityAccessKey() !== '' || dvConfig.hasTermsOfUseAgreement()
+    }
 }

 export enum CacheCleanupOption {
@@ -248,7 +234,7 @@ export enum JobSummaryOption {
    OnFailure = 'on-failure'
 }

-export class BuildScanConfig {
+export class DevelocityConfig {
    static DevelocityAccessKeyEnvVar = 'DEVELOCITY_ACCESS_KEY'
    static GradleEnterpriseAccessKeyEnvVar = 'GRADLE_ENTERPRISE_ACCESS_KEY'

@@ -256,19 +242,19 @@ export class BuildScanConfig {
        return getBooleanInput('build-scan-publish') && this.verifyTermsOfUseAgreement()
    }

-    getBuildScanTermsOfUseUrl(): string {
+    getTermsOfUseUrl(): string {
        return core.getInput('build-scan-terms-of-use-url')
    }

-    getBuildScanTermsOfUseAgree(): string {
+    getTermsOfUseAgree(): string {
        return core.getInput('build-scan-terms-of-use-agree')
    }

    getDevelocityAccessKey(): string {
        return (
            core.getInput('develocity-access-key') ||
-            process.env[BuildScanConfig.DevelocityAccessKeyEnvVar] ||
-            process.env[BuildScanConfig.GradleEnterpriseAccessKeyEnvVar] ||
+            process.env[DevelocityConfig.DevelocityAccessKeyEnvVar] ||
+            process.env[DevelocityConfig.GradleEnterpriseAccessKeyEnvVar] ||
            ''
        )
    }
@@ -309,12 +295,17 @@ export class BuildScanConfig {
        return new PluginRepositoryConfig()
    }

+    hasTermsOfUseAgreement(): boolean {
+        const develocityAccessKeySet = this.getDevelocityAccessKey() !== ''
+        const termsUrlSet =
+            this.getTermsOfUseUrl() === 'https://gradle.com/terms-of-service' ||
+            this.getTermsOfUseUrl() === 'https://gradle.com/help/legal-terms-of-use'
+        const termsAgreed = this.getTermsOfUseAgree() === 'yes'
+        return develocityAccessKeySet || (termsUrlSet && termsAgreed)
+    }
+
    private verifyTermsOfUseAgreement(): boolean {
-        if (
-            (this.getBuildScanTermsOfUseUrl() !== 'https://gradle.com/terms-of-service' &&
-                this.getBuildScanTermsOfUseUrl() !== 'https://gradle.com/help/legal-terms-of-use') ||
-            this.getBuildScanTermsOfUseAgree() !== 'yes'
-        ) {
+        if (!this.hasTermsOfUseAgreement()) {
            core.warning(
                `Terms of use at 'https://gradle.com/help/legal-terms-of-use' must be agreed in order to publish build scans.`
            )
@@ -1,8 +1,8 @@
 import * as core from '@actions/core'
-import {BuildScanConfig} from '../configuration'
+import {DevelocityConfig} from '../configuration'
 import {setupToken} from './short-lived-token'

-export async function setup(config: BuildScanConfig): Promise<void> {
+export async function setup(config: DevelocityConfig): Promise<void> {
    maybeExportVariable('DEVELOCITY_INJECTION_INIT_SCRIPT_NAME', 'gradle-actions.inject-develocity.init.gradle')
    maybeExportVariable('DEVELOCITY_INJECTION_CUSTOM_VALUE', 'gradle-actions')

@@ -34,10 +34,10 @@ export async function setup(config: BuildScanConfig): Promise<void> {
    // except if they are defined in the configuration
    if (config.getBuildScanPublishEnabled()) {
        maybeExportVariable('DEVELOCITY_INJECTION_ENABLED', 'true')
-        maybeExportVariable('DEVELOCITY_INJECTION_DEVELOCITY_PLUGIN_VERSION', '4.3.2')
+        maybeExportVariable('DEVELOCITY_INJECTION_DEVELOCITY_PLUGIN_VERSION', '4.4.0')
        maybeExportVariable('DEVELOCITY_INJECTION_CCUD_PLUGIN_VERSION', '2.1')
-        maybeExportVariable('DEVELOCITY_INJECTION_TERMS_OF_USE_URL', config.getBuildScanTermsOfUseUrl())
-        maybeExportVariable('DEVELOCITY_INJECTION_TERMS_OF_USE_AGREE', config.getBuildScanTermsOfUseAgree())
+        maybeExportVariable('DEVELOCITY_INJECTION_TERMS_OF_USE_URL', config.getTermsOfUseUrl())
+        maybeExportVariable('DEVELOCITY_INJECTION_TERMS_OF_USE_AGREE', config.getTermsOfUseAgree())
    }

    return setupToken(
@@ -1,6 +1,6 @@
 import * as core from '@actions/core'
 import * as httpm from '@actions/http-client'
-import {BuildScanConfig} from '../configuration'
+import {DevelocityConfig} from '../configuration'
 import {recordDeprecation} from '../deprecation-collector'

 export async function setupToken(
@@ -28,7 +28,7 @@ export async function setupToken(
 }

 function exportAccessKeyEnvVars(value: string): void {
-    ;[BuildScanConfig.DevelocityAccessKeyEnvVar, BuildScanConfig.GradleEnterpriseAccessKeyEnvVar].forEach(key =>
+    ;[DevelocityConfig.DevelocityAccessKeyEnvVar, DevelocityConfig.GradleEnterpriseAccessKeyEnvVar].forEach(key =>
        core.exportVariable(key, value)
    )
 }
@@ -36,12 +36,14 @@ function exportAccessKeyEnvVars(value: string): void {
 function handleMissingAccessToken(): void {
    core.warning(`Failed to fetch short-lived token for Develocity`)

-    if (process.env[BuildScanConfig.GradleEnterpriseAccessKeyEnvVar]) {
+    if (process.env[DevelocityConfig.GradleEnterpriseAccessKeyEnvVar]) {
        // We do not clear the GRADLE_ENTERPRISE_ACCESS_KEY env var in v3, to let the users upgrade to DV 2024.1
-        recordDeprecation(`The ${BuildScanConfig.GradleEnterpriseAccessKeyEnvVar} env var is deprecated`)
+        recordDeprecation(`The ${DevelocityConfig.GradleEnterpriseAccessKeyEnvVar} env var is deprecated`)
    }
-    if (process.env[BuildScanConfig.DevelocityAccessKeyEnvVar]) {
-        core.warning(`The ${BuildScanConfig.DevelocityAccessKeyEnvVar} env var should be mapped to a short-lived token`)
+    if (process.env[DevelocityConfig.DevelocityAccessKeyEnvVar]) {
+        core.warning(
+            `The ${DevelocityConfig.DevelocityAccessKeyEnvVar} env var should be mapped to a short-lived token`
+        )
    }
 }

@@ -6,9 +6,8 @@ import * as core from '@actions/core'
 import * as cache from '@actions/cache'
 import * as toolCache from '@actions/tool-cache'

-import {determineGradleVersion, findGradleExecutableOnPath, versionIsAtLeast} from './gradle'
+import {determineGradleVersion, findGradleExecutableOnPath} from './gradle'
 import * as gradlew from './gradlew'
-import {handleCacheFailure} from '../caching/cache-utils'
 import {CacheConfig} from '../configuration'

 const gradleVersionsBaseUrl = 'https://services.gradle.org/versions'
@@ -109,34 +108,6 @@ async function installGradleVersion(versionInfo: GradleVersionInfo): Promise<str
    })
 }

-/**
- * Find (or install) a Gradle executable that meets the specified version requirement.
- * The Gradle version on PATH and all candidates are first checked for version compatibility.
- * If no existing Gradle version meets the requirement, the required version is installed.
- * @return Gradle executable with at least the required version.
- */
-export async function provisionGradleWithVersionAtLeast(
-    minimumVersion: string,
-    candidates: string[] = []
-): Promise<string> {
-    const gradleOnPath = await findGradleExecutableOnPath()
-    const allCandidates = gradleOnPath ? [gradleOnPath, ...candidates] : candidates
-
-    return core.group(`Provision Gradle >= ${minimumVersion}`, async () => {
-        for (const candidate of allCandidates) {
-            const candidateVersion = await determineGradleVersion(candidate)
-            if (candidateVersion && versionIsAtLeast(candidateVersion, minimumVersion)) {
-                core.info(
-                    `Gradle version ${candidateVersion} is available at ${candidate} and >= ${minimumVersion}. Not installing.`
-                )
-                return candidate
-            }
-        }
-
-        return locateGradleAndDownloadIfRequired(await gradleRelease(minimumVersion))
-    })
-}
-
 async function locateGradleAndDownloadIfRequired(versionInfo: GradleVersionInfo): Promise<string> {
    const installsDir = path.join(getProvisionDir(), 'installs')
    const installDir = path.join(installsDir, `gradle-${versionInfo.version}`)
@@ -222,3 +193,20 @@ interface GradleVersionInfo {
    version: string
    downloadUrl: string
 }
+
+function handleCacheFailure(error: unknown, message: string): void {
+    if (error instanceof cache.ValidationError) {
+        // Fail on cache validation errors
+        throw error
+    }
+    if (error instanceof cache.ReserveCacheError) {
+        // Reserve cache errors are expected if the artifact has been previously cached
+        core.info(`${message}: ${error}`)
+    } else {
+        // Warn on all other errors
+        core.warning(`${message}: ${error}`)
+        if (error instanceof Error && error.stack) {
+            core.info(error.stack)
+        }
+    }
+}
--- a/Show More
+++ b/Show More