ESET AV Remover (64-bit) 歷史舊版本 Page1

更新時間：2020-10-15
更新細節：

What's new in this version:

ESET AV Remover 1.5.3.0 (64-bit)
- Change log not available for this version


ESET AV Remover 1.5.0.0 (64-bit)
- Change log not available for this version


ESET AV Remover 1.4.1.0 (64-bit)
- Change log not available for this version


ESET AV Remover 1.3.2.0 (64-bit)
- Change log not available for this version


ESET AV Remover 1.2.8.0 (64-bit)
- Change log not available for this version

更新時間：2020-10-15
更新細節：

What's new in this version:

Performance improvements:
- File system watching is ready for production use
- In an incremental build, input and output files are checked to determine what needs to be rebuilt. This feature typically saves a lot of time; however, it adds some I/O overhead, which can be noticeable in large projects when not much has changed since the previous build.
- Back in Gradle 6.5 we've introduced file-system watching as an experimental feature. When enabled, it allows Gradle to keep what it has learned about the file system in memory during and between builds instead of polling the file system on each build. This significantly reduces the amount of disk I/O needed to determine what has changed since the previous build.
- This feature is now ready for production use and supported on Linux, Windows and macOS. You can enable it by adding the following to gradle.properties in the project root or in your Gradle user home: org.gradle.vfs.watch=true

Configuration cache improvements:
- Gradle 6.6 introduced configuration caching as an experimental feature. This release comes with usability and performance improvements for the configuration cache.
- Early adopters of configuration cache can use the command line output and HTML report for troubleshooting. Previously, the configuration cache state was saved despite reported problems, which in some situations required manual cache invalidation. In this release, the configuration cache gets discarded when the build fails because of configuration cache problems. Note that you can still ignore known problems.
- The problem report is also more helpful now. It reports the source of problems more accurately, pointing at the offending location in plugins and scripts in more cases.
- Loading from the configuration cache is also faster and memory consumption during builds has been reduced, especially for Kotlin and Android builds.
- Read about this feature and its impact on the Gradle blog. You can also track progress of configuration cache support in core plugins and community plugins.

New JVM ecosystem features:
- Toolchain support for JVM projects
- By default, Gradle uses the same Java version for running Gradle itself and building JVM projects.
- This is not always desirable. Building projects with different Java versions on different developer machines and CI servers may lead to unexpected issues. Additionally, you may want to build a project using a Java version that running Gradle is not compatible with.
- Before this release, it required several steps to configure a different Java version for compilation, testing, generating Javadoc, and executing applications.
- This release introduces the toolchain concept to simplify such a setup. A Java toolchain is a set of tools (javac compiler,java command etc), taken from a local Java installation and used during the build. Instead of manually specifying executables for the various tasks, toolchains provide a centralized place to define the Java version requirements in the build.

New dependency management features:
- Compile-only API dependencies for JVM libraries
- When writing a Java (or Groovy/Kotlin/Scala) library, there are cases where you require dependencies at compilation time which are parts of the API of your library, but which should not be on the runtime classpath.
- An example of such a dependency is an annotation library with annotations that are not used at runtime. These typically need to be available at compile time of the library's consumers when annotation processors inspect annotations of all classes. Another example is a dependency that is part of the runtime environment the library is expected to run on, but also provides types that are used in the public API of the library.
- The Java Library Plugin now offers the compileOnlyApi configuration for this purpose. It effectively combines the major properties of the compileOnly configuration (dependency will not be on the runtime classpath) and the api (dependencies are visible for consumers at compile time).

