Skip to content

build(deps): Bump the minor-and-patch group across 1 directory with 7 updates#8

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/gradle/minor-and-patch-5a1a958d6e
Closed

build(deps): Bump the minor-and-patch group across 1 directory with 7 updates#8
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/gradle/minor-and-patch-5a1a958d6e

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 1, 2026

Copy link
Copy Markdown

Bumps the minor-and-patch group with 7 updates in the / directory:

Package From To
gradle-wrapper 9.4.1 9.5.1
com.uber.nullaway:nullaway 0.13.3 0.13.4
org.slf4j:slf4j-api 2.0.17 2.0.18
ch.qos.logback:logback-classic 1.5.32 1.5.33
org.junit.jupiter:junit-jupiter 6.0.3 6.1.0
org.junit.platform:junit-platform-launcher 6.0.3 6.1.0
com.diffplug.spotless 8.4.0 8.6.0

Updates gradle-wrapper from 9.4.1 to 9.5.1

Release notes

Sourced from gradle-wrapper's releases.

9.5.1

The Gradle team is excited to announce Gradle 9.5.1.

Here are the highlights of this release:

  • Task provenance in reports and failure messages
  • Type-safe accessors for precompiled Kotlin Settings plugins

Read the Release Notes

We would like to thank the following community members for their contributions to this release of Gradle: atm1020, mataha, Adam, Attila Kelemen, Benedikt Ritter, Björn Kautler, Caro Silva Rode, CHANHAN, Dmitry Nezavitin, Eng Zer Jun, KugelLibelle, Madalin Valceleanu, Markus Gaisbauer, Oliver Kopp, Philip Wedemann, ploober, Roberto Perez Alcolea, Rohit Anand, Suvrat Acharya, Ujwal Suresh Vanjare, Victor Merkulov

Upgrade instructions

Switch your build to use Gradle 9.5.1 by updating your wrapper:

./gradlew wrapper --gradle-version=9.5.1 && ./gradlew wrapper

See the Gradle 9.x upgrade guide to learn about deprecations, breaking changes and other considerations when upgrading.

For Java, Groovy, Kotlin and Android compatibility, see the full compatibility notes.

Reporting problems

If you find a problem with this release, please file a bug on GitHub Issues adhering to our issue guidelines. If you're not sure you're encountering a bug, please use the forum.

We hope you will build happiness with Gradle, and we look forward to your feedback via Twitter or on GitHub.

9.5.0

... (truncated)

Commits
  • fd78213 Update Documentation Infrastructure: Fix scrolling issue in user manual (#37861)
  • 7758437 fix scroll
  • 2fd605f Only try to run as worker thread in DefaultBuildOperationQueue (#37845)
  • af69849 Release notes for Gradle 9.5.1 (#37853)
  • f4d9d03 Release notes for Gradle 9.5.1
  • 01eda3a Address review feedback on worker-lease retry changes
  • 7024e15 Revert enrich file visitor with size info on release branch (#37848)
  • d51476f Fix tryRunAsWorkerThread null-return test to match contract
  • 090ebab Revert "Add getLength() to FilePropertyVisitor.VisitState"
  • bceab24 Revert "Fix annotation"
  • Additional commits viewable in compare view

Updates com.uber.nullaway:nullaway from 0.13.3 to 0.13.4

Release notes

Sourced from com.uber.nullaway:nullaway's releases.

NullAway 0.13.4

Fixes a couple of crashes when running NullAway on JDK 27 ea builds. Also modularizes the annotations jar.

  • Modularize the annotations JAR by @​anthonyvdotbe (#1537)
  • Test on JDK 27 EA (#1540)
  • Fix crash on JDK 27 (#1541)
  • Maintenance
    • Run regression tests on JDK 26 (#1526)
    • Refactor ThriftTests and Java8Tests to use addSourceLines instead of deprecated addSourceFile by @​nanookclaw (#1517)
    • Update to WALA 1.7.1 (#1539)
Changelog

Sourced from com.uber.nullaway:nullaway's changelog.

Version 0.13.4

Fixes a couple of crashes when running NullAway on JDK 27 ea builds. Also modularizes the annotations jar.

  • Modularize the annotations JAR by @​anthonyvdotbe (#1537)
  • Test on JDK 27 EA (#1540)
  • Fix crash on JDK 27 (#1541)
  • Maintenance
    • Run regression tests on JDK 26 (#1526)
    • Refactor ThriftTests and Java8Tests to use addSourceLines instead of deprecated addSourceFile by @​nanookclaw (#1517)
    • Update to WALA 1.7.1 (#1539)
Commits

Updates org.slf4j:slf4j-api from 2.0.17 to 2.0.18

Updates ch.qos.logback:logback-classic from 1.5.32 to 1.5.33

Release notes

Sourced from ch.qos.logback:logback-classic's releases.

Logback 1.5.33

2026-05-27 Release of logback version 1.5.33

PropertiesConfiguratorModelHandler now registers properties file URLs to the ConfigurationWatchList when scan is enabled (via local scan="true" attribute or top-level configuration scan), ensuring changes are detected and reconfiguration occurs. This problem was reported in issues/1034.

• When processing <conversionRule> elements and both class and converterClass attributes are specified, silently use the class attribute without issuing a warning. However, if the attribute values differ, a warning will be issued. This change was requested in issues/1031.

HardenedModelInputStream will no longer accept to deserialize all classes located under the "java.lang" and "java.util" packages but a limited number of explicitly authorized classes in those packages. This potential deserialization whitelist bypass vulnerability was reported by York Shen and registered as CVE-2026-9828.

• SSL parameters for SSLSocketAppender now enable hostname verification by default. Moreover, the default protocol is now "TLSv1.2". This potential vulnerability was reported by York Shen.

• When printing the status message field, ViewStatusMessagesServletBase now escapes special characters such as "&" as character entities. This potential vulnerability was reported by York Shen.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 124e8b49b55ac34d08743a0646bd463410192647 associated with the tag v_1.5.33. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Commits
  • 124e8b4 prepare release 1.5.33
  • d8fd6f2 escapeTags in message field when printing status messages
  • 95edbeb hostnameVerification default to true in SSLParametersConfiguration, SSL.DEFAU...
  • b768a96 remove spurious java.swing.* import
  • 12cf2c5 classes in java.lang and java.util are now whitelisted individually
  • e9133ed fix typo
  • 47089a2 added Filip Egeric icla
  • 85735f7 Modified ConversionRuleAction.java: Updated validPreconditions() to
  • 614f7a7 the official name for initial instructions file foe coding agents is AGENTS.md
  • fe50bb5 fix: do not warn when both converterClass and class attributes are specified ...
  • Additional commits viewable in compare view

Updates org.junit.jupiter:junit-jupiter from 6.0.3 to 6.1.0

Release notes

Sourced from org.junit.jupiter:junit-jupiter's releases.

JUnit 6.1.0 = Platform 6.1.0 + Jupiter 6.1.0 + Vintage 6.1.0

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r6.0.3...r6.1.0

JUnit 6.1.0-RC1 = Platform 6.1.0-RC1 + Jupiter 6.1.0-RC1 + Vintage 6.1.0-RC1

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r6.1.0-M1...r6.1.0-RC1

JUnit 6.1.0-M1 = Platform 6.1.0-M1 + Jupiter 6.1.0-M1 + Vintage 6.1.0-M1

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r6.0.0...r6.1.0-M1

Commits

Updates org.junit.platform:junit-platform-launcher from 6.0.3 to 6.1.0

Release notes

Sourced from org.junit.platform:junit-platform-launcher's releases.

JUnit 6.1.0 = Platform 6.1.0 + Jupiter 6.1.0 + Vintage 6.1.0

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r6.0.3...r6.1.0

JUnit 6.1.0-RC1 = Platform 6.1.0-RC1 + Jupiter 6.1.0-RC1 + Vintage 6.1.0-RC1

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r6.1.0-M1...r6.1.0-RC1

JUnit 6.1.0-M1 = Platform 6.1.0-M1 + Jupiter 6.1.0-M1 + Vintage 6.1.0-M1

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r6.0.0...r6.1.0-M1

Commits

Updates org.junit.platform:junit-platform-launcher from 6.0.3 to 6.1.0

Release notes

Sourced from org.junit.platform:junit-platform-launcher's releases.

JUnit 6.1.0 = Platform 6.1.0 + Jupiter 6.1.0 + Vintage 6.1.0

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r6.0.3...r6.1.0

JUnit 6.1.0-RC1 = Platform 6.1.0-RC1 + Jupiter 6.1.0-RC1 + Vintage 6.1.0-RC1

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r6.1.0-M1...r6.1.0-RC1

JUnit 6.1.0-M1 = Platform 6.1.0-M1 + Jupiter 6.1.0-M1 + Vintage 6.1.0-M1

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r6.0.0...r6.1.0-M1

Commits

Updates com.diffplug.spotless from 8.4.0 to 8.6.0

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

… updates

Bumps the minor-and-patch group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [gradle-wrapper](https://github.com/gradle/gradle) | `9.4.1` | `9.5.1` |
| [com.uber.nullaway:nullaway](https://github.com/uber/NullAway) | `0.13.3` | `0.13.4` |
| org.slf4j:slf4j-api | `2.0.17` | `2.0.18` |
| [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) | `1.5.32` | `1.5.33` |
| [org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit-framework) | `6.0.3` | `6.1.0` |
| [org.junit.platform:junit-platform-launcher](https://github.com/junit-team/junit-framework) | `6.0.3` | `6.1.0` |
| com.diffplug.spotless | `8.4.0` | `8.6.0` |



Updates `gradle-wrapper` from 9.4.1 to 9.5.1
- [Release notes](https://github.com/gradle/gradle/releases)
- [Commits](gradle/gradle@v9.4.1...v9.5.1)

Updates `com.uber.nullaway:nullaway` from 0.13.3 to 0.13.4
- [Release notes](https://github.com/uber/NullAway/releases)
- [Changelog](https://github.com/uber/NullAway/blob/master/CHANGELOG.md)
- [Commits](uber/NullAway@v0.13.3...v0.13.4)

Updates `org.slf4j:slf4j-api` from 2.0.17 to 2.0.18

Updates `ch.qos.logback:logback-classic` from 1.5.32 to 1.5.33
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](qos-ch/logback@v_1.5.32...v_1.5.33)

Updates `org.junit.jupiter:junit-jupiter` from 6.0.3 to 6.1.0
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r6.0.3...r6.1.0)

Updates `org.junit.platform:junit-platform-launcher` from 6.0.3 to 6.1.0
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r6.0.3...r6.1.0)

Updates `org.junit.platform:junit-platform-launcher` from 6.0.3 to 6.1.0
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r6.0.3...r6.1.0)

Updates `com.diffplug.spotless` from 8.4.0 to 8.6.0

---
updated-dependencies:
- dependency-name: gradle-wrapper
  dependency-version: 9.5.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: com.uber.nullaway:nullaway
  dependency-version: 0.13.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: org.slf4j:slf4j-api
  dependency-version: 2.0.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.33
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: org.junit.jupiter:junit-jupiter
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: org.junit.platform:junit-platform-launcher
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: org.junit.platform:junit-platform-launcher
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: com.diffplug.spotless
  dependency-version: 8.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Jun 1, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jun 15, 2026

Copy link
Copy Markdown
Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Jun 15, 2026
@dependabot dependabot Bot deleted the dependabot/gradle/minor-and-patch-5a1a958d6e branch June 15, 2026 02:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants