Dependency updates 20251220 #19869
Merged
Dependency updates 20251220 #19869
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
david-allison
added
Needs Review
Needs Second Approval
BrayanDSO
approved these changes
Dec 20, 2025
BrayanDSO
added
Pending Merge
Member
|
needs squashing |
david-allison
added
Needs Author Reply
Member
Author
|
david-allison
added
Blocked by dependency
Member
|
When I get a chance I'm going to restructure this one so the final 2.3.0 bump for kotlin is staged to the side of dependency updates so we can unblock them in general, otherwise everything queues on codeql repo's work and that's not in our control |
mikehardy
force-pushed
the
dependency-updates
branch
from
b870563 to
ccaae03
Compare
mikehardy
approved these changes
Dec 27, 2025
Member
mikehardy
left a comment
mikehardy
left a comment
There was a problem hiding this comment.
scanned all the changes as text and LGTM - just CI then local squash of all the deps then into the queue
* No cast needed
this is a squash of the following 15 commits from dependabot: build(deps): bump com.google.protobuf:protobuf-kotlin-lite Bumps com.google.protobuf:protobuf-kotlin-lite from 4.33.1 to 4.33.2. --- updated-dependencies: - dependency-name: com.google.protobuf:protobuf-kotlin-lite dependency-version: 4.33.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> build(deps): bump io.mockk:mockk from 1.14.6 to 1.14.7 Bumps [io.mockk:mockk](https://github.com/mockk/mockk) from 1.14.6 to 1.14.7. - [Release notes](https://github.com/mockk/mockk/releases) - [Commits](mockk/mockk@1.14.6...1.14.7) --- updated-dependencies: - dependency-name: io.mockk:mockk dependency-version: 1.14.7 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> build(deps): bump com.github.triplet.play from 3.12.2 to 3.13.0 Bumps com.github.triplet.play from 3.12.2 to 3.13.0. --- updated-dependencies: - dependency-name: com.github.triplet.play dependency-version: 3.13.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> build(deps-dev): bump the non-breaking group Bumps the non-breaking group in /tools/localization with 4 updates: [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin), [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser), [prettier](https://github.com/prettier/prettier) and [ts-jest](https://github.com/kulshekhar/ts-jest). Updates `@typescript-eslint/eslint-plugin` from 8.48.0 to 8.48.1 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.48.1/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 8.48.0 to 8.48.1 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.48.1/packages/parser) Updates `prettier` from 3.7.3 to 3.7.4 - [Release notes](https://github.com/prettier/prettier/releases) - [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md) - [Commits](prettier/prettier@3.7.3...3.7.4) Updates `ts-jest` from 29.4.5 to 29.4.6 - [Release notes](https://github.com/kulshekhar/ts-jest/releases) - [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md) - [Commits](kulshekhar/ts-jest@v29.4.5...v29.4.6) --- updated-dependencies: - dependency-name: "@typescript-eslint/eslint-plugin" dependency-version: 8.48.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: non-breaking - dependency-name: "@typescript-eslint/parser" dependency-version: 8.48.1 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: non-breaking - dependency-name: prettier dependency-version: 3.7.4 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: non-breaking - dependency-name: ts-jest dependency-version: 29.4.6 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: non-breaking ... Signed-off-by: dependabot[bot] <[email protected]> build(deps): bump lint from 31.13.1 to 31.13.2 Bumps `lint` from 31.13.1 to 31.13.2. Updates `com.android.tools.lint:lint-api` from 31.13.1 to 31.13.2 Updates `com.android.tools.lint:lint` from 31.13.1 to 31.13.2 Updates `com.android.tools.lint:lint-tests` from 31.13.1 to 31.13.2 --- updated-dependencies: - dependency-name: com.android.tools.lint:lint-api dependency-version: 31.13.2 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: com.android.tools.lint:lint dependency-version: 31.13.2 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: com.android.tools.lint:lint-tests dependency-version: 31.13.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> build(deps): bump actions/cache from 4 to 5 Bumps [actions/cache](https://github.com/actions/cache) from 4 to 5. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@v4...v5) --- updated-dependencies: - dependency-name: actions/cache dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> build(deps): bump androidGradlePlugin from 8.13.1 to 8.13.2 Bumps `androidGradlePlugin` from 8.13.1 to 8.13.2. Updates `com.android.application` from 8.13.1 to 8.13.2 Updates `com.android.library` from 8.13.1 to 8.13.2 --- updated-dependencies: - dependency-name: com.android.application dependency-version: 8.13.2 dependency-type: direct:production update-type: version-update:semver-patch - dependency-name: com.android.library dependency-version: 8.13.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> build(deps): bump androidx.lifecycle:lifecycle-process Bumps androidx.lifecycle:lifecycle-process from 2.9.3 to 2.10.0. --- updated-dependencies: - dependency-name: androidx.lifecycle:lifecycle-process dependency-version: 2.10.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> build(deps): bump actions/upload-artifact from 5 to 6 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 5 to 6. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v5...v6) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> build(deps-dev): bump @types/node in /tools/localization Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 24.10.1 to 25.0.2. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 25.0.2 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> build(deps): bump the non-breaking group Bumps the non-breaking group in /tools/localization with 5 updates: | Package | From | To | | --- | --- | --- | | [@crowdin/crowdin-api-client](https://github.com/crowdin/crowdin-api-client-js) | `1.49.0` | `1.51.0` | | [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js) | `9.39.1` | `9.39.2` | | [@typescript-eslint/eslint-plugin](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin) | `8.48.1` | `8.49.0` | | [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) | `8.48.1` | `8.49.0` | | [eslint](https://github.com/eslint/eslint) | `9.39.1` | `9.39.2` | Updates `@crowdin/crowdin-api-client` from 1.49.0 to 1.51.0 - [Release notes](https://github.com/crowdin/crowdin-api-client-js/releases) - [Commits](crowdin/crowdin-api-client-js@1.49.0...1.51.0) Updates `@eslint/js` from 9.39.1 to 9.39.2 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](https://github.com/eslint/eslint/commits/v9.39.2/packages/js) Updates `@typescript-eslint/eslint-plugin` from 8.48.1 to 8.49.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/eslint-plugin/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.49.0/packages/eslint-plugin) Updates `@typescript-eslint/parser` from 8.48.1 to 8.49.0 - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.49.0/packages/parser) Updates `eslint` from 9.39.1 to 9.39.2 - [Release notes](https://github.com/eslint/eslint/releases) - [Commits](eslint/eslint@v9.39.1...v9.39.2) --- updated-dependencies: - dependency-name: "@crowdin/crowdin-api-client" dependency-version: 1.51.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: non-breaking - dependency-name: "@eslint/js" dependency-version: 9.39.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: non-breaking - dependency-name: "@typescript-eslint/eslint-plugin" dependency-version: 8.49.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: non-breaking - dependency-name: "@typescript-eslint/parser" dependency-version: 8.49.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: non-breaking - dependency-name: eslint dependency-version: 9.39.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: non-breaking ... Signed-off-by: dependabot[bot] <[email protected]> build(deps): bump androidx.activity:activity from 1.12.1 to 1.12.2 Bumps androidx.activity:activity from 1.12.1 to 1.12.2. --- updated-dependencies: - dependency-name: androidx.activity:activity dependency-version: 1.12.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> build(deps): bump androidxMedia3 from 1.8.0 to 1.9.0 Bumps `androidxMedia3` from 1.8.0 to 1.9.0. Updates `androidx.media3:media3-ui` from 1.8.0 to 1.9.0 - [Release notes](https://github.com/androidx/media/releases) - [Changelog](https://github.com/androidx/media/blob/release/RELEASENOTES.md) - [Commits](androidx/media@1.8.0...1.9.0) Updates `androidx.media3:media3-exoplayer-dash` from 1.8.0 to 1.9.0 - [Release notes](https://github.com/androidx/media/releases) - [Changelog](https://github.com/androidx/media/blob/release/RELEASENOTES.md) - [Commits](androidx/media@1.8.0...1.9.0) Updates `androidx.media3:media3-exoplayer` from 1.8.0 to 1.9.0 - [Release notes](https://github.com/androidx/media/releases) - [Changelog](https://github.com/androidx/media/blob/release/RELEASENOTES.md) - [Commits](androidx/media@1.8.0...1.9.0) --- updated-dependencies: - dependency-name: androidx.media3:media3-ui dependency-version: 1.9.0 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: androidx.media3:media3-exoplayer-dash dependency-version: 1.9.0 dependency-type: direct:production update-type: version-update:semver-minor - dependency-name: androidx.media3:media3-exoplayer dependency-version: 1.9.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> build(deps): bump androidx.webkit:webkit from 1.14.0 to 1.15.0 Bumps androidx.webkit:webkit from 1.14.0 to 1.15.0. --- updated-dependencies: - dependency-name: androidx.webkit:webkit dependency-version: 1.15.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> build(deps): bump org.json:json from 20250517 to 20251224 Bumps [org.json:json](https://github.com/douglascrockford/JSON-java) from 20250517 to 20251224. - [Release notes](https://github.com/douglascrockford/JSON-java/releases) - [Changelog](https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md) - [Commits](https://github.com/douglascrockford/JSON-java/commits) --- updated-dependencies: - dependency-name: org.json:json dependency-version: '20251224' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
mikehardy
force-pushed
the
dependency-updates
branch
from
ccaae03 to
6d8f967
Compare
mikehardy
added
Pending Merge
github-actions
bot
removed
Pending Merge
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Blocked by dependencyCurrently blocked by some other dependent / related change
Standard updates.
Kotlin bump has been pulled over to #19945 but we can keep the fixes in here, they pass CI by themselves (or at least my local simulation, CI will hopefully go green as well)
That squash is necessary anyway because GitHub web UI isn't handling squash merge commit content population well these days anyway. Will do that after CI goes green as-is