From 7d9fdcbaee16c2f53a92f8c7d86f2a9ec49f55d2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Jun 2026 07:41:54 -0400 Subject: [PATCH 1/6] Bump gradle-wrapper from 9.6.0 to 9.6.1 (#2027) Bumps [gradle-wrapper](https://github.com/gradle/gradle) from 9.6.0 to 9.6.1. - [Release notes](https://github.com/gradle/gradle/releases) - [Commits](https://github.com/gradle/gradle/compare/v9.6.0...v9.6.1) --- updated-dependencies: - dependency-name: gradle-wrapper dependency-version: 9.6.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- gradle/wrapper/gradle-wrapper.properties | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index dcf577fe3..59f71f7b1 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,7 +1,7 @@ distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists -distributionSha256Sum=bbaeb2fef8710818cf0e261201dab964c572f92b942812df0c3620d62a529a01 -distributionUrl=https\://services.gradle.org/distributions/gradle-9.6.0-bin.zip +distributionSha256Sum=9c0f7faeeb306cb14e4279a3e084ca6b596894089a0638e68a07c945a32c9e14 +distributionUrl=https\://services.gradle.org/distributions/gradle-9.6.1-bin.zip networkTimeout=10000 retries=0 retryBackOffMs=500 From 071300f851f43be4d2f24532bb52691bcbdb156f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Jun 2026 07:42:35 -0400 Subject: [PATCH 2/6] Bump org.junit:junit-bom from 6.1.0 to 6.1.1 (#2029) Bumps [org.junit:junit-bom](https://github.com/junit-team/junit-framework) from 6.1.0 to 6.1.1. - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](https://github.com/junit-team/junit-framework/compare/r6.1.0...r6.1.1) --- updated-dependencies: - dependency-name: org.junit:junit-bom dependency-version: 6.1.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- java-codegen/build.gradle.kts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/java-codegen/build.gradle.kts b/java-codegen/build.gradle.kts index 0b9bcb660..de9145e8a 100644 --- a/java-codegen/build.gradle.kts +++ b/java-codegen/build.gradle.kts @@ -175,7 +175,7 @@ dependencies { implementation("org.commonmark", "commonmark", "0.24.0") // EPL-2.0 - testImplementation(platform("org.junit:junit-bom:6.1.0")) + testImplementation(platform("org.junit:junit-bom:6.1.1")) testImplementation("org.junit.jupiter", "junit-jupiter") testRuntimeOnly("org.junit.platform", "junit-platform-launcher") } From e583f78479ebf6c70fd6bd1d77043fe92f7eda34 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Jun 2026 07:43:07 -0400 Subject: [PATCH 3/6] Bump aws-actions/configure-aws-credentials from 6.2.0 to 6.2.1 (#2030) Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 6.2.0 to 6.2.1. - [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases) - [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws-actions/configure-aws-credentials/compare/e7f100cf4c008499ea8adda475de1042d6975c7b...254c19bd240aabef8777f48595e9d2d7b972184b) --- updated-dependencies: - dependency-name: aws-actions/configure-aws-credentials dependency-version: 6.2.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/publish-snapshots.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish-snapshots.yml b/.github/workflows/publish-snapshots.yml index 55cb9d628..296375f38 100644 --- a/.github/workflows/publish-snapshots.yml +++ b/.github/workflows/publish-snapshots.yml @@ -30,7 +30,7 @@ jobs: MAVEN_SNAPSHOTS_S3_REPO: op://opensearch-infra-secrets/maven-snapshots-s3/repo MAVEN_SNAPSHOTS_S3_ROLE: op://opensearch-infra-secrets/maven-snapshots-s3/role - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@e7f100cf4c008499ea8adda475de1042d6975c7b # v6 + uses: aws-actions/configure-aws-credentials@254c19bd240aabef8777f48595e9d2d7b972184b # v6 with: role-to-assume: ${{ env.MAVEN_SNAPSHOTS_S3_ROLE }} aws-region: us-east-1 From 0314164305aa0fd433fdadb972d9de571acb7d7e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Jun 2026 07:43:26 -0400 Subject: [PATCH 4/6] Bump actions/setup-java from 5.3.0 to 5.4.0 (#2031) Bumps [actions/setup-java](https://github.com/actions/setup-java) from 5.3.0 to 5.4.0. - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](https://github.com/actions/setup-java/compare/ad2b38190b15e4d6bdf0c97fb4fca8412226d287...1bcf9fb12cf4aa7d266a90ae39939e61372fe520) --- updated-dependencies: - dependency-name: actions/setup-java dependency-version: 5.4.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build.yml | 2 +- .github/workflows/code-generation.yml | 4 ++-- .github/workflows/publish-snapshots.yml | 2 +- .github/workflows/release-drafter.yml | 2 +- .github/workflows/test-integration-unreleased.yml | 6 +++--- .github/workflows/test-integration.yml | 2 +- .github/workflows/test-unit.yml | 6 +++--- 7 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 4f1ec1f6e..c0a9a8458 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -14,7 +14,7 @@ jobs: uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Set up JDK ${{ matrix.java }} - uses: actions/setup-java@ad2b38190b15e4d6bdf0c97fb4fca8412226d287 # v5 + uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5 with: java-version: ${{ matrix.java }} distribution: 'temurin' diff --git a/.github/workflows/code-generation.yml b/.github/workflows/code-generation.yml index d3a09b616..57e7f9d12 100644 --- a/.github/workflows/code-generation.yml +++ b/.github/workflows/code-generation.yml @@ -16,7 +16,7 @@ jobs: uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Set up JDK - uses: actions/setup-java@ad2b38190b15e4d6bdf0c97fb4fca8412226d287 # v5 + uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5 with: java-version: 21 distribution: 'temurin' @@ -51,7 +51,7 @@ jobs: uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Set up JDK - uses: actions/setup-java@ad2b38190b15e4d6bdf0c97fb4fca8412226d287 # v5 + uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5 with: java-version: 21 distribution: 'temurin' diff --git a/.github/workflows/publish-snapshots.yml b/.github/workflows/publish-snapshots.yml index 296375f38..8085391a3 100644 --- a/.github/workflows/publish-snapshots.yml +++ b/.github/workflows/publish-snapshots.yml @@ -15,7 +15,7 @@ jobs: steps: - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Set up JDK 21 - uses: actions/setup-java@ad2b38190b15e4d6bdf0c97fb4fca8412226d287 # v5 + uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5 with: java-version: '21' distribution: 'temurin' diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml index ccbd86692..b1e6a9831 100644 --- a/.github/workflows/release-drafter.yml +++ b/.github/workflows/release-drafter.yml @@ -28,7 +28,7 @@ jobs: issue-body: "Please approve or deny the release of opensearch-java. **VERSION**: ${{ steps.get_data.outputs.version }} **TAG**: ${{ github.ref_name }} **COMMIT**: ${{ github.sha }}" exclude-workflow-initiator-as-approver: true - name: Set up JDK 21 - uses: actions/setup-java@ad2b38190b15e4d6bdf0c97fb4fca8412226d287 # v5 + uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5 with: java-version: '21' distribution: 'temurin' diff --git a/.github/workflows/test-integration-unreleased.yml b/.github/workflows/test-integration-unreleased.yml index df7bd1cdf..439928395 100644 --- a/.github/workflows/test-integration-unreleased.yml +++ b/.github/workflows/test-integration-unreleased.yml @@ -21,7 +21,7 @@ jobs: - { opensearch_ref: 'main', opensearch_jdk: 25, client_jdk: 25 } steps: - name: Set up JDK ${{ matrix.entry.opensearch_jdk }} - uses: actions/setup-java@ad2b38190b15e4d6bdf0c97fb4fca8412226d287 # v5 + uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5 with: java-version: ${{ matrix.entry.opensearch_jdk }} distribution: 'temurin' @@ -47,7 +47,7 @@ jobs: - name: Set up Gradle JDK runtime if: matrix.entry.gradle-runtime - uses: actions/setup-java@ad2b38190b15e4d6bdf0c97fb4fca8412226d287 # v5 + uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5 with: java-version: ${{ matrix.entry.gradle-runtime }} distribution: temurin @@ -82,7 +82,7 @@ jobs: path: opensearch-java - name: Set up JDK ${{ matrix.entry.client_jdk }} - uses: actions/setup-java@ad2b38190b15e4d6bdf0c97fb4fca8412226d287 # v5 + uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5 with: java-version: ${{ matrix.entry.client_jdk }} distribution: 'temurin' diff --git a/.github/workflows/test-integration.yml b/.github/workflows/test-integration.yml index 118c2b551..821b765f4 100644 --- a/.github/workflows/test-integration.yml +++ b/.github/workflows/test-integration.yml @@ -35,7 +35,7 @@ jobs: uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Set up JDK ${{ matrix.java }} - uses: actions/setup-java@ad2b38190b15e4d6bdf0c97fb4fca8412226d287 # v5 + uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5 with: java-version: ${{ matrix.entry.java }} distribution: 'temurin' diff --git a/.github/workflows/test-unit.yml b/.github/workflows/test-unit.yml index 762365d01..39a4c6627 100644 --- a/.github/workflows/test-unit.yml +++ b/.github/workflows/test-unit.yml @@ -14,7 +14,7 @@ jobs: uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Set up JDK ${{ matrix.java }} - uses: actions/setup-java@ad2b38190b15e4d6bdf0c97fb4fca8412226d287 # v5 + uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5 with: java-version: ${{ matrix.java }} distribution: 'temurin' @@ -41,14 +41,14 @@ jobs: uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Set up JDK 8 (Runtime) - uses: actions/setup-java@ad2b38190b15e4d6bdf0c97fb4fca8412226d287 # v5 + uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5 with: java-version: 8 distribution: temurin cache: gradle - name: Set up JDK 21 (Tools) - uses: actions/setup-java@ad2b38190b15e4d6bdf0c97fb4fca8412226d287 # v5 + uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5 with: java-version: 21 distribution: temurin From 58fee85f559ac1d4986b74e9bf63449e4fe3016f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Jun 2026 07:43:49 -0400 Subject: [PATCH 5/6] Bump actions/cache/restore from 5.0.5 to 6.1.0 (#2032) Bumps [actions/cache/restore](https://github.com/actions/cache) from 5.0.5 to 6.1.0. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/27d5ce7f107fe9357f9df03efb73ab90386fccae...55cc8345863c7cc4c66a329aec7e433d2d1c52a9) --- updated-dependencies: - dependency-name: actions/cache/restore dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/test-integration-unreleased.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/test-integration-unreleased.yml b/.github/workflows/test-integration-unreleased.yml index 439928395..965698f4c 100644 --- a/.github/workflows/test-integration-unreleased.yml +++ b/.github/workflows/test-integration-unreleased.yml @@ -40,7 +40,7 @@ jobs: - name: Restore cached build id: cache-restore - uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5 + uses: actions/cache/restore@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 # v5 with: path: opensearch/distribution/archives/linux-tar/build/distributions key: ${{ steps.get-key.outputs.key }} From 07073476ebf84a4a132c3df7cfb84d1a073be170 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Jun 2026 07:44:40 -0400 Subject: [PATCH 6/6] Bump org.apache.httpcomponents.core5:httpcore5-h2 in /java-client (#2025) Bumps [org.apache.httpcomponents.core5:httpcore5-h2](https://github.com/apache/httpcomponents-core) from 5.4.2 to 5.4.3. - [Changelog](https://github.com/apache/httpcomponents-core/blob/rel/v5.4.3/RELEASE_NOTES.txt) - [Commits](https://github.com/apache/httpcomponents-core/compare/rel/v5.4.2...rel/v5.4.3) --- updated-dependencies: - dependency-name: org.apache.httpcomponents.core5:httpcore5-h2 dependency-version: 5.4.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- java-client/build.gradle.kts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/java-client/build.gradle.kts b/java-client/build.gradle.kts index 85f5bf70f..3f23f76b2 100644 --- a/java-client/build.gradle.kts +++ b/java-client/build.gradle.kts @@ -196,8 +196,8 @@ dependencies { api("org.apache.httpcomponents.client5:httpclient5:5.6.1") { exclude(group = "org.apache.httpcomponents.core5") } - api("org.apache.httpcomponents.core5:httpcore5:5.4.2") - api("org.apache.httpcomponents.core5:httpcore5-h2:5.4.2") + api("org.apache.httpcomponents.core5:httpcore5:5.4.3") + api("org.apache.httpcomponents.core5:httpcore5-h2:5.4.3") // Apache 2.0 // https://search.maven.org/artifact/com.google.code.findbugs/jsr305