From b0c01831dd0247fce4020d3301e2ad22100f6d91 Mon Sep 17 00:00:00 2001
From: Sergio del Amo <sergio.delamo@softamo.com>
Date: Mon, 8 Jan 2024 10:14:43 +0100
Subject: [PATCH] define gradle-build-action version

There is a dependabot vulnerability alert for versions < 2.4.2

This PRs pins to a specific version of the Gradle build-action.

Using a specific version instead of @v2 keeps CI more stable.

see: https://github.com/marketplace/actions/gradle-build-action
---
 .github/workflows/gradle.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/gradle.yml b/.github/workflows/gradle.yml
index ffed34dc..c5106a54 100644
--- a/.github/workflows/gradle.yml
+++ b/.github/workflows/gradle.yml
@@ -52,7 +52,7 @@ jobs:
           github-token: ${{ secrets.GITHUB_TOKEN }}
 
       - name: "🔧 Setup Gradle"
-        uses: gradle/gradle-build-action@v2
+        uses: gradle/gradle-build-action@v2.9.0
 
       - name: "❓ Optional setup step"
         run: |