Skip to content

build(deps): bump the production group with 3 updates#72

Merged
softwaremill-ci merged 1 commit into
mainfrom
dependabot/gradle/production-ae0592a1c0
Jul 15, 2026
Merged

build(deps): bump the production group with 3 updates#72
softwaremill-ci merged 1 commit into
mainfrom
dependabot/gradle/production-ae0592a1c0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 15, 2026

Copy link
Copy Markdown
Contributor

Bumps the production group with 3 updates: org.jetbrains.kotlin:kotlin-gradle-plugin, org.hibernate.orm:hibernate-core and ch.qos.logback:logback-classic.

Updates org.jetbrains.kotlin:kotlin-gradle-plugin from 2.4.0 to 2.4.10

Release notes

Sourced from org.jetbrains.kotlin:kotlin-gradle-plugin's releases.

Kotlin 2.4.10

Changelog

Backend. Wasm

  • KT-87066 K/Wasm: Not all files are presented in compiler output directory with multimodule-closed-world and incremental compilation

Compiler

  • KT-86939 JVM: IllegalStateException "No value for annotation parameter" when using const val in nested Java annotation array argument
  • KT-83766 K2: Wrong sourcePsi is set for SymbolPsiLiteral in SLC for annotation arguments referencing a const val
  • KT-86728 Reified type inference: expected type not propagated into inline call inside lambda with elvis operator

Compose Compiler

  • b/522127447 Compose Compiler 2.4: classes previously inferred stable now reported runtime/Uncertain

Klibs

  • KT-86501 Native: IrTypeAliasSymbolImpl is already bound. Signature: kotlinx.datetime/Instant|null[0] on iosSimulatorArm64

Tools. CLI

  • KT-86930 Introduce kotlinr in the Kotlin distribution

Tools. Gradle. BCV

  • KT-87223 Gradle, BCV: open version range in kotlinAbiValidationCompatClasspath causes kotlin-build-tools-impl to resolve to 2.4.20-Beta1 instead of 2.4.0

Tools. Gradle. JS

  • KT-87304 jsBrowserTest fails with "exited with errors (exit code: 1)"
  • KT-86057 kotlinUpgradeYarnLock skips lock file regeneration when kotlinNpmInstall is up-to-date, causing kotlinStoreYarnLock to fail

Tools. Gradle. Multiplatform

  • KT-87084 False positive warning for JS and Wasm compilations when CRI is enabled

Tools. Scripts

  • KT-87076 @file:CompilerOptions("-jvm-target", ...) ignored in .main.kts scripts in Kotlin 2.4.0, falling back to JVM target 1.8
  • KT-86352 K2 scripting: FirResolvedTypeRef exception when resolving extension functions from imported scripts

Kotlin 2.4.10-RC2

Changelog

Backend. Wasm

  • KT-87066 K/Wasm: Not all files are presented in compiler output directory with multimodule-closed-world and incremental compilation

... (truncated)

Changelog

Sourced from org.jetbrains.kotlin:kotlin-gradle-plugin's changelog.

2.4.10

Backend. Wasm

  • KT-87066 K/Wasm: Not all files are presented in compiler output directory with multimodule-closed-world and incremental compilation

Compiler

  • KT-86939 JVM: IllegalStateException "No value for annotation parameter" when using const val in nested Java annotation array argument
  • KT-83766 K2: Wrong sourcePsi is set for SymbolPsiLiteral in SLC for annotation arguments referencing a const val
  • KT-86728 Reified type inference: expected type not propagated into inline call inside lambda with elvis operator

Compose Compiler

  • b/522127447 Compose Compiler 2.4: classes previously inferred stable now reported runtime/Uncertain

Klibs

  • KT-86501 Native: IrTypeAliasSymbolImpl is already bound. Signature: kotlinx.datetime/Instant|null[0] on iosSimulatorArm64

Tools. CLI

  • KT-86930 Introduce kotlinr in the Kotlin distribution

Tools. Gradle. BCV

  • KT-87223 Gradle, BCV: open version range in kotlinAbiValidationCompatClasspath causes kotlin-build-tools-impl to resolve to 2.4.20-Beta1 instead of 2.4.0

Tools. Gradle. JS

  • KT-87304 jsBrowserTest fails with "exited with errors (exit code: 1)"
  • KT-86057 kotlinUpgradeYarnLock skips lock file regeneration when kotlinNpmInstall is up-to-date, causing kotlinStoreYarnLock to fail

Tools. Gradle. Multiplatform

  • KT-87084 False positive warning for JS and Wasm compilations when CRI is enabled

Tools. Scripts

  • KT-87076 @file:CompilerOptions("-jvm-target", ...) ignored in .main.kts scripts in Kotlin 2.4.0, falling back to JVM target 1.8
  • KT-86352 K2 scripting: FirResolvedTypeRef exception when resolving extension functions from imported scripts
Commits
  • 5687445 Add Changelog for 2.4.10-RC2
  • ba30392 [Wasm] Support regenerate unchanged modules flag on KGP
  • 6307e73 [Wasm] Implement Xwasm-IC-generate-unchanged-modules flag
  • 39d7aee Add ChangeLog for 2.4.10-RC2
  • a2956be [Gradle] Update karma.conf.js to use 'require(...)' instead plain strings
  • 9b1361c [Gradle] KT-87223: Updated regression test
  • a4c153a [Gradle] KT-87223: Fix toochain to 2.4.0 for abiValidation compat config
  • bc04b90 Add ChangeLog for 2.4.10-RC
  • bbcb94b [CRI] explicitly disable CRI generation for non-JVM targets to avoid false-po...
  • 6c2c458 Scripting: fix jvmTarget processing from script annotations
  • Additional commits viewable in compare view

Updates org.hibernate.orm:hibernate-core from 7.4.4.Final to 7.4.5.Final

Release notes

Sourced from org.hibernate.orm:hibernate-core's releases.

Release 7.4.5

Hibernate ORM 7.4.5.Final released

Today, we published a new release of Hibernate ORM 7.4: 7.4.5.Final.

You can find the full list of 7.4.5.Final changes here.

What's new

  • See the website for requirements and compatibilities.
  • See the What's New guide for details about new features and capabilities.
  • See the Migration Guide for details about migration.

Conclusion

For additional details, see:

See also the following resources related to supported APIs:

Visit the website for details on getting in touch with us.

Changelog

Sourced from org.hibernate.orm:hibernate-core's changelog.

Changes in 7.4.5.Final (July 12, 2026)

https://hibernate.atlassian.net/projects/HHH/versions/40032

** Bug * HHH-20665 In loadJackson3Modules, the ObjectMapper check incorrectly compares against a Jackson 2 instead of a Jackson 3 mapper class * HHH-20650 CTE names/columns and generated recursive search/cycle columns are not quoted when they are reserved words * HHH-20583 Spurious HHH90010101 / HHH90010108 warnings on every bulk operation under container-managed JTA (Hibernate 7.3 / WildFly) * HHH-20522 Json array and object construction doesn't handle values of type UUID, timestamp, binary well * HHH-20511 Oracle JSON value handling of UUID broken * HHH-20509 Hibernate Data Repositories generates a BasicRepository impl that can't 'saveAll' entities with null ids * HHH-20223 DB2 Json value handling of UUID, binary and timestamp with time zone broken * HHH-19566 EntityFilterException not thrown (due to filter not applied) * HHH-13010 Metamodel Generator chooses wrong default access type when child entity in hierarchy hasn't own access type annotation * HHH-4451 StatefulPersistenceContext.deserialize must re-inject field interceptors after reading the entities from the input stream

Commits
  • 6f28be6 [Jenkins release job] Preparing release 7.4.5.Final
  • 5c58624 [Jenkins release job] changelog.txt updated by release build 7.4.5.Final
  • 934ad54 Migrate mirror handling from applied script to init script
  • 9686a95 Rework mirror handling in Gradle build
  • 2f009bf HHH-4451 Serialize lazy attribute interceptor state for enhanced entities
  • 35d00fd HHH-20650 Add test for issue
  • c2ea145 HHH-20650 Route the CTE name through IdentifierHelper for quoting
  • 278bb23 HHH-13010 Align the metamodel generator's default access type inference with ...
  • 5da3bf8 HHH-20583 Stop warn and force execute afterTransactionCompletions unless JTA ...
  • cee46dc HHH-19566 improve test
  • Additional commits viewable in compare view

Updates ch.qos.logback:logback-classic from 1.5.37 to 1.5.38

Release notes

Sourced from ch.qos.logback:logback-classic's releases.

Logback 1.5.38

2026-07-09 Release of logback version 1.5.38

• In HardenedObjectInputStream, fixed a typo preventing Throwable objects from being white-filtered. This issue was reported in [PR #1045](qos-ch/logback#1045) by t0rchwo0d.

• A bitwise identical binary of this version can be reproduced by building from source code at commit d04984a41fce42977466f45a2f076f0ee5cc4207 associated with the tag v_1.5.38. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Commits
  • d04984a prepare release 1.5.38
  • 4fffda6 updateversion of maven-gpg-plugin
  • 7ee48a1 Fixed a typo where java,lang.Throwable was written with a comma instead of a ...
  • 84580a2 remove license profile
  • f817c8d start work on 1.5.28-SNAPSHOT
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the production group with 3 updates: [org.jetbrains.kotlin:kotlin-gradle-plugin](https://github.com/JetBrains/kotlin), [org.hibernate.orm:hibernate-core](https://github.com/hibernate/hibernate-orm) and [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback).


Updates `org.jetbrains.kotlin:kotlin-gradle-plugin` from 2.4.0 to 2.4.10
- [Release notes](https://github.com/JetBrains/kotlin/releases)
- [Changelog](https://github.com/JetBrains/kotlin/blob/master/ChangeLog.md)
- [Commits](JetBrains/kotlin@v2.4.0...v2.4.10)

Updates `org.hibernate.orm:hibernate-core` from 7.4.4.Final to 7.4.5.Final
- [Release notes](https://github.com/hibernate/hibernate-orm/releases)
- [Changelog](https://github.com/hibernate/hibernate-orm/blob/7.4.5/changelog.txt)
- [Commits](hibernate/hibernate-orm@7.4.4...7.4.5)

Updates `ch.qos.logback:logback-classic` from 1.5.37 to 1.5.38
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](qos-ch/logback@v_1.5.37...v_1.5.38)

---
updated-dependencies:
- dependency-name: org.jetbrains.kotlin:kotlin-gradle-plugin
  dependency-version: 2.4.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: org.hibernate.orm:hibernate-core
  dependency-version: 7.4.5.Final
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.38
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the automerge Auto-merge after CI passes label Jul 15, 2026
@softwaremill-ci
softwaremill-ci merged commit a51af9d into main Jul 15, 2026
7 checks passed
@softwaremill-ci
softwaremill-ci deleted the dependabot/gradle/production-ae0592a1c0 branch July 15, 2026 10:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

automerge Auto-merge after CI passes

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant