chore(deps): Bump gradle/actions from 6.1.1 to 6.2.0

[dependabot]

Bumps gradle/actions from 6.1.1 to 6.2.0.

Release notes

Sourced from gradle/actions's releases.

v6.2.0

Highlights

This release brings significant behaviour improvements to Enhanced caching, improvements to the generated Job Summary, and a number of correctness and security fixes.

1. Improved cache-cleanup mechanism. Cleanup of stale files from the Gradle User Home is now faster, and no longer depends on Gradle or a JVM. It works by inspecting the local file state directly, removing the Gradle invocation from the post-build step.
2. More granular, more stable caching. The local build cache is stored as a separate cache entry, so it can be restored and invalidated independently of the main Gradle User Home entry. Transient Gradle housekeeping files are excluded from the cache, reducing its size and improving stability.
3. Hide obsolete Job summaries in PR commments: When a new Job summary comment is added to a PR, previous outdated Job summaries are now hidden.
4. Improved caching report in the job summary. The cache report now uses a single, consistent layout across all cache states and providers. Provider information is integrated directly into the report, and per-entry details are available in an expandable section. (#985)
5. Correctness and security fixes. A unique cache key is now used per run attempt, so re-runs no longer collide; the job summary shows the cache key string rather than an internal id; and bundled dependencies have been updated, including a ReDoS fix and a fast-xml CVE fix.

What's Changed

• Remove unnecessary dependency overrides by @​bigdaz in gradle/actions#981
• Scope CI-integ-test concurrency groups per-branch by @​bigdaz in gradle/actions#983
• Improve typings by @​Vampire in gradle/actions#938
• Hide obsolete Job summaries by @​SimonMarquis in gradle/actions#902
• CI: add requireable aggregate/no-op checks for branch protection by @​bigdaz in gradle/actions#984
• Redesign the caching Job Summary by @​bigdaz in gradle/actions#985

New Contributors

• @​Vampire made their first contribution in gradle/actions#938

Full Changelog: gradle/actions@v6.1.1...v6.2.0

Commits

• 3f131e8 [bot] Update dist directory
• 97715a2 Redesign the caching Job Summary (#985)
• 8b6cdb5 CI: add requireable aggregate/no-op checks for branch protection (#984)
• 5852e0e [bot] Update dist directory
• 318eed7 Hide obsolete Job summaries (#902)
• a740661 Improve typings (#938)
• 7ae0d02 Update gradle-actions-caching library to v0.6.0 (#982)
• e473973 Scope CI-integ-test concurrency groups per-branch
• 35a4a3f Queue up integ-test runs
• b6eebf3 [bot] Update dist directory
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Summary by CodeRabbit

• Chores
  • Updated GitHub Actions workflow configurations to use latest build tooling versions.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro Plus

Run ID: 14039540-f045-475d-8485-d83bd7786529

📥 Commits

Reviewing files that changed from the base of the PR and between d37c593 and 96b296c.

📒 Files selected for processing (3)

• .github/workflows/api-compat.yml
• .github/workflows/ci.yml
• .github/workflows/codeql.yml

---

📝 Walkthrough

Walkthrough

Three GitHub Actions workflow files (api-compat.yml, ci.yml, codeql.yml) are updated to pin gradle/actions/setup-gradle to version 6.2.0, replacing the previous 6.1.1 pinned commit reference. No other workflow logic is changed.

Changes

Gradle Action Version Bump

Layer / File(s)	Summary
Update gradle/actions/setup-gradle to v6.2.0 .github/workflows/api-compat.yml, .github/workflows/ci.yml, .github/workflows/codeql.yml	Pinned gradle/actions/setup-gradle bumped from v6.1.1 to v6.2.0 in all three CI workflows.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

A bunny hopped through workflow lanes,
Swapping old Gradle pins for new,
6.1.1 out, 6.2.0 in—
Three little files, one tidy view.
🐇✨ The CI garden grows anew!

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main change: bumping gradle/actions from version 6.1.1 to 6.2.0 across multiple workflow files.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/github_actions/gradle/actions-6.2.0

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}