Skip to content

Bump the gradle-deps group with 7 updates #488

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 1, 2025
Merged

Bump the gradle-deps group with 7 updates #488

merged 1 commit into from
Oct 1, 2025

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 1, 2025

Bumps the gradle-deps group with 7 updates:

Package From To
cd.go.plugin:go-plugin-api 25.2.0 25.3.0
io.fabric8:kubernetes-client-api 7.3.1 7.4.0
org.junit:junit-bom 5.13.4 6.0.0
com.google.code.gson:gson 2.13.1 2.13.2
org.assertj:assertj-core 3.27.3 3.27.6
org.mockito:mockito-core 5.18.0 5.20.0
org.jsoup:jsoup 1.21.1 1.21.2

Updates cd.go.plugin:go-plugin-api from 25.2.0 to 25.3.0

Release notes

Sourced from cd.go.plugin:go-plugin-api's releases.

GoCD 25.3.0

Check release notes at https://www.gocd.org/releases/

Commits
  • 9fa097f Tidy up whitespace
  • 3ae8ab4 Resolve minor Windows test failures
  • c86b06d Migrate some commons-io usage away from base dependencies
  • 1d1ab68 Rationalise use of Joda, replacing with java.time
  • cdc80ce Rationalise Commons Collections usage, replacing with idiomatic approaches
  • ff6ba14 Further reduce unnecessary commons lang usage allowing agent-launcher removal
  • 60d8515 Remove unused/unnecessary code
  • bf696b3 Reduce dependencies for server launcher by limiting use of third party libraries
  • See full diff in compare view

Updates io.fabric8:kubernetes-client-api from 7.3.1 to 7.4.0

Release notes

Sourced from io.fabric8:kubernetes-client-api's releases.

7.4.0 (2025-09-08)

Bugs

  • Fix #3032: EnableKubernetesMockClient annotation works with Nested tests
  • Fix #7148: corrected octal format detection
  • Fix #7167: Allow Informer.isWatching to see underlying Watch state
  • Fix #7087: Avoid possible NPE in OkHttp websocket handling
  • Fix #7072: Changed rolling update handling to json merge patch to avoid 422 errors
  • Fix #7080: Avoid NPE in CRDGenerator if post-processor is set to null
  • Fix #7116: (java-generator) Use timezone format compatible with Kubernetes
  • Fix #7163: Ensure that streams are notified of errors
  • Fix #7092: (crd-generator) Add support for @​Annotations and @​Labels in CRD generation - CRD generator now includes annotations and labels specified via these annotations in the generated CRD metadata
  • Fix #7224: Fix KubeApiTest inheritance from base test class

Improvements

  • Fix #7217: refinements and expanded documentation for preserve unknown handling

Dependency Upgrade

New Features

  • Fix #7045: (java-generator) Extend the existingJavaTypes to support use of existing enumerations

Note: Breaking changes

Fix #7204: Rationalized config constructors

New Contributors

Full Changelog: fabric8io/kubernetes-client@v7.3.1...v7.4.0

Changelog

Sourced from io.fabric8:kubernetes-client-api's changelog.

7.4.0 (2025-09-08)

Bugs

  • Fix #3032: EnableKubernetesMockClient annotation works with Nested tests
  • Fix #7148: corrected octal format detection
  • Fix #7167: Allow Informer.isWatching to see underlying Watch state
  • Fix #7087: Avoid possible NPE in OkHttp websocket handling
  • Fix #7072: Changed rolling update handling to json merge patch to avoid 422 errors
  • Fix #7080: Avoid NPE in CRDGenerator if post-processor is set to null
  • Fix #7116: (java-generator) Use timezone format compatible with Kubernetes
  • Fix #7163: Ensure that streams are notified of errors
  • Fix #7092: (crd-generator) Add support for @​Annotations and @​Labels in CRD generation - CRD generator now includes annotations and labels specified via these annotations in the generated CRD metadata
  • Fix #7224: Fix KubeApiTest inheritance from base test class

Improvements

  • Fix #7217: refinements and expanded documentation for preserve unknown handling

Dependency Upgrade

New Features

  • Fix #7045: (java-generator) Extend the existingJavaTypes to support use of existing enumerations

Note: Breaking changes

Fix #7204: Rationalized config constructors

6.14.0 (2025-06-10)

Bugs

  • Fix #7107: Jackson 2.19.0+ support

Note: Breaking changes

  • Fix #7107: This release is not backwards-compatible with previous versions of Jackson, you'll need to use Jackson 2.19.0 in your project for a correct behavior of the Kubernetes Client.
Commits
  • 027c172 [RELEASE] Updated project version to v7.4.0
  • 7afb7a0 feat(ci): maven central publish for releases
  • 5d3b81f chore: add missing entry in changelog for #7204
  • 5b0f703 feat(config)!: rationalizing Config constructors / building (#7204)
  • d566303 chore(deps): bump org.projectlombok:lombok from 1.18.38 to 1.18.40
  • d9a2f2c chore(deps-dev): bump com.google.testing.compile:compile-testing
  • 4861d52 chore(deps): bump actions/setup-go from 5 to 6
  • 810ac7e chore(deps): bump io.swagger.parser.v3:swagger-parser
  • 874dee7 chore(deps): bump org.sonarsource.scanner.maven:sonar-maven-plugin
  • 6fe86db chore(deps): bump knative.dev/eventing-kafka-broker
  • Additional commits viewable in compare view

Updates org.junit:junit-bom from 5.13.4 to 6.0.0

Release notes

Sourced from org.junit:junit-bom's releases.

JUnit 6.0.0 = Platform 6.0.0 + Jupiter 6.0.0 + Vintage 6.0.0

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r5.14.0...r6.0.0

JUnit 6.0.0-RC3 = Platform 6.0.0-RC3 + Jupiter 6.0.0-RC3 + Vintage 6.0.0-RC3

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r6.0.0-RC2...r6.0.0-RC3

JUnit 6.0.0-RC2 = Platform 6.0.0-RC2 + Jupiter 6.0.0-RC2 + Vintage 6.0.0-RC2

See Release Notes.

Full Changelog: junit-team/junit-framework@r6.0.0-RC1...r6.0.0-RC2

JUnit 6.0.0-RC1 = Platform 6.0.0-RC1 + Jupiter 6.0.0-RC1 + Vintage 6.0.0-RC1

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r6.0.0-M2...r6.0.0-RC1

JUnit 6.0.0-M2 = Platform 6.0.0-M2 + Jupiter 6.0.0-M2 + Vintage 6.0.0-M2

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r6.0.0-M1...r6.0.0-M2

... (truncated)

Commits
  • 4f79594 Release 6.0.0
  • 55af30a Revert "Use develop/6.x branch for junit-examples during release build"
  • df3cfdd Release 5.14.0
  • fcb84a2 Disable backward compatibility check when offline
  • c9c8344 Prune 5.14.0 release notes
  • 03d8a72 Update broken link to using API Gaurdian with bndtools
  • 3a0b29b Use temporary JUnit 6 logo
  • 6603caa Rename eclipseClasspath to eclipseConventions to avoid confusion
  • ab3470b Make sealed MediaType work in Eclipse
  • a8cd41e Remove annotations not visible in Eclipse
  • Additional commits viewable in compare view

Updates com.google.code.gson:gson from 2.13.1 to 2.13.2

Release notes

Sourced from com.google.code.gson:gson's releases.

Gson 2.13.2

The main changes in this release are just newer dependencies.

What's Changed

New Contributors

Full Changelog: google/gson@gson-parent-2.13.1...gson-parent-2.13.2

Commits
  • 686fad7 [maven-release-plugin] prepare release gson-parent-2.13.2
  • c2d252a Switch to using central-publishing-maven-plugin. (#2900)
  • 69cb755 Bump the github-actions group with 5 updates (#2894)
  • ea552c2 Bump the maven group across 1 directory with 3 updates (#2898)
  • fdc616d Set top-level permissions for CodeQL workflow (#2889)
  • 9334715 Create scorecard.yml (#2888)
  • f7de5c2 Bump the maven group with 8 updates (#2885)
  • 8c23cd3 Update sources to satisfy a new Error Prone check. (#2887)
  • 5eab3ed Bump the github-actions group with 2 updates (#2886)
  • 5f5c200 Bump the maven group across 1 directory with 10 updates (#2872)
  • Additional commits viewable in compare view

Updates org.assertj:assertj-core from 3.27.3 to 3.27.6

Release notes

Sourced from org.assertj:assertj-core's releases.

v3.27.6

🐛 Bug Fixes

Core

  • Add missing export for org.assertj.core.annotation #3951

❤️ Contributors

Thanks to all the contributors who worked on this release:

@​duponter

v3.27.5

⚡ Improvements

Core

  • ByteBuddy in AssertJ 3.27.4 not compatible with Java 25 #3946

🔨 Dependency Upgrades

Core

  • Upgrade to Byte Buddy 1.17.7 #3947
  • Upgrade to JUnit BOM 5.13.4 #3947

Guava

  • Upgrade to Guava 33.4.8-jre #3947

v3.27.4

🚫 Deprecated

Core

  • Deprecate org.assertj.core.annotations.Beta in favor of org.assertj.core.annotation.Beta
  • Deprecate org.assertj.core.util.CanIgnoreReturnValue in favor of org.assertj.core.annotation.CanIgnoreReturnValue
  • Deprecate org.assertj.core.util.CheckReturnValue in favor of org.assertj.core.annotation.CheckReturnValue

🐛 Bug Fixes

Core

  • Fix thread-safety in AbstractDateAssert #3874

⚡ Improvements

  • Migrate to the Central Publisher Portal, enable snapshot publishing #3881

... (truncated)

Commits
  • 716b1e0 [maven-release-plugin] prepare release assertj-build-3.27.6
  • e189652 Add missing export for org.assertj.core.annotation (#3951)
  • 0cb489e Update Maven Central URL
  • 7286309 [maven-release-plugin] prepare for next development iteration
  • dd4cc1d [maven-release-plugin] prepare release assertj-build-3.27.5
  • 1d0defc Add missing permission to release workflow
  • 844d5d0 Add missing GitHub Actions pinning to CodeQL workflow
  • bdd7106 Add CodeQL custom workflow
  • a93d7e6 Remove EOL Java 24
  • 26ea866 Update production dependencies (#3947)
  • Additional commits viewable in compare view

Updates org.mockito:mockito-core from 5.18.0 to 5.20.0

Release notes

Sourced from org.mockito:mockito-core's releases.

v5.20.0

Changelog generated by Shipkit Changelog Gradle Plugin

5.20.0

v5.19.0

Changelog generated by Shipkit Changelog Gradle Plugin

5.19.0

... (truncated)

Commits
  • 3a1a19e Add support for generic types in MockedConstruction and MockedStatic (#3729)
  • f3c957a Bump org.assertj:assertj-core from 3.27.4 to 3.27.5 (#3730)
  • 3cfbd42 Bump graalvm/setup-graalvm from 1.3.6 to 1.3.7 (#3725)
  • 6f9a04b Bump com.gradle.develocity from 4.1.1 to 4.2 (#3726)
  • c75dfb8 Bump org.eclipse.platform:org.eclipse.osgi from 3.23.100 to 3.23.200 (#3720)
  • 54474fa Bump graalvm/setup-graalvm from 1.3.5 to 1.3.6 (#3719)
  • bc06f21 Use Assume.assumeThat for SequencedCollection tests (#3711)
  • a10aed0 Bump actions/setup-java from 4 to 5 (#3715)
  • 37bb3e5 Fix metadata generation on GraalVM (#3710)
  • ef2fd6f Bump com.gradle.develocity from 4.1 to 4.1.1 (#3713)
  • Additional commits viewable in compare view

Updates org.jsoup:jsoup from 1.21.1 to 1.21.2

Release notes

Sourced from org.jsoup:jsoup's releases.

jsoup 1.21.2

jsoup 1.21.2 is out now, adding support for custom SSLContext in HTTP/2 connections, and improving consistency in how user data is handled in attributes. It also brings performance gains in DOM manipulation and fragment parsing, and fixes several edge cases in stream parsing, traversal, cloning, and concurrent reads.

jsoup is a Java library for working with real-world HTML and XML. It provides a very convenient API for extracting and manipulating data, using the best of HTML5 DOM methods and CSS selectors.

Changes

  • Deprecated internal (yet visible) methods Normalizer#normalize(String, bool) and Attribute#shouldCollapseAttribute(Document.OutputSettings). These will be removed in a future version.
  • Deprecated Connection#sslSocketFactory(SSLSocketFactory) in favor of the new Connection#sslContext(SSLContext). Using sslSocketFactory will force the use of the legacy HttpUrlConnection implementation, which does not support HTTP/2. #2370

Improvements

  • When pretty-printing, if there are consecutive text nodes (via DOM manipulation), the non-significant whitespace between them will be collapsed. #2349.
  • Updated Connection.Response#statusMessage() to return a simple loggable string message (e.g. "OK") when using the HttpClient implementation, which doesn't otherwise return any server-set status message. #2356
  • Attributes#size() and Attributes#isEmpty() now exclude any internal attributes (such as user data) from their count. This aligns with the attributes' serialized output and iterator. #2369
  • Added Connection#sslContext(SSLContext) to provide a custom SSL (TLS) context to requests, supporting both the HttpClient and the legacy HttUrlConnection implementations. #2370
  • Performance optimizations for DOM manipulation methods including when repeatedly removing an element's first child (element.child(0).remove(), and when using Parser#parseBodyFragement() to parse a large number of direct children. #2373.

Bug Fixes

  • When parsing from an InputStream and a multibyte character happened to straddle a buffer boundary, the stream would not be completely read. #2353.
  • In NodeTraversor, if a last child element was removed during the head() call, the parent would be visited twice. #2355.
  • Cloning an Element that has an Attributes object would add an empty internal user-data attribute to that clone, which would cause unexpected results for Attributes#size() and Attributes#isEmpty(). #2356
  • In a multithreaded application where multiple threads are calling Element#children() on the same element concurrently, a race condition could happen when the method was generating the internal child element cache (a filtered view of its child nodes). Since concurrent reads of DOM objects should be threadsafe without external synchronization, this method has been updated to execute atomically. #2366
  • When parsing HTML with svg:script elements in SVG elements, don't enter the Text insertion mode, but continue to parse as foreign content. Otherwise, misnested HTML could then cause an IndexOutOfBoundsException. #2374
  • Malformed HTML could throw an IndexOutOfBoundsException during the adoption agency. #2377.
Changelog

Sourced from org.jsoup:jsoup's changelog.

1.21.2 (2025-Aug-25)

Changes

  • Deprecated internal (yet visible) methods Normalizer#normalize(String, bool) and Attribute#shouldCollapseAttribute(Document.OutputSettings). These will be removed in a future version.
  • Deprecated Connection#sslSocketFactory(SSLSocketFactory) in favor of the new Connection#sslContext(SSLContext). Using sslSocketFactory will force the use of the legacy HttpUrlConnection implementation, which does not support HTTP/2. #2370

Improvements

  • When pretty-printing, if there are consecutive text nodes (via DOM manipulation), the non-significant whitespace between them will be collapsed. #2349.
  • Updated Connection.Response#statusMessage() to return a simple loggable string message (e.g. "OK") when using the HttpClient implementation, which doesn't otherwise return any server-set status message. #2356
  • Attributes#size() and Attributes#isEmpty() now exclude any internal attributes (such as user data) from their count. This aligns with the attributes' serialized output and iterator. #2369
  • Added Connection#sslContext(SSLContext) to provide a custom SSL (TLS) context to requests, supporting both the HttpClient and the legacy HttUrlConnection implementations. #2370
  • Performance optimizations for DOM manipulation methods including when repeatedly removing an element's first child (element.child(0).remove(), and when using Parser#parseBodyFragement() to parse a large number of direct children. #2373.

Bug Fixes

  • When parsing from an InputStream and a multibyte character happened to straddle a buffer boundary, the stream would not be completely read. #2353.
  • In NodeTraversor, if a last child element was removed during the head() call, the parent would be visited twice. #2355.
  • Cloning an Element that has an Attributes object would add an empty internal user-data attribute to that clone, which would cause unexpected results for Attributes#size() and Attributes#isEmpty(). #2356
  • In a multithreaded application where multiple threads are calling Element#children() on the same element concurrently, a race condition could happen when the method was generating the internal child element cache (a filtered view of its child nodes). Since concurrent reads of DOM objects should be threadsafe without external synchronization, this method has been updated to execute atomically. #2366
  • When parsing HTML with svg:script elements in SVG elements, don't enter the Text insertion mode, but continue to parse as foreign content. Otherwise, misnested HTML could then cause an IndexOutOfBoundsException. #2374
  • Malformed HTML could throw an IndexOutOfBoundsException during the adoption agency. #2377.
Commits
  • b02837b [maven-release-plugin] prepare release jsoup-1.21.2
  • 1f0c207 v1.21.2 release date
  • b093463 Use central-publishing-maven-plugin
  • 615b959 Updating sonatype deploy URLs
  • 6961720 Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.11.2 to 3.11.3 (#2386)
  • 82864b2 Bump jetty.version from 9.4.57.v20241219 to 9.4.58.v20250814 (#2385)
  • 71f963e Fix for HTML that breaks the select scope
  • 6b20f6e Removed effective recursion closing \</select>
  • eb2957a Bump actions/checkout from 4 to 5 (#2382)
  • 3a9a6c7 Fix ProxyTest in CI
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the gradle-deps group with 7 updates
3fe5465 
Bumps the gradle-deps group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [cd.go.plugin:go-plugin-api](https://github.com/gocd/gocd) | `25.2.0` | `25.3.0` |
| [io.fabric8:kubernetes-client-api](https://github.com/fabric8io/kubernetes-client) | `7.3.1` | `7.4.0` |
| [org.junit:junit-bom](https://github.com/junit-team/junit-framework) | `5.13.4` | `6.0.0` |
| [com.google.code.gson:gson](https://github.com/google/gson) | `2.13.1` | `2.13.2` |
| [org.assertj:assertj-core](https://github.com/assertj/assertj) | `3.27.3` | `3.27.6` |
| [org.mockito:mockito-core](https://github.com/mockito/mockito) | `5.18.0` | `5.20.0` |
| [org.jsoup:jsoup](https://github.com/jhy/jsoup) | `1.21.1` | `1.21.2` |


Updates `cd.go.plugin:go-plugin-api` from 25.2.0 to 25.3.0
- [Release notes](https://github.com/gocd/gocd/releases)
- [Commits](gocd/gocd@25.2.0...25.3.0)

Updates `io.fabric8:kubernetes-client-api` from 7.3.1 to 7.4.0
- [Release notes](https://github.com/fabric8io/kubernetes-client/releases)
- [Changelog](https://github.com/fabric8io/kubernetes-client/blob/main/CHANGELOG.md)
- [Commits](fabric8io/kubernetes-client@v7.3.1...v7.4.0)

Updates `org.junit:junit-bom` from 5.13.4 to 6.0.0
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r5.13.4...r6.0.0)

Updates `com.google.code.gson:gson` from 2.13.1 to 2.13.2
- [Release notes](https://github.com/google/gson/releases)
- [Changelog](https://github.com/google/gson/blob/main/CHANGELOG.md)
- [Commits](google/gson@gson-parent-2.13.1...gson-parent-2.13.2)

Updates `org.assertj:assertj-core` from 3.27.3 to 3.27.6
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](assertj/assertj@assertj-build-3.27.3...assertj-build-3.27.6)

Updates `org.mockito:mockito-core` from 5.18.0 to 5.20.0
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](mockito/mockito@v5.18.0...v5.20.0)

Updates `org.jsoup:jsoup` from 1.21.1 to 1.21.2
- [Release notes](https://github.com/jhy/jsoup/releases)
- [Changelog](https://github.com/jhy/jsoup/blob/master/CHANGES.md)
- [Commits](jhy/jsoup@jsoup-1.21.1...jsoup-1.21.2)

---
updated-dependencies:
- dependency-name: cd.go.plugin:go-plugin-api
  dependency-version: 25.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gradle-deps
- dependency-name: io.fabric8:kubernetes-client-api
  dependency-version: 7.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gradle-deps
- dependency-name: org.junit:junit-bom
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gradle-deps
- dependency-name: com.google.code.gson:gson
  dependency-version: 2.13.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle-deps
- dependency-name: org.assertj:assertj-core
  dependency-version: 3.27.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle-deps
- dependency-name: org.mockito:mockito-core
  dependency-version: 5.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gradle-deps
- dependency-name: org.jsoup:jsoup
  dependency-version: 1.21.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gradle-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Oct 1, 2025
@chadlwilson chadlwilson merged commit cc6f622 into master Oct 1, 2025
1 check passed
@dependabot dependabot bot deleted the dependabot/gradle/gradle-deps-2c3922c9b4 branch October 1, 2025 14:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@chadlwilson