Bulk branch_10x dependency upgrades (loose backport)#4571
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Backport dependency upgrades from main (#4566) to branch_10x
Backports the relevant, non-UI dependency upgrades from the bulk upgrade #4566 (Renovate batch 2026-06-28) onto
branch_10x, with regenerated Gradle lockfiles and license checksums.Upgraded dependencies
Also carries over the
solr/api/build.gradlefix from #4566 (applyjava-librarybefore the swagger-gradle-plugin), which is required by the swagger3 2.2.52 bump.Why not everything from #4566 was backported
#4566was authored againstmain, which is several versions ahead ofbranch_10xon the Compose/Kotlin UI toolchain. The following upgrades from#4566were intentionally left out, keepingbranch_10xon its current, tested versions:kotlinx-datetime, kotlinx-atomicfu
nlopez-compose (ktlint rules), and the grouped Admin UI libraries
exist on
branch_10xOn
mainthese rode on top of a baseline that already had a newer toolchain(e.g. ktlint 1.8.0, kotlinx-browser/serialization bumps) that is not part of
#4566 itself. Backporting the Kotlin/Compose bumps to
branch_10xwould mean amulti-version leap of the entire UI stack plus pulling in those supporting
toolchain bumps just to keep the build consistent (kotlin 2.4.0 is incompatible
with the ktlint 1.7.1 on this branch). That's too large and risky a change for a
release branch, so the UI/Kotlin stack is frozen here and can be backported
separately if desired.
Build & verification
gradle/libs.versions.tomlupdated for the 33 upgrades above only.resolveAndLockAll --write-locks(the resolved graph on
branch_10xdiffers from main — e.g. okhttp stays at4.12.0 with okhttp-jvm 5.2.x/5.3.x transitives, not 5.4.0).
final version per dependency).
./gradlew check -x testpasses, includingvalidateJarChecksums.