Bump the github-actions group across 2 directories with 7 updates

Bumps the github-actions group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/setup-node](https://github.com/actions/setup-node) | `6.3.0` | `6.4.0` | | [gradle/actions](https://github.com/gradle/actions) | `6.0.1` | `6.1.0` | | [tj-actions/changed-files](https://github.com/tj-actions/changed-files) | `47.0.5` | `47.0.6` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.35.1` | `4.36.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `7.0.0` | `7.0.1` | | [actions/github-script](https://github.com/actions/github-script) | `8.0.0` | `9.0.0` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `8.1.0` | `8.1.1` | Bumps the github-actions group with 2 updates in the /.github/actions/build-dist directory: [actions/setup-node](https://github.com/actions/setup-node) and [actions/upload-artifact](https://github.com/actions/upload-artifact). Updates `actions/setup-node` from 6.3.0 to 6.4.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/53b83947a5a98c8d113130e565377fae1a50d02f...48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e) Updates `gradle/actions` from 6.0.1 to 6.1.0 - [Release notes](https://github.com/gradle/actions/releases) - [Commits](https://github.com/gradle/actions/compare/39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f...50e97c2cd7a37755bbfafc9c5b7cafaece252f6e) Updates `tj-actions/changed-files` from 47.0.5 to 47.0.6 - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](https://github.com/tj-actions/changed-files/compare/22103cc46bda19c2b464ffe86db46df6922fd323...9426d40962ed5378910ee2e21d5f8c6fcbf2dd96) Updates `github/codeql-action` from 4.35.1 to 4.36.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/c10b8064de6f491fea524254123dbe5e09572f13...7211b7c8077ea37d8641b6271f6a365a22a5fbfa) Updates `actions/upload-artifact` from 7.0.0 to 7.0.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f...043fb46d1a93c77aae656e7c1c64a875d1fc6a0a) Updates `actions/github-script` from 8.0.0 to 9.0.0 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/ed597411d8f924073f98dfc5c65a23a2325f34cd...3a2844b7e9c422d3c10d287c895573f7108da1b3) Updates `peter-evans/create-pull-request` from 8.1.0 to 8.1.1 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/c0f553fe549906ede9cf27b5156039d195d2ece0...5f6978faf089d4d20b00c7766989d076bb2fc7f1) Updates `actions/setup-node` from 6.3.0 to 6.4.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/53b83947a5a98c8d113130e565377fae1a50d02f...48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e) Updates `actions/upload-artifact` from 7.0.0 to 7.0.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f...043fb46d1a93c77aae656e7c1c64a875d1fc6a0a) --- updated-dependencies: - dependency-name: actions/setup-node dependency-version: 6.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: gradle/actions dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: tj-actions/changed-files dependency-version: 47.0.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 4.36.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/github-script dependency-version: 9.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: peter-evans/create-pull-request dependency-version: 8.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/setup-node dependency-version: 6.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
Update docs for v6
2026-06-01 01:21:58 +00:00 · 2026-05-28 23:44:09 +00:00 · 2026-04-03 15:25:10 -06:00
21 changed files with 68 additions and 65 deletions
@@ -3,7 +3,7 @@ name: 'Build and upload distribution'
 runs:
  using: "composite"
  steps: 
-    - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+    - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
      with:
        node-version: 24
        cache: npm
@@ -23,7 +23,7 @@ runs:
        cp -r sources/dist .

    - name: Upload distribution
-      uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+      uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
      with:
        name: dist
        path: dist/
@@ -19,14 +19,14 @@ jobs:
    steps:
    - name: Checkout sources
      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-    - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+    - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
      with:
        node-version: 20
        cache: npm
        cache-dependency-path: sources/package-lock.json
    - name: Setup Gradle
      # Use a released version to avoid breakages
-      uses: gradle/actions/setup-gradle@39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f # v6.0.1
+      uses: gradle/actions/setup-gradle@50e97c2cd7a37755bbfafc9c5b7cafaece252f6e # v6.1.0
      env:
        ALLOWED_GRADLE_WRAPPER_CHECKSUMS: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 # Invalid wrapper jar used for testing
      with:
@@ -21,7 +21,7 @@ jobs:

