fix(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	Age	Confidence
docker/login-action	action	minor	v3.6.0 → v3.7.0
gradle (source)		patch	9.3.0 → 9.3.1
gradle/actions	action	patch	5.0.0 → 5.0.1
mikepenz/release-changelog-builder-action	action	minor	6.0.1 → 6.1.0
org.jetbrains.kotlin:kotlin-bom (source)	dependencies	patch	2.3.0 → 2.3.10
org.xerial:sqlite-jdbc	dependencies	patch	3.51.1.0 → 3.51.2.0
org.hibernate.orm:hibernate-hikaricp (source)	dependencies	patch	7.2.2.Final → 7.2.4.Final
org.hibernate.orm:hibernate-community-dialects (source)	dependencies	patch	7.2.2.Final → 7.2.4.Final
org.hibernate.orm:hibernate-core (source)	dependencies	patch	7.2.2.Final → 7.2.4.Final
com.openai:openai-java (source)	dependencies	minor	4.16.1 → 4.19.0
io.netty:netty-bom (source)	dependencies	patch	4.2.9.Final → 4.2.10.Final
io.netty:netty-all (source)	dependencies	patch	4.2.9.Final → 4.2.10.Final
org.checkerframework:checker-qual (source)	dependencies	patch	3.53.0 → 3.53.1
org.lwjgl:lwjgl (source)	dependencies	patch	3.4.0 → 3.4.1
org.lwjgl:lwjgl-tinyfd (source)	dependencies	patch	3.4.0 → 3.4.1
org.lwjgl:lwjgl-stb (source)	dependencies	patch	3.4.0 → 3.4.1
org.lwjgl:lwjgl-opengl (source)	dependencies	patch	3.4.0 → 3.4.1
org.lwjgl:lwjgl-openal (source)	dependencies	patch	3.4.0 → 3.4.1
org.lwjgl:lwjgl-jemalloc (source)	dependencies	patch	3.4.0 → 3.4.1
org.lwjgl:lwjgl-glfw (source)	dependencies	patch	3.4.0 → 3.4.1
org.lwjgl:lwjgl-freetype (source)	dependencies	patch	3.4.0 → 3.4.1
commons-codec:commons-codec (source)	dependencies	minor	1.20.0 → 1.21.0
com.google.errorprone:error_prone_core (source)	dependencies	minor	2.46.0 → 2.47.0
com.microsoft.azure:msal4j	dependencies	minor	1.23.1 → 1.24.0
com.github.oshi:oshi-core	dependencies	patch	6.9.2 → 6.9.3
net.fabricmc:tiny-remapper	dependencies	minor	0.12.3 → 0.13.0
com.gradle.develocity	plugin	patch	4.3.1 → 4.3.2
com.linecorp.armeria:armeria-bom (source)	dependencies	minor	1.35.0 → 1.36.0
com.google.protobuf:protobuf-java-util (source)	dependencies	patch	4.33.4 → 4.33.5
com.google.protobuf:protobuf-bom (source)	dependencies	patch	4.33.4 → 4.33.5
io.grpc:grpc-netty	dependencies	minor	1.78.0 → 1.79.0
io.grpc:grpc-stub	dependencies	minor	1.78.0 → 1.79.0
io.grpc:grpc-services	dependencies	minor	1.78.0 → 1.79.0
io.grpc:grpc-protobuf	dependencies	minor	1.78.0 → 1.79.0

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

docker/login-action (docker/login-action)

v3.7.0

Compare Source

• Add scope input to set scopes for the authentication token by @​crazy-max in #​912
• Add support for AWS European Sovereign Cloud ECR by @​dphi in #​914
• Ensure passwords are redacted with registry-auth input by @​crazy-max in #​911
• build(deps): bump lodash from 4.17.21 to 4.17.23 in #​915

Full Changelog: docker/login-action@v3.6.0...v3.7.0

gradle/gradle (gradle)

v9.3.1: 9.3.1

Compare Source

This is a patch release for 9.3.0. We recommend using 9.3.1 instead of 9.3.0.

