From a46408f968f17c553554d54a0b2389c6498e7b8b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 8 Apr 2026 08:23:49 +0000 Subject: [PATCH 01/12] chore(deps-dev): bump the junit-dependencies group with 2 updates Bumps the junit-dependencies group with 2 updates: [org.junit.jupiter:junit-jupiter-api](https://github.com/junit-team/junit-framework) and [org.junit.jupiter:junit-jupiter-params](https://github.com/junit-team/junit-framework). Updates `org.junit.jupiter:junit-jupiter-api` from 6.0.2 to 6.0.3 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](https://github.com/junit-team/junit-framework/compare/r6.0.2...r6.0.3) Updates `org.junit.jupiter:junit-jupiter-params` from 6.0.2 to 6.0.3 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](https://github.com/junit-team/junit-framework/compare/r6.0.2...r6.0.3) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter-api dependency-version: 6.0.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: junit-dependencies - dependency-name: org.junit.jupiter:junit-jupiter-params dependency-version: 6.0.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: junit-dependencies ... Signed-off-by: dependabot[bot] --- pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index 25f5e30c..bfc6cdb7 100644 --- a/pom.xml +++ b/pom.xml @@ -37,13 +37,13 @@ org.junit.jupiter junit-jupiter-api - 6.0.2 + 6.0.3 test org.junit.jupiter junit-jupiter-params - 6.0.2 + 6.0.3 test From 6f85ae95dcd2e7dbb4411c96cfb8787ddf734fe6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 8 Apr 2026 08:23:50 +0000 Subject: [PATCH 02/12] chore(deps): bump actions/upload-artifact from 6 to 7 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 6 to 7. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v6...v7) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/api-level-lint.yml | 2 +- .github/workflows/gradle-build.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/api-level-lint.yml b/.github/workflows/api-level-lint.yml index 4c66e87d..0580fdb5 100644 --- a/.github/workflows/api-level-lint.yml +++ b/.github/workflows/api-level-lint.yml @@ -28,7 +28,7 @@ jobs: working-directory: ./android - name: Upload linting results if: failure() && steps.lint.outcome == 'failure' - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: lint-report path: ./android/build/reports diff --git a/.github/workflows/gradle-build.yml b/.github/workflows/gradle-build.yml index c5edf88a..725e9d38 100644 --- a/.github/workflows/gradle-build.yml +++ b/.github/workflows/gradle-build.yml @@ -24,7 +24,7 @@ jobs: working-directory: ./java-8 run: .././gradlew build - name: Upload a Build Artifact - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: drop path: | From f384d3c8776254d82fdcbc66234a14902268576e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 8 Apr 2026 08:23:53 +0000 Subject: [PATCH 03/12] chore(deps): bump android-actions/setup-android from 3.2.2 to 4.0.1 Bumps [android-actions/setup-android](https://github.com/android-actions/setup-android) from 3.2.2 to 4.0.1. - [Release notes](https://github.com/android-actions/setup-android/releases) - [Commits](https://github.com/android-actions/setup-android/compare/v3.2.2...v4.0.1) --- updated-dependencies: - dependency-name: android-actions/setup-android dependency-version: 4.0.1 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/api-level-lint.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/api-level-lint.yml b/.github/workflows/api-level-lint.yml index 4c66e87d..a2956c4c 100644 --- a/.github/workflows/api-level-lint.yml +++ b/.github/workflows/api-level-lint.yml @@ -18,7 +18,7 @@ jobs: java-version: 21 cache: gradle - name: Setup Android SDK - uses: android-actions/setup-android@v3.2.2 + uses: android-actions/setup-android@v4.0.1 - name: Add execution right to the script run: chmod +x gradlew working-directory: ./android From 9385d2001cb553c9df4c4c8ee0179af4fada1a98 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 8 Apr 2026 08:23:57 +0000 Subject: [PATCH 04/12] chore(deps): bump actions/create-github-app-token from 2 to 3 Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 2 to 3. - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](https://github.com/actions/create-github-app-token/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/create-github-app-token dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/project-auto-add.yml | 2 +- .github/workflows/release-please-gha.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/project-auto-add.yml b/.github/workflows/project-auto-add.yml index bc86b1ed..d4729978 100644 --- a/.github/workflows/project-auto-add.yml +++ b/.github/workflows/project-auto-add.yml @@ -18,7 +18,7 @@ jobs: steps: - name: Generate token id: generate_token - uses: actions/create-github-app-token@v2 + uses: actions/create-github-app-token@v3 with: app-id: ${{ secrets.GRAPHBOT_APP_ID }} private-key: ${{ secrets.GRAPHBOT_APP_PEM }} diff --git a/.github/workflows/release-please-gha.yml b/.github/workflows/release-please-gha.yml index d4cf74c3..195010cc 100644 --- a/.github/workflows/release-please-gha.yml +++ b/.github/workflows/release-please-gha.yml @@ -23,7 +23,7 @@ jobs: - name: Generate GitHub App token id: app-token - uses: actions/create-github-app-token@v2 + uses: actions/create-github-app-token@v3 with: app-id: ${{ vars.RELEASE_PLEASE_TOKEN_PROVIDER_APP_ID }} private-key: ${{ secrets.RELEASE_PLEASE_TOKEN_PROVIDER_PEM }} From b1afa2b7e53208251cd43efe539b279bdadc86a0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 8 Apr 2026 10:04:32 +0000 Subject: [PATCH 05/12] chore(deps): bump org.junit.jupiter:junit-jupiter Bumps the junit-dependencies group in /android with 1 update: [org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit-framework). Updates `org.junit.jupiter:junit-jupiter` from 6.0.2 to 6.0.3 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](https://github.com/junit-team/junit-framework/compare/r6.0.2...r6.0.3) --- updated-dependencies: - dependency-name: org.junit.jupiter:junit-jupiter dependency-version: 6.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: junit-dependencies ... Signed-off-by: dependabot[bot] --- gradle/dependencies.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/dependencies.gradle b/gradle/dependencies.gradle index 4ff95ce0..05783d18 100644 --- a/gradle/dependencies.gradle +++ b/gradle/dependencies.gradle @@ -1,6 +1,6 @@ dependencies { // Use JUnit test framework - testImplementation 'org.junit.jupiter:junit-jupiter:6.0.2' + testImplementation 'org.junit.jupiter:junit-jupiter:6.0.3' testRuntimeOnly 'org.junit.platform:junit-platform-launcher' testImplementation 'org.mockito:mockito-core:5.21.0' testImplementation 'io.opentelemetry:opentelemetry-api:1.54.0' From 150c8b1773a5810bb8a7b1389e4fe2a5ebcc8cb3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 8 Apr 2026 10:04:39 +0000 Subject: [PATCH 06/12] chore(deps): bump the open-telemetry group in /android with 2 updates Bumps the open-telemetry group in /android with 2 updates: [io.opentelemetry:opentelemetry-api](https://github.com/open-telemetry/opentelemetry-java) and [io.opentelemetry:opentelemetry-context](https://github.com/open-telemetry/opentelemetry-java). Updates `io.opentelemetry:opentelemetry-api` from 1.54.0 to 1.60.1 - [Release notes](https://github.com/open-telemetry/opentelemetry-java/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-java/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-java/compare/v1.54.0...v1.60.1) Updates `io.opentelemetry:opentelemetry-context` from 1.54.0 to 1.60.1 - [Release notes](https://github.com/open-telemetry/opentelemetry-java/releases) - [Changelog](https://github.com/open-telemetry/opentelemetry-java/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-telemetry/opentelemetry-java/compare/v1.54.0...v1.60.1) --- updated-dependencies: - dependency-name: io.opentelemetry:opentelemetry-api dependency-version: 1.60.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: open-telemetry - dependency-name: io.opentelemetry:opentelemetry-context dependency-version: 1.60.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: open-telemetry ... Signed-off-by: dependabot[bot] --- gradle/dependencies.gradle | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gradle/dependencies.gradle b/gradle/dependencies.gradle index 4ff95ce0..018b5215 100644 --- a/gradle/dependencies.gradle +++ b/gradle/dependencies.gradle @@ -3,8 +3,8 @@ dependencies { testImplementation 'org.junit.jupiter:junit-jupiter:6.0.2' testRuntimeOnly 'org.junit.platform:junit-platform-launcher' testImplementation 'org.mockito:mockito-core:5.21.0' - testImplementation 'io.opentelemetry:opentelemetry-api:1.54.0' - testImplementation 'io.opentelemetry:opentelemetry-context:1.54.0' + testImplementation 'io.opentelemetry:opentelemetry-api:1.60.1' + testImplementation 'io.opentelemetry:opentelemetry-context:1.60.1' testImplementation 'io.github.std-uritemplate:std-uritemplate:1.0.6' implementation 'com.google.code.gson:gson:2.13.2' From a440f12c66a35a321fc0b11241cad4774e16996d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 8 Apr 2026 10:04:45 +0000 Subject: [PATCH 07/12] chore(deps): bump org.mockito:mockito-core in /android Bumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 5.21.0 to 5.23.0. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v5.21.0...v5.23.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-version: 5.23.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- gradle/dependencies.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/dependencies.gradle b/gradle/dependencies.gradle index 4ff95ce0..5d868f32 100644 --- a/gradle/dependencies.gradle +++ b/gradle/dependencies.gradle @@ -2,7 +2,7 @@ dependencies { // Use JUnit test framework testImplementation 'org.junit.jupiter:junit-jupiter:6.0.2' testRuntimeOnly 'org.junit.platform:junit-platform-launcher' - testImplementation 'org.mockito:mockito-core:5.21.0' + testImplementation 'org.mockito:mockito-core:5.23.0' testImplementation 'io.opentelemetry:opentelemetry-api:1.54.0' testImplementation 'io.opentelemetry:opentelemetry-context:1.54.0' testImplementation 'io.github.std-uritemplate:std-uritemplate:1.0.6' From 02a6a07bdab7b94a62990822144a7f178f684af9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 Apr 2026 08:59:04 +0000 Subject: [PATCH 08/12] chore(deps): bump dependabot/fetch-metadata from 3.0.0 to 3.1.0 Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) from 3.0.0 to 3.1.0. - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](https://github.com/dependabot/fetch-metadata/compare/ffa630c65fa7e0ecfa0625b5ceda64399aea1b36...25dd0e34f4fe68f24cc83900b1fe3fe149efef98) --- updated-dependencies: - dependency-name: dependabot/fetch-metadata dependency-version: 3.1.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/auto-merge-dependabot.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/auto-merge-dependabot.yml b/.github/workflows/auto-merge-dependabot.yml index 7f0677d5..80a04dd7 100644 --- a/.github/workflows/auto-merge-dependabot.yml +++ b/.github/workflows/auto-merge-dependabot.yml @@ -19,7 +19,7 @@ jobs: steps: - name: Dependabot metadata id: metadata - uses: dependabot/fetch-metadata@ffa630c65fa7e0ecfa0625b5ceda64399aea1b36 #3.0.0 + uses: dependabot/fetch-metadata@25dd0e34f4fe68f24cc83900b1fe3fe149efef98 #3.1.0 with: github-token: "${{ secrets.GITHUB_TOKEN }}" From 0b056fc566fd939748698d643246821b521f42bb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 23 Apr 2026 08:23:58 +0000 Subject: [PATCH 09/12] chore(deps): bump googleapis/release-please-action from 4 to 5 Bumps [googleapis/release-please-action](https://github.com/googleapis/release-please-action) from 4 to 5. - [Release notes](https://github.com/googleapis/release-please-action/releases) - [Changelog](https://github.com/googleapis/release-please-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/googleapis/release-please-action/compare/v4...v5) --- updated-dependencies: - dependency-name: googleapis/release-please-action dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/release-please-gha.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-please-gha.yml b/.github/workflows/release-please-gha.yml index d4cf74c3..b44eb705 100644 --- a/.github/workflows/release-please-gha.yml +++ b/.github/workflows/release-please-gha.yml @@ -29,7 +29,7 @@ jobs: private-key: ${{ secrets.RELEASE_PLEASE_TOKEN_PROVIDER_PEM }} - name: Release Please - uses: googleapis/release-please-action@v4 + uses: googleapis/release-please-action@v5 with: token: ${{ steps.app-token.outputs.token }} config-file: release-please-config.json From e3d62cef396fed58591145396942358c9efc96ec Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 15 May 2026 22:32:41 +0000 Subject: [PATCH 10/12] fix(deps): bump com.google.code.gson:gson from 2.13.2 to 2.14.0 Bumps [com.google.code.gson:gson](https://github.com/google/gson) from 2.13.2 to 2.14.0. - [Release notes](https://github.com/google/gson/releases) - [Changelog](https://github.com/google/gson/blob/main/CHANGELOG.md) - [Commits](https://github.com/google/gson/compare/gson-parent-2.13.2...gson-parent-2.14.0) --- updated-dependencies: - dependency-name: com.google.code.gson:gson dependency-version: 2.14.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- pom.xml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pom.xml b/pom.xml index 8b37f6e0..2fbda718 100644 --- a/pom.xml +++ b/pom.xml @@ -22,7 +22,7 @@ com.google.code.gson gson - 2.13.2 + 2.14.0 com.squareup.okhttp3 From 90e09c1a48ea827bcd11dc98969f60126173db60 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 15 May 2026 22:40:43 +0000 Subject: [PATCH 11/12] fix(deps): bump com.github.ben-manes:gradle-versions-plugin in /android Bumps com.github.ben-manes:gradle-versions-plugin from 0.52.0 to 0.54.0. --- updated-dependencies: - dependency-name: com.github.ben-manes:gradle-versions-plugin dependency-version: 0.54.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- android/build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/android/build.gradle b/android/build.gradle index 52bc4510..48ccb5a8 100644 --- a/android/build.gradle +++ b/android/build.gradle @@ -7,7 +7,7 @@ buildscript { dependencies { classpath "com.gradle:gradle-enterprise-gradle-plugin:3.19.2" classpath "com.android.tools.build:gradle:8.13.0" - classpath "com.github.ben-manes:gradle-versions-plugin:0.52.0" + classpath "com.github.ben-manes:gradle-versions-plugin:0.54.0" } } From 43c1daca506f3da9a9e4db77f3e82a96684bb496 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 15 May 2026 22:40:49 +0000 Subject: [PATCH 12/12] fix(deps): bump com.auth0:jwks-rsa from 0.23.0 to 0.24.1 in /android Bumps [com.auth0:jwks-rsa](https://github.com/auth0/jwks-rsa-java) from 0.23.0 to 0.24.1. - [Release notes](https://github.com/auth0/jwks-rsa-java/releases) - [Changelog](https://github.com/auth0/jwks-rsa-java/blob/master/CHANGELOG.md) - [Commits](https://github.com/auth0/jwks-rsa-java/compare/0.23.0...0.24.1) --- updated-dependencies: - dependency-name: com.auth0:jwks-rsa dependency-version: 0.23.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- gradle/dependencies.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gradle/dependencies.gradle b/gradle/dependencies.gradle index 970260f4..3dce5ac7 100644 --- a/gradle/dependencies.gradle +++ b/gradle/dependencies.gradle @@ -13,7 +13,7 @@ dependencies { implementation 'io.jsonwebtoken:jjwt-api:0.13.0' runtimeOnly 'io.jsonwebtoken:jjwt-impl:0.13.0' runtimeOnly 'io.jsonwebtoken:jjwt-jackson:0.13.0' - implementation 'com.auth0:jwks-rsa:0.23.0' + implementation 'com.auth0:jwks-rsa:0.24.1' api 'com.squareup.okhttp3:okhttp:4.12.0' api 'com.azure:azure-core:1.58.0'