Skip to content

Bump the libs group across 1 directory with 6 updates#94

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/gradle/libs-6c53f7d89c
Open

Bump the libs group across 1 directory with 6 updates#94
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/gradle/libs-6c53f7d89c

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot bot commented on behalf of github Apr 13, 2026

Bumps the libs group with 6 updates in the / directory:

Package From To
gradle-wrapper 8.14.4 9.4.1
androidx.compose:compose-bom 2026.03.00 2026.03.01
com.android.library 8.12.2 9.1.0
org.owasp.dependencycheck 12.2.0 12.2.1
com.diffplug.spotless 6.25.0 8.4.0
com.vanniktech.maven.publish 0.35.0 0.36.0

Updates gradle-wrapper from 8.14.4 to 9.4.1

Release notes

Sourced from gradle-wrapper's releases.

9.4.1

The Gradle team is excited to announce Gradle 9.4.1.

Here are the highlights of this release:

  • Java 26 support
  • Non-class-based JVM tests
  • Enhanced console progress bar

Read the Release Notes

We would like to thank the following community members for their contributions to this release of Gradle: akankshaa-00, Attila Kelemen, Björn Kautler, dblood, Dennis Rieks, duvvuvenkataramana, John Burns, Julian, kevinstembridge, Niels Doucet, Philip Wedemann, ploober, Richard Hernandez, Roberto Perez Alcolea, Sebastian Lövdahl, stephan2405, Stephane Landelle, Ujwal Suresh Vanjare, Victor Merkulov, Vincent Potuček, Vladimir Sitnikov.

Upgrade instructions

Switch your build to use Gradle 9.4.1 by updating your wrapper:

./gradlew wrapper --gradle-version=9.4.1 && ./gradlew wrapper

See the Gradle 9.x upgrade guide to learn about deprecations, breaking changes and other considerations when upgrading.

For Java, Groovy, Kotlin and Android compatibility, see the full compatibility notes.

Reporting problems

If you find a problem with this release, please file a bug on GitHub Issues adhering to our issue guidelines. If you're not sure you're encountering a bug, please use the forum.

We hope you will build happiness with Gradle, and we look forward to your feedback via Twitter or on GitHub.

... (truncated)

Commits

Updates androidx.compose:compose-bom from 2026.03.00 to 2026.03.01

Updates com.android.library from 8.12.2 to 9.1.0

Updates org.owasp.dependencycheck from 12.2.0 to 12.2.1

Updates com.diffplug.spotless from 6.25.0 to 8.4.0

Updates com.vanniktech.maven.publish from 0.35.0 to 0.36.0

Release notes

Sourced from com.vanniktech.maven.publish's releases.

0.36.0

BREAKING

  • Updated minimum supported JDK, Gradle, Android Gradle Plugin and Kotlin versions.
  • Removed support for Dokka v1, it's now required to use Dokka in v2 mode.
  • Mark DirectorySignatureType internal.

Behavior changes

  • validateDeployment now has the DeploymentValidation enum as type instead of being a boolean. The default is now to just wait for the VALIDATED state. The previous behavior can be achieved by setting it to PUBLISHED. NONE can be used for disabling the validation completely.
  • When calling configure(...) manually to configure what to publish and not passing javadocJar explicity, the plugin now defaults to publishing an empty javadoc jar.

Features

  • Android projects now support using Dokka for javadoc creation, this will happen automatically when using the default options and the Dokka plugin is applied to the project.
  • Added consistent JavadocJar and SourcesJar options to configureBasedOnAppliedPlugins and to all applicable project types that can be passed to configure. The previous Boolean based versions have been deprecated.
  • When enabling Maven Central publishing through the DSL, the mavenCentralDeploymentValidation and mavenCentralAutomaticPublishing are used for the default values of the 2 parameters when they are not passed explicitly. This allows to more easily override them in certain environments.
  • When isolated projects is enabled the module/project specific gradle.properties files are now considered in the same way they are when isolated projects is disabled.

Improvements

  • Better error message when Maven Central credentials are missing.

Minimum supported versions

  • JDK 17
  • Gradle 9.0.0
  • Android Gradle Plugin 8.13.0
  • Kotlin Gradle Plugin 2.2.0

Compatibility tested up to

  • JDK 25
  • Gradle 9.3.0
  • Gradle 9.4.0-milestone-4
  • Android Gradle Plugin 8.13.2
  • Android Gradle Plugin 9.0.0
  • Android Gradle Plugin 9.1.0-alpha05
  • Kotlin Gradle Plugin 2.3.0
  • Kotlin Gradle Plugin 2.3.20-Beta1

0.36.0-rc2

BREAKING

  • Updated minimum supported JDK, Gradle, Android Gradle Plugin and Kotlin versions.
  • Removed support for Dokka v1, it's now required to use Dokka in v2 mode.
  • Mark DirectorySignatureType internal.

... (truncated)

Changelog

Sourced from com.vanniktech.maven.publish's changelog.

0.36.0 (2026-01-13)

BREAKING

  • Updated minimum supported JDK, Gradle, Android Gradle Plugin and Kotlin versions.
  • Removed support for Dokka v1, it's now required to use Dokka in v2 mode.
  • Mark DirectorySignatureType internal.

Behavior changes

  • validateDeployment now has the DeploymentValidation enum as type instead of being a boolean. The default is now to just wait for the VALIDATED state. The previous behavior can be achieved by setting it to PUBLISHED. NONE can be used for disabling the validation completely.
  • When calling configure(...) manually to configure what to publish and not passing javadocJar explicity, the plugin now defaults to publishing an empty javadoc jar.

Features

  • Android projects now support using Dokka for javadoc creation, this will happen automatically when using the default options and the Dokka plugin is applied to the project.
  • Added consistent JavadocJar and SourcesJar options to configureBasedOnAppliedPlugins and to all applicable project types that can be passed to configure. The previous Boolean based versions have been deprecated.
  • When enabling Maven Central publishing through the DSL, the mavenCentralDeploymentValidation and mavenCentralAutomaticPublishing are used for the default values of the 2 parameters when they are not passed explicitly. This allows to more easily override them in certain environments.
  • When isolated projects is enabled the module/project specific gradle.properties files are now considered in the same way they are when isolated projects is disabled.

Improvements

  • Better error message when Maven Central credentials are missing.

Minimum supported versions

  • JDK 17
  • Gradle 9.0.0
  • Android Gradle Plugin 8.13.0
  • Kotlin Gradle Plugin 2.2.0

Compatibility tested up to

  • JDK 25
  • Gradle 9.3.0
  • Gradle 9.4.0-milestone-4
  • Android Gradle Plugin 8.13.2
  • Android Gradle Plugin 9.0.0
  • Android Gradle Plugin 9.1.0-alpha05
  • Kotlin Gradle Plugin 2.3.0
  • Kotlin Gradle Plugin 2.3.20-Beta1
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the libs group across 1 directory with 6 updates
9fce395 
Bumps the libs group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [gradle-wrapper](https://github.com/gradle/gradle) | `8.14.4` | `9.4.1` |
| androidx.compose:compose-bom | `2026.03.00` | `2026.03.01` |
| com.android.library | `8.12.2` | `9.1.0` |
| org.owasp.dependencycheck | `12.2.0` | `12.2.1` |
| com.diffplug.spotless | `6.25.0` | `8.4.0` |
| [com.vanniktech.maven.publish](https://github.com/vanniktech/gradle-maven-publish-plugin) | `0.35.0` | `0.36.0` |



Updates `gradle-wrapper` from 8.14.4 to 9.4.1
- [Release notes](https://github.com/gradle/gradle/releases)
- [Commits](gradle/gradle@v8.14.4...v9.4.1)

Updates `androidx.compose:compose-bom` from 2026.03.00 to 2026.03.01

Updates `com.android.library` from 8.12.2 to 9.1.0

Updates `org.owasp.dependencycheck` from 12.2.0 to 12.2.1

Updates `com.diffplug.spotless` from 6.25.0 to 8.4.0

Updates `com.vanniktech.maven.publish` from 0.35.0 to 0.36.0
- [Release notes](https://github.com/vanniktech/gradle-maven-publish-plugin/releases)
- [Changelog](https://github.com/vanniktech/gradle-maven-publish-plugin/blob/main/CHANGELOG.md)
- [Commits](vanniktech/gradle-maven-publish-plugin@0.35.0...0.36.0)

---
updated-dependencies:
- dependency-name: gradle-wrapper
  dependency-version: 9.4.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: libs
- dependency-name: androidx.compose:compose-bom
  dependency-version: 2026.03.01
  dependency-type: direct:production
  dependency-group: libs
- dependency-name: com.android.library
  dependency-version: 9.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: libs
- dependency-name: org.owasp.dependencycheck
  dependency-version: 12.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: libs
- dependency-name: com.diffplug.spotless
  dependency-version: 8.4.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: libs
- dependency-name: com.vanniktech.maven.publish
  dependency-version: 0.36.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: libs
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Apr 13, 2026
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud bot commented Apr 13, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants