Skip to content

Bump the gradle group with 15 updates#1280

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/gradle/gradle-9571f87a6d
Open

Bump the gradle group with 15 updates#1280
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/gradle/gradle-9571f87a6d

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the gradle group with 15 updates:

Package From To
ch.qos.logback:logback-classic 1.5.35 1.5.37
org.junit.jupiter:junit-jupiter 6.1.0 6.1.1
org.junit.platform:junit-platform-launcher 6.1.0 6.1.1
software.amazon.awssdk:retries-spi 2.46.17 2.46.19
software.amazon.awssdk:retries 2.46.17 2.46.19
software.amazon.awssdk:sdk-core 2.46.17 2.46.19
software.amazon.awssdk:auth 2.46.17 2.46.19
org.junit:junit-bom 6.1.0 6.1.1
software.amazon.api.models:all 1.0.258 1.0.260
com.diffplug.spotless:spotless-plugin-gradle 8.7.0 8.8.0
com.autonomousapps:dependency-analysis-gradle-plugin 3.15.0 3.16.0
com.gradleup.shadow:shadow-gradle-plugin 9.4.2 9.4.3
com.gradleup.shadow 9.4.2 9.4.3
org.jreleaser 1.24.0 1.25.0
org.graalvm.buildtools.native 1.1.2 1.1.3

Updates ch.qos.logback:logback-classic from 1.5.35 to 1.5.37

Release notes

Sourced from ch.qos.logback:logback-classic's releases.

Logback 1.5.37

2026-06-26 Release of logback version 1.5.37

  1. • Given the numerous vulnerabilities related to conditional configuration processing based on the evaluation of Java expressions using the Janino library, support for such expressions has been removed. Users are offered the an online migration service or the <condition> element introduced in version 1.5.20. See the relevant documentation for more details.

• A bitwise identical binary of this version can be reproduced by building from source code at commit c1df7f522e648eec7b4ef6a12c8758fec0f00048 associated with the tag v_1.5.37. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.36

2026-06-25 Release of logback version 1.5.36

• The 'condition' attribute in <if> elements now reject certain references that are associated with ACE attacks. This issue was reported by "yulate" (yulate531@gmail.com.com) and registered as CVE-2026-13006.

• A bitwise identical binary of this version can be reproduced by building from source code at commit 9b94c37562bf25a6a944146701d42ee6c4eee888 associated with the tag v_1.5.36. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Commits

Updates org.junit.jupiter:junit-jupiter from 6.1.0 to 6.1.1

Release notes

Sourced from org.junit.jupiter:junit-jupiter's releases.

JUnit 6.1.1 = Platform 6.1.1 + Jupiter 6.1.1 + Vintage 6.1.1

See Release Notes.

Full Changelog: junit-team/junit-framework@r6.1.0...r6.1.1

Commits
  • 0d85889 Release 6.1.1
  • 0363eee Finalize 6.1.1 release notes
  • a6d540a Move entry to 6.1.1 release notes
  • 69339d5 Only pass timeout when publishing to avoid failure in nmcp plugin
  • dec2eb9 Allow excluding engines from memory cleanup mode (#5786)
  • a5f4270 Publish sha256/sha512 checksums again but filter out signature ones (#5796)
  • 8213012 Update plugin nmcp-settings to v1.6.0 (#5787)
  • d1bf847 Generate Javadoc for aggregator modules
  • d721de5 Pass --no-fonts to javadoc convention
  • d289ec6 Restore original SetSystemProperty values in a ParameterizedTest (#5720)
  • Additional commits viewable in compare view

Updates org.junit.platform:junit-platform-launcher from 6.1.0 to 6.1.1

Release notes

Sourced from org.junit.platform:junit-platform-launcher's releases.

JUnit 6.1.1 = Platform 6.1.1 + Jupiter 6.1.1 + Vintage 6.1.1

See Release Notes.

Full Changelog: junit-team/junit-framework@r6.1.0...r6.1.1

Commits
  • 0d85889 Release 6.1.1
  • 0363eee Finalize 6.1.1 release notes
  • a6d540a Move entry to 6.1.1 release notes
  • 69339d5 Only pass timeout when publishing to avoid failure in nmcp plugin
  • dec2eb9 Allow excluding engines from memory cleanup mode (#5786)
  • a5f4270 Publish sha256/sha512 checksums again but filter out signature ones (#5796)
  • 8213012 Update plugin nmcp-settings to v1.6.0 (#5787)
  • d1bf847 Generate Javadoc for aggregator modules
  • d721de5 Pass --no-fonts to javadoc convention
  • d289ec6 Restore original SetSystemProperty values in a ParameterizedTest (#5720)
  • Additional commits viewable in compare view

Updates software.amazon.awssdk:retries-spi from 2.46.17 to 2.46.19

Updates software.amazon.awssdk:retries from 2.46.17 to 2.46.19

Updates software.amazon.awssdk:sdk-core from 2.46.17 to 2.46.19

Updates software.amazon.awssdk:auth from 2.46.17 to 2.46.19

Updates software.amazon.awssdk:retries from 2.46.17 to 2.46.19

Updates software.amazon.awssdk:sdk-core from 2.46.17 to 2.46.19

Updates software.amazon.awssdk:auth from 2.46.17 to 2.46.19

Updates org.junit:junit-bom from 6.1.0 to 6.1.1

Release notes

Sourced from org.junit:junit-bom's releases.

JUnit 6.1.1 = Platform 6.1.1 + Jupiter 6.1.1 + Vintage 6.1.1

See Release Notes.

Full Changelog: junit-team/junit-framework@r6.1.0...r6.1.1

Commits
  • 0d85889 Release 6.1.1
  • 0363eee Finalize 6.1.1 release notes
  • a6d540a Move entry to 6.1.1 release notes
  • 69339d5 Only pass timeout when publishing to avoid failure in nmcp plugin
  • dec2eb9 Allow excluding engines from memory cleanup mode (#5786)
  • a5f4270 Publish sha256/sha512 checksums again but filter out signature ones (#5796)
  • 8213012 Update plugin nmcp-settings to v1.6.0 (#5787)
  • d1bf847 Generate Javadoc for aggregator modules
  • d721de5 Pass --no-fonts to javadoc convention
  • d289ec6 Restore original SetSystemProperty values in a ParameterizedTest (#5720)
  • Additional commits viewable in compare view

Updates software.amazon.api.models:all from 1.0.258 to 1.0.260

Commits

Updates com.diffplug.spotless:spotless-plugin-gradle from 8.7.0 to 8.8.0

Release notes

Sourced from com.diffplug.spotless:spotless-plugin-gradle's releases.

Gradle Plugin v8.8.0

Added

  • Add support for custom string format for license header copyright year via yearStringFormat(). (#2965)
Commits
  • 8b80c13 Published gradle/8.8.0
  • 8ee6cf9 Published lib/4.8.0
  • 6c02c0b Add missing changelog entry.
  • 264f4cc Add regression test for forbidWildcardImports inside toggleOffOn (#2982)
  • 6abb064 fix #2983, expandWildcardImports triggers a full transitive reso… (#2984)
  • f4536d4 Update plugin spotbugs to v6.5.8 (#2987)
  • 873454a Update plugin spotbugs to v6.5.8
  • 000b8a8 Update dependency org.junit.jupiter:junit-jupiter to v6.1.1 (#2985)
  • 84ebcab Update dependency org.junit.jupiter:junit-jupiter to v6.1.1
  • 32b9ff4 Update gradle/actions action to v6 (#2980)
  • Additional commits viewable in compare view

Updates com.autonomousapps:dependency-analysis-gradle-plugin from 3.15.0 to 3.16.0

Changelog

Sourced from com.autonomousapps:dependency-analysis-gradle-plugin's changelog.

Version 3.16.0

  • [feat]: only emit 'Fixing dependencies for...' if the build script is being rewritten.
  • [fix]: test against AGP 9.2.1 and update AGP_MAX to 9.2.1.
  • [fix]: make InMemoryCache compatible with isolated projects.
  • [fix]: escape Kotlin reserved keywords when using project accessors.
  • [fix]: improve handling of Android product flavors.
  • [fix]: improve handling of Android build types.
  • [maint]: update kotlin-editor-relocated to latest.
Commits
  • 61a80df chore: prepare for release 3.16.0.
  • 59b6a78 chore: delete commented-out code.
  • 21a6b9d fix: handle more product flavor and buildType cases.
  • 6dcabfc fix: improve handling of Android build types.
  • f9ad092 fix: improve handling of Android product flavors.
  • eb53672 fix(testkit-truth): JarSubject.resource failing on nested entry paths (#1739)
  • 8cd3686 maint: update kotlin-editor-relocated to latest.
  • ce653b0 chore(kotlin-editor): prepare next development version.
  • cdd2649 chore(kotlin-editor): prepare for kotlin-editor-relocated release 0.23.0.
  • 5990a0f fix: escape Kotlin reserved keywords when using project accessors (#1737)
  • Additional commits viewable in compare view

Updates com.gradleup.shadow:shadow-gradle-plugin from 9.4.2 to 9.4.3

Release notes

Sourced from com.gradleup.shadow:shadow-gradle-plugin's releases.

9.4.3

Changed

  • Update dependencies for resolving CVEs. (#2069)
Commits

Updates com.gradleup.shadow from 9.4.2 to 9.4.3

Release notes

Sourced from com.gradleup.shadow's releases.

9.4.3

Changed

  • Update dependencies for resolving CVEs. (#2069)
Commits

Updates org.jreleaser from 1.24.0 to 1.25.0

Updates org.graalvm.buildtools.native from 1.1.2 to 1.1.3

Release notes

Sourced from org.graalvm.buildtools.native's releases.

1.1.3

What's Changed

Full Changelog: graalvm/native-build-tools@1.1.2...1.1.3

Commits
  • 766a4e8 Release 1.1.3
  • 0a7a9b7 Refine grund specification (#917)
  • 6fcb943 Bump io.netty:netty-codec-http from 4.1.132.Final to 4.1.135.Final in /sample...
  • 7fcc3e8 Merge pull request #924 from graalvm/bump-version-to-1.1.3-SNAPSHOT
  • 704ab38 Bump version to 1.1.3-SNAPSHOT
  • f9ae0a5 Merge pull request #923 from graalvm/release/1.1.2
  • See full diff in compare view

Updates com.gradleup.shadow from 9.4.2 to 9.4.3

Release notes

Sourced from com.gradleup.shadow's releases.

9.4.3

Changed

  • Update dependencies for resolving CVEs. (#2069)
Commits

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
com.gradleup.shadow [>= 9.a, < 10]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Note: Dependabot was ignoring updates to this dependency, but since you've updated it yourself we've started tracking it for you again. 🤖

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the gradle group with 15 updates:

| Package | From | To |
| --- | --- | --- |
| [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) | `1.5.35` | `1.5.37` |
| [org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit-framework) | `6.1.0` | `6.1.1` |
| [org.junit.platform:junit-platform-launcher](https://github.com/junit-team/junit-framework) | `6.1.0` | `6.1.1` |
| software.amazon.awssdk:retries-spi | `2.46.17` | `2.46.19` |
| software.amazon.awssdk:retries | `2.46.17` | `2.46.19` |
| software.amazon.awssdk:sdk-core | `2.46.17` | `2.46.19` |
| software.amazon.awssdk:auth | `2.46.17` | `2.46.19` |
| [org.junit:junit-bom](https://github.com/junit-team/junit-framework) | `6.1.0` | `6.1.1` |
| [software.amazon.api.models:all](https://github.com/aws/api-models-aws) | `1.0.258` | `1.0.260` |
| [com.diffplug.spotless:spotless-plugin-gradle](https://github.com/diffplug/spotless) | `8.7.0` | `8.8.0` |
| [com.autonomousapps:dependency-analysis-gradle-plugin](https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin) | `3.15.0` | `3.16.0` |
| [com.gradleup.shadow:shadow-gradle-plugin](https://github.com/GradleUp/shadow) | `9.4.2` | `9.4.3` |
| [com.gradleup.shadow](https://github.com/GradleUp/shadow) | `9.4.2` | `9.4.3` |
| org.jreleaser | `1.24.0` | `1.25.0` |
| [org.graalvm.buildtools.native](https://github.com/graalvm/native-build-tools) | `1.1.2` | `1.1.3` |


Updates `ch.qos.logback:logback-classic` from 1.5.35 to 1.5.37
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](qos-ch/logback@v_1.5.35...v_1.5.37)

Updates `org.junit.jupiter:junit-jupiter` from 6.1.0 to 6.1.1
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r6.1.0...r6.1.1)

Updates `org.junit.platform:junit-platform-launcher` from 6.1.0 to 6.1.1
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r6.1.0...r6.1.1)

Updates `software.amazon.awssdk:retries-spi` from 2.46.17 to 2.46.19

Updates `software.amazon.awssdk:retries` from 2.46.17 to 2.46.19

Updates `software.amazon.awssdk:sdk-core` from 2.46.17 to 2.46.19

Updates `software.amazon.awssdk:auth` from 2.46.17 to 2.46.19

Updates `software.amazon.awssdk:retries` from 2.46.17 to 2.46.19

Updates `software.amazon.awssdk:sdk-core` from 2.46.17 to 2.46.19

Updates `software.amazon.awssdk:auth` from 2.46.17 to 2.46.19

Updates `org.junit:junit-bom` from 6.1.0 to 6.1.1
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r6.1.0...r6.1.1)

Updates `software.amazon.api.models:all` from 1.0.258 to 1.0.260
- [Commits](https://github.com/aws/api-models-aws/commits)

Updates `com.diffplug.spotless:spotless-plugin-gradle` from 8.7.0 to 8.8.0
- [Release notes](https://github.com/diffplug/spotless/releases)
- [Changelog](https://github.com/diffplug/spotless/blob/main/CHANGES.md)
- [Commits](diffplug/spotless@gradle/8.7.0...gradle/8.8.0)

Updates `com.autonomousapps:dependency-analysis-gradle-plugin` from 3.15.0 to 3.16.0
- [Changelog](https://github.com/autonomousapps/dependency-analysis-gradle-plugin/blob/main/CHANGELOG.md)
- [Commits](autonomousapps/dependency-analysis-gradle-plugin@v3.15.0...v3.16.0)

Updates `com.gradleup.shadow:shadow-gradle-plugin` from 9.4.2 to 9.4.3
- [Release notes](https://github.com/GradleUp/shadow/releases)
- [Commits](GradleUp/shadow@9.4.2...9.4.3)

Updates `com.gradleup.shadow` from 9.4.2 to 9.4.3
- [Release notes](https://github.com/GradleUp/shadow/releases)
- [Commits](GradleUp/shadow@9.4.2...9.4.3)

Updates `org.jreleaser` from 1.24.0 to 1.25.0

Updates `org.graalvm.buildtools.native` from 1.1.2 to 1.1.3
- [Release notes](https://github.com/graalvm/native-build-tools/releases)
- [Commits](graalvm/native-build-tools@1.1.2...1.1.3)

Updates `com.gradleup.shadow` from 9.4.2 to 9.4.3
- [Release notes](https://github.com/GradleUp/shadow/releases)
- [Commits](GradleUp/shadow@9.4.2...9.4.3)

---
updated-dependencies:
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.37
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle
- dependency-name: org.junit.jupiter:junit-jupiter
  dependency-version: 6.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle
- dependency-name: org.junit.platform:junit-platform-launcher
  dependency-version: 6.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle
- dependency-name: software.amazon.awssdk:retries-spi
  dependency-version: 2.46.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle
- dependency-name: software.amazon.awssdk:retries
  dependency-version: 2.46.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle
- dependency-name: software.amazon.awssdk:sdk-core
  dependency-version: 2.46.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle
- dependency-name: software.amazon.awssdk:auth
  dependency-version: 2.46.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle
- dependency-name: software.amazon.awssdk:retries
  dependency-version: 2.46.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle
- dependency-name: software.amazon.awssdk:sdk-core
  dependency-version: 2.46.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle
- dependency-name: software.amazon.awssdk:auth
  dependency-version: 2.46.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle
- dependency-name: org.junit:junit-bom
  dependency-version: 6.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle
- dependency-name: software.amazon.api.models:all
  dependency-version: 1.0.260
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle
- dependency-name: com.diffplug.spotless:spotless-plugin-gradle
  dependency-version: 8.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gradle
- dependency-name: com.autonomousapps:dependency-analysis-gradle-plugin
  dependency-version: 3.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gradle
- dependency-name: com.gradleup.shadow:shadow-gradle-plugin
  dependency-version: 9.4.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle
- dependency-name: com.gradleup.shadow
  dependency-version: 9.4.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle
- dependency-name: org.jreleaser
  dependency-version: 1.25.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gradle
- dependency-name: org.graalvm.buildtools.native
  dependency-version: 1.1.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle
- dependency-name: com.gradleup.shadow
  dependency-version: 9.4.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jul 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants