Skip to content

chore(deps): bump the dependencies group across 1 directory with 5 updates#232

Merged
jimmyjames merged 1 commit intomainfrom
dependabot/gradle/dependencies-953616c44c
Oct 6, 2025
Merged

chore(deps): bump the dependencies group across 1 directory with 5 updates#232
jimmyjames merged 1 commit intomainfrom
dependabot/gradle/dependencies-953616c44c

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 6, 2025

Bumps the dependencies group with 5 updates in the / directory:

Package From To
com.fasterxml.jackson:jackson-bom 2.19.2 2.20.0
io.opentelemetry:opentelemetry-bom 1.53.0 1.54.1
org.assertj:assertj-core 3.27.4 3.27.6
org.mockito:mockito-core 5.19.0 5.20.0
org.junit.jupiter:junit-jupiter 5.13.4 5.14.0

Updates com.fasterxml.jackson:jackson-bom from 2.19.2 to 2.20.0

Commits
  • 54f854b [maven-release-plugin] prepare release jackson-bom-2.20.0
  • 9cc68d4 Prep for 2.20.0
  • cbef800 Version sync for 2.20.0 release (in near future)
  • 79bc4ed Back to snapshot deps
  • 94947a0 [maven-release-plugin] prepare for next development iteration
  • 369dffe [maven-release-plugin] prepare release jackson-bom-2.20.0-rc1
  • c5caaf2 Prep for 2.20.0-rc1
  • 8ad6e0a Move to 2.20.0-rc1-SNAPSHOT
  • 500ef4d Merge branch '2.19' into 2.x
  • 274f228 Back to snapshot deps
  • Additional commits viewable in compare view

Updates io.opentelemetry:opentelemetry-bom from 1.53.0 to 1.54.1

Release notes

Sourced from io.opentelemetry:opentelemetry-bom's releases.

Version 1.54.1

This is a patch release on the previous 1.54.0 release, fixing the issue(s) below.

SDK

Exporters

  • Prometheus: Fix regression in protobuf format export (#7664)

Version 1.54.0

API

Baggage

  • Fix guard against ArrayIndexOutOfBoundsException in BaggageCodec (#7239)

SDK

Metrics

  • Fix MetricData.getDoubleSumData() ClassCastException with custom implementations (#7597)

Exporters

  • Fix HttpExporterBuilder.copy() and GrpcExporterBuilder.copy() to preserve component loader (#7596)

Extensions

  • Autoconfigure: Remove support for old EnvironmentResourceProvider package name (#7622)
  • Declarative config: Add DeclarativeConfigurationProvider SPI (#7472)
  • Declarative config: Pass meter provider to avoid using the global OpenTelemetry instance (#7475)

Project tooling

  • Update to Gradle v9 (#7590)

🙇 Thank you

This release was possible thanks to the following contributors who shared their brilliant ideas and awesome pull requests:

@​anuraaga @​breedx-splk @​chengchen @​halasz-csaba @​jack-berg @​jaydeluca @​jkwatson @​laurit @​opentelemetrybot @​rlacksgus97

... (truncated)

Changelog

Sourced from io.opentelemetry:opentelemetry-bom's changelog.

Version 1.54.1 (2025-09-18)

SDK

Exporters

  • Prometheus: Fix regression in protobuf format export (#7664)

Version 1.54.0 (2025-09-05)

API

Baggage

  • Fix guard against ArrayIndexOutOfBoundsException in BaggageCodec (#7239)

SDK

Metrics

  • Fix MetricData.getDoubleSumData() ClassCastException with custom implementations (#7597)

Exporters

  • Fix HttpExporterBuilder.copy() and GrpcExporterBuilder.copy() to preserve component loader (#7596)

Extensions

  • Autoconfigure: Remove support for old EnvironmentResourceProvider package name (#7622)
  • Declarative config: Add DeclarativeConfigurationProvider SPI (#7472)
  • Declarative config: Pass meter provider to avoid using the global OpenTelemetry instance (#7475)

Project tooling

  • Update to Gradle v9 (#7590)
Commits
  • edf8896 [release/v1.54.x] Prepare release 1.54.1 (#7672)
  • 7aedd4b [release/v1.54.x] Add change log for upcoming patch release (#7671)
  • 4d4218b [release/v1.54.x] Update Prometheus Exporter dependencies to use no-protobuf ...
  • 61e066b [release/v1.54.x] Prepare release 1.54.0 (#7644)
  • 5f4d898 Add change log for upcoming release (#7641)
  • 2a92794 fix(deps): update armeriaversion to v1.33.2 (#7625)
  • 7ef1410 don't call old plugin when declarative config is in use (#7472)
  • b18583a pass meter provider to avoid using the global otel instance (#7475)
  • 6610806 chore(deps): update plugin com.gradleup.shadow to v9.1.0 (#7628)
  • 35fda16 fix(deps): update dependency io.netty:netty-bom to v4.2.5.final (#7635)
  • Additional commits viewable in compare view

Updates org.assertj:assertj-core from 3.27.4 to 3.27.6

Release notes

Sourced from org.assertj:assertj-core's releases.

v3.27.6

🐛 Bug Fixes

Core

  • Add missing export for org.assertj.core.annotation #3951

❤️ Contributors

Thanks to all the contributors who worked on this release:

@​duponter

v3.27.5

⚡ Improvements

Core

  • ByteBuddy in AssertJ 3.27.4 not compatible with Java 25 #3946

🔨 Dependency Upgrades

Core

  • Upgrade to Byte Buddy 1.17.7 #3947
  • Upgrade to JUnit BOM 5.13.4 #3947

Guava

  • Upgrade to Guava 33.4.8-jre #3947
Commits
  • 716b1e0 [maven-release-plugin] prepare release assertj-build-3.27.6
  • e189652 Add missing export for org.assertj.core.annotation (#3951)
  • 0cb489e Update Maven Central URL
  • 7286309 [maven-release-plugin] prepare for next development iteration
  • dd4cc1d [maven-release-plugin] prepare release assertj-build-3.27.5
  • 1d0defc Add missing permission to release workflow
  • 844d5d0 Add missing GitHub Actions pinning to CodeQL workflow
  • bdd7106 Add CodeQL custom workflow
  • a93d7e6 Remove EOL Java 24
  • 26ea866 Update production dependencies (#3947)
  • Additional commits viewable in compare view

Updates org.mockito:mockito-core from 5.19.0 to 5.20.0

Release notes

Sourced from org.mockito:mockito-core's releases.

v5.20.0

Changelog generated by Shipkit Changelog Gradle Plugin

5.20.0

Commits
  • 3a1a19e Add support for generic types in MockedConstruction and MockedStatic (#3729)
  • f3c957a Bump org.assertj:assertj-core from 3.27.4 to 3.27.5 (#3730)
  • 3cfbd42 Bump graalvm/setup-graalvm from 1.3.6 to 1.3.7 (#3725)
  • 6f9a04b Bump com.gradle.develocity from 4.1.1 to 4.2 (#3726)
  • c75dfb8 Bump org.eclipse.platform:org.eclipse.osgi from 3.23.100 to 3.23.200 (#3720)
  • 54474fa Bump graalvm/setup-graalvm from 1.3.5 to 1.3.6 (#3719)
  • bc06f21 Use Assume.assumeThat for SequencedCollection tests (#3711)
  • a10aed0 Bump actions/setup-java from 4 to 5 (#3715)
  • 37bb3e5 Fix metadata generation on GraalVM (#3710)
  • ef2fd6f Bump com.gradle.develocity from 4.1 to 4.1.1 (#3713)
  • Additional commits viewable in compare view

Updates org.junit.jupiter:junit-jupiter from 5.13.4 to 5.14.0

Release notes

Sourced from org.junit.jupiter:junit-jupiter's releases.

JUnit 5.14.0 = Platform 1.14.0 + Jupiter 5.14.0 + Vintage 5.14.0

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.4...r5.14.0

JUnit 5.14.0-RC1 = Platform 1.14.0-RC1 + Jupiter 5.14.0-RC1 + Vintage 5.14.0-RC1

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.4...r5.14.0-RC1

Commits
  • 8545c93 Release 5.14.0
  • 1d405a0 Polish release notes for 5.14 GA
  • c1f78f6 Prepare 5.14.0 release notes and link to migration guide
  • a6f666c Allow new classes to be added
  • f728dfa Disable compatibility checks for all aggregator projects
  • 72b34aa Validate list of accepted breaking changes
  • bc62d27 Only track module-specific lines in accepted-breaking-changes.txt
  • 1d95a3c Clear custom initialize-at-build-time lists
  • 513be32 Update plugin org.graalvm.buildtools.native to v0.11.1
  • 174d8de Back to snapshots for further development
  • Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
org.junit.jupiter:junit-jupiter [>= 6.a, < 7]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the dependencies group across 1 directory with 5 up…
dca40b8 
…dates

Bumps the dependencies group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) | `2.19.2` | `2.20.0` |
| [io.opentelemetry:opentelemetry-bom](https://github.com/open-telemetry/opentelemetry-java) | `1.53.0` | `1.54.1` |
| [org.assertj:assertj-core](https://github.com/assertj/assertj) | `3.27.4` | `3.27.6` |
| [org.mockito:mockito-core](https://github.com/mockito/mockito) | `5.19.0` | `5.20.0` |
| [org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit-framework) | `5.13.4` | `5.14.0` |



Updates `com.fasterxml.jackson:jackson-bom` from 2.19.2 to 2.20.0
- [Commits](FasterXML/jackson-bom@jackson-bom-2.19.2...jackson-bom-2.20.0)

Updates `io.opentelemetry:opentelemetry-bom` from 1.53.0 to 1.54.1
- [Release notes](https://github.com/open-telemetry/opentelemetry-java/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-java/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-java@v1.53.0...v1.54.1)

Updates `org.assertj:assertj-core` from 3.27.4 to 3.27.6
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](assertj/assertj@assertj-build-3.27.4...assertj-build-3.27.6)

Updates `org.mockito:mockito-core` from 5.19.0 to 5.20.0
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](mockito/mockito@v5.19.0...v5.20.0)

Updates `org.junit.jupiter:junit-jupiter` from 5.13.4 to 5.14.0
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r5.13.4...r5.14.0)

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: io.opentelemetry:opentelemetry-bom
  dependency-version: 1.54.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: org.assertj:assertj-core
  dependency-version: 3.27.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: org.mockito:mockito-core
  dependency-version: 5.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: org.junit.jupiter:junit-jupiter
  dependency-version: 5.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Oct 6, 2025
@dependabot dependabot bot requested a review from a team as a code owner October 6, 2025 20:57
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Oct 6, 2025
@coderabbitai
Copy link
Contributor

coderabbitai bot commented Oct 6, 2025

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Note

Free review on us!

CodeRabbit is offering free reviews until Wed Oct 08 2025 to showcase some of the refinements we've made.

Comment @coderabbitai help to get the list of available commands and usage tips.

@jimmyjames jimmyjames added this pull request to the merge queue Oct 6, 2025
Merged via the queue into main with commit d25291a Oct 6, 2025
20 of 23 checks passed
@jimmyjames jimmyjames deleted the dependabot/gradle/dependencies-953616c44c branch October 6, 2025 21:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jimmyjames jimmyjames jimmyjames approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jimmyjames

Comments