chore(deps): bump the android-deps group across 1 directory with 16 updates#14
chore(deps): bump the android-deps group across 1 directory with 16 updates#14dependabot[bot] wants to merge 1 commit intomainfrom
Conversation
…pdates Bumps the android-deps group with 11 updates in the /apps/android directory: | Package | From | To | | --- | --- | --- | | org.jlleitschuh.gradle.ktlint | `14.0.1` | `14.2.0` | | [org.jetbrains.kotlin.plugin.compose](https://github.com/JetBrains/kotlin) | `2.2.21` | `2.3.20` | | [org.jetbrains.kotlin.plugin.serialization](https://github.com/JetBrains/kotlin) | `2.2.21` | `2.3.20` | | androidx.compose:compose-bom | `2026.02.00` | `2026.03.01` | | androidx.core:core-ktx | `1.17.0` | `1.18.0` | | androidx.activity:activity-compose | `1.12.2` | `1.13.0` | | [org.commonmark:commonmark](https://github.com/commonmark/commonmark-java) | `0.27.1` | `0.28.0` | | [io.kotest:kotest-runner-junit5-jvm](https://github.com/kotest/kotest) | `6.1.3` | `6.1.10` | | [org.junit.vintage:junit-vintage-engine](https://github.com/junit-team/junit-framework) | `6.0.2` | `6.0.3` | | androidx.test.ext:junit | `1.2.1` | `1.3.0` | | [gradle-wrapper](https://github.com/gradle/gradle) | `9.2.1` | `9.4.1` | Updates `org.jlleitschuh.gradle.ktlint` from 14.0.1 to 14.2.0 Updates `org.jetbrains.kotlin.plugin.compose` from 2.2.21 to 2.3.20 - [Release notes](https://github.com/JetBrains/kotlin/releases) - [Changelog](https://github.com/JetBrains/kotlin/blob/master/ChangeLog.md) - [Commits](JetBrains/kotlin@v2.2.21...v2.3.20) Updates `org.jetbrains.kotlin.plugin.serialization` from 2.2.21 to 2.3.20 - [Release notes](https://github.com/JetBrains/kotlin/releases) - [Changelog](https://github.com/JetBrains/kotlin/blob/master/ChangeLog.md) - [Commits](JetBrains/kotlin@v2.2.21...v2.3.20) Updates `androidx.compose:compose-bom` from 2026.02.00 to 2026.03.01 Updates `androidx.core:core-ktx` from 1.17.0 to 1.18.0 Updates `androidx.activity:activity-compose` from 1.12.2 to 1.13.0 Updates `org.commonmark:commonmark` from 0.27.1 to 0.28.0 - [Release notes](https://github.com/commonmark/commonmark-java/releases) - [Changelog](https://github.com/commonmark/commonmark-java/blob/main/CHANGELOG.md) - [Commits](commonmark/commonmark-java@commonmark-parent-0.27.1...commonmark-parent-0.28.0) Updates `org.commonmark:commonmark-ext-autolink` from 0.27.1 to 0.28.0 - [Release notes](https://github.com/commonmark/commonmark-java/releases) - [Changelog](https://github.com/commonmark/commonmark-java/blob/main/CHANGELOG.md) - [Commits](commonmark/commonmark-java@commonmark-parent-0.27.1...commonmark-parent-0.28.0) Updates `org.commonmark:commonmark-ext-gfm-strikethrough` from 0.27.1 to 0.28.0 - [Release notes](https://github.com/commonmark/commonmark-java/releases) - [Changelog](https://github.com/commonmark/commonmark-java/blob/main/CHANGELOG.md) - [Commits](commonmark/commonmark-java@commonmark-parent-0.27.1...commonmark-parent-0.28.0) Updates `org.commonmark:commonmark-ext-gfm-tables` from 0.27.1 to 0.28.0 - [Release notes](https://github.com/commonmark/commonmark-java/releases) - [Changelog](https://github.com/commonmark/commonmark-java/blob/main/CHANGELOG.md) - [Commits](commonmark/commonmark-java@commonmark-parent-0.27.1...commonmark-parent-0.28.0) Updates `org.commonmark:commonmark-ext-task-list-items` from 0.27.1 to 0.28.0 - [Release notes](https://github.com/commonmark/commonmark-java/releases) - [Changelog](https://github.com/commonmark/commonmark-java/blob/main/CHANGELOG.md) - [Commits](commonmark/commonmark-java@commonmark-parent-0.27.1...commonmark-parent-0.28.0) Updates `io.kotest:kotest-runner-junit5-jvm` from 6.1.3 to 6.1.10 - [Release notes](https://github.com/kotest/kotest/releases) - [Commits](kotest/kotest@6.1.3...6.1.10) Updates `io.kotest:kotest-assertions-core-jvm` from 6.1.3 to 6.1.10 - [Release notes](https://github.com/kotest/kotest/releases) - [Commits](kotest/kotest@6.1.3...6.1.10) Updates `org.junit.vintage:junit-vintage-engine` from 6.0.2 to 6.0.3 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r6.0.2...r6.0.3) Updates `androidx.test.ext:junit` from 1.2.1 to 1.3.0 Updates `gradle-wrapper` from 9.2.1 to 9.4.1 - [Release notes](https://github.com/gradle/gradle/releases) - [Commits](gradle/gradle@v9.2.1...v9.4.1) --- updated-dependencies: - dependency-name: org.jlleitschuh.gradle.ktlint dependency-version: 14.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: android-deps - dependency-name: org.jetbrains.kotlin.plugin.compose dependency-version: 2.3.20 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: android-deps - dependency-name: org.jetbrains.kotlin.plugin.serialization dependency-version: 2.3.20 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: android-deps - dependency-name: androidx.compose:compose-bom dependency-version: 2026.03.01 dependency-type: direct:production dependency-group: android-deps - dependency-name: androidx.core:core-ktx dependency-version: 1.18.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: android-deps - dependency-name: androidx.activity:activity-compose dependency-version: 1.13.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: android-deps - dependency-name: org.commonmark:commonmark dependency-version: 0.28.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: android-deps - dependency-name: org.commonmark:commonmark-ext-autolink dependency-version: 0.28.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: android-deps - dependency-name: org.commonmark:commonmark-ext-gfm-strikethrough dependency-version: 0.28.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: android-deps - dependency-name: org.commonmark:commonmark-ext-gfm-tables dependency-version: 0.28.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: android-deps - dependency-name: org.commonmark:commonmark-ext-task-list-items dependency-version: 0.28.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: android-deps - dependency-name: io.kotest:kotest-runner-junit5-jvm dependency-version: 6.1.10 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: android-deps - dependency-name: io.kotest:kotest-assertions-core-jvm dependency-version: 6.1.10 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: android-deps - dependency-name: org.junit.vintage:junit-vintage-engine dependency-version: 6.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: android-deps - dependency-name: androidx.test.ext:junit dependency-version: 1.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: android-deps - dependency-name: gradle-wrapper dependency-version: 9.4.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: android-deps ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
![llamapreview[bot]](https://avatars.githubusercontent.com/in/1023541?s=60&v=4){kind=small}
There was a problem hiding this comment.
AI Code Review by LlamaPReview
🎯 TL;DR & Recommendation
Recommendation: Approve with suggestions.
This PR updates multiple Android and Kotlin dependencies to their latest minor/patch versions. All changes are generally safe, but introduce several P2-level speculative risks that warrant verification through testing.
🌟 Strengths
- Regular dependency updates maintain security and feature parity.
- Updates are within minor version ranges, minimizing the likelihood of breaking changes.
📊 Findings Summary (5 total)
| Priority | File | Category | Impact Summary | Anchors |
|---|---|---|---|---|
| P2 | apps/android/app/build.gradle.kts | Architecture | Potential regressions in Markdown parsing due to minor version update. | |
| P2 | apps/android/app/build.gradle.kts | Testing | Test behavior changes could introduce flakiness or hide issues. | |
| P2 | apps/android/build.gradle.kts | Architecture | Compilation risks if K2 compiler is enabled or settings change. | |
| P2 | apps/android/.../gradle-wrapper.properties | Architecture | Script changes might overwrite custom modifications. | gradlew, gradlew.bat |
| P2 | apps/android/app/build.gradle.kts | Maintenance | UI behavior changes possible with Compose updates. |
🔍 Notable Themes
- All findings highlight the need for thorough testing after dependency updates to catch subtle behavioral changes or regressions.