Other new features and usability improvements:
- Abbreviation of kebab-case project names
- Gradle allows you to abbreviate project and task names from the command-line. For example, you can execute the task compileTestJava by running gradle cTJ.
- Up until this release, fuzzy name matching only worked for camelCase names (e.g. compileTestJava). This is the recommended convention for task names, but it is unusual for project names. In the Java world, directory names are usually all lowercase by convention and in Gradle, project names usually follow the name of the directory the project is in.
- Many projects worked around this limitation by using kebab-case project directories (e.g. my-awesome-lib) while defining different camelCase project names in their settings scripts. This allowed them to use project name abbreviations in the command line but added additional complexity to the build.
- This release changes the fuzzy name matching to support for kebab-case names. Now, you can execute the compileTestJava task in the project my-awesome-lib with the following command

Fixed:
- Make <feature>RuntimeElements extend <feature>RuntimeOnly
- Only log file events that cause a change in the virtual file system
- Introduce file system watching debug flag
- Improve verbose VFS logging
- Update InProcessGradleExecuterIntegrationTest for file system watching
- Remove ToBeFixedForFileSystemWatching annotation
- Allow repository definition by configuration
- Add single/multi-project choice to 'gradle init --type application'
- Add 'compileOnlyApi' configuration to java-library projects
- TestNGTestFramework makes the Test Retry plugin incompatible with config cache
- Add switch to enable verbose logging for VFS
- Dependency resolution selector cache not specific enough for virtual platform edges
- Scala compilation of protobuf generated code is broken because zinc leaks protobuf-java to compile classpath
- Let user configure JavaCompile with source/target/release independant of a toolchain
- Performance bottleneck for large projects when file system watching is enabled
- Let `Javadoc` task accept a toolchain
- Remove incubating message about watching the file system
- Drop "unsafe" from file system watching-related property names
- Allow configuring the maximum number of watched hierarchies
- Change 'gradle init' to generate multi-projects
- Provide API to query for toolchains
- Extend name matching section in user guide
- RepositoryContentDescriptor should support include/exclude version ranges
- Verify project naming convention consistency
- Make use of kebab case name matching in gradle/gradle
- Precompiled script plugins - `GradleProperties has not been loaded yet.`
- Let `JavaExec` task accept a toolchain
- build events generated by tooling api are wrong when OperationCompletionListener is used
- Make fuzzy matching work with kebab-case project naming
- Use composition instead of inheritance to separate BuildOperationRunner from BuildOperatoinExecutor
- Configuration caching uses stale provider value
- Configuration caching querying task outputs too early
- Toolchain is matched deterministically
- Download toolchains on demand
- Use Kotlin source in Santa Tracker Kotlin Android performance tests
- Detect common Java installation locations
- Let `Test` task accept a toolchain
- Ability to configure toolchain requirements for a build
- Deprecate `JavaApplication#setMainClassName` in favour of property
- Enable partial VFS invalidation by default
- Move excessive logging around VFS to build operations
- Explain memory leak-like slowdown when FSW is enabled on Gradle build
- Support for compiling own (test) code with Groovy 4.0
- Gradle 6.5 pulls in optional dependency
- Gradle 6.5 build fails on Java 15-ea with Execution failed for task ':jar'. java.util.ConcurrentModificationException (no error message)
- Memory inefficiency in ConsumerVariantMatchResult for very large project.
- Pre-existing empty output directory may cause incorrect up-to-date checks
- JDK 15 support in Gradle
- Update integration tests using Jetty to run on JDK15
- Jacoco JDK15 support
- Review how TestKit directories are watched
- Disable file system watching when there is a change to Ant default excludes
- Verify correct usage of FileTimeStampInspector when file-system watching is enabled
- Use the Java API compiler when possible
- Attribute "without_test_code" is missing in .classpath file for project references
- Support `SUBST` or disable its use with file watching
- Test filters hide underlying issues during test task execution
- Add test for continuous build with VFS retention enabled
- Tooling API on JDK11 can not connect to Gradle project 4.5
- Feature? dependency lock missing skippedDependencies Property
- Composite artifact can't be resolved in buildSrc
- Maven2Gradle conversion support targeting Kotlin DSL
- Detect local Java installations
- Java toolchain detection should work on macos when no system VM installed
- Artifact transforms with dependencies fail when project substitutes external one
- Samples use nightly build instead of RC
- 6.7-rc-1: build fails with Cannot acquire state lock for project
- Property auto-detect used at configuration time when using toolchain with auto-download=false
- Service creation is too eager
- Javadoc and toolchain: task is up-to-date when toolchain changes
- `Problems reading data from Binary store` with intra-project dependency and capability resolution strategy
- Incremental annotation processing can fail when forking with Java 8
- Incremental compilation wipes out aggregating processor file in Gradle 6.7

更新時間：2020-09-09
更新細節：

What's new in this version:

- Broken incremental annotation processing when previous build was incremental
- DefaultConfigurableFileCollection.setFrom with empty arguments
- Fix outgoing edge reference counting
- Classpath not correct with platform bom
- Fix incremental annotation processing

更新時間：2020-08-11
更新細節：

What's new in this version:

Performance improvements:
- Fast feedback for local incremental builds is crucial for developer productivity. This is especially true when your IDE uses Gradle to build and run tests for your project, which IntelliJ IDEA does by default. This scenario has been the primary focus of performance improvements since Gradle 6.5 and will continue for the next several Gradle releases.
- Configuration caching
- Before running any task, Gradle needs to run the configuration phase. Currently, this is done on every build invocation and can incur a noticeable overhead, especially in large projects.
- The configuration cache significantly improves build performance by caching the result of the configuration phase and reusing it for subsequent builds. Using the configuration cache, Gradle can skip the configuration phase entirely when nothing that affects the build configuration has changed as you can see below.
- Additionally, Gradle is able to optimize task execution when configuration caching is enabled and execute more tasks in parallel by default.
- Note that configuration caching is different from the build cache, which caches outputs produced by the build. The configuration cache captures only the state of the configuration phase.
- IDE sync and import does not currently benefit from configuration caching.
- This feature is considered highly experimental and not enabled by default or recommended for production use. Tasks and plugins usually require changes to meet the requirements to use configuration caching. Not all core Gradle plugins have been updated yet and some features are not yet implemented. Your build may likely require changes.
- You can enable this experimental feature by supplying the parameter --configuration-cache on the command-line or adding it to your run configuration. If your build is incompatible with configuration caching, Gradle will generate a report describing the problems found.
- Learn more about this new feature and its impact in the Configuration Cache documentation.
- Stability improvements of file-system watching
- Gradle 6.5 introduced an experimental opt-in that improves the performance of local incremental builds by watching for file-system changes.
- This release brings a number of stability improvements for file-system watching when used with composite builds or large projects on Windows and macOS. Gradle will now report better errors when you enable file-system watching on unsupported systems.
- Improved cache hits with normalized runtime classpaths
- For up-to-date checks and the build cache, Gradle needs to determine if two task input properties have the same value. In order to do so, Gradle first normalizes both inputs and then compares the result.
- Runtime classpath analysis now inspects manifest and META-INF properties files, ignoring changes to comments, whitespace and order-differences. Moreover, you can selectively ignore attributes or properties that don't impact the runtime classpath.
- normalization {
- runtimeClasspath {
- metaInf {
- ignoreAttribute("Implementation-Version")
- ignoreProperty("timestamp")
- This improves the likelihood of build cache hits when any ZIP file on the classpath is regenerated and only differs by unimportant values or comments. The most common case where this sort of normalization can be useful is with JAR files, but it can be applied to any ZIP file on the classpath--such as AAR, WAR, or APK files.
- See the user manual for further information. Note that this API is incubating and will likely change in future releases as support is expanded for normalizing properties files outside of the META-INF directory.

New features and usability improvements:
- Conventions for handling user-provided credentials
- Builds sometimes require users to supply credentials. For example, credentials might be required to authenticate with an artifact repository in order to publish an artifact. It's a good practice to keep credentials outside the build script.
- This release includes a new API for credentials that makes working with credentials easier by establishing a convention to supply credentials using Gradle properties that can be provided to the build as command-line arguments, environment variables, or as values in a gradle.properties file. It also introduces fail-fast behavior when Gradle knows that the build will need credentials at some point and the credentials are missing.
- Starting from this release, you can easily externalize credentials used for authentication to an artifact repository:
- repositories {
- maven {
- name = 'mySecureRepository'
- credentials(PasswordCredentials)
- // url = uri(<<some repository url>>)
- The credentials for mySecureRepository will be searched for in Gradle properties with the names mySecureRepositoryUsername and mySecureRepositoryPassword.
- For more details on using the new API to authenticate with artifact repositories, see the user manual section as well as an updated sample.
- You can also use the new provider API directly to supply credentials to an external tool:
- tasks.register('login', Exec) {
- def loginProvider =
- providers.credentials(PasswordCredentials, 'login')
- inputs.property('credentials', loginProvider)
- doFirst {
- PasswordCredentials loginCredentials = loginProvider.get()
- // use credentials
- The credentials for the above will be searched for in Gradle properties with the names loginUsername and loginPassword.
- See the updated sample for more details.
- Support for the --release flag in Java compilation
- Java 9 introduced cross compilation support with the --release flag on the Java compiler. This option tells the compiler to produce bytecode for an earlier version of Java and guarantees that the code does not use any APIs from later versions.
- In previous Gradle versions, it could be achieved through the use of compilerArgs and making sure that sourceCompatibility and targetCompatibility are not set:
- compileJava {
- options.compilerArgs.addAll(['--release', '7'])
- With this release, Gradle makes this use case easier by supporting the --release flag for Java compilation directly on the CompileOptions of JavaCompile tasks:
- compileJava {
- options.release = 7
- See the section on cross compilation for details.
- Dependency management improvements
- Reproducible Gradle Module Metadata
- Gradle Module Metadata is a format used to serialize the Gradle component model, similar to but more powerful than Maven’s POM.
- By default, the Gradle Module Metadata file contains a build identifier field which defaults to a unique ID generated during build execution. This behaviour can now be disabled at the publication level, allowing users to opt-in for a reproducible Gradle Module Metadata file. This enables downstream tasks to consider it up-to-date, resulting in faster and reproducible builds.
- main(MavenPublication) {
- from components.java
- withoutBuildIdentifier()
- See the documentation for more information on Gradle Module Metadata generation.
- Variant-aware dependency substitution rules
- It’s a common problem in dependency management that the same dependency can appear in a dependency graph but with different attributes. For example, you want to only use the “fat jar” with repackaged dependencies, but the regular jar is pulled in transitively. The far jar may be published under a "fat jar" classifier, while the regular jar has no classifier.
- Previously, it wasn't possible for Gradle to substitute a dependency using a classifier with a dependency without a classifier, nor was it possible to substitute a dependency without classifier with a dependency with a classifier.
- Similarly, other attributes (typically "platform" dependencies) or capabilities could not be used when describing dependency substitutions.
- Gradle now supports declaring substitutions based on classifiers, attributes, or capabilities. Gradle's dependency substitution API has been enriched to cover those cases.
- See the documentation on variant-aware substitution for details.
- Improvements for plugin authors:
- Injectable ArchiveOperations service
- Previously, it was only possible to create a FileTree for a ZIP or TAR archive by using the APIs provided by a Project.
- However, a Project object is not always available, for example in worker actions or when using the configuration cache.
- The new ArchiveOperations service has zipTree() and tarTree() methods for creating read-only FileTree instances respectively for ZIP and TAR archives.
- See the user manual for how to inject services and the ArchiveOperations API documentation for more details and examples.
- Combining two providers
- When using Lazy Properties, it’s common to compute a value by combining the values of two providers. In previous Gradle releases, it wasn’t possible to do this without eagerly reading one of the provider values or losing dependency information. Gradle 6.6 introduces a zip method which lets you provide the combined value lazily.:
- def hello = objects.property(String).convention("Hello")
- def world = objects.property(String).convention("World")
- def helloWorld = hello.zip(world) { left, right ->
- "${left}, ${right}!".toString()
- // ...
- hello.set("Bonjour")
- world.set("le monde")
- println(helloWorld.get()) // prints “Bonjour, le monde!”
- Refer to the API documentation for details.
- Security improvements:
- Removed debug logging of environment variables
- Debug level logging may expose sensitive information in the build log output, for example in CI server logs. For this reason, Gradle displays a prominent warning when using debug level logging since version 6.4. One example of this risk is leaking secret values such as credentials stored in environmental variables.
- Previously, when debug level was enabled, Gradle used to log all environment variables when starting a process such as a test, Gradle daemon, or when using Project.exec. In practice, this means most of the builds logged environment variables on debug level.
- As an additional security precaution, Gradle no longer logs environment variables when starting processes starting with this version.
- Note that many CI servers, like Jenkins and Teamcity, mask secrets in the captured logs. Still, we recommend limiting the usage of debug level logging to environments which do not capture the log output, like your local machine. Build scans never capture the debug log as part of the console log even when you enabled debug logging.
- As an additional measure, you may want to limit the environment variables passed to the test task or other forked processes by explicitly using ProcessForkOptions.setEnvironment(). This way the forked processes themselves cannot leak secrets from the environment, since they don't have them available anymore.

Fixed:
- Runtime classpath normalization should apply to zips and to nested zips in classes directories
- Stackoverflow visiting file collections referencing themselves
- System.getProperty(...) with null default value triggers NPE
- java.lang.RuntimeException: Problems reading data from Binary store
- Configuration cache should support dynamic and changing dependencies
- Configuration cache should support dependency locking
- Make `java-gradle-plugin` plugin support the configuration cache
- Make `ear` plugin support the configuration cache
- Make `war` plugin support the configuration cache
- Make `java-library-distribution` plugin support the configuration cache
- Make `distribution` plugin support the configuration cache
- Make `application` plugin support the configuration cache
- Make `java-platform` plugin support the configuration cache
- Make `java-library` plugin support the configuration cache
- Make `java` plugin support the configuration cache
- [6.6-milestone-1] Gradle wrapper task throws NumberFormatException with OpenJDK 15
- Exception stacktrace shown upon startup when file-system watching is enabled on certain older Linux distributions
- Missing classes with Scala incremental compilation
- Kotlin compiler daemon keeps disappearing with file-system watching enabled on macOS
- compileKotlin task has unstable task inputs with precompiled `.gradle.kts` scripts
- CL code snippets are broken in Gradle docs
- Make sure file system watching is enabled consistently during a build
- Make Project.zipTree() and Project.tarTree() available via injected services
- Configuration cache can fail when artifact transform is chained and takes artifact dependencies as a parameter
- Broken non-incremental compilation with Scala
- Watch root directories of included builds
- Artifact collection contains different results when loaded from configuration cache
- Rename "VFS retention" to "file-system watching" in public types and messages
- Investigate what files are watched outside of the root directory
- JVM crash with file-system watching enabled on Windows
- java14 helpful NPEs not working in test
- exclusiveContent API fails with "Cannot mutate content repository descriptor..."
- incorrect docs for how to disable scala incremental compilation
- Stop watching caches in Gradle user home and in the `$rootDir/.gradle` directory
- Allow GenerateModuleMetadata and GenerateMavenPom to be reproducible
- Make up-to-date checks for :kotlinCompilerEmbeddable:unpackPatchedKotlinCompilerEmbeddable faster
- Give user information about increasing inotify watch count when needed
- Configuration cache property serialization should consider custom writeObject/readObject methods
- Gradle 5.1.1 does not retry connection resets
- POM dependency with `<type>` bypasses variant-aware resolution, even when conflict-resolved with project dependency
- Dependency substitution is broken for those with <type> attributes in POM files
- Dependency substitution rules
- Add property for setting the `--release` compiler argument
- Buildscript dependencies have bad handling of pom files
- local projects dependencies no longer work in gradle 6.6-rc-1
- Java plugin can overwrite the classpath of Test tasks added by other plugins
- 6.6RC1: error message for missing credentials is duplicated
- Causes of custom AssertionErrors should be preserved
- ClassDirectories property of `JacocoReport` is annotated with @Classpath
- Instrumentation causes a duplicate method and a `ClassFormatError` at runtime
-Suppressed exceptions thrown by tests are not captured in the test report and build scan

更新時間：2020-06-30
更新細節：

What's new in this version:

Fixed:
- Regression: Gradle 6.5 cached builds cause IllegalStateException
- Regression: Compile classpath configuration is not deterministic
- Regression: Class cast exception when GStrings are used with System.getProperty
- And a number of dependency graph resolution errors
- Class cast exception when GStrings are used with System.getProperty
- Compile classpath configuration is not deterministic
- BinaryStore Exception when using Spring Boot snapshots
- Gradle 6.5 cached builds cause IllegalStateException
- Graph serialization error with projects being replaced by binary dependencies
- Exception: Problems reading data from Binary store
- "Problems reading data from Binary store" on platforms

更新時間：2020-06-03
更新細節：

What's new in this version:

Fixed:
- Core alignment resolution results keep changing
- Gradle 6.5-milestone-2: build crashes while generating a jar file
- Usage of project.fileTree for dependencies can lead to ordering issues
- Watching on Linux fails with `Received event for unknown watch descriptor 527`
- Amend version sorting to resolve differences on well known qualifiers
- The cache key for @CacheableRule is problematic when dependencies have no metadata
- failOnNonReproducibleResolution() crashes build
- Instant execution fails to serialize a property with finalize on read enabled and whose value is a mapped task output
- java.lang.ClassCastException when compiling groovy gradle source
- Binary store exception
- A "by ancestor" selection reason shows as "Unknown" in dependencyInsight output
- [scala] When the user specifies a non-default version of Zinc, compiler-bridge.jar from DEFAULT_ZINC_VERSION is still used
- Gradle dependency locking > inconsistent dependencies resolution with/without --write-locks option
- Resolving a dependency prevents its further use as a BOM
- ResolvedDependencyResult.getResolvedVariant() can return a null value
- Cannot delete project directory on Windows when watching the file system is enabled
- Slow Scala compilation times in 6.2.2 compared to 5.6.2
- Add a command-line flag to enable watching the file system for changes
- Test if VFS retention works when removing build directory manually
- Document watching the file system
- Support symlinks with VFS retention
- Bad performance when file trees are used as task outputs
- Add Generated annotation to kotlin-dsl generated files
- Add `stopDaemons()` to `GradleConnector` interface
- Provide a way to stop daemon via tooling api

更新時間：2020-05-16
更新細節：

What's new in this version:

Building, testing and running Java Modules:
- With this release, Gradle supports the Java Module System with everything you need to compile and execute tests for Java modules. You can also build Javadoc and run applications
- While there is some overlap with Gradle's dependency management features, Java Modules offer additional features like module boundaries that are enforced by the Java runtime

The only thing you need to configure is module path inference for the Java plugins:
- java {
- modularity.inferModulePath.set(true)
- Then you just need to make sure that you write a proper Java module by providing a module-info.java descriptor as part of your sources:
- src
- +-- main
- +-- java
- +-- module-info.java
- For more details, head over to the documentation on building modules, building modular applications and testing modules.
- Also feel free to explore the samples

Precompiled Groovy DSL script plugins:
- Script plugins are a convenient way to split up and organize a long build script, but they have some limitations and quirks. Kotlin DSL introduced precompiled script plugins that look like regular build scripts but have all of the advantages of binary plugins. They can:
- be published to a private repository or the Plugin Portal,
- be tested using TestKit,
- be applied using the plugins {} block,
- use the plugins {} block to apply other plugins
- Gradle now allows precompiled script plugins to be written using the Groovy DSL in addition to the Kotlin DSL
- For example, a Gradle script in buildSrc/src/main/groovy/my-plugin.gradle can be used as a plugin in the main project as plugins { id 'my-plugin' }
- Precompiled script plugins are covered in more depth in the user manual. There is also a sample available that demonstrates the feature in action

Single dependency lock file per project:
- Dependency locking is a mechanism for creating reproducible builds even when using dynamic dependency versions. This release adds an improved dependency locking file format that results in fewer lock files in most projects that use this feature. In addition, when using this format, the lock file name and location can be configured
- This format will become the default lock file format in Gradle 7.0. For now, it is required to opt-in to use it
- Take a look at the documentation for more information and how to enable the feature

Better dependency variant matching error messages:
- Gradle provides a powerful variant-aware dependency management engine
- This release introduces clearer variant matching error messages for the JVM ecosystem
- In previous releases, these error messages could be difficult to understand and sometimes lacked enough context to figure out what to do. Gradle 6.4 improves these error messages by making them more human-readable and introducing colors to the console to highlight problems.

Improvements to PMD code quality plugin:
- Incremental analysis is enabled by default
- As of Gradle 6.4, the PMD plugin uses incremental analysis by default. This can significantly reduce analysis time on subsequent builds.
- For builds relying on a version of PMD older than 6.0.0, you will need to explicitly disable incremental analysis.
- Specify number of violations required before the build fails
- The PMD plugin now lets you set the number of violations before the build fails. This can make it easier to introduce PMD into existing projects that may initially have many violations.
- If you wanted to fail the build if the number of violations is above 150, you can set maxFailures to 150.
- pmd {
- maxFailures = 150
- This was contributed by Matthew Duggan.
- Security warning about using DEBUG level logging
- Potentially sensitive information is logged when Gradle is executed with debug level logging, such as sensitive credentials, authentication tokens or internal repository URLs. Much of this logging occurs deep in components of the JVM and other libraries outside the control of Gradle. While debugging, this information may be inherently useful. However, this information can be unintentionally exposed when Gradle builds are executed on Continuous Integration services where build logs are publicly-accessible. See the recent update about the fixed Plugin Portal vulnerability for an example of this security risk.
- Gradle now warns users about the risks of using DEBUG level logging.
- We recommend plugin maintainers avoid logging sensitive information if possible, and if it's not possible, that all sensitive information be logged exclusively at the DEBUG log level.

Fixed issues:
2 issues have been fixed in Gradle 6.4.1.
[#13069] - Regression: Different daemons are used between IDE and CLI builds for the same project
[#13057] - Regression: Main-Class attribute always added to jar manifest when using application plugin

更新時間：2020-05-06
更新細節：

What's new in this version:

- Mapping of Ivy files to variants should handle configuration level excludes
- Upgrade to native platform milestone for 6.4
- Investigate timeouts with file watching enabled
- Rename 'modularClasspathHandling' properties to 'modularity'
- In version constraints, the order of `prefer X` vs `strict Y` matters
- Perform module path derivation in Eclipse IDE sync
- Potential deadlock when using the worker API and not using the Gradle daemon
- Add module path support to CreateStartScripts tasks of application plugin
- Add modular classpath handling configuration to Java extension
- Document JPMS support
- Build service installed via init script closes prematurely when `:buildSrc` sub-build is finished
- Dependency ordering issue when upgrading to Guava 28.2-jre
- exclusiveContent API does not work with Kotlin Gradle DSL
- Configuring the Jar task's manifest gives an Incubating warning
- Register watchers for newly added file locations during the build
- Basic JPMS support for generating Javadoc
- Basic JPMS support for executing Java modules
- Basic JPMS support for testing Java modules
- GenerateModuleMetadata writes wrong file names in case of customized artifact publications.
- Basic JPMS support for compiling Java modules
- File change not recognized by VFS on Windows when entire watched directory is removed
- Improve the dependency lockfile format
- StackOverflowError in ManagedPropertyName.getDisplayName()
- Expose Repository MetadataSources
- ScalaCompile task does not respect all JavaForkOptions configuration
- java-library plugin makes impossible to have project dependency on Java9-modular kotlin project
- Add a method to specify Scalac plugins in ScalaCompile without breaking build cache
- [JPMS] Accessing resources when Java application run via JavaExec task
- Lockfile location/filename should be customizable
- Packaging test code in a separate JDK 9 module fails with IllegalArgumentException: superClassName is empty
-Java 9: Support Jigsaw modules in JavaExecAction
-Running tests against JDK 9 module causes accessibility issues
-Support setting Jigsaw module version in jar task
- Gradle 6.4-rc-1 triggers compileJava when project version is changed in multi-module project
- Cached component metadata rules leak memory
- Gradle 6.4-rc-1 breaks bootRun
- Traditional convention mappings do not work anymore for JavaExec.main
- Stack overflow in Gradle 6.4-rc-1, regression from 6.3
- Invalid equals breaks fix for cache memory leak
- Single lock file changes on generation without external change
- Potential race condition when task has a property whose value is derived from mapped dependency resolution results
- Race condition when a `Property` instance is used by multiple tasks and has a value derived from a dependency resolution result

更新時間：2020-03-25
更新細節：

What's new in this version:

Improved error messages:
Show location of Java fatal error log:
- When the Java virtual machine executing the Gradle daemon crashes unexpectedly, the Java virtual machine will generate a fatal error log. The crash could be due to a bug in Java, Gradle itself, or in the user code being executed.
- Since it may be hard to find where this error log is written, Gradle now prints the location of the crash log to the console

Support for Java 14:
- Gradle now supports running and building with Java 14.

Fixed:
- Deprecate 'default' and 'archives' configurations for resolving and declaring dependencies
- Show path of hs_err_pid file when daemon disappears
- Update documentation to not point to samples or snippets in -all distribution
- De-serialization of task graph incorrect for anonymous subtypes of enum.
- Gradle crashes if GRADLE_RO_DEP_CACHE is set and it cannot create modules-2 directory within it
- Checkstyle task can no longer be configured to analyse single files
- Precompiled script plugin fails to build on Windows if script is saved with CRLF (accessors not resolved)
- Daemon crashes for `ArtifactTransformInputArtifactIntegrationTest` with VFS retention enabled
- C++ compilation doesn't pick up file changes when VFS retention is enabled
- `GradleBuildTaskIntegrationTest.can run multiple GradleBuild tasks concurrently` fails with VFS retention
- Deleting local state when loading from cache is not picked up with partial invalidation
- Fix `PlayContinuousBuildReloadWaitingIntegrationTest` with VFS retention
- The `clean` task does not report changes to VFS
- Parsing gradle properties file with invalid syntax fails with unhelpful error message
- Log individual input file fingerprints
- Allow war task to be made cacheable with runtime api
- com.fasterxml.jackson.core:jackson-databind Security Vulnerabilities in Gradle 6.x
- Enable VFS retention for the build-tool build
- Enable VFS retention for local builds only
- Incremental Java compilation doesn't clean up stale generated JNI headers
- Add access to POM packaging in component metadata rules
- Re-evaluate VFS retention tests after known issues are fixed
- Instant execution fails on Java Compile Task (no source) when there are only kotlin files in src/main/java
- Handle all macOS file events without dropping VFS
- File change not recognized by VFS on macOS when entire watched directory is removed
- Watch long paths on Windows
- Implement event-driven file watcher for Linux
- JDK 14 support
- ServiceRegistry failures should emit clearer help messages
- Provide default value for JavaCompile header output
- Constraints can sometimes impact excludes
- CalculateTaskGraphBuildOperationType emits mutated structure for task plan
- Same dependencies with different classifiers are not consumed correctly from Gradle Module Metadata

更新時間：2020-03-04
更新細節：

What's new in this version:

- Fix tooling API metadata - bundling attribute
- multi-project build use the properties of the rootProject for all included builds (changed in 6.2)