chore: harden Gradle dependency reproducibility
feat: enable Gradle dependency locking for all configurations feat: enforce strict lock-state usage in the build feat: centralize repository declaration in settings.gradle feat: enable strict Gradle dependency verification via gradle.properties feat: add committed dependency lock state and verification metadata fix: defer mockito agent resolution to test execution phase for locked builds ci: validate reproducibility inputs before workflow builds ci: include lock and verification inputs in workflow change detection docs: establish explicit dependency update workflow for locks and verification metadata
This commit is contained in:
11
.github/workflows/benchmarks.yml
vendored
11
.github/workflows/benchmarks.yml
vendored
@@ -11,6 +11,9 @@ on:
|
||||
- 'src/main/**'
|
||||
- 'src/jmh/**'
|
||||
- 'build.gradle'
|
||||
- 'gradle.properties'
|
||||
- 'gradle.lockfile'
|
||||
- 'settings.gradle'
|
||||
- 'gradle/**'
|
||||
- 'gradlew'
|
||||
- 'gradlew.bat'
|
||||
@@ -38,6 +41,14 @@ jobs:
|
||||
- name: Make Gradle executable
|
||||
run: chmod +x ./gradlew
|
||||
|
||||
- name: Verify reproducibility inputs
|
||||
shell: bash
|
||||
run: |
|
||||
set -euo pipefail
|
||||
test -f gradle.lockfile
|
||||
test -f gradle.properties
|
||||
test -f gradle/verification-metadata.xml
|
||||
|
||||
- name: Run JMH benchmarks
|
||||
run: ./gradlew clean jmh --no-daemon
|
||||
|
||||
|
||||
Reference in New Issue
Block a user