Skip to content

build(deps): bump the all-dependencies group across 1 directory with 10 updates#63

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/maven/all-dependencies-7943f3a382
Closed

build(deps): bump the all-dependencies group across 1 directory with 10 updates#63
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/maven/all-dependencies-7943f3a382

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 21, 2026

Copy link
Copy Markdown

Bumps the all-dependencies group with 10 updates in the / directory:

Package From To
com.google.guava:guava 33.5.0-jre 33.6.0-jre
org.apache.commons:commons-rng-simple 1.6 1.7
org.apache.commons:commons-rng-sampling 1.6 1.7
org.apache.commons:commons-rng-client-api 1.6 1.7
org.apache.commons:commons-rng-core 1.6 1.7
org.agrona:agrona 2.4.0 2.4.1
org.apache.httpcomponents.client5:httpclient5 5.6 5.6.1
software.amazon.awssdk:bom 2.42.33 2.42.37
org.openjfx:javafx-graphics 26 26.0.1
org.openjfx:javafx-base 26 26.0.1

Updates com.google.guava:guava from 33.5.0-jre to 33.6.0-jre

Release notes

Sourced from com.google.guava:guava's releases.

33.6.0

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.6.0-jre</version>
  <!-- or, for Android: -->
  <version>33.6.0-android</version>
</dependency>

Jar files

Guava requires one runtime dependency, which you can download here:

Javadoc

JDiff

Changelog

  • Migrated some classes from finalize() to PhantomReference in preparation for the removal of finalization. (786b619dd6, 7c6b17c, aeef90988d)
  • cache: Deprecated CacheBuilder APIs that use TimeUnit in favor of those that use Duration. (73f8b0bb84)
  • collect: Added toImmutableSortedMap collectors that use the natural comparator. (64d70b9f94)
  • collect: Changed ConcurrentHashMultiset, ImmutableMap and TreeMultiset deserialization to avoid mutating final fields. In extremely unlikely scenarios in which an instance of that type contains an object that refers back to that instance, this could lead to a broken instance that throws NullPointerException when used. (8240c7e596, 046468055f)
  • graph: Removed @Beta from all APIs in the package. (dae9566b73)
  • graph: Added support to Graphs.transitiveClosure() for different strategies for adding self-loops. (2e13df25b2)
  • graph: Added an asNetwork() view to Graph and ValueGraph. (909c593c61)
  • hash: Added BloomFilter.serializedSize(). (df9bcc251a)
  • net: Added HttpHeaders.CDN_CACHE_CONTROL. (75331b5030)
Commits

Updates org.apache.commons:commons-rng-simple from 1.6 to 1.7

Updates org.apache.commons:commons-rng-sampling from 1.6 to 1.7

Updates org.apache.commons:commons-rng-client-api from 1.6 to 1.7

Updates org.apache.commons:commons-rng-core from 1.6 to 1.7

Updates org.agrona:agrona from 2.4.0 to 2.4.1

Changelog

Sourced from org.agrona:agrona's changelog.

== 2.4.1 (2025-04-22)

  • Upgrade to JUnit 6.0.3.
  • Upgrade to Gradle 9.4.1.
  • Upgrade to Mockito 5.23.0
  • Upgrade to Shadow 9.4.1.
  • Upgrade to ByteBuddy 1.18.7
  • Upgrade to Checkstyle 12.3.1
Commits
  • e369278 [Doc] Update Changelog 2.4.1, #2.
  • a86d5d3 [Doc] Update Changelog 2.4.1.
  • 64cbcd5 2.4.1 release
  • 6ac5454 [Checkstyle] Allow inline return tags in the Javadoc comments + align with Ae...
  • 259fff5 [CI] Upgrade to Github Actions:
  • 71891cd [Java] Upgrade to Shdow 9.4.1.
  • 982ab38 [Java] Upgrade to Gradle 9.4.1.
  • 3c7d62b [CI] Remove 26-ea since GA is available.
  • 57ab882 [Java] Fix ByteBuddy unsafe warning.
  • 60264ad [Java] Upgrade to Shadow 9.4.0.
  • Additional commits viewable in compare view

Updates org.apache.httpcomponents.client5:httpclient5 from 5.6 to 5.6.1

Changelog

Sourced from org.apache.httpcomponents.client5:httpclient5's changelog.

Release 5.6.1

This is a maintenance release disables experimental SCRAM auth scheme by default and fixes SCRAM final response handling. The SCRAM auth scheme can be re-enabled by choosing a custom auth scheme preference sequence that explicitly includes SCRAM auth.

Change Log

  • Fix SCRAM final response handling. Contributed by Arturo Bernal

  • Auth challenge parsing code improvement. Contributed by Oleg Kalnichevski

  • Add missing Javadoc for ConnectionConfig (#820). Contributed by Gary Gregory

  • Bug fix: Corrected async message exchange cancellation logic in InternalHttpAsyncExecRuntime. Contributed by Oleg Kalnichevski

  • HTTPCLIENT-2417: Honor TlsConfig attachment in async connect path. Contributed by Arturo Bernal

  • HTTPCLIENT-2414: Fix Basic auth cache scoping across path prefixes (#802). Contributed by Arturo Bernal

  • HTTPCLIENT-2415: Normalize CookieOrigin path for cookie matching (#803). Contributed by Arturo Bernal

  • Bug fix: Corrected sleep time calculation in IdleConnectionEvictor; use 1 minute sleep time by default. Contributed by Oleg Kalnichevski

  • DefaultManagedHttpClientConnection: Restore original socket timeout. Contributed by Ryan Schmitt

  • HTTPCLIENT-2411: Use standard HTTP-date format for synthesized Date header (#775). Contributed by Arturo Bernal

  • Fix NPE in connection evictor setup (#774). Contributed by Arturo Bernal

Commits
  • 4f86ca6 HttpClient 5.6.1 release
  • 1b2bafe Updated release notes for HttpClient 5.6.1 release
  • 1acf00b Fix SCRAM final response handling
  • 49549ab Auth challenge parsing code improvement
  • fa6b6d7 Add missing Javadoc for ConnectionConfig (#820)
  • 3de8ad5 Fixed DefaultClientTlsStrategy test failures on MacOS
  • c69f38f Bug-fix: corrects message exchange cancellation logic in InternalHttpAsyncExe...
  • 30386d3 HTTPCLIENT-2417 Honor TlsConfig attachment in async connect path
  • 9cc45f6 HTTPCLIENT-2414 - Fix Basic auth cache scoping across path prefixes (#802)
  • 1e01a48 HTTPCLIENT-2415: Normalize CookieOrigin path for cookie matching (#803)
  • Additional commits viewable in compare view

Updates software.amazon.awssdk:bom from 2.42.33 to 2.42.37

Updates org.openjfx:javafx-graphics from 26 to 26.0.1

Updates org.openjfx:javafx-base from 26 to 26.0.1

Updates org.openjfx:javafx-base from 26 to 26.0.1

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…10 updates

Bumps the all-dependencies group with 10 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [com.google.guava:guava](https://github.com/google/guava) | `33.5.0-jre` | `33.6.0-jre` |
| org.apache.commons:commons-rng-simple | `1.6` | `1.7` |
| org.apache.commons:commons-rng-sampling | `1.6` | `1.7` |
| org.apache.commons:commons-rng-client-api | `1.6` | `1.7` |
| org.apache.commons:commons-rng-core | `1.6` | `1.7` |
| [org.agrona:agrona](https://github.com/aeron-io/agrona) | `2.4.0` | `2.4.1` |
| [org.apache.httpcomponents.client5:httpclient5](https://github.com/apache/httpcomponents-client) | `5.6` | `5.6.1` |
| software.amazon.awssdk:bom | `2.42.33` | `2.42.37` |
| org.openjfx:javafx-graphics | `26` | `26.0.1` |
| org.openjfx:javafx-base | `26` | `26.0.1` |



Updates `com.google.guava:guava` from 33.5.0-jre to 33.6.0-jre
- [Release notes](https://github.com/google/guava/releases)
- [Commits](https://github.com/google/guava/commits)

Updates `org.apache.commons:commons-rng-simple` from 1.6 to 1.7

Updates `org.apache.commons:commons-rng-sampling` from 1.6 to 1.7

Updates `org.apache.commons:commons-rng-client-api` from 1.6 to 1.7

Updates `org.apache.commons:commons-rng-core` from 1.6 to 1.7

Updates `org.agrona:agrona` from 2.4.0 to 2.4.1
- [Release notes](https://github.com/aeron-io/agrona/releases)
- [Changelog](https://github.com/aeron-io/agrona/blob/master/CHANGELOG.adoc)
- [Commits](aeron-io/agrona@2.4.0...2.4.1)

Updates `org.apache.httpcomponents.client5:httpclient5` from 5.6 to 5.6.1
- [Changelog](https://github.com/apache/httpcomponents-client/blob/rel/v5.6.1/RELEASE_NOTES.txt)
- [Commits](apache/httpcomponents-client@rel/v5.6...rel/v5.6.1)

Updates `software.amazon.awssdk:bom` from 2.42.33 to 2.42.37

Updates `org.openjfx:javafx-graphics` from 26 to 26.0.1

Updates `org.openjfx:javafx-base` from 26 to 26.0.1

Updates `org.openjfx:javafx-base` from 26 to 26.0.1

---
updated-dependencies:
- dependency-name: com.google.guava:guava
  dependency-version: 33.6.0-jre
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: org.apache.commons:commons-rng-simple
  dependency-version: '1.7'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: org.apache.commons:commons-rng-sampling
  dependency-version: '1.7'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: org.apache.commons:commons-rng-client-api
  dependency-version: '1.7'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: org.apache.commons:commons-rng-core
  dependency-version: '1.7'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-dependencies
- dependency-name: org.agrona:agrona
  dependency-version: 2.4.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: org.apache.httpcomponents.client5:httpclient5
  dependency-version: 5.6.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: software.amazon.awssdk:bom
  dependency-version: 2.42.37
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: org.openjfx:javafx-graphics
  dependency-version: 26.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: org.openjfx:javafx-base
  dependency-version: 26.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
- dependency-name: org.openjfx:javafx-base
  dependency-version: 26.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Apr 21, 2026
@dependabot @github

dependabot Bot commented on behalf of github Apr 23, 2026

Copy link
Copy Markdown
Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Apr 23, 2026
@dependabot dependabot Bot deleted the dependabot/maven/all-dependencies-7943f3a382 branch April 23, 2026 23:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants