New: Basic Cache Provider

A new MIT-licensed Basic Caching provider is now available as an alternative to the proprietary Enhanced Caching provided by gradle-actions-caching. Choose Basic Caching by setting cache-provider: basic on setup-gradle or dependency-submission actions.

• Built on @actions/cache -- fully open source
• Caches ~/.gradle/caches and ~/.gradle/wrapper directories
• Cache key derived from build files (*.gradle*, gradle-wrapper.properties, etc.)
• Clean cache on build file changes (no restore keys, preventing stale entry accumulation)

Limitations vs Enhanced Caching: No cache cleanup, no deduplication of cached content, cached content is fixed unless build files change.

Revamped Licensing & Distribution Documentation

• New DISTRIBUTION.md documents the licensing of each component (particularly Basic Caching vs Enhanced Caching)
• Simplified licensing notices in README, docs, and runtime log output
• Clear usage tiers: Enhanced Caching is free for public repos and in Free Preview for private repos

What's Changed

• Use a unique cache entry for wrapper-validation test by @bigdaz in #921
• Update Dependencies by @bigdaz in #922
• Update dependencies and resolve npm vulnerabilities by @bigdaz in #933
• Add open-source 'basic' cache provider and revamp licensing documentation by @bigdaz in #930
• Restructure caching documentation for basic and enhanced providers by @bigdaz in #934

Full Changelog: v6.0.1...v6.1.0

Summary

The license changes in v6 introduced a gradle-actions-caching license notice that is printed in logs and in each job summary.

With this release, the license notice will be muted if build-scan terms have been accepted, or if a Develocity access key is provided.

What's Changed

• Bump actions used in docs by @Goooler in #792
• Add typing information for use by typesafegithub by @bigdaz in #910
• Mute license warning when terms are accepted by @bigdaz in #911
• Mention explicit license acceptance in notice by @bigdaz in #912
• Bump com.fasterxml.jackson.dataformat:jackson-dataformat-smile from 2.21.1 to 2.21.2 in /sources/test/init-scripts in the gradle group across 1 directory by @dependabot[bot] in #907

Full Changelog: v6.0.0...v6.0.1

Summary

• Caching functionality of 'gradle-actions' has been extracted into a separate gradle-actions-caching library, and is no longer open-source. See this blog post for more context.
• Existing, rudimentary, configuration-cache support has been removed, pending a fully functional implementation in gradle-actions-caching.
• Dependencies updated to address security vulnerabilities

What's Changed

• Bump the npm-dependencies group in /sources with 2 updates by @dependabot[bot] in #866
• Update known wrapper checksums by @github-actions[bot] in #868
• Dependency updates by @bigdaz in #876
• Update known wrapper checksums by @github-actions[bot] in #878
• Bump @types/node from 25.3.3 to 25.3.5 in /sources in the npm-dependencies group across 1 directory by @dependabot[bot] in #877
• Bump the github-actions group across 3 directories with 3 updates by @dependabot[bot] in #867
• Update known wrapper checksums by @github-actions[bot] in #881
• Bump the npm-dependencies group in /sources with 6 updates by @dependabot[bot] in #879
• Bump the github-actions group across 3 directories with 5 updates by @dependabot[bot] in #880
• Remove configuration-cache support by @bigdaz in #884
• Extract caching logic into a separate gradle-actions-caching component by @bigdaz in #885
• Update gradle-actions-caching library to v0.3.0 by @bot-githubaction in #899
• Avoid windows shutdown bug by @bigdaz in #900
• Dependency updates by @bigdaz in #905
• Fix critical and high npm vulnerabilities by @bigdaz in #904
• Fix rendering of job-disabled message by @bigdaz in #909

Full Changelog: v5.0.2...v6.0.0

Summary

This release contains no functional changes. It updates dependencies and known Gradle wrapper checksums.

What's Changed

• Update dependencies by @bigdaz in #851
• Bump the github-actions group across 2 directories with 3 updates by @dependabot[bot] in #850
• Update DV config by @bigdaz in #848
• Convert project to ESM and update dependencies by @bigdaz in #854
• Workflow fixes by @bigdaz in #856
• Remove superfluous text from log message by @bigdaz in #861
• Bump the github-actions group across 1 directory with 2 updates by @dependabot[bot] in #860
• Bump the npm-dependencies group across 1 directory with 3 updates by @dependabot[bot] in #859
• Update known wrapper checksums by @github-actions[bot] in #857
• Bump com.fasterxml.jackson.dataformat:jackson-dataformat-smile from 2.21.0 to 2.21.1 in /sources/test/init-scripts in the gradle group across 1 directory by @dependabot[bot] in #862
• Bump the npm-dependencies group in /sources with 2 updates by @dependabot[bot] in #863
• Bump github/codeql-action from 4.32.3 to 4.32.4 in the github-actions group across 1 directory by @dependabot[bot] in #864

Full Changelog: v5.0.1...v5.0.2

What's Changed

• Bump npm code dependency versions
• Bump Gradle versions used in sample builds
• Bump dependencies versions in Gradle sample builds
• Bump GitHub actions used for build and test
• Update known wrapper checksums to include Gradle 9.2+

Full Changelog: v5.0.0...v5.0.1

What's Changed

Breaking Changes

• Upgrade to node 24 by @amyu in #721

Make sure your runner is updated to this version or newer to use this release. v2.327.1 Release Notes

Dependency upgrades

• Bump the github-actions group across 1 directory with 2 updates by @dependabot[bot] in #748

Full Changelog: v4...v5.0.0

What's Changed

• Bump the github-actions group across 2 directories with 3 updates by @dependabot[bot] in #726
• Regenerating package lock by @cdsap in #729
• Update known wrapper checksums by @github-actions[bot] in #730
• Bump the github-actions group across 1 directory with 3 updates by @dependabot[bot] in #735
• Bump the gradle group across 3 directories with 1 update by @dependabot[bot] in #734
• Bump the npm-dependencies group in /sources with 4 updates by @dependabot[bot] in #733
• Bump references to Develocity Gradle plugin from 4.1.1 to 4.2 by @bot-githubaction in #736
• Handle gracefully parse errors in checksum file by @jprinet in #737
• Bump Gradle Wrapper from 9.0.0 to 9.1.0 in /.github/workflow-samples/kotlin-dsl by @bot-githubaction in #742
• Bump Gradle Wrapper from 9.0.0 to 9.1.0 in /.github/workflow-samples/java-toolchain by @bot-githubaction in #741
• Bump Gradle Wrapper from 9.0.0 to 9.1.0 in /.github/workflow-samples/groovy-dsl by @bot-githubaction in #740
• Bump Gradle Wrapper from 9.0.0 to 9.1.0 in /.github/workflow-samples/gradle-plugin by @bot-githubaction in #739
• Bump Gradle Wrapper from 9.0.0 to 9.1.0 in /sources/test/init-scripts by @bot-githubaction in #738
• Update known wrapper checksums by @github-actions[bot] in #743
• Bump com.google.guava:guava from 33.4.8-jre to 33.5.0-jre in /.github/workflow-samples/kotlin-dsl in the gradle group across 1 directory by @dependabot[bot] in #746
• Bump the npm-dependencies group in /sources with 5 updates by @dependabot[bot] in #745

Full Changelog: v4...v4.4.4

What's Changed

• Adapt tests to future new Build Scan publication message by @alextu in #708
• Add missing Gradle version input to setup-gradle by @jprinet in #713
• Bump the github-actions group across 2 directories with 4 updates by @dependabot[bot] in #710
• Bump references to Develocity Gradle plugin from 4.1 to 4.1.1 by @bot-githubaction in #712
• Update known wrapper checksums by @github-actions[bot] in #709
• Bump the npm-dependencies group across 1 directory with 4 updates by @dependabot[bot] in #711
• Do not run setup-gradle post action if workflow is cancelled by @jprinet in #716
• Bump the github-actions group across 2 directories with 2 updates by @dependabot[bot] in #715
• Bump the npm-dependencies group across 1 directory with 3 updates by @dependabot[bot] in #720
• Bump github/codeql-action from 3.29.11 to 3.30.0 in the github-actions group across 1 directory by @dependabot[bot] in #719
• Bump com.fasterxml.jackson.dataformat:jackson-dataformat-smile from 2.19.2 to 2.20.0 in /sources/test/init-scripts in the gradle group across 1 directory by @dependabot[bot] in #718
• Update known wrapper checksums by @github-actions[bot] in #723
• Bump the npm-dependencies group in /sources with 5 updates by @dependabot[bot] in #725

Full Changelog: v4.4.2...v4.4.3

This patch release updates a bunch of dependency versions

What's Changed

• Bump github/codeql-action from 3.29.4 to 3.29.5 in the github-actions group across 1 directory (#703)
• Bumps the npm-dependencies group in /sources with 4 updates (#702)
• Upgrade to gradle 9 in workflows and tests (#704)
• Update known wrapper checksums (#701)
• Bump Gradle Wrapper from 8.14.3 to 9.0.0 in /.github/workflow-samples/gradle-plugin (#695)
• Bump Gradle Wrapper from 8.14.3 to 9.0.0 in /.github/workflow-samples/groovy-dsl (#696)
• Bump Gradle Wrapper from 8.14.3 to 9.0.0 in /.github/workflow-samples/java-toolchain (#697)
• Bump com.fasterxml.jackson.dataformat:jackson-dataformat-smile from 2.19.1 to 2.19.2 in /sources/test/init-scripts in the gradle group across 1 directory (#693)
• Bump github/codeql-action from 3.29.0 to 3.29.4 in the github-actions group across 1 directory (#691)
• Bump the npm-dependencies group in /sources with 5 updates (#692)
• Bump references to Develocity Gradle plugin from 4.0.2 to 4.1 (#685)
• Bump the npm-dependencies group across 1 directory with 8 updates (#684)
• Run Gradle release candidate tests with JDK 17 (#690)
• Update Develocity npm agent to version 1.0.1 (#687)
• Update known wrapper checksums (#688)
• Bump Gradle Wrapper from 8.14.2 to 8.14.3 in /.github/workflow-samples/kotlin-dsl (#683
• Bump the github-actions group across 1 directory with 3 updates (#675)
• Bump the gradle group across 3 directories with 2 updates (#674)
• Bump Gradle Wrapper from 8.14.2 to 8.14.3 in /sources/test/init-scripts (#679)
• Bump Gradle Wrapper from 8.14.2 to 8.14.3 in /.github/workflow-samples/java-toolchain (#682)
• Bump Gradle Wrapper from 8.14.2 to 8.14.3 in /.github/workflow-samples/groovy-dsl (#681)
• Bump Gradle Wrapper from 8.14.2 to 8.14.3 in /.github/workflow-samples/gradle-plugin (#680)
• Update known wrapper checksums (#676)

Full Changelog: v4.4.1...v4.4.2

This patch release fixes a bug in Develocity Injection with a custom plugin repository.
The gradle-plugin-repository-* action parameters were not being correctly mapped to environment variables that are read by the Develocity Injection init script.

This issue has been fixed by setting the correct environment variables:

• gradle-plugin-repository-url is mapped to DEVELOCITY_INJECTION_PLUGIN_REPOSITORY_URL
• gradle-plugin-repository-username is mapped to DEVELOCITY_INJECTION_PLUGIN_REPOSITORY_USERNAME
• gradle-plugin-repository-password is mapped to DEVELOCITY_INJECTION_PLUGIN_REPOSITORY_PASSWORD

Additionally, these parameters can now be used to configure a custom plugin repository for the GitHub Dependency Graph Gradle Plugin, required for dependency submission.

What's Changed

• Dependency updates by @bigdaz in #667
• Fix plugin repository env vars by @bigdaz in #669

Full Changelog: v4.4.0...v4.4.1