    - name: Get changed files
      id: changed-files
-      uses: tj-actions/changed-files@22103cc46bda19c2b464ffe86db46df6922fd323 # v47.0.5
+      uses: tj-actions/changed-files@9426d40962ed5378910ee2e21d5f8c6fcbf2dd96 # v47.0.6
      with:
        files: |
          dist/**
@@ -35,7 +35,7 @@ jobs:

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@c10b8064de6f491fea524254123dbe5e09572f13 # v3.29.5
+      uses: github/codeql-action/init@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v3.29.5
      with:
        languages: ${{ matrix.language }}
        config: |
@@ -43,4 +43,4 @@ jobs:
          - sources/src

    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@c10b8064de6f491fea524254123dbe5e09572f13 # v3.29.5
+      uses: github/codeql-action/analyze@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v3.29.5
@@ -30,7 +30,7 @@ jobs:
        java-version: 17
    - name: Setup Gradle
      # Use a released version to avoid breakages
-      uses: gradle/actions/setup-gradle@39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f # v6.0.1
+      uses: gradle/actions/setup-gradle@50e97c2cd7a37755bbfafc9c5b7cafaece252f6e # v6.1.0
      env:
        ALLOWED_GRADLE_WRAPPER_CHECKSUMS: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 # Invalid wrapper jar used for testing
    - name: Run integration tests
@@ -44,7 +44,7 @@ jobs:
      # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
      # format to the repository Actions tab.
      - name: 'Upload artifact'
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
        with:
          name: SARIF file
          path: results.sarif
@@ -28,7 +28,7 @@ jobs:
        token: ${{ secrets.BOT_GITHUB_TOKEN }}

    - name: Set up Node.js
-      uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+      uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
      with:
        node-version: 20
        cache: npm
@@ -12,6 +12,6 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-      - uses: gradle/actions/wrapper-validation@39e147cb9de83bb9910b8ef8bd7fff0ee20fcd6f # v6.0.1
+      - uses: gradle/actions/wrapper-validation@50e97c2cd7a37755bbfafc9c5b7cafaece252f6e # v6.1.0
        with:
          allow-checksums: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
@@ -62,7 +62,7 @@ jobs:
      run: gradle help
    - name: Check Build Scan url
      if: ${{ !steps.gradle.outputs.build-scan-url }}
-      uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+      uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
      with:
        script: |
          core.setFailed('No Build Scan detected')   
@@ -105,7 +105,7 @@ jobs:
      run: ./gradlew help
    - name: Check Build Scan url is captured
      if: ${{ !steps.gradle.outputs.build-scan-url }}
-      uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+      uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
      with:
        script: |
          core.setFailed('No Build Scan detected')
@@ -129,7 +129,7 @@ jobs:
      run: ./gradlew help
    - name: Check Build Scan url is captured
      if: ${{ !steps.gradle.outputs.build-scan-url }}
-      uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+      uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
      with:
        script: |
          core.setFailed('No Build Scan detected')
@@ -72,7 +72,7 @@ jobs:
      run: gradle help
    - name: Check Build Scan url
      if: ${{ !steps.gradle.outputs.build-scan-url }}
-      uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+      uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
      with:
        script: |
          core.setFailed('No Build Scan detected')
@@ -129,7 +129,7 @@ jobs:
        run: "[ ${#GRADLE_ENTERPRISE_ACCESS_KEY} -gt 500 ] || (echo 'GRADLE_ENTERPRISE_ACCESS_KEY does not look like a short lived token'; exit 1)"
      - name: Check Build Scan url
        if: ${{ !steps.gradle.outputs.build-scan-url }}
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
        with:
          script: |
            core.setFailed('No Build Scan detected')
@@ -225,7 +225,7 @@ jobs:
        run: gradle help
      - name: Check Build Scan url
        if: ${{ !steps.gradle.outputs.build-scan-url }}
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
        with:
          script: |
            core.setFailed('No Build Scan detected')
@@ -77,7 +77,7 @@ jobs:
      run: gradle help
    - name: Check current version output parameter
      if: ${{ !startsWith(steps.gradle-current.outputs.gradle-version , '9.') }}
-      uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+      uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
      with:
        script: |
          core.setFailed('Gradle version parameter not set correctly: value was "${{ steps.gradle-current.outputs.gradle-version }}"')    
@@ -122,7 +122,7 @@ jobs:
        gradle-version: ${{ matrix.gradle }}
    - name: Check output parameter
      if: ${{ steps.setup-gradle.outputs.gradle-version != matrix.gradle }}
-      uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+      uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
      with:
        script: |
          core.setFailed('Gradle version parameter not set correctly: value was "${{ steps.setup-gradle.outputs.gradle-version }}"')    
@@ -132,7 +132,7 @@ jobs:
      run: gradle help "-DgradleVersionCheck=${{matrix.gradle}}"
    - name: Check Build Scan url
      if: ${{ !steps.gradle.outputs.build-scan-url }}
-      uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+      uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
      with:
        script: |
          core.setFailed('No Build Scan detected')    
@@ -22,7 +22,7 @@ jobs:
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

      - name: Set up Node.js
-        uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
        with:
          node-version: 20
          cache: npm
@@ -48,7 +48,7 @@ jobs:

      # If there are no changes, this action will not create a pull request
      - name: Create or update pull request
-        uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0
+        uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1
        with:
          branch: bot/wrapper-checksums-update
          author: bot-githubaction <bot-githubaction@gradle.com>
@@ -39,7 +39,7 @@ jobs:
        distribution: 'temurin'
        java-version: 17
    - name: Setup Gradle
-      uses: gradle/actions/setup-gradle@v5
+      uses: gradle/actions/setup-gradle@v6
    - name: Build with Gradle
      run: ./gradlew build
 ```
@@ -77,7 +77,7 @@ jobs:
        distribution: 'temurin'
        java-version: 17
    - name: Generate and submit dependency graph
-      uses: gradle/actions/dependency-submission@v5
+      uses: gradle/actions/dependency-submission@v6
 ```

 See the [full action documentation](docs/dependency-submission.md) for more advanced usage scenarios.
@@ -106,7 +106,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v6
-      - uses: gradle/actions/wrapper-validation@v5
+      - uses: gradle/actions/wrapper-validation@v6
 ```

 See the [full action documentation](docs/wrapper-validation.md) for more advanced usage scenarios.
@@ -29,7 +29,7 @@ jobs:
        distribution: 'temurin'
        java-version: 17
    - name: Generate and submit dependency graph
-      uses: gradle/actions/dependency-submission@v5
+      uses: gradle/actions/dependency-submission@v6
 ```

 See the [full action documentation](../docs/dependency-submission.md) for more advanced usage scenarios.
@@ -22,7 +22,7 @@ If you're confused by the behaviour you're seeing or have specific questions, pl
 > **Prefer a 100% Open Source (MIT) path?**
 > We also provide a **Basic Caching** provider as a thin wrapper over `actions/cache`. This provider is **free for all repositories** (public and private) and can be enabled at any time by setting `cache-provider: basic`.
 >
-> For a full breakdown of the components, usage tiers, and our **Safe Harbor** data privacy commitment, see our [Distribution & Licensing Guide](./DISTRIBUTION.md).
+> For a full breakdown of the components, usage tiers, and our **Safe Harbor** data privacy commitment, see our [Distribution & Licensing Guide](../DISTRIBUTION.md).

 ## General usage

@@ -52,7 +52,7 @@ jobs:
        java-version: 17

    - name: Generate and submit dependency graph
-      uses: gradle/actions/dependency-submission@v5
+      uses: gradle/actions/dependency-submission@v6
 ```

 ### Gradle execution
@@ -88,7 +88,7 @@ Three input parameters are required, one to enable publishing and two more to ac

 ```yaml
    - name: Generate and submit dependency graph
-      uses: gradle/actions/dependency-submission@v5
+      uses: gradle/actions/dependency-submission@v6
      with:
        build-scan-publish: true
        build-scan-terms-of-use-url: "https://gradle.com/help/legal-terms-of-use"
@@ -103,7 +103,7 @@ In some cases, the default action configuration will not be sufficient, and addi

 ```yaml
    - name: Generate and save dependency graph
-      uses: gradle/actions/dependency-submission@v5
+      uses: gradle/actions/dependency-submission@v6
      with:
        # Use a particular Gradle version instead of the configured wrapper.
        gradle-version: '8.6'
@@ -150,7 +150,7 @@ To reduce storage costs for these artifacts, you can:

 ```yaml
    - name: Generate dependency graph but only store workflow artifacts for 1 day
-      uses: gradle/actions/dependency-submission@v5
+      uses: gradle/actions/dependency-submission@v6
      with:
        artifact-retention-days: 1 # Default is 30 days or as configured for repository
 ```
@@ -159,7 +159,7 @@ To reduce storage costs for these artifacts, you can:

 ```yaml
    - name: Generate and submit dependency graph but do not store as workflow artifact
-      uses: gradle/actions/dependency-submission@v5
+      uses: gradle/actions/dependency-submission@v6
      with:
        dependency-graph: 'generate-and-submit' # Default value is 'generate-submit-and-upload'
 ```
@@ -319,7 +319,7 @@ For example, if you want to exclude dependencies resolved by the `buildSrc` proj

 ```yaml
    - name: Generate and submit dependency graph
-      uses: gradle/actions/dependency-submission@v5
+      uses: gradle/actions/dependency-submission@v6
      with:
        # Exclude all dependencies that originate solely in the 'buildSrc' project
        dependency-graph-exclude-projects: ':buildSrc'
@@ -370,7 +370,7 @@ jobs:
        java-version: 17

    - name: Generate and submit dependency graph
-      uses: gradle/actions/dependency-submission@v5
+      uses: gradle/actions/dependency-submission@v6
 ```

 #### 2. Add a dedicated Dependency Review workflow
@@ -432,7 +432,7 @@ jobs:
        java-version: 17

    - name: Generate and save dependency graph
-      uses: gradle/actions/dependency-submission@v5
+      uses: gradle/actions/dependency-submission@v6
      with:
        dependency-graph: generate-and-upload
 ```
@@ -455,7 +455,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
    - name: Download and submit dependency graph
-      uses: gradle/actions/dependency-submission@v5
+      uses: gradle/actions/dependency-submission@v6
      with:
        dependency-graph: download-and-submit # Download saved dependency-graph and submit
 ```
@@ -20,7 +20,7 @@ To convert your workflows, simply replace:
 ```
 with
 ```
-    uses: gradle/actions/setup-gradle@v5
+    uses: gradle/actions/setup-gradle@v6
 ```

 ## The action `gradle/wrapper-validation-action` has been replaced by `gradle/actions/wrapper-validation`
@@ -40,7 +40,7 @@ To convert your workflows, simply replace:
 ```
 with
 ```
-    uses: gradle/actions/wrapper-validation@v5
+    uses: gradle/actions/wrapper-validation@v6
 ```

 ## Using the action to execute Gradle via the `arguments` parameter is deprecated
@@ -82,7 +82,7 @@ The exact syntax depends on whether or not your project is configured with the [

 ```
 - name: Setup Gradle
-  uses: gradle/actions/setup-gradle@v5
+  uses: gradle/actions/setup-gradle@v6

 - name: Assemble the project
  run: ./gradlew assemble
@@ -99,7 +99,7 @@ The exact syntax depends on whether or not your project is configured with the [

 ```
 - name: Setup Gradle for a non-wrapper project
-  uses: gradle/actions/setup-gradle@v5
+  uses: gradle/actions/setup-gradle@v6
  with:
    gradle-version: '8.11'

@@ -9,7 +9,7 @@ This GitHub Action can be used to configure Gradle for optimal execution on any
 > **Prefer a 100% Open Source (MIT) path?**
 > We also provide a **Basic Caching** provider as a thin wrapper over `actions/cache`. This provider is **free for all repositories** (public and private) and can be enabled at any time by setting `cache-provider: basic`.
 >
-> For a full breakdown of the components, usage tiers, and our **Safe Harbor** data privacy commitment, see our [Distribution & Licensing Guide](./DISTRIBUTION.md).
+> For a full breakdown of the components, usage tiers, and our **Safe Harbor** data privacy commitment, see our [Distribution & Licensing Guide](../DISTRIBUTION.md).

 ## Why use the `setup-gradle` action?

@@ -55,7 +55,7 @@ jobs:
        java-version: 17

    - name: Setup Gradle
-      uses: gradle/actions/setup-gradle@v5
+      uses: gradle/actions/setup-gradle@v6

    - name: Execute Gradle build
      run: ./gradlew build
@@ -68,7 +68,7 @@ Downloaded Gradle versions are stored in the GitHub Actions cache, to avoid havi

 ```yaml
 - name: Setup Gradle 8.10
-   uses: gradle/actions/setup-gradle@v5
+   uses: gradle/actions/setup-gradle@v6
   with:
     gradle-version: '8.10' # Quotes required to prevent YAML converting to number
  - name: Build with Gradle 8.10
@@ -106,7 +106,7 @@ jobs:
        distribution: temurin
        java-version: 17

-    - uses: gradle/actions/setup-gradle@v5
+    - uses: gradle/actions/setup-gradle@v6
      id: setup-gradle
      with:
        gradle-version: release-candidate
@@ -135,8 +135,11 @@ You choose which provider to use via the `cache-provider` input:
 - **`basic`**: A fully open-source (MIT) caching implementation built on the standard GitHub Actions cache (`@actions/cache`). Uses the same caching strategy as `actions/setup-java` with `cache: gradle`. See [Basic Caching](#basic-caching) for details.

 ```yaml
-# Use the open-source basic cache provider
-cache-provider: basic
+    # Use the open-source basic cache provider
+    - uses: gradle/actions/setup-gradle@v6
+      id: setup-gradle
+      with:
+        cache-provider: basic
 ```

 ### Common cache configuration
@@ -538,7 +541,7 @@ jobs:
        java-version: 17

    - name: Setup Gradle
-      uses: gradle/actions/setup-gradle@v5
+      uses: gradle/actions/setup-gradle@v6
      with:
        add-job-summary-as-pr-comment: 'on-failure' # Valid values are 'never' (default), 'always', and 'on-failure'

@@ -575,7 +578,7 @@ jobs:
        java-version: 17

    - name: Setup Gradle
-      uses: gradle/actions/setup-gradle@v5
+      uses: gradle/actions/setup-gradle@v6

    - name: Run build with Gradle wrapper
      run: ./gradlew build --scan
@@ -606,7 +609,7 @@ If you do not want wrapper-validation to occur automatically, you can disable it

 ```yaml
    - name: Setup Gradle
-      uses: gradle/actions/setup-gradle@v5
+      uses: gradle/actions/setup-gradle@v6
      with:
        validate-wrappers: false
 ```
@@ -618,7 +621,7 @@ These are not allowed by default.

 ```yaml
    - name: Setup Gradle
-      uses: gradle/actions/setup-gradle@v5
+      uses: gradle/actions/setup-gradle@v6
      with:
        validate-wrappers: true
        allow-snapshot-wrappers: true
@@ -683,7 +686,7 @@ jobs:
        java-version: 17

    - name: Setup Gradle to generate and submit dependency graphs
-      uses: gradle/actions/setup-gradle@v5
+      uses: gradle/actions/setup-gradle@v6
      with:
        dependency-graph: generate-and-submit
    - name: Run the usual CI build (dependency-graph will be generated and submitted post-job)
@@ -710,7 +713,7 @@ graph cannot be generated or submitted. You can enable this behavior with the `d

 ```yaml
 # Ensure that the workflow Job will fail if the dependency graph cannot be submitted
- uses: gradle/actions/setup-gradle@v5
+- uses: gradle/actions/setup-gradle@v6
  with:
    dependency-graph: generate-and-submit
    dependency-graph-continue-on-failure: false
@@ -735,7 +738,7 @@ jobs:
        java-version: 17

    - name: Setup Gradle to generate and submit dependency graphs
-      uses: gradle/actions/setup-gradle@v5
+      uses: gradle/actions/setup-gradle@v6
      with:
        dependency-graph: generate-and-submit
    - name: Run a build, resolving the 'dependency-graph' plugin from the plugin portal proxy
@@ -765,7 +768,7 @@ jobs:
        java-version: 17

    - name: Setup Gradle to generate and submit dependency graphs
-      uses: gradle/actions/setup-gradle@v5
+      uses: gradle/actions/setup-gradle@v6
      with:
        dependency-graph: generate-and-submit
    - name: Build the app, generating a graph of dependencies required
@@ -809,7 +812,7 @@ To publish to https://scans.gradle.com, you must specify in your workflow that y

 ```yaml
    - name: Setup Gradle to publish build scans
-      uses: gradle/actions/setup-gradle@v5
+      uses: gradle/actions/setup-gradle@v6
      with:
        build-scan-publish: true
        build-scan-terms-of-use-url: 'https://gradle.com/terms-of-service'
@@ -831,7 +834,7 @@ The short-lived access token will then be used wherever a Develocity access key

 ```yaml
    - name: Setup Gradle
-      uses: gradle/actions/setup-gradle@v5
+      uses: gradle/actions/setup-gradle@v6
      with:
        develocity-access-key: ${{ secrets.MY_DEVELOCITY_ACCESS_KEY }} # Long-lived access key, visiblility is restricted to this step.

@@ -849,7 +852,7 @@ To avoid this, use the `develocity-token-expiry` parameter to specify a differen

 ```yaml
    - name: Setup Gradle
-      uses: gradle/actions/setup-gradle@v5
+      uses: gradle/actions/setup-gradle@v6
      with:
        develocity-access-key: ${{ secrets.MY_DEVELOCITY_ACCESS_KEY }}
        develocity-token-expiry: '8' # The number of hours that the access token should remain valid (max 24).
@@ -871,7 +874,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
    - name: Setup Gradle
-      uses: gradle/actions/setup-gradle@v5
+      uses: gradle/actions/setup-gradle@v6

    # The build will automatically use a short-lived access token to authenticate with Develocity
    - name: Run a Gradle build that is configured to publish to Develocity.
@@ -903,7 +906,7 @@ Here's a minimal example:

 ```yaml
    - name: Setup Gradle
-      uses: gradle/actions/setup-gradle@v5
+      uses: gradle/actions/setup-gradle@v6
      with:
        develocity-injection-enabled: true
        develocity-url: 'https://develocity.your-server.com'
@@ -920,7 +923,7 @@ In the likely scenario that your Develocity server requires authentication, you

 ```yaml
    - name: Setup Gradle
-      uses: gradle/actions/setup-gradle@v5
+      uses: gradle/actions/setup-gradle@v6
      with:
        develocity-access-key: ${{ secrets.MY_DEVELOCITY_ACCESS_KEY }}

@@ -971,7 +974,7 @@ Here's an example using the env vars:

 ```yaml
    - name: Setup Gradle
-      uses: gradle/actions/setup-gradle@v5
+      uses: gradle/actions/setup-gradle@v6

    - name: Run a Gradle build with Develocity injection enabled with environment variables
      run: ./gradlew build
@@ -50,7 +50,7 @@ We created an example [Homoglyph attack PR here](https://github.com/JLLeitschuh/
 Simply add this action to your workflow **after** having checked out your source tree and **before** running any Gradle build:

 ```yaml
-uses: gradle/actions/wrapper-validation@v5
+uses: gradle/actions/wrapper-validation@v6
 ```

 This action step should precede any step using `gradle/gradle-build-action` or `gradle/actions/setup-gradle`.
@@ -73,7 +73,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v6
-      - uses: gradle/actions/wrapper-validation@v5
+      - uses: gradle/actions/wrapper-validation@v6
 ```

 ## Contributing to an external GitHub Repository
@@ -26,7 +26,7 @@ jobs:
        distribution: 'temurin'
        java-version: 17
    - name: Setup Gradle
-      uses: gradle/actions/setup-gradle@v5
+      uses: gradle/actions/setup-gradle@v6
    - name: Build with Gradle
      run: ./gradlew build
 ```
@@ -25,7 +25,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v6
-      - uses: gradle/actions/wrapper-validation@v5
+      - uses: gradle/actions/wrapper-validation@v6
 ```

 See the [full action documentation](../docs/wrapper-validation.md) for more advanced usage scenarios.