💡 Have feedback? We'd love to hear it in our GitHub Discussions.
✨ This review was generated by LlamaPReview Advanced, which is free for all open-source projects. Learn more.
| distributionBase=GRADLE_USER_HOME | ||
| distributionPath=wrapper/dists | ||
| distributionUrl=https\://services.gradle.org/distributions/gradle-9.2.1-bin.zip | ||
| distributionUrl=https\://services.gradle.org/distributions/gradle-9.4.1-bin.zip |
There was a problem hiding this comment.
P2 | Confidence: High
The Gradle wrapper is updated from 9.2.1 to 9.4.1. The accompanying changes to gradlew and gradlew.bat scripts are substantial, including a switch from using -classpath to invoking the wrapper via -jar. This is a standard change in Gradle 9.4 wrapper generation and should not affect build logic. However, any custom modifications to these wrapper scripts in the original codebase would be overwritten. The related_context does not show if these scripts were previously customized.
| implementation("org.commonmark:commonmark:0.28.0") | ||
| implementation("org.commonmark:commonmark-ext-autolink:0.28.0") | ||
| implementation("org.commonmark:commonmark-ext-gfm-strikethrough:0.28.0") | ||
| implementation("org.commonmark:commonmark-ext-gfm-tables:0.28.0") | ||
| implementation("org.commonmark:commonmark-ext-task-list-items:0.28.0") |
There was a problem hiding this comment.
P2 | Confidence: Medium
Speculative: The PR updates the CommonMark library and its extensions from 0.27.1 to 0.28.0. This is a minor version bump that, according to the provided release notes, adds new features (alerts/callouts extension and a new parser option) without mentioning breaking changes. However, the project's codebase (not visible in pr_details or related_context) may contain custom extensions, parser configurations, or rely on internal APIs that could be affected. The lack of any test file changes in the PR increases the risk of undiscovered regressions. A thorough review of the actual Markdown parsing code is required.
| testImplementation("io.kotest:kotest-runner-junit5-jvm:6.1.10") | ||
| testImplementation("io.kotest:kotest-assertions-core-jvm:6.1.10") |
There was a problem hiding this comment.
P2 | Confidence: Medium
Speculative: Kotest is updated from 6.1.3 to 6.1.10. While this is a patch-level update within the same minor version, the release notes indicate numerous fixes and additions (e.g., JSON schema support, new matchers). Changes in assertion behavior or runner logic could cause existing tests to pass/fail under new conditions, introducing test flakiness or hiding regressions. The assertion library version is updated in sync, which is good, but the core test logic in the codebase (not shown) must be verified for compatibility.
| id("org.jetbrains.kotlin.plugin.compose") version "2.3.20" apply false | ||
| id("org.jetbrains.kotlin.plugin.serialization") version "2.3.20" apply false |
There was a problem hiding this comment.
P2 | Confidence: Low
Speculative: The Kotlin Compose and Serialization compiler plugins are updated from 2.2.21 to 2.3.20. This is a significant jump across minor versions (2.2 -> 2.3). The release notes mention numerous K2 compiler fixes. If the project has not yet migrated to the K2 compiler, this update should be backward compatible for the K1 compiler. However, if the project configuration or other dependencies implicitly enable K2, this could introduce compilation errors or changes in generated code for Compose/Serialization logic. The impact is impossible to assess without the project's Kotlin version and compiler settings.
|
|
||
| dependencies { | ||
| val composeBom = platform("androidx.compose:compose-bom:2026.02.00") | ||
| val composeBom = platform("androidx.compose:compose-bom:2026.03.01") |
There was a problem hiding this comment.
P2 | Confidence: Low
Multiple AndroidX dependencies are updated to newer minor/patch versions (Compose BOM, Core KT-X, Activity Compose). These updates are generally safe and recommended for bug fixes and performance improvements. However, the Compose BOM update (2026.02.00 -> 2026.03.01) will transitively update all Compose library versions it manages. While backward compatibility is expected, subtle changes in UI behavior or new deprecations could affect the Android app's UI layer. The absence of related UI test files in the changes makes this a speculative risk.
Bumps the android-deps group with 11 updates in the /apps/android directory:
14.0.114.2.02.2.212.3.202.2.212.3.202026.02.002026.03.011.17.01.18.01.12.21.13.00.27.10.28.06.1.36.1.106.0.26.0.31.2.11.3.09.2.19.4.1Updates
org.jlleitschuh.gradle.ktlintfrom 14.0.1 to 14.2.0Updates
org.jetbrains.kotlin.plugin.composefrom 2.2.21 to 2.3.20Release notes
Sourced from org.jetbrains.kotlin.plugin.compose's releases.
... (truncated)
Changelog
Sourced from org.jetbrains.kotlin.plugin.compose's changelog.
... (truncated)
Commits
d57eb4aAdd ChangeLog for 2.3.20-RC341886bb[Gradle] Update KGP npm tooling dependency versions210a9bd[Native] Do not mark iosX64 target as deprecate in DSL7ed446eAdd ChangeLog for 2.3.20-RC2520eade[K/JVM] Fix incorrect optimization of local delegation7ef8bccReflection: add LazyKProperty to fix recent performance regression9fa7cf2[Gradle] Link NoActiveThreadsAfterCompilerInvocationIT with KT-84566d410596[Gradle] Shutdown coroutines dispatcher threads after compiler invocation348430b[BTA] Fix compatibility between API 2.3.20 and KC 2.3.104058f3c[CMP] HiddenFromObjC remove outdated offset checkUpdates
org.jetbrains.kotlin.plugin.serializationfrom 2.2.21 to 2.3.20Release notes
Sourced from org.jetbrains.kotlin.plugin.serialization's releases.
... (truncated)
Changelog
Sourced from org.jetbrains.kotlin.plugin.serialization's changelog.
... (truncated)
Commits
d57eb4aAdd ChangeLog for 2.3.20-RC341886bb[Gradle] Update KGP npm tooling dependency versions210a9bd[Native] Do not mark iosX64 target as deprecate in DSL7ed446eAdd ChangeLog for 2.3.20-RC2520eade[K/JVM] Fix incorrect optimization of local delegation7ef8bccReflection: add LazyKProperty to fix recent performance regression9fa7cf2[Gradle] Link NoActiveThreadsAfterCompilerInvocationIT with KT-84566d410596[Gradle] Shutdown coroutines dispatcher threads after compiler invocation348430b[BTA] Fix compatibility between API 2.3.20 and KC 2.3.104058f3c[CMP] HiddenFromObjC remove outdated offset checkUpdates
androidx.compose:compose-bomfrom 2026.02.00 to 2026.03.01Updates
androidx.core:core-ktxfrom 1.17.0 to 1.18.0Updates
androidx.activity:activity-composefrom 1.12.2 to 1.13.0Updates
org.commonmark:commonmarkfrom 0.27.1 to 0.28.0Release notes
Sourced from org.commonmark:commonmark's releases.
Changelog
Sourced from org.commonmark:commonmark's changelog.
Commits
9e30657[maven-release-plugin] prepare release commonmark-parent-0.28.075f6a97Merge pull request #424 from commonmark/release-0.28.0d278947mvn versions:set -DnewVersion=0.28.0-SNAPSHOT873a861Prepare CHANGELOG for version 0.28.053a6365Merge pull request #423 from commonmark/alerts-followup6621065Add alerts extension to integration testse2e2755README: Add section about alerts471e639Merge pull request #420 from ia3andy/gfm-alerts61200f9Update commonmark-ext-gfm-alerts/src/main/java/org/commonmark/ext/gfm/alerts/...f40ff54Merge pull request #422 from spirit-at-canva/spirit-add-node-depth-limitUpdates
org.commonmark:commonmark-ext-autolinkfrom 0.27.1 to 0.28.0Release notes
Sourced from org.commonmark:commonmark-ext-autolink's releases.
Changelog
Sourced from org.commonmark:commonmark-ext-autolink's changelog.
Commits
9e30657[maven-release-plugin] prepare release commonmark-parent-0.28.075f6a97Merge pull request #424 from commonmark/release-0.28.0d278947mvn versions:set -DnewVersion=0.28.0-SNAPSHOT873a861Prepare CHANGELOG for version 0.28.053a6365Merge pull request #423 from commonmark/alerts-followup6621065Add alerts extension to integration testse2e2755README: Add section about alerts471e639Merge pull request #420 from ia3andy/gfm-alerts61200f9Update commonmark-ext-gfm-alerts/src/main/java/org/commonmark/ext/gfm/alerts/...f40ff54Merge pull request #422 from spirit-at-canva/spirit-add-node-depth-limitUpdates
org.commonmark:commonmark-ext-gfm-strikethroughfrom 0.27.1 to 0.28.0Release notes
Sourced from org.commonmark:commonmark-ext-gfm-strikethrough's releases.
Changelog
Sourced from org.commonmark:commonmark-ext-gfm-strikethrough's changelog.
Commits
9e30657[maven-release-plugin] prepare release commonmark-parent-0.28.075f6a97Merge pull request #424 from commonmark/release-0.28.0d278947mvn versions:set -DnewVersion=0.28.0-SNAPSHOT873a861Prepare CHANGELOG for version 0.28.053a6365Merge pull request #423 from commonmark/alerts-followup6621065Add alerts extension to integration testse2e2755README: Add section about alerts471e639Merge pull request #420 from ia3andy/gfm-alerts61200f9Update commonmark-ext-gfm-alerts/src/main/java/org/commonmark/ext/gfm/alerts/...f40ff54Merge pull request #422 from spirit-at-canva/spirit-add-node-depth-limitUpdates
org.commonmark:commonmark-ext-gfm-tablesfrom 0.27.1 to 0.28.0Release notes
Sourced from org.commonmark:commonmark-ext-gfm-tables's releases.
Changelog
Sourced from org.commonmark:commonmark-ext-gfm-tables's changelog.
Commits
9e30657[maven-release-plugin] prepare release commonmark-parent-0.28.075f6a97Merge pull request #424 from commonmark/release-0.28.0d278947mvn versions:set -DnewVersion=0.28.0-SNAPSHOT873a861Prepare CHANGELOG for version 0.28.053a6365Merge pull request #423 from commonmark/alerts-followup6621065Add alerts extension to integration testse2e2755README: Add section about alerts471e639Merge pull request #420 from ia3andy/gfm-alerts61200f9Update commonmark-ext-gfm-alerts/src/main/java/org/commonmark/ext/gfm/alerts/...f40ff54Merge pull request #422 from spirit-at-canva/spirit-add-node-depth-limitUpdates
org.commonmark:commonmark-ext-task-list-itemsfrom 0.27.1 to 0.28.0Release notes
Sourced from org.commonmark:commonmark-ext-task-list-items's releases.
Changelog
Sourced from org.commonmark:commonmark-ext-task-list-items's changelog.
Commits
9e30657[maven-release-plugin] prepare release commonmark-parent-0.28.075f6a97Merge pull request #424 from commonmark/release-0.28.0d278947mvn versions:set -DnewVersion=0.28.0-SNAPSHOT873a861Prepare CHANGELOG for version 0.28.053a6365Merge pull request #423 from commonmark/alerts-followup6621065Add alerts extension to integration testse2e2755README: Add section about alerts471e639Merge pull request #420 from ia3andy/gfm-alerts61200f9Update commonmark-ext-gfm-alerts/src/main/java/org/commonmark/ext/gfm/alerts/...f40ff54Merge pull request #422 from spirit-at-canva/spirit-add-node-depth-limitUpdates
io.kotest:kotest-runner-junit5-jvmfrom 6.1.3 to 6.1.10Release notes
Sourced from io.kotest:kotest-runner-junit5-jvm's releases.
... (truncated)
Commits
5bff78eFix JS engine mocha race: single channel send in engineFinished (#5809)ea36c3ddocs: add AI-ready configuration for coding assistants (#5810)abba191speed-up-containExactly (#5812)4b20011AI Agent kotest skill (#5754)3a3b8a1Add type-safe shouldEq / shouldNotEq assertions (#5789)f9563ceAdd JVM_SUITE_NAME env var for Allure suite grouping (#4573) (#5792)91e72bdSet KOTEST_IDEA_PLUGIN=true in Gradle and Android run producers (#5808)fbd5445Add custom Json parser support to JSON matchers (#5795)db45b16Improve logging and documentation for Spec interceptors and materialization l...8c08554Fix Kotest engine skipping discovery when AGP 9+ passes MethodSelectors (#577...Updates
io.kotest:kotest-assertions-core-jvmfrom 6.1.3 to 6.1.10Release notes
Sourced from io.kotest:kotest-assertions-core-jvm's releases.