Bump the github-actions group across 2 directories with 2 updates

Bumps the github-actions group with 2 updates in the / directory: [github/codeql-action](https://github.com/github/codeql-action) and [actions/upload-artifact](https://github.com/actions/upload-artifact).
Bumps the github-actions group with 1 update in the /.github/actions/build-dist directory: [actions/upload-artifact](https://github.com/actions/upload-artifact).


Updates `github/codeql-action` from 3.28.11 to 3.28.13
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](6bb031afdd...1b549b9259)

Updates `actions/upload-artifact` from 4.6.1 to 4.6.2
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](4cec3d8aa0...ea165f8d65)

Updates `actions/upload-artifact` from 4.6.1 to 4.6.2
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](4cec3d8aa0...ea165f8d65)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/actions/build-dist/action.yml

@@ -3,7 +3,7 @@ name: 'Build and upload distribution'
 runs:
   using: "composite"
   steps: 
-    - uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0
+    - uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0
       with:
         node-version: 20
         cache: npm
@@ -23,7 +23,7 @@ runs:
         cp -r sources/dist .
 
     - name: Upload distribution
-      uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+      uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
       with:
         name: dist
         path: dist/

.github/actions/init-integ-test/action.yml

@@ -4,7 +4,7 @@ runs:
   using: "composite"
   steps: 
     - name: Setup Java
-      uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
+      uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
       with:
         distribution: 'temurin'
         java-version: 11

.github/workflow-samples/gradle-plugin/gradle/libs.versions.toml

@@ -0,0 +1,2 @@
+# This file was generated by the Gradle 'init' task.
+# https://docs.gradle.org/current/userguide/platforms.html#sub::toml-dependencies-format

.github/workflow-samples/gradle-plugin/gradle/wrapper/gradle-wrapper.properties

@@ -1,7 +1,7 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionSha256Sum=8d97a97984f6cbd2b85fe4c60a743440a347544bf18818048e611f5288d46c94
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.12.1-bin.zip
+distributionSha256Sum=20f1b1176237254a6fc204d8434196fa11a4cfb387567519c61556e8710aed78
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.13-bin.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME

.github/workflow-samples/gradle-plugin/gradlew

@@ -205,7 +205,7 @@ fi
 DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
 
 # Collect all arguments for the java command:
-#   * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
+#   * DEFAULT_JVM_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
 #     and any embedded shellness will be escaped.
 #   * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be
 #     treated as '${Hostname}' itself on the command line.

.github/workflow-samples/gradle-plugin/plugin/build.gradle

@@ -1,60 +0,0 @@
-/*
- * This file was generated by the Gradle 'init' task.
- *
- * This generated file contains a sample Gradle plugin project to get you started.
- * For more details take a look at the Writing Custom Plugins chapter in the Gradle
- * User Manual available at https://docs.gradle.org/7.3/userguide/custom_plugins.html
- * This project uses @Incubating APIs which are subject to change.
- */
-
-plugins {
-    // Apply the Java Gradle plugin development plugin to add support for developing Gradle plugins
-    id 'java-gradle-plugin'
-}
-
-repositories {
-    // Use Maven Central for resolving dependencies.
-    mavenCentral()
-}
-
-testing {
-    suites {
-        // Configure the built-in test suite
-        test {
-            // Use JUnit Jupiter test framework
-            useJUnitJupiter('5.7.2')
-        }
-
-        // Create a new test suite
-        functionalTest(JvmTestSuite) {
-            dependencies {
-                // functionalTest test suite depends on the production code in tests
-                implementation(project(':plugin'))
-            }
-
-            targets {
-                all {
-                    // This test suite should run after the built-in test suite has run its tests
-                    testTask.configure { shouldRunAfter(test) } 
-                }
-            }
-        }
-    }
-}
-
-gradlePlugin {
-    // Define the plugin
-    plugins {
-        greeting {
-            id = 'org.example.gradle.plugin.greeting'
-            implementationClass = 'org.example.gradle.plugin.GradlePluginPlugin'
-        }
-    }
-}
-
-gradlePlugin.testSourceSets(sourceSets.functionalTest)
-
-tasks.named('check') {
-    // Include functionalTest as part of the check lifecycle
-    dependsOn(testing.suites.functionalTest)
-}

.github/workflow-samples/gradle-plugin/plugin/build.gradle.kts

@@ -0,0 +1,40 @@
+plugins {
+    `java-gradle-plugin`
+}
+
+repositories {
+    mavenCentral()
+}
+
+testing {
+    suites {
+        val test by getting(JvmTestSuite::class) {
+            useJUnitJupiter()
+        }
+
+        val functionalTest by registering(JvmTestSuite::class) {
+            dependencies {
+                implementation(project())
+            }
+
+            targets {
+                all {
+                    testTask.configure { shouldRunAfter(test) } 
+                }
+            }
+        }
+    }
+}
+
+gradlePlugin {
+    val greeting by plugins.creating {
+        id = "org.example.greeting"
+        implementationClass = "org.example.GradlePluginPlugin"
+    }
+}
+
+gradlePlugin.testSourceSets.add(sourceSets["functionalTest"])
+
+tasks.named<Task>("check") {
+    dependsOn(testing.suites.named("functionalTest"))
+}

.github/workflow-samples/gradle-plugin/plugin/src/functionalTest/java/org/example/GradlePluginPluginFunctionalTest.java

@@ -1,7 +1,7 @@
 /*
- * This Java source file was generated by the Gradle 'init' task.
+ * This source file was generated by the Gradle 'init' task
  */
-package org.example.gradle.plugin;
+package org.example;
 
 import java.io.File;
 import java.io.IOException;
@@ -15,7 +15,7 @@ import org.junit.jupiter.api.io.TempDir;
 import static org.junit.jupiter.api.Assertions.*;
 
 /**
- * A simple functional test for the 'org.example.gradle.plugin.greeting' plugin.
+ * A simple functional test for the 'org.example.greeting' plugin.
  */
 class GradlePluginPluginFunctionalTest {
     @TempDir
@@ -29,24 +29,23 @@ class GradlePluginPluginFunctionalTest {
         return new File(projectDir, "settings.gradle");
     }
 
-    @Test void canRunTaskWithGradle691() throws IOException {
+    @Test void canRunTask() throws IOException {
         writeString(getSettingsFile(), "");
         writeString(getBuildFile(),
             "plugins {" +
-            "  id('org.example.gradle.plugin.greeting')" +
+            "  id('org.example.greeting')" +
             "}");
 
         // Run the build
         GradleRunner runner = GradleRunner.create();
         runner.forwardOutput();
-        runner.withGradleVersion("6.9.1");
         runner.withPluginClasspath();
         runner.withArguments("greeting");
         runner.withProjectDir(projectDir);
         BuildResult result = runner.build();
 
         // Verify the result
-        assertTrue(result.getOutput().contains("Hello from plugin 'org.example.gradle.plugin.greeting'"));
+        assertTrue(result.getOutput().contains("Hello from plugin 'org.example.greeting'"));
     }
 
     private void writeString(File file, String string) throws IOException {

.github/workflow-samples/gradle-plugin/plugin/src/main/java/org/example/GradlePluginPlugin.java

@@ -1,7 +1,7 @@
 /*
- * This Java source file was generated by the Gradle 'init' task.
+ * This source file was generated by the Gradle 'init' task
  */
-package org.example.gradle.plugin;
+package org.example;
 
 import org.gradle.api.Project;
 import org.gradle.api.Plugin;
@@ -13,7 +13,7 @@ public class GradlePluginPlugin implements Plugin<Project> {
     public void apply(Project project) {
         // Register a task
         project.getTasks().register("greeting", task -> {
-            task.doLast(s -> System.out.println("Hello from plugin 'org.example.gradle.plugin.greeting'"));
+            task.doLast(s -> System.out.println("Hello from plugin 'org.example.greeting'"));
         });
     }
 }

.github/workflow-samples/gradle-plugin/plugin/src/test/java/org/example/GradlePluginPluginTest.java

@@ -1,7 +1,7 @@
 /*
- * This Java source file was generated by the Gradle 'init' task.
+ * This source file was generated by the Gradle 'init' task
  */
-package org.example.gradle.plugin;
+package org.example;
 
 import org.gradle.testfixtures.ProjectBuilder;
 import org.gradle.api.Project;
@@ -9,13 +9,13 @@ import org.junit.jupiter.api.Test;
 import static org.junit.jupiter.api.Assertions.*;
 
 /**
- * A simple unit test for the 'org.example.gradle.plugin.greeting' plugin.
+ * A simple unit test for the 'org.example.greeting' plugin.
  */
 class GradlePluginPluginTest {
     @Test void pluginRegistersATask() {
         // Create a test project and apply the plugin
         Project project = ProjectBuilder.builder().build();
-        project.getPlugins().apply("org.example.gradle.plugin.greeting");
+        project.getPlugins().apply("org.example.greeting");
 
         // Verify the result
         assertNotNull(project.getTasks().findByName("greeting"));

.github/workflow-samples/gradle-plugin/settings.gradle

@@ -1,12 +0,0 @@
-/*
- * This file was generated by the Gradle 'init' task.
- *
- * The settings file is used to specify which projects to include in your build.
- *
- * Detailed information about configuring a multi-project build in Gradle can be found
- * in the user manual at https://docs.gradle.org/7.3/userguide/multi_project_builds.html
- * This project uses @Incubating APIs which are subject to change.
- */
-
-rootProject.name = 'gradle-plugin'
-include('plugin')

.github/workflow-samples/gradle-plugin/settings.gradle.kts

@@ -0,0 +1,2 @@
+rootProject.name = "gradle-plugin-2"
+include("plugin")

.github/workflow-samples/groovy-dsl/build.gradle

@@ -6,8 +6,12 @@ repositories {
     mavenCentral()
 }
 
-dependencies {
-    testImplementation('junit:junit:4.13.2')
+testing {
+    suites {
+        test {
+            useJUnit()
+        }
+    }
 }
 
 tasks.named("test").configure {

.github/workflow-samples/groovy-dsl/gradle/wrapper/gradle-wrapper.properties

@@ -1,7 +1,7 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionSha256Sum=8d97a97984f6cbd2b85fe4c60a743440a347544bf18818048e611f5288d46c94
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.12.1-bin.zip
+distributionSha256Sum=20f1b1176237254a6fc204d8434196fa11a4cfb387567519c61556e8710aed78
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.13-bin.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME

.github/workflow-samples/groovy-dsl/gradlew

@@ -205,7 +205,7 @@ fi
 DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
 
 # Collect all arguments for the java command:
-#   * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
+#   * DEFAULT_JVM_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
 #     and any embedded shellness will be escaped.
 #   * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be
 #     treated as '${Hostname}' itself on the command line.

.github/workflow-samples/groovy-dsl/settings.gradle

@@ -1,5 +1,5 @@
 plugins {
-    id "com.gradle.develocity" version "3.19.1"
+    id "com.gradle.develocity" version "3.19.2"
     id "com.gradle.common-custom-user-data-gradle-plugin" version "2.1"
 }
 

.github/workflow-samples/java-toolchain/build.gradle.kts

@@ -1,5 +1,5 @@
 plugins {
-    id 'java'
+    java
 }
 
 java {
@@ -12,6 +12,10 @@ repositories {
     mavenCentral()
 }
 
-dependencies {
-    testImplementation('junit:junit:4.13.2')
-}
+testing {
+    suites {
+        val test by getting(JvmTestSuite::class) {
+            useJUnit()
+        }
+    }
+}

.github/workflow-samples/java-toolchain/gradle/wrapper/gradle-wrapper.properties

@@ -1,7 +1,7 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionSha256Sum=8d97a97984f6cbd2b85fe4c60a743440a347544bf18818048e611f5288d46c94
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.12.1-bin.zip
+distributionSha256Sum=20f1b1176237254a6fc204d8434196fa11a4cfb387567519c61556e8710aed78
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.13-bin.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME

.github/workflow-samples/java-toolchain/gradlew

@@ -205,7 +205,7 @@ fi
 DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
 
 # Collect all arguments for the java command:
-#   * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
+#   * DEFAULT_JVM_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
 #     and any embedded shellness will be escaped.
 #   * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be
 #     treated as '${Hostname}' itself on the command line.

.github/workflow-samples/java-toolchain/settings.gradle

@@ -1,5 +0,0 @@
-plugins {
-    id("org.gradle.toolchains.foojay-resolver-convention") version("0.7.0")
-}
-
-rootProject.name = 'basic'

.github/workflow-samples/java-toolchain/settings.gradle.kts

@@ -0,0 +1,6 @@
+plugins {
+    // Apply the foojay-resolver plugin to allow automatic download of JDKs
+    id("org.gradle.toolchains.foojay-resolver-convention") version "0.9.0"
+}
+
+rootProject.name = "java-toolchains"

.github/workflow-samples/kotlin-dsl/build.gradle.kts

@@ -8,13 +8,15 @@ repositories {
 
 dependencies {
     api("org.apache.commons:commons-math3:3.6.1")
-    implementation("com.google.guava:guava:33.4.0-jre")
-
-    testImplementation("org.junit.jupiter:junit-jupiter:5.11.4")
+    implementation("com.google.guava:guava:33.4.6-jre")
 }
 
-tasks.test {
-    useJUnitPlatform()
+testing {
+    suites { 
+       val test by getting(JvmTestSuite::class) { 
+            useJUnitJupiter() 
+        }
+    }
 }
 
 tasks.named("test").configure {

.github/workflow-samples/kotlin-dsl/gradle/wrapper/gradle-wrapper.properties

@@ -1,7 +1,7 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionSha256Sum=8d97a97984f6cbd2b85fe4c60a743440a347544bf18818048e611f5288d46c94
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.12.1-bin.zip
+distributionSha256Sum=20f1b1176237254a6fc204d8434196fa11a4cfb387567519c61556e8710aed78
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.13-bin.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME

.github/workflow-samples/kotlin-dsl/gradlew

@@ -205,7 +205,7 @@ fi
 DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
 
 # Collect all arguments for the java command:
-#   * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
+#   * DEFAULT_JVM_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
 #     and any embedded shellness will be escaped.
 #   * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be
 #     treated as '${Hostname}' itself on the command line.

.github/workflow-samples/kotlin-dsl/settings.gradle.kts

@@ -1,5 +1,5 @@
 plugins {
-    id("com.gradle.develocity") version "3.19.1"
+    id("com.gradle.develocity") version "3.19.2"
     id("com.gradle.common-custom-user-data-gradle-plugin") version "2.1"
 }
 

.github/workflow-samples/no-wrapper-gradle-5/build.gradle

@@ -1,5 +1,5 @@
 plugins {
-    id "com.gradle.develocity" version "3.19.1" 
+    id "com.gradle.develocity" version "3.19.2" 
 }
 
 develocity {

.github/workflow-samples/no-wrapper/settings.gradle

@@ -1,5 +1,5 @@
 plugins {
-    id "com.gradle.develocity" version "3.19.1"
+    id "com.gradle.develocity" version "3.19.2"
 }
 
 develocity {

.github/workflow-samples/non-executable-wrapper/settings.gradle

@@ -1,5 +1,5 @@
 plugins {
-    id "com.gradle.develocity" version "3.19.1"
+    id "com.gradle.develocity" version "3.19.2"
 }
 
 develocity {

.github/workflows/ci-check-and-unit-test.yml

@@ -19,18 +19,18 @@ jobs:
     steps:
     - name: Checkout sources
       uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-    - uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0
+    - uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0
       with:
         node-version: 20
         cache: npm
         cache-dependency-path: sources/package-lock.json
     - name: Setup Gradle
       # Use a released version to avoid breakages
-      uses: gradle/actions/setup-gradle@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2
+      uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0
       env:
         ALLOWED_GRADLE_WRAPPER_CHECKSUMS: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 # Invalid wrapper jar used for testing
       with:
-        gradle-version: "8.12.1"
+        gradle-version: "8.13"
 
     - name: Install npm dependencies
       run: |

.github/workflows/ci-check-no-dist-update.yml

@@ -21,7 +21,7 @@ jobs:
 
     - name: Get changed files
       id: changed-files
-      uses: tj-actions/changed-files@d6e91a2266cdb9d62096cebf1e8546899c6aa18f # v45.0.6
+      uses: tj-actions/changed-files@823fcebdb31bb35fdf2229d9f769b400309430d0 # v46.0.3
       with:
         files: |
           dist/**

.github/workflows/ci-codeql.yml

@@ -35,7 +35,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@17a820bf2e43b47be2c72b39cc905417bc1ab6d0 # v3.28.6
+      uses: github/codeql-action/init@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
       with:
         languages: ${{ matrix.language }}
         config: |
@@ -43,4 +43,4 @@ jobs:
           - sources/src
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@17a820bf2e43b47be2c72b39cc905417bc1ab6d0 # v3.28.6
+      uses: github/codeql-action/analyze@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13

.github/workflows/ci-init-script-check.yml

@@ -24,13 +24,13 @@ jobs:
     - name: Checkout sources
       uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
     - name: Setup Java
-      uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
+      uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
       with:
         distribution: temurin
         java-version: 11
     - name: Setup Gradle
       # Use a released version to avoid breakages
-      uses: gradle/actions/setup-gradle@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2
+      uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0
       env:
         ALLOWED_GRADLE_WRAPPER_CHECKSUMS: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 # Invalid wrapper jar used for testing
     - name: Run integration tests

.github/workflows/ci-ossf-scorecard.yml

@@ -27,7 +27,7 @@ jobs:
           show-progress: false
 
       - name: 'Run analysis'
-        uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
+        uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1
         with:
           results_file: results.sarif
           results_format: sarif
@@ -44,7 +44,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: 'Upload artifact'
-        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
         with:
           name: SARIF file
           path: results.sarif
@@ -52,6 +52,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: 'Upload to code-scanning'
-        uses: github/codeql-action/upload-sarif@17a820bf2e43b47be2c72b39cc905417bc1ab6d0 # v3.28.6
+        uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
         with:
           sarif_file: results.sarif

.github/workflows/ci-update-dist.yml

@@ -28,7 +28,7 @@ jobs:
         token: ${{ secrets.BOT_GITHUB_TOKEN }}
 
     - name: Set up Node.js
-      uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0
+      uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0
       with:
         node-version: 20
         cache: npm
@@ -59,5 +59,6 @@ jobs:
     - name: Commit & push changes
       uses: stefanzweifel/git-auto-commit-action@e348103e9026cc0eee72ae06630dbe30c8bf7a79 # v5.1.0
       with:
+        commit_author: Bot Githubaction <bot-githubaction@gradle.com>
         commit_message: '[bot] Update dist directory'
         file_pattern: dist

.github/workflows/ci-validate-wrappers.yml

@@ -12,6 +12,6 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-      - uses: gradle/actions/wrapper-validation@0bdd871935719febd78681f197cd39af5b6e16a6 # v4.2.2
+      - uses: gradle/actions/wrapper-validation@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0
         with:
           allow-checksums: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

.github/workflows/integ-test-detect-toolchains.yml

@@ -65,12 +65,12 @@ jobs:
       uses: ./.github/actions/init-integ-test
 
     - name: Setup Java 20
-      uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
+      uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
       with:
         distribution: 'temurin'
         java-version: 20
     - name: Setup Java 16
-      uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
+      uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
       with:
         distribution: 'temurin'
         java-version: 16

.github/workflows/integ-test-inject-develocity.yml

@@ -36,11 +36,11 @@ jobs:
       matrix:
         gradle: [current, 7.6.2, 6.9.4, 5.6.4]
         os: ${{fromJSON(inputs.runner-os)}}
-        plugin-version: [3.16.2, 3.19.1]
+        plugin-version: [3.16.2, 3.19.2]
         include:
         - plugin-version: 3.16.2
           accessKeyEnv: GRADLE_ENTERPRISE_ACCESS_KEY
-        - plugin-version: 3.19.1
+        - plugin-version: 3.19.2
           accessKeyEnv: DEVELOCITY_ACCESS_KEY
 
     runs-on: ${{ matrix.os }}
@@ -82,7 +82,7 @@ jobs:
       matrix:
         gradle: [current, 7.6.2, 6.9.4, 5.6.4]
         os: ${{fromJSON(inputs.runner-os)}}
-        plugin-version: [3.16.2, 3.19.1]
+        plugin-version: [3.16.2, 3.19.2]
     runs-on: ${{ matrix.os }}
     steps:
       - name: Checkout sources
@@ -126,7 +126,7 @@ jobs:
       matrix:
         gradle: [ current, 7.6.2, 6.9.4, 5.6.4 ]
         os: ${{fromJSON(inputs.runner-os)}}
-        plugin-version: [ 3.16.2, 3.19.1 ]
+        plugin-version: [ 3.16.2, 3.19.2 ]
     runs-on: ubuntu-latest
     steps:
       - name: Checkout sources
@@ -157,7 +157,7 @@ jobs:
       matrix:
         gradle: [ current, 7.6.2, 6.9.4, 5.6.4 ]
         os: ${{fromJSON(inputs.runner-os)}}
-        plugin-version: [ 3.16.2, 3.19.1 ]
+        plugin-version: [ 3.16.2, 3.19.2 ]
     runs-on: ${{ matrix.os }}
     steps:
       - name: Checkout sources

.github/workflows/integ-test-provision-gradle-versions.yml

@@ -78,7 +78,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        gradle: ["8.13-milestone-2", "8.12", "8.12-rc-1", 8.9, 8.1, 7.6.4, 6.9.4, 5.6.4, 4.10.3, 3.5.1]
+        gradle: ["8.13", "8.12", "8.12-rc-1", 8.9, 8.1, 7.6.4, 6.9.4, 5.6.4, 4.10.3, 3.5.1]
         os: ${{fromJSON(inputs.runner-os)}}
         include:
           - java-version: 11
@@ -100,7 +100,7 @@ jobs:
       uses: ./.github/actions/init-integ-test
 
     - name: Setup Java
-      uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
+      uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
       with:
         distribution: temurin
         java-version: ${{ matrix.java-version }}

.github/workflows/update-checksums-file.yml

@@ -22,7 +22,7 @@ jobs:
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Set up Node.js
-        uses: actions/setup-node@1d0ff469b7ec7b3cb9d8673fde0c81c44821de2a # v4.2.0
+        uses: actions/setup-node@cdca7365b2dadb8aad0a33bc7601856ffabcc48e # v4.3.0
         with:
           node-version: 20
           cache: npm
@@ -39,9 +39,10 @@ jobs:
 
       # If there are no changes, this action will not create a pull request
       - name: Create or update pull request
-        uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6
+        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
         with:
           branch: bot/wrapper-checksums-update
+          author: Bot Githubaction <bot-githubaction@gradle.com>
           commit-message: Update known wrapper checksums
           title: Update known wrapper checksums
           # Note: Unfortunately this action cannot trigger the regular workflows for the PR automatically, see

docs/setup-gradle.md

@@ -844,7 +844,7 @@ Here's a minimal example:
       run: ./gradlew build
 ```
 
-This configuration will automatically apply `v3.19.1` of the [Develocity Gradle plugin](https://docs.gradle.com/develocity/gradle-plugin/), and publish build scans to https://develocity.your-server.com.
+This configuration will automatically apply `v3.19.2` of the [Develocity Gradle plugin](https://docs.gradle.com/develocity/gradle-plugin/), and publish build scans to https://develocity.your-server.com.
 
 This example assumes that the `develocity.your-server.com` server allows anonymous publishing of build scans.
 In the likely scenario that your Develocity server requires authentication, you will also need to pass a valid [Develocity access key](https://docs.gradle.com/develocity/gradle-plugin/#via_environment_variable) taken from a secret:

sources/.tool-versions

@@ -1,3 +1,3 @@
 # Configuration file for asdf version manager
 nodejs 20.10.0
-gradle 8.12.1
+gradle 8.13

sources/package.json

@@ -32,18 +32,18 @@
   ],
   "license": "MIT",
   "dependencies": {
-    "@actions/artifact": "2.2.1",
-    "@actions/cache": "4.0.0",
+    "@actions/artifact": "2.3.2",
+    "@actions/cache": "4.0.3",
     "@actions/core": "1.11.1",
     "@actions/exec": "1.1.1",
     "@actions/github": "6.0.0",
     "@actions/glob": "0.5.0",
     "@actions/http-client": "2.2.3",
     "@actions/tool-cache": "2.0.2",
-    "@octokit/rest": "21.1.0",
+    "@octokit/rest": "21.1.1",
     "@octokit/webhooks-types": "7.6.1",
     "cheerio": "^1.0.0",
-    "semver": "7.6.3",
+    "semver": "7.7.1",
     "string-argv": "0.3.2",
     "typed-rest-client": "2.1.0",
     "unhomoglyph": "1.0.6",
@@ -52,21 +52,21 @@
   "devDependencies": {
     "@gradle/develocity-agent": "https://develocity-npm-pkgs.gradle.com/gradle-develocity-agent-0.9.0.tgz",
     "@types/jest": "29.5.14",
-    "@types/node": "20.17.16",
-    "@types/unzipper": "0.10.10",
+    "@types/node": "20.17.27",
+    "@types/unzipper": "0.10.11",
     "@types/which": "3.0.4",
     "@typescript-eslint/parser": "7.18.0",
     "@vercel/ncc": "0.38.3",
     "eslint": "8.57.1",
-    "eslint-plugin-github": "5.1.6",
+    "eslint-plugin-github": "5.1.8",
     "eslint-plugin-jest": "28.11.0",
     "jest": "29.7.0",
     "js-yaml": "4.1.0",
     "nock": "13.5.6",
     "npm-run-all": "4.1.5",
     "patch-package": "8.0.0",
-    "prettier": "3.4.2",
-    "ts-jest": "29.2.5",
-    "typescript": "5.7.3"
+    "prettier": "3.5.3",
+    "ts-jest": "29.3.0",
+    "typescript": "5.8.2"
   }
 }

sources/patches/@actions+cache+4.0.3.patch

@@ -27,7 +27,7 @@ index ef0928b..4e2f570 100644
 +}
 \ No newline at end of file
 diff --git a/node_modules/@actions/cache/lib/cache.js b/node_modules/@actions/cache/lib/cache.js
-index 45201b6..2654e4b 100644
+index e9e45c9..336733b 100644
 --- a/node_modules/@actions/cache/lib/cache.js
 +++ b/node_modules/@actions/cache/lib/cache.js
 @@ -154,18 +154,21 @@ function restoreCacheV1(paths, primaryKey, restoreKeys, options, enableCrossOsAr
@@ -132,7 +132,7 @@ index 45201b6..2654e4b 100644
          finally {
              // Try to delete the archive to save space
              try {
-@@ -422,19 +432,23 @@ function saveCacheV2(paths, key, options, enableCrossOsArchive = false) {
+@@ -430,19 +440,23 @@ function saveCacheV2(paths, key, options, enableCrossOsArchive = false) {
                  throw new Error(`Unable to finalize cache with key ${key}, another job may be finalizing this cache.`);
              }
              cacheId = parseInt(finalizeResponse.entryId);
@@ -168,7 +168,7 @@ index 45201b6..2654e4b 100644
          finally {
              // Try to delete the archive to save space
              try {
-@@ -447,4 +461,11 @@ function saveCacheV2(paths, key, options, enableCrossOsArchive = false) {
+@@ -455,4 +469,11 @@ function saveCacheV2(paths, key, options, enableCrossOsArchive = false) {
          return cacheId;
      });
  }

sources/src/develocity/build-scan.ts

@@ -22,13 +22,17 @@ export async function setup(config: BuildScanConfig): Promise<void> {
     // except if they are defined in the configuration
     if (config.getBuildScanPublishEnabled()) {
         maybeExportVariable('DEVELOCITY_INJECTION_ENABLED', 'true')
-        maybeExportVariable('DEVELOCITY_PLUGIN_VERSION', '3.19.1')
+        maybeExportVariable('DEVELOCITY_PLUGIN_VERSION', '3.19.2')
         maybeExportVariable('DEVELOCITY_CCUD_PLUGIN_VERSION', '2.1')
         maybeExportVariable('DEVELOCITY_TERMS_OF_USE_URL', config.getBuildScanTermsOfUseUrl())
         maybeExportVariable('DEVELOCITY_TERMS_OF_USE_AGREE', config.getBuildScanTermsOfUseAgree())
     }
 
-    return setupToken(config.getDevelocityAccessKey(), config.getDevelocityTokenExpiry())
+    return setupToken(
+        config.getDevelocityAccessKey(),
+        config.getDevelocityAllowUntrustedServer(),
+        config.getDevelocityTokenExpiry()
+    )
 }
 
 function maybeExportVariable(variableName: string, value: unknown): void {

sources/src/develocity/short-lived-token.ts

@@ -3,11 +3,15 @@ import * as core from '@actions/core'
 import {BuildScanConfig} from '../configuration'
 import {recordDeprecation} from '../deprecation-collector'
 
-export async function setupToken(develocityAccessKey: string, develocityTokenExpiry: string): Promise<void> {
+export async function setupToken(
+    develocityAccessKey: string,
+    develocityAllowUntrustedServer: boolean | undefined,
+    develocityTokenExpiry: string
+): Promise<void> {
     if (develocityAccessKey) {
         try {
             core.debug('Fetching short-lived token...')
-            const tokens = await getToken(develocityAccessKey, develocityTokenExpiry)
+            const tokens = await getToken(develocityAccessKey, develocityAllowUntrustedServer, develocityTokenExpiry)
             if (tokens != null && !tokens.isEmpty()) {
                 core.debug(`Got token(s), setting the access key env vars`)
                 const token = tokens.raw()
@@ -41,10 +45,14 @@ function handleMissingAccessToken(): void {
     }
 }
 
-export async function getToken(accessKey: string, expiry: string): Promise<DevelocityAccessCredentials | null> {
+export async function getToken(
+    accessKey: string,
+    allowUntrustedServer: undefined | boolean,
+    expiry: string
+): Promise<DevelocityAccessCredentials | null> {
     const empty: Promise<DevelocityAccessCredentials | null> = new Promise(r => r(null))
     const develocityAccessKey = DevelocityAccessCredentials.parse(accessKey)
-    const shortLivedTokenClient = new ShortLivedTokenClient()
+    const shortLivedTokenClient = new ShortLivedTokenClient(allowUntrustedServer)
 
     if (develocityAccessKey == null) {
         return empty
@@ -67,10 +75,16 @@ export async function getToken(accessKey: string, expiry: string): Promise<Devel
 }
 
 class ShortLivedTokenClient {
-    httpc = new httpm.HttpClient('gradle/actions/setup-gradle')
+    httpc: httpm.HttpClient
     maxRetries = 3
     retryInterval = 1000
 
+    constructor(develocityAllowUntrustedServer: boolean | undefined) {
+        this.httpc = new httpm.HttpClient('gradle/actions/setup-gradle', undefined, {
+            ignoreSslError: develocityAllowUntrustedServer
+        })
+    }
+
     async fetchToken(serverUrl: string, accessKey: HostnameAccessKey, expiry: string): Promise<HostnameAccessKey> {
         const queryParams = expiry ? `?expiresInHours=${expiry}` : ''
         const sanitizedServerUrl = !serverUrl.endsWith('/') ? `${serverUrl}/` : serverUrl

sources/src/resources/init-scripts/gradle-actions.build-result-capture-service.plugin.groovy

@@ -41,7 +41,8 @@ abstract class BuildResultsRecorder implements BuildService<BuildResultsRecorder
             // Got EVALUATE SETTINGS event: not a config-cache hit"
             configCacheHit = false
         }
-        if (buildOperation.details in RunRootBuildWorkBuildOperationType.Details) {
+        if (buildOperation.metadata == BuildOperationCategory.RUN_WORK ||
+            buildOperation.metadata == BuildOperationCategory.CONFIGURE_PROJECT) {
             if (finishEvent.failure != null) {
                 buildFailed = true
             }

sources/src/resources/init-scripts/gradle-actions.build-result-capture.init.gradle

@@ -25,13 +25,13 @@ if (isTopLevelBuild) {
 
     def atLeastGradle3 = version >= GradleVersion.version("3.0")
     def atLeastGradle6 = version >= GradleVersion.version("6.0")
+    def atLeastGradle7 = version >= GradleVersion.version("7.0")
 
     def invocationId = "-${System.currentTimeMillis()}"
 
     if (atLeastGradle6) {
-        // By default, use standard mechanisms to capture build results
-        def useBuildService = version >= GradleVersion.version("6.6")
-        if (useBuildService) {
+        // Use BuildService for modern Gradle versions
+        if (atLeastGradle7) {
             captureUsingBuildService(invocationId)
         } else {
             captureUsingBuildFinished(gradle, invocationId, resultsWriter)

sources/src/resources/init-scripts/gradle-actions.inject-develocity.init.gradle

@@ -1,6 +1,6 @@
 /*
  * Initscript for injection of Develocity into Gradle builds.
- * Version: v1.1
+ * Version: 1.2
  */
 
 import org.gradle.util.GradleVersion
@@ -110,7 +110,6 @@ if (buildScanCaptureEnabled) {
 }
 
 void enableDevelocityInjection() {
-    def BUILD_SCAN_PLUGIN_ID = 'com.gradle.build-scan'
     def BUILD_SCAN_PLUGIN_CLASS = 'com.gradle.scan.plugin.BuildScanPlugin'
 
     def GRADLE_ENTERPRISE_PLUGIN_ID = 'com.gradle.enterprise'
@@ -153,6 +152,12 @@ void enableDevelocityInjection() {
         logger.lifecycle("Accepting Gradle Terms of Use: $buildScanTermsOfUseUrl")
     }
 
+    // finish early if DV plugin version is unsupported (v3.6.4 is the minimum version tested and supports back to DV 2021.1)
+    if (develocityPluginVersion && isNotAtLeast(develocityPluginVersion, '3.6.4')) {
+        logger.warn("Develocity Gradle plugin must be at least 3.6.4. Configured version is $develocityPluginVersion.")
+        return
+    }
+
     // finish early if configuration parameters passed in via system properties are not valid/supported
     if (ccudPluginVersion && isNotAtLeast(ccudPluginVersion, '1.7')) {
         logger.warn("Common Custom User Data Gradle plugin must be at least 1.7. Configured version is $ccudPluginVersion.")
@@ -190,8 +195,6 @@ void enableDevelocityInjection() {
                             // Develocity plugin publishes scans by default
                             buildScanExtension.publishAlways()
                         }
-                        // uploadInBackground not available for build-scan-plugin 1.16
-                        if (buildScanExtension.metaClass.respondsTo(buildScanExtension, 'setUploadInBackground', Boolean)) buildScanExtension.uploadInBackground = buildScanUploadInBackground
                         buildScanExtension.value CI_AUTO_INJECTION_CUSTOM_VALUE_NAME, ciAutoInjectionCustomValueValue
                         if (isAtLeast(develocityPluginVersion, '2.1') && atLeastGradle5) {
                             logger.lifecycle("Setting captureFileFingerprints: $develocityCaptureFileFingerprints")
@@ -221,6 +224,9 @@ void enableDevelocityInjection() {
                             develocity.buildScan.termsOfUseUrl = buildScanTermsOfUseUrl
                             develocity.buildScan.termsOfUseAgree = buildScanTermsOfUseAgree
                         }
+
+                        logger.lifecycle("Setting uploadInBackground: $buildScanUploadInBackground")
+                        develocity.buildScan.uploadInBackground = buildScanUploadInBackground
                     },
                     { buildScan ->
                         afterEvaluate {
@@ -241,6 +247,12 @@ void enableDevelocityInjection() {
                                 buildScan.licenseAgree = buildScanTermsOfUseAgree
                             }
                         }
+
+                        // uploadInBackground available for build-scan-plugin 3.3.4 and later only
+                        if (buildScan.metaClass.respondsTo(buildScan, 'setUploadInBackground', Boolean)) {
+                            logger.lifecycle("Setting uploadInBackground: $buildScanUploadInBackground")
+                            buildScan.uploadInBackground = buildScanUploadInBackground
+                        }
                     }
                 )
 
@@ -276,7 +288,6 @@ void enableDevelocityInjection() {
                     }
 
                     eachDevelocitySettingsExtension(settings) { ext ->
-                        ext.buildScan.uploadInBackground = buildScanUploadInBackground
                         ext.buildScan.value CI_AUTO_INJECTION_CUSTOM_VALUE_NAME, ciAutoInjectionCustomValueValue
                     }
 
@@ -313,6 +324,9 @@ void enableDevelocityInjection() {
                         develocity.buildScan.termsOfUseUrl = buildScanTermsOfUseUrl
                         develocity.buildScan.termsOfUseAgree = buildScanTermsOfUseAgree
                     }
+
+                    logger.lifecycle("Setting uploadInBackground: $buildScanUploadInBackground")
+                    develocity.buildScan.uploadInBackground = buildScanUploadInBackground
                 },
                 { gradleEnterprise ->
                     if (develocityUrl && develocityEnforceUrl) {
@@ -332,6 +346,12 @@ void enableDevelocityInjection() {
                         gradleEnterprise.buildScan.termsOfServiceUrl = buildScanTermsOfUseUrl
                         gradleEnterprise.buildScan.termsOfServiceAgree = buildScanTermsOfUseAgree
                     }
+
+                    // uploadInBackground available for gradle-enterprise-plugin 3.3.4 and later only
+                    if (gradleEnterprise.buildScan.metaClass.respondsTo(gradleEnterprise.buildScan, 'setUploadInBackground', Boolean)) {
+                        logger.lifecycle("Setting uploadInBackground: $buildScanUploadInBackground")
+                        gradleEnterprise.buildScan.uploadInBackground = buildScanUploadInBackground
+                    }
                 }
             )
 

sources/src/wrapper-validation/wrapper-checksums.json

@@ -1,4 +1,36 @@
 [
+  {
+    "version": "8.14-milestone-5",
+    "checksum": "81a82aaea5abcc8ff68b3dfcb58b3c3c429378efd98e7433460610fecd7ae45f"
+  },
+  {
+    "version": "8.14-milestone-4",
+    "checksum": "81a82aaea5abcc8ff68b3dfcb58b3c3c429378efd98e7433460610fecd7ae45f"
+  },
+  {
+    "version": "8.13",
+    "checksum": "81a82aaea5abcc8ff68b3dfcb58b3c3c429378efd98e7433460610fecd7ae45f"
+  },
+  {
+    "version": "8.14-milestone-3",
+    "checksum": "81a82aaea5abcc8ff68b3dfcb58b3c3c429378efd98e7433460610fecd7ae45f"
+  },
+  {
+    "version": "8.13-rc-2",
+    "checksum": "81a82aaea5abcc8ff68b3dfcb58b3c3c429378efd98e7433460610fecd7ae45f"
+  },
+  {
+    "version": "8.14-milestone-2",
+    "checksum": "81a82aaea5abcc8ff68b3dfcb58b3c3c429378efd98e7433460610fecd7ae45f"
+  },
+  {
+    "version": "8.14-milestone-1",
+    "checksum": "81a82aaea5abcc8ff68b3dfcb58b3c3c429378efd98e7433460610fecd7ae45f"
+  },
+  {
+    "version": "8.13-rc-1",
+    "checksum": "81a82aaea5abcc8ff68b3dfcb58b3c3c429378efd98e7433460610fecd7ae45f"
+  },
   {
     "version": "8.12.1",
     "checksum": "2db75c40782f5e8ba1fc278a5574bab070adccb2d21ca5a6e5ed840888448046"

sources/test/init-scripts/gradle/wrapper/gradle-wrapper.properties

@@ -1,7 +1,7 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionSha256Sum=8d97a97984f6cbd2b85fe4c60a743440a347544bf18818048e611f5288d46c94
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.12.1-bin.zip
+distributionSha256Sum=20f1b1176237254a6fc204d8434196fa11a4cfb387567519c61556e8710aed78
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.13-bin.zip
 networkTimeout=10000
 validateDistributionUrl=true
 zipStoreBase=GRADLE_USER_HOME

sources/test/init-scripts/gradlew

@@ -205,7 +205,7 @@ fi
 DEFAULT_JVM_OPTS='"-Xmx64m" "-Xms64m"'
 
 # Collect all arguments for the java command:
-#   * DEFAULT_JVM_OPTS, JAVA_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
+#   * DEFAULT_JVM_OPTS, JAVA_OPTS, and optsEnvironmentVar are not allowed to contain shell fragments,
 #     and any embedded shellness will be escaped.
 #   * For example: A user cannot expect ${Hostname} to be expanded, as it is an environment variable and will be
 #     treated as '${Hostname}' itself on the command line.

sources/test/init-scripts/settings.gradle

@@ -1,5 +1,5 @@
 plugins {
-    id "com.gradle.develocity" version "3.19.1"
+    id "com.gradle.develocity" version "3.19.2"
     id "com.gradle.common-custom-user-data-gradle-plugin" version "2.1"
 }
 

sources/test/init-scripts/src/test/groovy/com/gradle/gradlebuildaction/BaseInitScriptTest.groovy

@@ -16,26 +16,24 @@ import java.nio.file.Files
 import java.util.zip.GZIPOutputStream
 
 class BaseInitScriptTest extends Specification {
-    static final String DEVELOCITY_PLUGIN_VERSION = '3.19.1'
+    static final String DEVELOCITY_PLUGIN_VERSION = '3.19.2'
     static final String CCUD_PLUGIN_VERSION = '2.1'
 
     static final TestGradleVersion GRADLE_3_X = new TestGradleVersion(GradleVersion.version('3.5.1'), 7, 9)
     static final TestGradleVersion GRADLE_4_X = new TestGradleVersion(GradleVersion.version('4.10.3'), 7, 10)
     static final TestGradleVersion GRADLE_5_X = new TestGradleVersion(GradleVersion.version('5.6.4'), 8, 12)
     static final TestGradleVersion GRADLE_6_0 = new TestGradleVersion(GradleVersion.version('6.0.1'), 8, 13)
-    static final TestGradleVersion GRADLE_6_NO_BUILD_SERVICE = new TestGradleVersion(GradleVersion.version('6.5.1'), 8, 14)
     static final TestGradleVersion GRADLE_6_X = new TestGradleVersion(GradleVersion.version('6.9.4'), 8, 15)
     static final TestGradleVersion GRADLE_7_1 = new TestGradleVersion(GradleVersion.version('7.1.1'), 8, 16)
     static final TestGradleVersion GRADLE_7_X = new TestGradleVersion(GradleVersion.version('7.6.2'), 8, 19)
     static final TestGradleVersion GRADLE_8_0 = new TestGradleVersion(GradleVersion.version('8.0.2'), 8, 19)
-    static final TestGradleVersion GRADLE_8_X = new TestGradleVersion(GradleVersion.version('8.12.1'), 8, 23)
+    static final TestGradleVersion GRADLE_8_X = new TestGradleVersion(GradleVersion.version('8.13'), 8, 23)
 
     static final List<TestGradleVersion> ALL_VERSIONS = [
         GRADLE_3_X, // First version where TestKit supports environment variables
         GRADLE_4_X,
         GRADLE_5_X,
         GRADLE_6_0,
-        GRADLE_6_NO_BUILD_SERVICE, // Last version without build service support
         GRADLE_6_X,
         GRADLE_7_1,
         GRADLE_7_X,
@@ -43,11 +41,13 @@ class BaseInitScriptTest extends Specification {
         GRADLE_8_X,
     ]
 
+    static final List<TestGradleVersion> PROJECT_PLUGIN_VERSIONS =
+        [GRADLE_3_X, GRADLE_4_X, GRADLE_5_X]
+
     static final List<TestGradleVersion> CONFIGURATION_CACHE_VERSIONS =
         [GRADLE_7_X, GRADLE_8_0, GRADLE_8_X]
 
-    static final List<TestGradleVersion> SETTINGS_PLUGIN_VERSIONS =
-        [GRADLE_6_X, GRADLE_7_1, GRADLE_7_X, GRADLE_8_0, GRADLE_8_X]
+    static final List<TestGradleVersion> SETTINGS_PLUGIN_VERSIONS = ALL_VERSIONS - PROJECT_PLUGIN_VERSIONS
 
     static final String PUBLIC_BUILD_SCAN_ID = 'i2wepy2gr7ovw'
     static final String DEFAULT_SCAN_UPLOAD_TOKEN = 'scan-upload-token'

sources/test/init-scripts/src/test/groovy/com/gradle/gradlebuildaction/TestBuildResultRecorder.groovy

@@ -20,7 +20,7 @@ class TestBuildResultRecorder extends BaseInitScriptTest {
         testGradleVersion << ALL_VERSIONS
     }
 
-    def "produces build results file for failing build with #testGradleVersion"() {
+    def "produces build results file for failing task with #testGradleVersion"() {
         assumeTrue testGradleVersion.compatibleWithCurrentJvm
 
         when:
@@ -34,6 +34,58 @@ class TestBuildResultRecorder extends BaseInitScriptTest {
         testGradleVersion << ALL_VERSIONS
     }
 
+    def "produces build results file for failing configuration with #testGradleVersion"() {
+        assumeTrue testGradleVersion.compatibleWithCurrentJvm
+
+        when:
+        buildFile << '''
+throw new RuntimeException("Error in configuration")
+'''
+        runAndFail(testGradleVersion.gradleVersion)
+
+        then:
+        assertResults('expectFailure', testGradleVersion, true)
+
+        where:
+        testGradleVersion << SETTINGS_PLUGIN_VERSIONS // No build results generated for older Gradle versions
+    }
+
+    def "produces build results file for build that fails in included build with #testGradleVersion"() {
+        assumeTrue testGradleVersion.compatibleWithCurrentJvm
+
+        when:
+        def includedBuildRoot = new File(testProjectDir, 'included-build')
+        includedBuildRoot.mkdir()
+        def includedSettings = new File(includedBuildRoot, 'settings.gradle')
+        def includedBuild = new File(includedBuildRoot, 'build.gradle')
+
+        includedSettings << """
+            rootProject.name = 'included-build'
+"""
+        includedBuild << '''
+task expectFailure {
+    doLast {
+        throw new RuntimeException("Expected to fail in included build")
+    }
+}
+'''
+        settingsFile << """
+includeBuild('included-build')
+"""
+        buildFile << """
+task expectFailure {
+    dependsOn(gradle.includedBuild('included-build').task(':expectFailure'))
+}
+"""
+        runAndFail(testGradleVersion.gradleVersion)
+
+        then:
+        assertResults('expectFailure', testGradleVersion, true)
+
+        where:
+        testGradleVersion << ALL_VERSIONS
+    }
+
     def "produces build results file for build with --configuration-cache on #testGradleVersion"() {
         assumeTrue testGradleVersion.compatibleWithCurrentJvm
 
@@ -196,7 +248,7 @@ class TestBuildResultRecorder extends BaseInitScriptTest {
         when:
         settingsFile.text = """
             plugins {
-                id 'com.gradle.develocity' version '3.19.1' apply(false)
+                id 'com.gradle.develocity' version '3.19.2' apply(false)
             }
             gradle.settingsEvaluated {
                 apply plugin: 'com.gradle.develocity'

sources/test/jest/cache-cleanup.test.ts

@@ -54,7 +54,7 @@ test('will cleanup unused gradle versions', async () => {
     const transforms3 = path.resolve(gradleUserHome, "caches/transforms-3")
     const metadata100 = path.resolve(gradleUserHome, "caches/modules-2/metadata-2.100")
     const wrapper802 = path.resolve(gradleUserHome, "wrapper/dists/gradle-8.0.2-bin")
-    const gradleCurrent = path.resolve(gradleUserHome, "caches/8.12.1")
+    const gradleCurrent = path.resolve(gradleUserHome, "caches/8.13")
     const metadataCurrent = path.resolve(gradleUserHome, "caches/modules-2/metadata-2.107")
 
     expect(fs.existsSync(gradle802)).toBe(true)

sources/test/jest/short-lived-token.test.ts

@@ -39,7 +39,7 @@ describe('short lived tokens', () => {
                 message: 'connect ECONNREFUSED 127.0.0.1:3333',
                 code: 'ECONNREFUSED'
             })
-        await expect(getToken('localhost=key0', ''))
+        await expect(getToken('localhost=key0', false, ''))
             .resolves
             .toBeNull()
     })
@@ -50,14 +50,14 @@ describe('short lived tokens', () => {
             .times(3)
             .reply(500, 'Internal error')
         expect.assertions(1)
-        await expect(getToken('dev=xyz', ''))
+        await expect(getToken('dev=xyz', false, ''))
             .resolves
             .toBeNull()
     })
 
     it('get short lived token returns null when access key is empty', async () => {
         expect.assertions(1)
-        await expect(getToken('', ''))
+        await expect(getToken('', false, ''))
             .resolves
             .toBeNull()
     })
@@ -67,7 +67,7 @@ describe('short lived tokens', () => {
             .post('/api/auth/token')
             .reply(200, 'token')
         expect.assertions(1)
-        await expect(getToken('dev=key1', ''))
+        await expect(getToken('dev=key1', false, ''))
             .resolves
             .toEqual({"keys": [{"hostname": "dev", "key": "token"}]})
     })
@@ -80,7 +80,7 @@ describe('short lived tokens', () => {
             .post('/api/auth/token')
             .reply(200, 'token2')
         expect.assertions(1)
-        await expect(getToken('dev=key1;prod=key2', ''))
+        await expect(getToken('dev=key1;prod=key2', false, ''))
             .resolves
             .toEqual({"keys": [{"hostname": "dev", "key": "token1"}, {"hostname": "prod", "key": "token2"}]})
     })
@@ -97,7 +97,7 @@ describe('short lived tokens', () => {
             .post('/api/auth/token')
             .reply(200, 'token2')
         expect.assertions(1)
-        await expect(getToken('dev=key1;bogus=key0;prod=key2', ''))
+        await expect(getToken('dev=key1;bogus=key0;prod=key2', false, ''))
             .resolves
             .toEqual({"keys": [{"hostname": "dev", "key": "token1"}, {"hostname": "prod", "key": "token2"}]})
     })
@@ -112,7 +112,7 @@ describe('short lived tokens', () => {
             .times(3)
             .reply(500, 'Internal Error')
         expect.assertions(1)
-        await expect(getToken('dev=key1;bogus=key0', ''))
+        await expect(getToken('dev=key1;bogus=key0', false, ''))
             .resolves
             .toBeNull()
     })
@@ -122,7 +122,7 @@ describe('short lived tokens', () => {
             .post('/api/auth/token?expiresInHours=4')
             .reply(200, 'token')
         expect.assertions(1)
-        await expect(getToken('dev=key1', '4'))
+        await expect(getToken('dev=key1', false, '4'))
             .resolves
             .toEqual({"keys": [{"hostname": "dev", "key": "token"}]})
     })