From a4b8dec2886a5c41915199ceb39815eeb9bb3f02 Mon Sep 17 00:00:00 2001
From: Edward Chen <18449977+edgchen1@users.noreply.github.com>
Date: Thu, 16 Mar 2023 11:06:00 -0700
Subject: [PATCH] Gradle wrapper security updates (#381)

* Add gradle-wrapper.jar checksum validation workflow.

* Add gradle wrapper distribution checksum values.
---
 .github/workflows/gradle-wrapper-validation.yml    | 14 ++++++++++++++
 java/gradle/wrapper/gradle-wrapper.properties      |  1 +
 .../gradle/wrapper/gradle-wrapper.properties       |  6 +++---
 3 files changed, 18 insertions(+), 3 deletions(-)
 create mode 100644 .github/workflows/gradle-wrapper-validation.yml

diff --git a/.github/workflows/gradle-wrapper-validation.yml b/.github/workflows/gradle-wrapper-validation.yml
new file mode 100644
index 000000000..bb5873b54
--- /dev/null
+++ b/.github/workflows/gradle-wrapper-validation.yml
@@ -0,0 +1,14 @@
+# Check gradle-wrapper.jar checksums against official Gradle releases.
+# See: https://github.com/marketplace/actions/gradle-wrapper-validation
+# This workflow was copied from the link above.
+
+name: "Validate Gradle Wrapper"
+on: [push, pull_request]
+
+jobs:
+  validation:
+    name: "Validation"
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - uses: gradle/wrapper-validation-action@v1
diff --git a/java/gradle/wrapper/gradle-wrapper.properties b/java/gradle/wrapper/gradle-wrapper.properties
index ae04661ee..b916c04db 100644
--- a/java/gradle/wrapper/gradle-wrapper.properties
+++ b/java/gradle/wrapper/gradle-wrapper.properties
@@ -1,5 +1,6 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
+distributionSha256Sum=f6b8596b10cce501591e92f229816aa4046424f3b24d771751b06779d58c8ec4
 distributionUrl=https\://services.gradle.org/distributions/gradle-7.5.1-bin.zip
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists
diff --git a/java/src/test/android/gradle/wrapper/gradle-wrapper.properties b/java/src/test/android/gradle/wrapper/gradle-wrapper.properties
index 54549995b..1debed0d8 100644
--- a/java/src/test/android/gradle/wrapper/gradle-wrapper.properties
+++ b/java/src/test/android/gradle/wrapper/gradle-wrapper.properties
@@ -1,6 +1,6 @@
-#Wed Oct 19 16:43:50 PDT 2022
 distributionBase=GRADLE_USER_HOME
-distributionUrl=https\://services.gradle.org/distributions/gradle-7.4-bin.zip
 distributionPath=wrapper/dists
-zipStorePath=wrapper/dists
+distributionSha256Sum=8cc27038d5dbd815759851ba53e70cf62e481b87494cc97cfd97982ada5ba634
+distributionUrl=https\://services.gradle.org/distributions/gradle-7.4-bin.zip
 zipStoreBase=GRADLE_USER_HOME
+zipStorePath=wrapper/dists