chore(deps): consolidated Java + Rust dependency maintenance#72
Merged
Conversation
…n /java Consolidates Dependabot PRs #67-#71 into a single aligned bump: - junit-jupiter-api/engine/params + junit-platform-launcher: 6.0.3 -> 6.1.0 - org.slf4j:slf4j-api: 2.0.17 -> 2.0.18 - de.siegmar:fastcsv: 4.2.0 -> 4.3.0 The JUnit artifacts are bumped together (including junit-platform-launcher, which had no Dependabot PR) so the api/engine versions stay matched. The engine-only PR #71 failed CI precisely because api remained at 6.0.3.
Dependabot does not track the Rust workspace (Maven-only config), so these are applied manually: - cargo update: refresh 26 transitive crates (all semver-compatible) - dev-dep criterion: 0.5 -> 0.8; migrate benches off the deprecated criterion::black_box to std::hint::black_box rand 0.10 and z3 0.20 are deferred: both require source changes (rand::RngExt migration; z3 0.13+ implicit-context API rewrite) and are out of scope for this dependency-maintenance pass.
This was referenced Jul 7, 2026
Closed
Closed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Consolidated dependency maintenance for both ecosystems, verified locally before pushing.
Java (supersedes Dependabot PRs #67–#71)
Bumps the whole JUnit set together so
-api/-enginestay matched:junit-jupiter-api/junit-jupiter-engine/junit-jupiter-params/junit-platform-launcher:6.0.3 → 6.1.0org.slf4j:slf4j-api:2.0.17 → 2.0.18de.siegmar:fastcsv:4.2.0 → 4.3.0junit-platform-launcherhad no Dependabot PR; including it keeps the platform aligned with Jupiter. Note that Dependabot's engine-only PR #71 failed CI precisely because merging it alone left-apiat 6.0.3 (JUnit requires them to match) — this consolidated bump fixes that.Rust (not covered by Dependabot — Maven-only config)
cargo update: refresh 26 transitive crates (all semver-compatible)criterion:0.5 → 0.8, migrating the benches off the deprecatedcriterion::black_boxtostd::hint::black_boxDeferred (require source changes — out of scope here)
0.9 → 0.10: movedrandom_rangeto a newRngExttrait;findchars-benchwould needuse rand::RngExt.0.12 → 0.20:static-link-z3feature removed (nowbundled) and the pre-0.13 explicit-context API used infindchars-solver/src/solver.rswas removed; needs a solver rewrite.Verification
cargo test -p findchars -p findchars-csv(73 passed) andcargo clippy --workspace --all-targets -- -D warnings(clean) — the exact CI commands.mvnw verifyrelies on CI (a local~/.m2permission quirk blocked the shade-plugin step, unrelated to these bumps).