Bump gradle-wrapper from 8.7 to 9.6.1#45
Conversation
Bumps [gradle-wrapper](https://github.com/gradle/gradle) from 8.7 to 9.6.1. - [Release notes](https://github.com/gradle/gradle/releases) - [Commits](gradle/gradle@v8.7.0...v9.6.1) --- updated-dependencies: - dependency-name: gradle-wrapper dependency-version: 9.6.1 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Gradle 9 requires JVM 17+ to launch, and drops the deprecated public org.gradle.util.ConfigureUtil class that io.github.gradle-nexus.publish-plugin 1.1.0 calls unconditionally when configuring nexusPublishing — both would break every ./gradlew invocation once the wrapper points at 9.6.1. - Bump io.github.gradle-nexus.publish-plugin 1.1.0 -> 2.0.0, which version-gates its use of ConfigureUtil and works fine on Gradle 9. Regenerate buildscript-gradle.lockfile to match (dependency locking is enabled, so the old locked version would otherwise fail resolution). - sdk.yml: keep testing against JDK 8/11/16/17/21 via a Gradle Java toolchain instead of using the matrix JDK to launch Gradle directly, by adding a second setup-java step that installs JDK 21 to run Gradle while the matrix JDK stays discoverable through its JAVA_HOME_<version>_X64 env var for toolchain auto-detection. - lib/build.gradle: opt-in toolchain, only activated via -PtestJavaVersion (passed from CI), so local/default builds are unaffected. - gradle.properties: org.gradle.java.installations.fromEnv so Gradle's toolchain resolver can see the installations set up above. Co-Authored-By: Claude Sonnet 5 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01K3cSMrYuhNu8ENnbK1XpuH
Gradle 9 no longer implicitly resolves a JUnit Platform Launcher onto the test runtime classpath; it must be declared explicitly or `test` fails with "Failed to load JUnit Platform... including the JUnit Platform launcher." Confirmed live on this PR's own CI run under real Gradle 9.6.1 after the previous fix commit unblocked build configuration. Co-Authored-By: Claude Sonnet 5 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01K3cSMrYuhNu8ENnbK1XpuH
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
|
Warning Review the following alerts detected in dependencies. According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.
|
Review: Gradle wrapper 8.7 → 9.6.1Verdict: safe to merge, with two fixes pushed to this branch that were required to make the bump actually work (Gradle 9 breaks this repo's build without them — see below). All 5 What was changed beyond the dependabot diff
Security checkThe wrapper diff ( Verification
No other risks identified. Generated by Claude Code |
No content change on checkout (still CRLF per the existing eol=crlf attribute) — only the internal blob normalization, which was previously inconsistent with git's own clean filter and caused the file to show as perpetually modified in any fresh checkout. Co-Authored-By: Claude Sonnet 5 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_01K3cSMrYuhNu8ENnbK1XpuH
Bumps gradle-wrapper from 8.7 to 9.6.1.
Release notes
Sourced from gradle-wrapper's releases.
... (truncated)
Commits
309d128Update fixed issues in release notes for 9.6.1 (#38328)040a978Update fixed issues in release notes for 9.6.1e0b8325Restore --non-interactive flag instead of --interactive/--no-interactive (#38...946f3e6Limit explicit temp file permission setting to intended use case (#38300)65f8224Restore --non-interactive flag instead of --interactive/--no-interactivee346a5eAdjust CLI flag to configure non-interactive console (#38301)9b53be9Adjust CLI flag to configure non-interactive console0dd3b53Limit explicit temp file permission setting to intended use case48e5ac2Add reproducers25598fdPrepare 9.6.1 patch release (#38293)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)