Skip to content

Bump the non-breaking group with 2 updates#58

Merged
kermandev merged 1 commit into
masterfrom
dependabot/gradle/non-breaking-8c64260f9a
Jul 1, 2026
Merged

Bump the non-breaking group with 2 updates#58
kermandev merged 1 commit into
masterfrom
dependabot/gradle/non-breaking-8c64260f9a

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the non-breaking group with 2 updates: gradle-wrapper and com.gradleup.nmcp.aggregation.

Updates gradle-wrapper from 9.5.1 to 9.6.1

Release notes

Sourced from gradle-wrapper's releases.

9.6.1

The Gradle team is excited to announce Gradle 9.6.1.

Here are the highlights of this release:

  • Improved Configuration Cache hit rates
  • Additional CLI rendering options
  • Important project hierarchy lookup deprecations

Read the Release Notes

We would like to thank the following community members for their contributions to this release of Gradle: Aharnish Solanki, Benedikt Johannes, Devendra Reddy Pennabadi, Dmytro Rodionov, Dreeam, Elías Hernández Rodríguez, Eng Zer Jun, FinlayRJW, Kamal Kansal, Marcono1234, Nelson Osacky, Philip Wedemann, Ravi, Roberto Perez Alcolea, Ryan Schmitt, Sebastian Schuberth, seunghun.ham, sk-reddy17, Suvrat Acharya, Vedant Madane.

Upgrade instructions

Switch your build to use Gradle 9.6.1 by updating your wrapper:

./gradlew :wrapper --gradle-version=9.6.1 && ./gradlew :wrapper

See the Gradle 9.x upgrade guide to learn about deprecations, breaking changes and other considerations when upgrading.

For Java, Groovy, Kotlin and Android compatibility, see the full compatibility notes.

Reporting problems

If you find a problem with this release, please file a bug on GitHub Issues adhering to our issue guidelines. If you're not sure you're encountering a bug, please use the forum.

We hope you will build happiness with Gradle, and we look forward to your feedback via Twitter or on GitHub.

9.6.0

... (truncated)

Commits
  • 309d128 Update fixed issues in release notes for 9.6.1 (#38328)
  • 040a978 Update fixed issues in release notes for 9.6.1
  • e0b8325 Restore --non-interactive flag instead of --interactive/--no-interactive (#38...
  • 946f3e6 Limit explicit temp file permission setting to intended use case (#38300)
  • 65f8224 Restore --non-interactive flag instead of --interactive/--no-interactive
  • e346a5e Adjust CLI flag to configure non-interactive console (#38301)
  • 9b53be9 Adjust CLI flag to configure non-interactive console
  • 0dd3b53 Limit explicit temp file permission setting to intended use case
  • 48e5ac2 Add reproducers
  • 25598fd Prepare 9.6.1 patch release (#38293)
  • Additional commits viewable in compare view

Updates com.gradleup.nmcp.aggregation from 1.5.0 to 1.6.1

Release notes

Sourced from com.gradleup.nmcp.aggregation's releases.

v1.6.1

v 1.6.1 restores some checksums:

All in all, nmcp now publishes .md5, .sha1, .sha512 for all files except for signature files (.asc) where no checksums are required.

Long term, I'd love to drop the .md5 and .sha1 checksums. That would require both maven and Sonatype to stop requesting them.

Many thanks to @​marcphilipp and @​leonard84 for helping me navigate this issue 💙

On a separate note, this version also deprecates publishAllPublicationsToMavenCentral in favor of using either the aggregation or the settings plugin.

v1.6.0

Nmcp 1.6.0 stops publishing the following checksums:

  • signature checksums (.asc.md5, .asc.sha1, .asc.sha256, .asc.sha512)
  • all non-required checksums (.sha256, .sha512)
  • all maven-metadata checksums (only for local publishing, maven-metadata.xml is never sent to Central Portal)

This is all disabled by default.

If you like the checksums, you can send them again by setting publishAllChecksums:

nmcpAggregation {
  publishAllChecksums.set(true)
}

If you do, please let me know why, I'm curious!

Changelog

Sourced from com.gradleup.nmcp.aggregation's changelog.

Version 1.6.1

2026-07-01

Restores some checksums:

  • maven-metadata.md5, maven-metadata.sha1 (because maven outputs a scary warning without them)
  • All the .sha512 checksums (because Gradle uses them to validate caches contents)

All in all, nmcp now publishes .md5, .sha1, .sha512 for all files except for signature files (.asc) where no checksums are required.

Long term, I'd love to drop the .md5 and .sha1 checksums. That would require both maven and Sonatype to stop requesting them.

Many thanks to @​marcphilipp and @​leonard84 for helping me navigate this issue 💙

Version 1.6.0

2026-06-21

Nmcp 1.6.0 stop publishing the following checksums:

  • signature checksums (.asc.md5, .asc.sha1, .asc.sha256, .asc.sha512)
  • all non-required checksums (.sha256, .sha512)
  • all maven-metadata checksums (for local publishing, maven-metadata.xml is never sent to Central Portal)

You can send the checksums by setting publishAllChecksums

nmcpAggregation {
  publishAllChecksums.set(true)
}
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the non-breaking group with 2 updates: [gradle-wrapper](https://github.com/gradle/gradle) and [com.gradleup.nmcp.aggregation](https://github.com/gradleup/nmcp).


Updates `gradle-wrapper` from 9.5.1 to 9.6.1
- [Release notes](https://github.com/gradle/gradle/releases)
- [Commits](gradle/gradle@v9.5.1...v9.6.1)

Updates `com.gradleup.nmcp.aggregation` from 1.5.0 to 1.6.1
- [Release notes](https://github.com/gradleup/nmcp/releases)
- [Changelog](https://github.com/GradleUp/nmcp/blob/main/CHANGELOG.md)
- [Commits](GradleUp/nmcp@v1.5.0...v1.6.1)

---
updated-dependencies:
- dependency-name: gradle-wrapper
  dependency-version: 9.6.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-breaking
- dependency-name: com.gradleup.nmcp.aggregation
  dependency-version: 1.6.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-breaking
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Jul 1, 2026
@kermandev
kermandev merged commit 3e8b644 into master Jul 1, 2026
1 check passed
@dependabot
dependabot Bot deleted the dependabot/gradle/non-breaking-8c64260f9a branch July 1, 2026 21:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant