From 48bcbb570d69abc65402437fc0b4c6653dd3b43e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 25 Jun 2026 22:13:06 +0000 Subject: [PATCH 1/5] Bump gradle/actions/setup-gradle from 6.1.0 to 6.2.0 Bumps [gradle/actions/setup-gradle](https://github.com/gradle/actions) from 6.1.0 to 6.2.0. - [Release notes](https://github.com/gradle/actions/releases) - [Commits](https://github.com/gradle/actions/compare/50e97c2cd7a37755bbfafc9c5b7cafaece252f6e...3f131e8634966bd73d06cc69884922b02e6faf92) --- updated-dependencies: - dependency-name: gradle/actions/setup-gradle dependency-version: 6.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/build-and-test.yml | 2 +- .github/workflows/rl-secure.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index e3b35e09..1de8e1a9 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -17,7 +17,7 @@ jobs: java-version: 11 - name: Set up Gradle - uses: gradle/actions/setup-gradle@50e97c2cd7a37755bbfafc9c5b7cafaece252f6e # v6.1.0 + uses: gradle/actions/setup-gradle@3f131e8634966bd73d06cc69884922b02e6faf92 # v6.2.0 - name: Test and Assemble and ApiDiff with Gradle run: ./gradlew assemble apiDiff check jacocoTestReport --continue --console=plain diff --git a/.github/workflows/rl-secure.yml b/.github/workflows/rl-secure.yml index ccf2246a..3b31c685 100644 --- a/.github/workflows/rl-secure.yml +++ b/.github/workflows/rl-secure.yml @@ -43,7 +43,7 @@ jobs: java-version: ${{ inputs.java-version }} - name: Set up Gradle - uses: gradle/actions/setup-gradle@50e97c2cd7a37755bbfafc9c5b7cafaece252f6e # v6.1.0 + uses: gradle/actions/setup-gradle@3f131e8634966bd73d06cc69884922b02e6faf92 # v6.2.0 - name: Test and Assemble and ApiDiff with Gradle run: ./gradlew assemble apiDiff check jacocoTestReport --continue --console=plain From e7251d752672c3106c10c00c30cd83bd7953413a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 25 Jun 2026 22:13:10 +0000 Subject: [PATCH 2/5] Bump gradle/actions/wrapper-validation from 6.1.0 to 6.2.0 Bumps [gradle/actions/wrapper-validation](https://github.com/gradle/actions) from 6.1.0 to 6.2.0. - [Release notes](https://github.com/gradle/actions/releases) - [Commits](https://github.com/gradle/actions/compare/50e97c2cd7a37755bbfafc9c5b7cafaece252f6e...3f131e8634966bd73d06cc69884922b02e6faf92) --- updated-dependencies: - dependency-name: gradle/actions/wrapper-validation dependency-version: 6.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/gradle-wrapper-validation.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/gradle-wrapper-validation.yml b/.github/workflows/gradle-wrapper-validation.yml index 6e44d99b..2d430f2a 100644 --- a/.github/workflows/gradle-wrapper-validation.yml +++ b/.github/workflows/gradle-wrapper-validation.yml @@ -7,4 +7,4 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v6 - - uses: gradle/actions/wrapper-validation@50e97c2cd7a37755bbfafc9c5b7cafaece252f6e # pin@v6.1.0 \ No newline at end of file + - uses: gradle/actions/wrapper-validation@3f131e8634966bd73d06cc69884922b02e6faf92 # pin@v6.2.0 \ No newline at end of file From 50fe53e0045dbb818c14bd93939a727f43a22fe7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 18 Jun 2026 22:13:27 +0000 Subject: [PATCH 3/5] chore: Triage Depandabot PRs --- .github/workflows/build-and-test.yml | 2 +- .github/workflows/gradle-wrapper-validation.yml | 2 +- .github/workflows/java-release.yml | 2 +- .github/workflows/rl-secure.yml | 2 +- .github/workflows/snyk.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 1de8e1a9..52c088bf 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -10,7 +10,7 @@ jobs: gradle: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-java@v5 with: distribution: temurin diff --git a/.github/workflows/gradle-wrapper-validation.yml b/.github/workflows/gradle-wrapper-validation.yml index 2d430f2a..414417f7 100644 --- a/.github/workflows/gradle-wrapper-validation.yml +++ b/.github/workflows/gradle-wrapper-validation.yml @@ -6,5 +6,5 @@ jobs: name: "validation/gradlew" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: gradle/actions/wrapper-validation@3f131e8634966bd73d06cc69884922b02e6faf92 # pin@v6.2.0 \ No newline at end of file diff --git a/.github/workflows/java-release.yml b/.github/workflows/java-release.yml index 1ab703f9..bf063ff5 100644 --- a/.github/workflows/java-release.yml +++ b/.github/workflows/java-release.yml @@ -29,7 +29,7 @@ jobs: steps: # Checkout the code - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: fetch-depth: 0 diff --git a/.github/workflows/rl-secure.yml b/.github/workflows/rl-secure.yml index 3b31c685..4af4af64 100644 --- a/.github/workflows/rl-secure.yml +++ b/.github/workflows/rl-secure.yml @@ -32,7 +32,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: fetch-depth: 0 diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml index 9e88507b..17721020 100644 --- a/.github/workflows/snyk.yml +++ b/.github/workflows/snyk.yml @@ -30,7 +30,7 @@ jobs: - if: github.actor == 'dependabot[bot]' || github.event_name == 'merge_group' run: exit 0 # Skip unnecessary test runs for dependabot and merge queues. Artifically flag as successful, as this is a required check for branch protection. - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: ref: ${{ github.event.pull_request.head.sha || github.ref }} From 52301307c6cf1b8c19cb888b604664992ffd948f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Jun 2026 22:14:43 +0000 Subject: [PATCH 4/5] Bump codecov/codecov-action from 5.5.2 to 7.0.0 Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.5.2 to 7.0.0. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/671740ac38dd9b0130fbe1cec585b89eea48d3de...fb8b3582c8e4def4969c97caa2f19720cb33a72f) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/build-and-test.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index 52c088bf..0d2caf7e 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -22,7 +22,7 @@ jobs: - name: Test and Assemble and ApiDiff with Gradle run: ./gradlew assemble apiDiff check jacocoTestReport --continue --console=plain - - uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de + - uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f with: flags: unittests - uses: actions/upload-artifact@v7 From f0702cf73f4793ffc079ad41bb6f5647ec545270 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 4 Jun 2026 03:21:07 +0000 Subject: [PATCH 5/5] Bump com.fasterxml.jackson.core:jackson-core in /lib Bumps [com.fasterxml.jackson.core:jackson-core](https://github.com/FasterXML/jackson-core) from 2.21.3 to 2.22.0. - [Commits](https://github.com/FasterXML/jackson-core/compare/jackson-core-2.21.3...jackson-core-2.22.0) --- updated-dependencies: - dependency-name: com.fasterxml.jackson.core:jackson-core dependency-version: 2.22.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- lib/build.gradle | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/build.gradle b/lib/build.gradle index 66c204cc..30604463 100644 --- a/lib/build.gradle +++ b/lib/build.gradle @@ -128,8 +128,8 @@ javadoc { } dependencies { - implementation 'com.fasterxml.jackson.core:jackson-core:2.21.3' - implementation 'com.fasterxml.jackson.core:jackson-databind:2.21.3' + implementation 'com.fasterxml.jackson.core:jackson-core:2.22.0' + implementation 'com.fasterxml.jackson.core:jackson-databind:2.22.0' testImplementation 'org.bouncycastle:bcprov-jdk15on:1.70' testImplementation 'junit:junit:4.13.2'