The following issues were resolved:

• Cannot find testcases from Android Screenshot Test plugin since Gradle 9.3.0
• Excluding dependencies from included builds doesn't work in Gradle 9.3.0
• ExternalDependency and DependencyConstraint cannot be passed to DependencyResolveDetails#useTarget
• Gradle 9.3.0 generate JUnit test result files with wrong name
• Build cache cannot handle outputs with non-BMP characters in the filename
• Emojis in test names should not break build caching
• Non utf-8 c code is no longer buildable
• Breaking change in 9.3.0 regarding cross-project dependency manipulation
• JUnit3 tests cannot be run with Gradle 9.3.0
• Test.setScanForTestClasses(false) causes all junit4 tests to be skipped

Read the Release Notes

Upgrade instructions

Switch your build to use Gradle 9.3.1 by updating your wrapper:

./gradlew wrapper --gradle-version=9.3.1 && ./gradlew wrapper

See the Gradle 9.x upgrade guide to learn about deprecations, breaking changes and other considerations when upgrading.

For Java, Groovy, Kotlin and Android compatibility, see the full compatibility notes.

Reporting problems

If you find a problem with this release, please file a bug on GitHub Issues adhering to our issue guidelines.
If you're not sure you're encountering a bug, please use the forum.

We hope you will build happiness with Gradle, and we look forward to your feedback via Twitter or on GitHub.

gradle/actions (gradle/actions)

v5.0.1

Compare Source

What's Changed

• Bump npm code dependency versions
• Bump Gradle versions used in sample builds
• Bump dependencies versions in Gradle sample builds
• Bump GitHub actions used for build and test
• Update known wrapper checksums to include Gradle 9.2+

Full Changelog: gradle/actions@v5.0.0...v5.0.1

mikepenz/release-changelog-builder-action (mikepenz/release-changelog-builder-action)

v6.1.0

Compare Source

🚀 Features

• fix: update dependencies | fix undici vunerability | upgrade github dependency
  • PR: #​1510
• chore: upgrade dependencies to latest major versions
  • PR: #​1512

📦 Dependencies

• Bump github/codeql-action from 3 to 4
  • PR: #​1490
• Bump actions/setup-node from 4 to 6
  • PR: #​1486
• Bump mikepenz/release-changelog-builder-action from 5 to 6
  • PR: #​1489
• Bump actions/upload-artifact from 4 to 5
  • PR: #​1488
• Bump mikepenz/action-junit-report from 5 to 6
  • PR: #​1487
• Update octokit/rest, globals
  • PR: #​1491
• Bump actions/checkout from 4 to 5
  • PR: #​1492
• Bump js-yaml from 4.1.0 to 4.1.1
  • PR: #​1494
• Bump the dev-dependencies group with 3 updates
  • PR: #​1495
• Bump vitest from 4.0.7 to 4.0.10
  • PR: #​1496
• Bump actions/checkout from 5 to 6
  • PR: #​1501
• Bump actions/upload-artifact from 5 to 6
  • PR: #​1508
• fix: update dependencies | fix undici vunerability | upgrade github dependency
  • PR: #​1510
• chore: upgrade dependencies to latest major versions
  • PR: #​1512

Contributors:

• @​dependabot[bot], @​mikepenz

JetBrains/kotlin (org.jetbrains.kotlin:kotlin-bom)

v2.3.10

Compare Source

xerial/sqlite-jdbc (org.xerial:sqlite-jdbc)

v3.51.2.0

Compare Source

Changelog

🚀 Features

sqlite

• upgrade to sqlite 3.51.2 (63a45e7)

🛠 Build

• update location for 2026 (1a7c2a0)

Contributors

We'd like to thank the following people for their contributions:
Gauthier Roebroeck

v3.51.1.1

Compare Source

Changelog

🚀 Features

sqlite

• enable percentile extension (470c78c), closes #​1360

🛠 Build

deps

• bump org.graalvm.sdk:nativeimage from 25.0.1 to 25.0.2 (e5e8aca)
• bump org.graalvm.buildtools:native-maven-plugin (92e995c)
• bump org.jreleaser:jreleaser-maven-plugin (1ba2ff1)
• bump actions/upload-artifact from 5 to 6 (77e1e27)
• bump actions/download-artifact from 6 to 7 (1f35b97)
• bump org.apache.maven.plugins:maven-source-plugin (8384f5b)

deps-dev

• bump org.apache.maven.plugins:maven-compiler-plugin (0d07829)
• bump org.codehaus.mojo:versions-maven-plugin (2a61f25)
• bump org.mockito:mockito-core from 5.20.0 to 5.21.0 (f8de260)

Contributors

We'd like to thank the following people for their contributions:
Gauthier, Gauthier Roebroeck

hibernate/hibernate-orm (org.hibernate.orm:hibernate-hikaricp)

v7.2.4.Final

v7.2.3.Final

openai/openai-java (com.openai:openai-java)

v4.19.0

Compare Source

Full Changelog: v4.18.0...v4.19.0

Features

• api: add context_management to responses (da0fb59)
• api: add webhook signature verification (1823eca)
• api: responses context_management (c0f2cd1)

Chores

• internal: upgrade AssertJ (5c01787)

v4.18.0

Compare Source

Full Changelog: v4.17.0...v4.18.0

Features

• api: image generation actions for responses; ResponseFunctionCallArgumentsDoneEvent.name (a0cc1d8)

Bug Fixes

• client: undo change to web search Find action (7b2ebe5)
• client: update type for find_in_page action (2cde783)

Chores

• internal: allow passing args to ./scripts/test (ce2c0ed)

v4.17.0

Compare Source

Full Changelog: v4.16.1...v4.17.0

Features

• api: add shell_call_output status field (1e8a078)
• api: api updates (23a49f6)

Bug Fixes

• api: mark assistants as deprecated (a21625e)

Chores

• ci: upgrade actions/github-script (ddbc5a1)
• client: improve example values (f5941b5)

LWJGL/lwjgl3 (org.lwjgl:lwjgl)

v3.4.1: LWJGL 3.4.1

Compare Source

Changes since 3.4.0:

Bindings

• Assimp: Updated to 6.0.3 (up from 6.0.2)
• harfbuzz: Updated to 12.3.2 (up from 12.3.0)
• OpenAL Soft: Updated to 1.25.1 (up from 1.25.0)
• SDL: Updated to pre-release 3.4.1 (up from 3.4.0)
• Shaderc: Updated to 2026.1 (up from 2025.5)
  • Updated glslang to 16.2.0 (up from 16.1.0)
  • Updated SPIRV Tools to 2026.1 (up from 2025.5)
• Vulkan: Updated to 1.4.342 (up from 1.4.338)

Fixes

• Windows: Reverted to building with Visual Studio 2022 to fix another case of #​1005.

Breaking Changes

• Shaderc/glslang: Extracted the resource limits interface (resource_limits_c.h) to a separate class. (#​1101)
  • Added Configuration.GLSLANG_RESOURCE_LIBRARY_NAME
• Shaderc/SPIRV Tools: Extracted the optimizer interface to a separate class. (#​1101)
  • Added Configuration.SPIRV_TOOLS_OPTIMIZER_LIBRARY_NAME

apache/commons-codec (commons-codec:commons-codec)

v1.21.0

The Apache Commons Codec team is pleased to announce the release of Apache Commons Codec 1.21.0.

The Apache Commons Codec component contains encoders and decoders for
formats such as Base16, Base32, Base64, digest, and Hexadecimal. In addition to these
widely used encoders and decoders, the codec package also maintains a
collection of phonetic encoding utilities.

This is a feature and maintenance release. Java 8 or later is required.

google/error-prone (com.google.errorprone:error_prone_core)

v2.47.0: Error Prone 2.47.0

New checks:

• InterruptedInCatchBlock: Detect accidental calls to Thread.interrupted() inside of catch(InterruptedException e) blocks.
• RefactorSwitch: Refactorings to simplify arrow switches
• UnnamedVariable: Rename unused variables to _

Closed issues: #​1811, #​4168, #​5459, #​5460

Full changelog: google/error-prone@v2.46.0...v2.47.0

AzureAD/microsoft-authentication-library-for-java (com.microsoft.azure:msal4j)

v1.24.0: 1.24.0

Compare Source

What's Changed

• Use more common "static final" instead of "final static" by @​Avery-Dunn in #​993
• Fix minor issues found by SonarQube by @​Avery-Dunn in #​994
• Consistently use SLF4J's recommended styles by @​Avery-Dunn in #​992
• Use java.nio chartsets instead of nimbusds by @​HerrDerb in #​996
• Deprecate ROPC flow by @​Ugonnaak1 in #​998
• Deprecate extraQueryParameters by @​Avery-Dunn in #​1001
• Lab Migration by @​Avery-Dunn in #​1002
• Deprecate ResponseMode.QUERY in system browser auth flow, automatically override to FORM_POST with warning by @​ashok672 in #​1004
• Add copilot-instructions.md and fix tests by @​Avery-Dunn in #​1009
• Release 1.24.0 by @​Copilot in #​1011

New Contributors

• @​HerrDerb made their first contribution in #​996
• @​ashok672 made their first contribution in #​1004
• @​Copilot made their first contribution in #​1011

Full Changelog: AzureAD/microsoft-authentication-library-for-java@v1.23.1...v1.24.0

oshi/oshi (com.github.oshi:oshi-core)

v6.9.3

New Features

• #​2925: Introduced oshi-core-java25 module that intends to provide FFM support - @​rohan-coder02.
• #​2949: Implement MacOperatingSystem using FFM - @​dbwiddis.
• #​2959,
  #​2968: Implement WindowsOperatingSystem using FFM - @​rohan-coder02.
• #​2990: Add methods for calculating CPU usage with two arrays - @​dbwiddis.
• #​2991: Add installed apps, network params, internet protocols API in Windows FFM - @​rohan-coder02.
• #​3007: Add ffm implementation for hal.memory @​wolfs.

Bug fixes / Improvements

• #​2946: Add Hyper-V VM mac address - @​chunzhennn.
• #​2960: Include Apple Silicon MacDisplay registry options - @​dbwiddis.
• #​2966: Add macOS 26 (Tahoe) codename mapping - @​zacharee.
• #​2973: Handle DWORD registry keys in Windows Installed Apps implementation - @​dbwiddis.
• #​2983: JNA 5.18.0 - @​dbwiddis.
• #​3006: Remove animal-sniffer-maven-plugin - @​arun-misra.
• #​2974: Use simple xml parsing on MacInstalledApps, support more info/version from app plist, inclusing binary format - @​dyorgio.
• #​2975: Query Mac apps in xml formatting using internal xml parsing utils - @​dyorgio.
• #​3024: Add RegistryUtil class in oshi-core to handle unexpected registry types - @​rohan-coder02.
• #​3040: Filter out any USBC powersources on Linux - @​mprins.
• #​3041: Use systemd as preferred native method for session list - @​dbwiddis.
• #​3057: FileSystem fixes and optimization - @​dyorgio.
• #​3064: Handle binary registry values in WindowsGraphicsCard - @​dbwiddis.

grpc/grpc-java (io.grpc:grpc-netty)

v1.79.0

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

Branch automerge failure

This PR was configured for branch automerge. However, this is not possible, so it has been raised as a PR instead.

---

• Branch has one or more failed status checks