Skip to content

build(deps): bump the java-other group across 1 directory with 6 updates#2435

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/gradle/java/java-other-ecdf7e6698
Closed

build(deps): bump the java-other group across 1 directory with 6 updates#2435
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/gradle/java/java-other-ecdf7e6698

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor

Bumps the java-other group with 6 updates in the /java directory:

Package From To
com.diffplug.spotless 8.6.0 8.8.0
com.gradleup.shadow 9.4.2 9.5.1
org.apache.logging.log4j:log4j-bom 2.26.0 2.26.1
software.amazon.awssdk:bom 2.46.0 2.46.21
com.squareup.okhttp3:okhttp 5.3.2 5.4.0
gradle-wrapper 9.5.1 9.6.1

Updates com.diffplug.spotless from 8.6.0 to 8.8.0

Updates com.gradleup.shadow from 9.4.2 to 9.5.1

Release notes

Sourced from com.gradleup.shadow's releases.

9.5.1

Fixed

  • Fix eager calls for toolchainSpec in Kotlin DSL.
    This fixes the regression when using toolchain without targetCompatibility in Kotlin DSL.

9.5.0

Added

  • Check DuplicatesStrategy for merging transformers. (#2026)
    This will log warnings when an incompatible DuplicatesStrategy (e.g., EXCLUDE) is applied in Gradle configuration for built-in ResourceTransformers.
  • Add KotlinModuleMetadataTransformer. (#2073)
  • Add R8 as an opt-in minimize { r8 { ... } } tool for shrinking the final shadowed JAR. (#2077)

Changed

  • Bump min Gradle requirement to 9.2.0. (#2057)
  • Remove afterEvaluate when adding variants. (#2056)
  • Deprecate enableKotlinModuleRemapping for ShadowJar. (#2073)
    Apply KotlinModuleMetadataTransformer explicitly to support relocating inside Kotlin module metadata files.
  • Deprecate everything under ShadowCopyAction. (#2083)

Fixed

  • Fix the conflicts when using afterEvaluate with other plugins. (#2055)

9.4.3

Changed

  • Update dependencies for resolving CVEs. (#2069)
Commits
  • c33612d Prepare version 9.5.1
  • 485e412 Fix eager calls for toolchainSpec in Kotlin DSL (#2087)
  • d062fa2 Fix DuplicatesStrategyCheckerTest resource loading on Windows (#2085)
  • e71a2c1 Add description for shadow configuration (#2084)
  • 7ba43b0 Prepare next development version
  • 6e00cb7 Prepare version 9.5.0
  • ca03909 Deprecate everything under ShadowCopyAction (#2083)
  • 7d7da27 Revert "Mark CONSTANT_TIME_FOR_ZIP_ENTRIES as const (#2074)"
  • da18cc0 Deprecate enableKotlinModuleRemapping for ShadowJar (#2073)
  • ec6e55a Replace system properties with buildConfig consts (#2082)
  • Additional commits viewable in compare view

Updates org.apache.logging.log4j:log4j-bom from 2.26.0 to 2.26.1

Release notes

Sourced from org.apache.logging.log4j:log4j-bom's releases.

2.26.1

This patch release delivers certain fixes on top of 2.26.0.

Changed

  • Improve logging for LinkageError scenarios involving the LMAX Disruptor library (#2250, #4124)

Fixed

  • Fix the createOnDemand behavior of RollingFileAppender to correctly defer file and directory creation until the first log event, while preserving eager creation when disabled. (#2006, #4072)
  • Improve documentation for locale handling in the Pattern Layout date pattern converter (#4129, #4130)
  • Fix handling of non-finite numbers while encoding MapMessage to JSON (#4163)
  • Fix encoding of MSGID and SD-ID fields of StructuredDataMessage to XML (#4136)
  • Fix stack trace rendering for exceptions with identity malfunction (e.g., colliding equals() and/or hashCode() implementations) (#3933, #4133)
  • Fix resource leaks in ConfigurationSource when loading configuration via URL fails (#4127)
  • Fix KafkaAppender reporting error to error handler even after a successful retry (#4125)
Commits
  • dd0f9d2 Release changelog for version 2.26.1
  • efbb638 Update the project.build.outputTimestamp property
  • c9332be Fix handling of non-finite numbers while encoding MapMessage to JSON (#4163)
  • bd8eca1 Fix AsciiDoc typo in pattern-layout.adoc
  • df1c753 tidy up changelogs
  • 0592cff fix version in pom.xml
  • e320257 Release changelog for version 2.26.1
  • 5755541 Update the project.build.outputTimestamp property
  • 6c2d931 Set version to 2.26.1
  • 69d6641 add patch release/2.26.1 liked commits and moved changelog the release/2.26.1...
  • Additional commits viewable in compare view

Updates software.amazon.awssdk:bom from 2.46.0 to 2.46.21

Updates com.squareup.okhttp3:okhttp from 5.3.2 to 5.4.0

Changelog

Sourced from com.squareup.okhttp3:okhttp's changelog.

Version 5.4.0

2026-06-08

  • New: Add superpowers to interceptors. Interceptors can now override anything settable on OkHttpClient.Builder, such as the cache, connection pool, socket factory, and DNS. We expect this will allow most users to use interceptors everywhere, insted of mixing and matching interceptors with custom Call.Factory wrappers.
  • Fix: Limit each HTTP/2 response to 256 KiB of total headers.
  • Upgrade: [kotlinx.coroutines 1.11.0][coroutines_1_11_0]. This is used by the optional okhttp-coroutines artifact.
  • Upgrade: [GraalVM 25.0.3][graalvm_25].
  • Upgrade: [Okio 3.17.0][okio_3_17_0].
Commits

Updates gradle-wrapper from 9.5.1 to 9.6.1

Release notes

Sourced from gradle-wrapper's releases.

9.6.1

The Gradle team is excited to announce Gradle 9.6.1.

Here are the highlights of this release:

  • Improved Configuration Cache hit rates
  • Additional CLI rendering options
  • Important project hierarchy lookup deprecations

Read the Release Notes

We would like to thank the following community members for their contributions to this release of Gradle: Aharnish Solanki, Benedikt Johannes, Devendra Reddy Pennabadi, Dmytro Rodionov, Dreeam, Elías Hernández Rodríguez, Eng Zer Jun, FinlayRJW, Kamal Kansal, Marcono1234, Nelson Osacky, Philip Wedemann, Ravi, Roberto Perez Alcolea, Ryan Schmitt, Sebastian Schuberth, seunghun.ham, sk-reddy17, Suvrat Acharya, Vedant Madane.

Upgrade instructions

Switch your build to use Gradle 9.6.1 by updating your wrapper:

./gradlew :wrapper --gradle-version=9.6.1 && ./gradlew :wrapper

See the Gradle 9.x upgrade guide to learn about deprecations, breaking changes and other considerations when upgrading.

For Java, Groovy, Kotlin and Android compatibility, see the full compatibility notes.

Reporting problems

If you find a problem with this release, please file a bug on GitHub Issues adhering to our issue guidelines. If you're not sure you're encountering a bug, please use the forum.

We hope you will build happiness with Gradle, and we look forward to your feedback via Twitter or on GitHub.

9.6.0

... (truncated)

Commits
  • 309d128 Update fixed issues in release notes for 9.6.1 (#38328)
  • 040a978 Update fixed issues in release notes for 9.6.1
  • e0b8325 Restore --non-interactive flag instead of --interactive/--no-interactive (#38...
  • 946f3e6 Limit explicit temp file permission setting to intended use case (#38300)
  • 65f8224 Restore --non-interactive flag instead of --interactive/--no-interactive
  • e346a5e Adjust CLI flag to configure non-interactive console (#38301)
  • 9b53be9 Adjust CLI flag to configure non-interactive console
  • 0dd3b53 Limit explicit temp file permission setting to intended use case
  • 48e5ac2 Add reproducers
  • 25598fd Prepare 9.6.1 patch release (#38293)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the java-other group with 6 updates in the /java directory:

| Package | From | To |
| --- | --- | --- |
| com.diffplug.spotless | `8.6.0` | `8.8.0` |
| [com.gradleup.shadow](https://github.com/GradleUp/shadow) | `9.4.2` | `9.5.1` |
| [org.apache.logging.log4j:log4j-bom](https://github.com/apache/logging-log4j2) | `2.26.0` | `2.26.1` |
| software.amazon.awssdk:bom | `2.46.0` | `2.46.21` |
| [com.squareup.okhttp3:okhttp](https://github.com/square/okhttp) | `5.3.2` | `5.4.0` |
| [gradle-wrapper](https://github.com/gradle/gradle) | `9.5.1` | `9.6.1` |



Updates `com.diffplug.spotless` from 8.6.0 to 8.8.0

Updates `com.gradleup.shadow` from 9.4.2 to 9.5.1
- [Release notes](https://github.com/GradleUp/shadow/releases)
- [Commits](GradleUp/shadow@9.4.2...9.5.1)

Updates `org.apache.logging.log4j:log4j-bom` from 2.26.0 to 2.26.1
- [Release notes](https://github.com/apache/logging-log4j2/releases)
- [Changelog](https://github.com/apache/logging-log4j2/blob/2.x/RELEASE-NOTES.adoc)
- [Commits](apache/logging-log4j2@rel/2.26.0...rel/2.26.1)

Updates `software.amazon.awssdk:bom` from 2.46.0 to 2.46.21

Updates `com.squareup.okhttp3:okhttp` from 5.3.2 to 5.4.0
- [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md)
- [Commits](square/okhttp@parent-5.3.2...parent-5.4.0)

Updates `gradle-wrapper` from 9.5.1 to 9.6.1
- [Release notes](https://github.com/gradle/gradle/releases)
- [Commits](gradle/gradle@v9.5.1...v9.6.1)

---
updated-dependencies:
- dependency-name: com.diffplug.spotless
  dependency-version: 8.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: java-other
- dependency-name: com.gradleup.shadow
  dependency-version: 9.5.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: java-other
- dependency-name: org.apache.logging.log4j:log4j-bom
  dependency-version: 2.26.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: java-other
- dependency-name: software.amazon.awssdk:bom
  dependency-version: 2.46.21
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: java-other
- dependency-name: com.squareup.okhttp3:okhttp
  dependency-version: 5.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: java-other
- dependency-name: gradle-wrapper
  dependency-version: 9.6.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: java-other
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jul 6, 2026
@dependabot dependabot Bot requested a review from a team as a code owner July 6, 2026 12:14
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jul 6, 2026
@wpessers wpessers closed this Jul 12, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 12, 2026

Copy link
Copy Markdown
Contributor Author

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot Bot deleted the dependabot/gradle/java/java-other-ecdf7e6698 branch July 12, 2026 21:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant