December 2021

Welcome to the December 2021 Gradle Build Tool newsletter.

This edition covers the community news, the new major release of Gradle Enterprise, patch releases for both Gradle Build Tool and Gradle Enterprise, and an update on the critical Log4j vulnerability affecting Gradle users.

From the Community

Blog Posts

Videos

From Gradle Team

Critical Vulnerability in Log4j

A critical remote code execution (RCE) vulnerability has been identified in the popular Apache Log4j logging library, affecting a very large number of JVM-based systems.

Your project may be affected by this vulnerability. The Gradle Build Tool itself is not vulnerable. Gradle Enterprise has been affected and an upgrade is strongly recommended.

See our advice on how to deal with this vulnerability for Gradle Build Tool users and our security advisory for Gradle Enterprise customers.

New Build Scan™ Bite-Sized Video Series

Our Build Scan “bite-sized” video series will guide you through each section of a Build Scan and help you understand the functionality more deeply. Small clips have been created that walk you through the Build Scan and introduce you to its many useful features. Use the series for quick reference or to learn more about the tool.

Gradle Releases

Gradle Build Tool 7.3.2

The Gradle Build Tool 7.3.2 patch release provides several non-critical mitigations for the Log4j vulnerability in Gradle builds. See also the full list of fixed issues.

Gradle Enterprise 2021.4

Gradle Enterprise 2021.4 features a preview of the upcoming Predictive Test Selection functionality, in the form of a simulator that shows the potential build acceleration for your projects. Predictive Test Selection intelligently reduces build times by skipping tests that are very unlikely to provide useful feedback for a change.

This release also features Build Scans for the Bazel build tool - a build tool based on Google’s internal build system - further expanding the build tools supported by Gradle Enterprise.

See the release notes for details.

Gradle Enterprise 2021.3.8

Gradle Enterprise and related components (Test Distribution Agent and Build Cache Node) have all been updated to address the critical Log4j vulnerability. An upgrade is strongly encouraged.

See the security advisory for details.

Other Releases

Intellij IDEA 2021.3

Intellij IDEA 2021.3 has been released. It improves handling of composite builds, allows debugging for additional types of files like settings and init scripts, and improves WSL2 support. This release also adds support for remote development (in beta) and other new features. See the blog post for details.

Careers

If you share our passion for developer productivity and tooling, learn more about our globally distributed team and check out our job openings at gradle.com/careers. We are looking for new team members including software engineers, solutions engineers, developer productivity engineers, a data scientist, an application security engineer, and a developer advocate.

We are also looking for someone to improve and maintain the technical documentation of Gradle Build Tool. See the new technical writer job posting.

Upcoming Events

See the Gradle Training webpage for an up-to-date list of all upcoming educational and training events.


If you have some news you’d like us to share in the next issue, use #gradle on Twitter or send us an email with the details to newsletter@gradle.com.

Until next time!

The Gradle Build Tool Team

If you have some news you’d like us to share in the next issue, let us know using the #community-news channel on the Gradle Community Slack or by mentioning @Gradle on Twitter/X.

Until next time!
— The Gradle Team

Gradle Inc. | 2261 Market Street | San Francisco, CA 94114
Privacy Policy | Unsubscribe