Skip to content

Bump gradle/actions from 3 to 5#23

Open
dependabot[bot] wants to merge 14 commits into
mainfrom
dependabot/github_actions/gradle/actions-5
Open

Bump gradle/actions from 3 to 5#23
dependabot[bot] wants to merge 14 commits into
mainfrom
dependabot/github_actions/gradle/actions-5

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Oct 1, 2025

Copy link
Copy Markdown

Bumps gradle/actions from 3 to 5.

Release notes

Sourced from gradle/actions's releases.

v5.0.0

What's Changed

Breaking Changes

Make sure your runner is updated to this version or newer to use this release. v2.327.1 Release Notes

Dependency upgrades

Full Changelog: gradle/actions@v4...v5.0.0

v4.4.4

What's Changed

Full Changelog: gradle/actions@v4...v4.4.4

v4.4.3

What's Changed

... (truncated)

Commits
  • 4d9f0ba Bump the github-actions group across 1 directory with 2 updates (#748)
  • 4b530e3 Bump the github-actions group across 1 directory with 2 updates
  • e60655a Upgrade to node 24 (#721)
  • 748248d Bump the npm-dependencies group in /sources with 5 updates (#745)
  • 81b68c9 Bump com.google.guava:guava from 33.4.8-jre to 33.5.0-jre in /.github/workflo...
  • 1361730 Bump com.google.guava:guava
  • a86ac11 Bump the npm-dependencies group in /sources with 5 updates
  • 182e4d3 [bot] Update dist directory
  • a48a0fa Update known wrapper checksums (#743)
  • 6d7d019 Update known wrapper checksums
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

gradle-update-robot and others added 14 commits February 26, 2025 01:07
@gradle-update-robot
Update Gradle Wrapper from 8.12.1 to 8.13
22d8d42 
Signed-off-by: gradle-update-robot <gradle-update-robot@regolo.cc>
@hankem
upgrade ASM (9.7.1 → 9.8) to support Java 25's class file major versi…
1f801a3 
…on 69

Signed-off-by: Manfred Hanke <Manfred.Hanke@tngtech.com>
@hankem
upgrade Guava (33.3.1-jre → 33.4.8-jre)
1ea6489 
https://github.com/google/guava/releases/tag/v33.4.4 has
- removed the dependency on JSR-305
  [google/guava@04bf030]
- migrated from Checker Framework annotations to (JSpecify)[https://jspecify.dev/] annotations
  [google/guava@2cc8c5e]
- removed the dependency on Checker Framework annotations
  [google/guava@800b3d4]

compare
- https://repo1.maven.org/maven2/com/google/guava/guava/33.3.1-jre/guava-33.3.1-jre.pom
- https://repo1.maven.org/maven2/com/google/guava/guava/33.4.8-jre/guava-33.4.8-jre.pom

Signed-off-by: Manfred Hanke <Manfred.Hanke@tngtech.com>
@hankem
upgrade slf4j (2.0.16 → 2.0.17) and test dependencies
e34ce85 
* org.apache.logging.log4j:log4j-{api,core,slf4j2-impl}
  2.24.1 → 2.24.3

* org.assertj:assertj-{core,guava}
  3.26.3 → 3.27.3

Signed-off-by: Manfred Hanke <Manfred.Hanke@tngtech.com>
@hankem
simplify JUnit dependencies
df96dfd 
  junit-jupiter
= junit-jupiter-api
+ junit-jupiter-params
+ junit-jupiter-engine (runtime)

Signed-off-by: Manfred Hanke <Manfred.Hanke@tngtech.com>
@hankem
upgrade JUnit (5.11.2 → 5.12.2)
70cab88 
Without the `junit-platform-launcher` dependency,
test execution in `archunit-3rd-party-test` fails with
```
Caused by: org.junit.platform.commons.JUnitException: TestEngine with ID 'junit-jupiter' failed to discover tests
	at app//org.junit.platform.launcher.core.EngineDiscoveryOrchestrator.discoverEngineRoot(EngineDiscoveryOrchestrator.java:160)
	at app//org.junit.platform.launcher.core.EngineDiscoveryOrchestrator.discoverSafely(EngineDiscoveryOrchestrator.java:134)
	at app//org.junit.platform.launcher.core.EngineDiscoveryOrchestrator.discover(EngineDiscoveryOrchestrator.java:108)
	at app//org.junit.platform.launcher.core.EngineDiscoveryOrchestrator.discover(EngineDiscoveryOrchestrator.java:80)
	at app//org.junit.platform.launcher.core.DefaultLauncher.discover(DefaultLauncher.java:110)
	at app//org.junit.platform.launcher.core.DefaultLauncher.execute(DefaultLauncher.java:86)
	at app//org.junit.platform.launcher.core.DefaultLauncherSession$DelegatingLauncher.execute(DefaultLauncherSession.java:86)
	at org.gradle.api.internal.tasks.testing.junitplatform.JUnitPlatformTestClassProcessor$CollectAllTestClassesExecutor.processAllTestClasses(JUnitPlatformTestClassProcessor.java:124)
	at org.gradle.api.internal.tasks.testing.junitplatform.JUnitPlatformTestClassProcessor$CollectAllTestClassesExecutor.access$000(JUnitPlatformTestClassProcessor.java:99)
	at org.gradle.api.internal.tasks.testing.junitplatform.JUnitPlatformTestClassProcessor.stop(JUnitPlatformTestClassProcessor.java:94)
	at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.stop(SuiteTestClassProcessor.java:63)
	... 16 more
Caused by: org.junit.platform.commons.JUnitException: OutputDirectoryProvider not available; probably due to unaligned versions of the junit-platform-engine and junit-platform-launcher jars on the classpath/module path.
	at app//org.junit.platform.engine.EngineDiscoveryRequest.getOutputDirectoryProvider(EngineDiscoveryRequest.java:94)
	at app//org.junit.jupiter.engine.JupiterTestEngine.discover(JupiterTestEngine.java:67)
	at app//org.junit.platform.launcher.core.EngineDiscoveryOrchestrator.discoverEngineRoot(EngineDiscoveryOrchestrator.java:152)
	... 26 more
```

Signed-off-by: Manfred Hanke <Manfred.Hanke@tngtech.com>
@hankem
Ignore sun packages when importing full classpath
0194182 
resolves TNG#1446

The CI build has recently often failed on `ubuntu` and `macos` with Java 8,
due to `java.lang.OutOfMemoryError: GC overhead limit exceeded`.

This is due to `ClassFileImporterSlowTest` importing the full classpath in some tests,
which gives more than 20k classes on Java 8,
which contains 7k classes in `com.sun` and 4k classes in `sun` packages
that can easily be ignored.

Signed-off-by: Manfred Hanke <Manfred.Hanke@tngtech.com>
@hankem
remove unused dependencies
f80ab70 
Signed-off-by: Manfred Hanke <Manfred.Hanke@tngtech.com>
@hankem
simplify dependency exclusion
3f94312 
`it` in the `exclude(dependency { /*...*/ })` closure of
[DependencyFilter](https://github.com/GradleUp/shadow/blob/8.3.6/src/main/groovy/com/github/jengelman/gradle/plugins/shadow/internal/DependencyFilter.groovy)
is a [`org.gradle.api.artifacts.ResolvedDependency`](https://docs.gradle.org/current/javadoc/org/gradle/api/artifacts/ResolvedDependency.html),
whose [`name`](https://github.com/gradle/gradle/blob/v8.13.0/platforms/software/dependency-management/src/main/java/org/gradle/api/internal/artifacts/DefaultResolvedDependency.java#L76-L78) is a `String`.

When the comparison `it.name != dependency.guava` was introduced with 18c5d18,
`dependency.guava` was String that could be compared against `it.name`,
but 82d61ad has changed this those to a `Map`.

However `dependency.guava` is relocated anyway – and hence removed by the `removeDuplicateThirdParty` task (as it is transitively available in `archunit.jar`),
so we can simply drop `dependency.guava` from not being excluded in the `shadowJar`.

Signed-off-by: Manfred Hanke <Manfred.Hanke@tngtech.com>
@hankem
introduce Gradle version catalog for ArchUnit dependencies
ce80903 
Signed-off-by: Manfred Hanke <Manfred.Hanke@tngtech.com>
@hankem
use Gradle version catalog for ArchUnit-Examples
548da3c
@hankem
downgrade to test dependabot
a573854
@hankem
Merge pull request #1 from hankem/gradlew-update-8.13
9d0b02b 
Update Gradle Wrapper from 8.12.1 to 8.13
@dependabot
Bump gradle/actions from 3 to 5
64c0113 
Bumps [gradle/actions](https://github.com/gradle/actions) from 3 to 5.
- [Release notes](https://github.com/gradle/actions/releases)
- [Commits](gradle/actions@v3...v5)

---
updated-dependencies:
- dependency-name: gradle/actions
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Oct 1, 2025
@dependabot dependabot Bot mentioned this pull request Oct 1, 2025
Closed
@hankem hankem force-pushed the main branch 4 times, most recently from 0740662 to 1a0cfac Compare May 15, 2026 06:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@gradle-update-robot @hankem