From adbf0f4057413bfa60dbff9f5576813becdab92e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 2 Jun 2026 08:43:00 -0400 Subject: [PATCH 1/7] Bump org.junit:junit-bom from 6.0.3 to 6.1.0 (#1984) Bumps [org.junit:junit-bom](https://github.com/junit-team/junit-framework) from 6.0.3 to 6.1.0. - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](https://github.com/junit-team/junit-framework/compare/r6.0.3...r6.1.0) --- updated-dependencies: - dependency-name: org.junit:junit-bom dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- java-codegen/build.gradle.kts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java-codegen/build.gradle.kts b/java-codegen/build.gradle.kts index 2548b1e62..d00cce22a 100644 --- a/java-codegen/build.gradle.kts +++ b/java-codegen/build.gradle.kts @@ -175,7 +175,7 @@ dependencies { implementation("org.commonmark", "commonmark", "0.24.0") // EPL-2.0 - testImplementation(platform("org.junit:junit-bom:6.0.3")) + testImplementation(platform("org.junit:junit-bom:6.1.0")) testImplementation("org.junit.jupiter", "junit-jupiter") testRuntimeOnly("org.junit.platform", "junit-platform-launcher") } From 501e8c35f03601d1ebbb942f8041eac9d89f28d4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 2 Jun 2026 08:43:26 -0400 Subject: [PATCH 2/7] Bump com.carrotsearch.randomizedtesting:randomizedtesting-runner (#1985) Bumps com.carrotsearch.randomizedtesting:randomizedtesting-runner from 2.8.4 to 2.9.1. --- updated-dependencies: - dependency-name: com.carrotsearch.randomizedtesting:randomizedtesting-runner dependency-version: 2.9.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- java-client/build.gradle.kts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java-client/build.gradle.kts b/java-client/build.gradle.kts index 6ef242b56..42e49832b 100644 --- a/java-client/build.gradle.kts +++ b/java-client/build.gradle.kts @@ -188,7 +188,7 @@ dependencies { api("commons-logging:commons-logging:1.3.6") compileOnly("org.opensearch.client", "opensearch-rest-client", opensearchVersion) testImplementation("org.hamcrest:hamcrest:3.0") - testImplementation("com.carrotsearch.randomizedtesting:randomizedtesting-runner:2.8.4") { + testImplementation("com.carrotsearch.randomizedtesting:randomizedtesting-runner:2.9.1") { exclude(group = "junit") } testImplementation("org.opensearch.client", "opensearch-rest-client", opensearchVersion) From 430efa307d410387edfd903639d3c04120d82178 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 2 Jun 2026 08:51:24 -0400 Subject: [PATCH 3/7] Bump dangoslen/changelog-enforcer from 3.6.1 to 3.7.0 (#1991) Bumps [dangoslen/changelog-enforcer](https://github.com/dangoslen/changelog-enforcer) from 3.6.1 to 3.7.0. - [Release notes](https://github.com/dangoslen/changelog-enforcer/releases) - [Changelog](https://github.com/dangoslen/changelog-enforcer/blob/main/CHANGELOG.md) - [Commits](https://github.com/dangoslen/changelog-enforcer/compare/204e7d3ef26579f4cd0fd759c57032656fdf23c7...8b5e9dc3121363bb7c0115f8533404d92af382de) --- updated-dependencies: - dependency-name: dangoslen/changelog-enforcer dependency-version: 3.7.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/changelog_verifier.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/changelog_verifier.yml b/.github/workflows/changelog_verifier.yml index d0bb79c91..cd0852f25 100644 --- a/.github/workflows/changelog_verifier.yml +++ b/.github/workflows/changelog_verifier.yml @@ -13,6 +13,6 @@ jobs: token: ${{ secrets.GITHUB_TOKEN }} ref: ${{ github.event.pull_request.head.sha }} - - uses: dangoslen/changelog-enforcer@204e7d3ef26579f4cd0fd759c57032656fdf23c7 # v3 + - uses: dangoslen/changelog-enforcer@8b5e9dc3121363bb7c0115f8533404d92af382de # v3.7.0 with: skipLabels: "autocut, skip-changelog" From 356bf57a83598942451d4f37ca566c50c3aa06b3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 2 Jun 2026 08:58:21 -0400 Subject: [PATCH 4/7] Bump gradle-wrapper from 9.5.0 to 9.5.1 (#1987) Bumps [gradle-wrapper](https://github.com/gradle/gradle) from 9.5.0 to 9.5.1. - [Release notes](https://github.com/gradle/gradle/releases) - [Commits](https://github.com/gradle/gradle/compare/v9.5.0...v9.5.1) --- updated-dependencies: - dependency-name: gradle-wrapper dependency-version: 9.5.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- gradle/wrapper/gradle-wrapper.properties | 34 +++--------------------- 1 file changed, 4 insertions(+), 30 deletions(-) diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index 5c7bcf1ce..116d9acdb 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,35 +1,9 @@ -# -# SPDX-License-Identifier: Apache-2.0 -# -# The OpenSearch Contributors require contributions made to -# this file be licensed under the Apache-2.0 license or a -# compatible open source license. -# -# Licensed to Elasticsearch B.V. under one or more contributor -# license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright -# ownership. Elasticsearch B.V. licenses this file to you under -# the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# -# Modifications Copyright OpenSearch Contributors. See -# GitHub history for details. -# - distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionSha256Sum=553c78f50dafcd54d65b9a444649057857469edf836431389695608536d6b746 -distributionUrl=https\://services.gradle.org/distributions/gradle-9.5.0-bin.zip +distributionSha256Sum=bafc141b619ad6350fd975fc903156dd5c151998cc8b058e8c1044ab5f7b031f +distributionUrl=https\://services.gradle.org/distributions/gradle-9.5.1-bin.zip +networkTimeout=10000 +retries=0 retryBackOffMs=500 zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists From 09bdabdc845f6c03b73d9d1832645dc79c1938de Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 2 Jun 2026 09:00:30 -0400 Subject: [PATCH 5/7] Bump dangoslen/dependabot-changelog-helper from 4.2.1 to 4.3.0 (#1989) Bumps [dangoslen/dependabot-changelog-helper](https://github.com/dangoslen/dependabot-changelog-helper) from 4.2.1 to 4.3.0. - [Release notes](https://github.com/dangoslen/dependabot-changelog-helper/releases) - [Changelog](https://github.com/dangoslen/dependabot-changelog-helper/blob/main/CHANGELOG.md) - [Commits](https://github.com/dangoslen/dependabot-changelog-helper/compare/50a0884d19a0e4aa379a69c96a82b5e8d6c46d63...291c8cb629d7cd7b57ea065782c435ec2bedb138) --- updated-dependencies: - dependency-name: dangoslen/dependabot-changelog-helper dependency-version: 4.3.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/dependabot_pr.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dependabot_pr.yml b/.github/workflows/dependabot_pr.yml index e39c3d87c..cd36f639e 100644 --- a/.github/workflows/dependabot_pr.yml +++ b/.github/workflows/dependabot_pr.yml @@ -35,7 +35,7 @@ jobs: echo "::set-output name=version::$(cat gradle.properties | grep systemProp.version | cut -d' ' -f3 | cut -d\. -f1).x" - name: Update the changelog - uses: dangoslen/dependabot-changelog-helper@50a0884d19a0e4aa379a69c96a82b5e8d6c46d63 # v4 + uses: dangoslen/dependabot-changelog-helper@291c8cb629d7cd7b57ea065782c435ec2bedb138 # v4.3.0 with: version: "Unreleased ${{ steps.version.outputs.version }}" From a7b873d7d95813ff58a5a26c266645487c3fb901 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 2 Jun 2026 09:00:52 -0400 Subject: [PATCH 6/7] Bump aws-actions/configure-aws-credentials from 6.1.1 to 6.2.0 (#1990) Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 6.1.1 to 6.2.0. - [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases) - [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws-actions/configure-aws-credentials/compare/d979d5b3a71173a29b74b5b88418bfda9437d885...e7f100cf4c008499ea8adda475de1042d6975c7b) --- updated-dependencies: - dependency-name: aws-actions/configure-aws-credentials dependency-version: 6.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/publish-snapshots.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish-snapshots.yml b/.github/workflows/publish-snapshots.yml index 475a7f32e..15e29b6a3 100644 --- a/.github/workflows/publish-snapshots.yml +++ b/.github/workflows/publish-snapshots.yml @@ -30,7 +30,7 @@ jobs: MAVEN_SNAPSHOTS_S3_REPO: op://opensearch-infra-secrets/maven-snapshots-s3/repo MAVEN_SNAPSHOTS_S3_ROLE: op://opensearch-infra-secrets/maven-snapshots-s3/role - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@d979d5b3a71173a29b74b5b88418bfda9437d885 # v6 + uses: aws-actions/configure-aws-credentials@e7f100cf4c008499ea8adda475de1042d6975c7b # v6 with: role-to-assume: ${{ env.MAVEN_SNAPSHOTS_S3_ROLE }} aws-region: us-east-1 From 162a705d7f2b9efe4d26687c518230f0ce426f4e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 2 Jun 2026 09:02:06 -0400 Subject: [PATCH 7/7] Bump org.eclipse.parsson:parsson from 1.1.7 to 1.1.9 (#1988) Bumps [org.eclipse.parsson:parsson](https://github.com/eclipse-ee4j/parsson) from 1.1.7 to 1.1.9. - [Release notes](https://github.com/eclipse-ee4j/parsson/releases) - [Commits](https://github.com/eclipse-ee4j/parsson/compare/1.1.7...1.1.9) --- updated-dependencies: - dependency-name: org.eclipse.parsson:parsson dependency-version: 1.1.9 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- java-client/build.gradle.kts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java-client/build.gradle.kts b/java-client/build.gradle.kts index 42e49832b..f16a552c0 100644 --- a/java-client/build.gradle.kts +++ b/java-client/build.gradle.kts @@ -206,7 +206,7 @@ dependencies { // Needed even if using Jackson to have an implementation of the Jsonp object model // EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0 // https://github.com/eclipse-ee4j/parsson - api("org.eclipse.parsson:parsson:1.1.7") + api("org.eclipse.parsson:parsson:1.1.9") // EPL-2.0 OR GPL-2.0 WITH Classpath-exception-2.0 // http://json-b.net/