mirror of
https://github.com/gradle/actions.git
synced 2026-06-10 05:37:39 +00:00
Daz DeBoer
9d6bacde37
## What - Bumps `@actions/cache` 6.0.0 → 6.0.1 - Bumps `@actions/artifact` 6.1.0 → 6.2.1 - Removes the Dependabot `ignore` rules for both so they're maintained automatically going forward ## Why Both deps were excluded from Dependabot's automatic updates: `*actions/cache*` was fully ignored, and `*actions/artifact*` had major/minor bumps ignored. Neither restriction is necessary. The `cache` ignore existed out of concern for keeping versions aligned with the vendored `gradle-actions-caching` library. That alignment isn't required: - The vendored bundle (`sources/vendor/gradle-actions-caching/index.js`) **inlines** its own (patched) `@actions/cache` and exposes a type-clean API (`restore`/`save`) that never leaks `@actions/cache` types across the boundary. - This repo's own direct `@actions/cache` usage is a **separate, unpatched copy** consumed via the stock string-returning API (`cache-service-basic.ts`, `provision.ts`), with no `patch-package`/`postinstall` in this repo. So there's no cross-repo sync requirement — these can be updated like any other dependency. ## Verification - `npm install --package-lock-only` regenerated the lockfile (resolves cache 6.0.1, artifact 6.2.1) - `./build` passes clean The root `dist/` directory is intentionally left for the CI workflow to update. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-authored-by: Claude Opus 4.8 (1M context) <noreply@anthropic.com>