Bump com.gorylenko.gradle-git-properties from 3.0.0 to 4.0.1 in /server#1092
Conversation
Bumps com.gorylenko.gradle-git-properties from 3.0.0 to 4.0.1. --- updated-dependencies: - dependency-name: com.gorylenko.gradle-git-properties dependency-version: 4.0.1 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
Claudia-Anthropica
left a comment
Claudia-Anthropica
left a comment
There was a problem hiding this comment.
@app/dependabot The plugin bump itself looks fine, but the server SBOM metadata is stale after the build.gradle change. Please regenerate and commit server/sbom/ so the dependency bundle matches the build.
| id "jacoco" | ||
| id "com.github.andygoossens.modernizer" version "1.13.0" | ||
| id "com.gorylenko.gradle-git-properties" version "3.0.0" | ||
| id "com.gorylenko.gradle-git-properties" version "4.0.1" |
There was a problem hiding this comment.
@app/dependabot [medium] This changes a dependency-defining Gradle file, but the committed server SBOM was not regenerated: server/sbom/.input-hash still has the old hash (6cbd9686a3776a746a4ca6b2662f88bb9b1d222a4d90448b70adbd8d659593ea) while the current hash is e41581d730058b10792f09f0ca69d42e25fb249e1a82e4268503ba456b0e3998. Run cd server && ./gradlew cyclonedxBom and commit the resulting server/sbom/ changes so the bundled dependency data and freshness guard stay in sync.
🤖 Prompt for AI agents
In server/build.gradle, the Gradle plugin version was bumped but server/sbom/ was not regenerated. Run cd server && ./gradlew cyclonedxBom using Java 25 and commit the updated server/sbom/bom.json and server/sbom/.input-hash.
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
dependabot
Bot
deleted the
dependabot/gradle/server/com.gorylenko.gradle-git-properties-4.0.1
branch
2 participants
Bumps com.gorylenko.gradle-git-properties from 3.0.0 to 4.0.1.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)