Skip to content

Bump the all group across 1 directory with 9 updates #317

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the all group across 1 directory with 9 updates #317

dependabot wants to merge 1 commit into from
+8 −8

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 3, 2026

Bumps the all group with 9 updates in the / directory:

Package From To
io.ktor:ktor-version-catalog 3.3.3 3.4.0
org.http4k:http4k-server-netty 6.26.0.0 6.27.0.0
gradle-wrapper 9.2.1 9.3.1
org.jetbrains.kotlinx:kotlinx-serialization-hocon 1.9.0 1.10.0
org.jetbrains.kotlinx:kotlinx-serialization-json 1.9.0 1.10.0
com.google.devtools.ksp:symbol-processing-api 2.3.4 2.3.5
com.google.devtools.ksp 2.3.4 2.3.5
ch.qos.logback:logback-classic 1.5.25 1.5.27
io.mockk:mockk 1.14.7 1.14.9

Updates io.ktor:ktor-version-catalog from 3.3.3 to 3.4.0

Release notes

Sourced from io.ktor:ktor-version-catalog's releases.

3.4.0

Published 22 January 2026

Features

  • KTOR-8316 Support OpenAPI specification for the Ktor Client and Server Application
    • KTOR-9085 Read OpenAPI security details from authentication plugin
    • KTOR-8993 Use runtime-generated spec for OpenAPI / Swagger plugins
    • KTOR-9086 Read OpenAPI default content type information from ContentNegotiation plugin
    • KTOR-8859 Routing documentation compiler plugin
    • KTOR-8936 Routing documentation runtime API
    • KTOR-9087 Generate JSON schema for type references when using Jackson and Gson
  • KTOR-7075 Zstd support
  • KTOR-9209 Support Jackson 3
  • KTOR-9198 Auth/Bearer: Make BearerAuthProvider detect disguised Bearer scheme
  • KTOR-8927 Support for respondResource
  • KTOR-9162 Auth API key plugin
  • KTOR-7882 Support HTTP QUERY method
  • KTOR-8195 Partial HTML response
  • KTOR-8985 EngineMain: Support reading trust store settings from the configuration
  • KTOR-9066 Add duplex streaming for OkHttpClient
  • KTOR-8180 Auth: Provide control over tokens to user code
  • KTOR-8273 iOS native interop for WebRTC client
  • KTOR-8956 DI: Allow file configuration
  • KTOR-9157 Support SIGINT on web and SIGTERM on Native

Improvements

  • KTOR-8890 Rename target jsAndWasmShared to web
  • KTOR-9242 Upgrade to Kotlin 2.3
  • KTOR-9243 Update libcurl to 8.18.0
  • KTOR-9014 Deprecate DarwinLegacy engine
  • KTOR-8931 Test iOS target of the WebRTC Client in Ktor-Chat
  • KTOR-9199 Make HttpHeaders strings const
  • KTOR-9208 Expose plusIsSpace in parseUrlEncodedParameters
  • KTOR-2404 Ktor Oauth2 feature sends 401 response when the client secret is invalid
  • KTOR-9097 Java: Use HTTP/2 by default
  • KTOR-8740 HTMX: Missing DSL for some attributes
  • KTOR-9171 Redesign ByteReadChannel.readUTF8Line API
  • KTOR-4219 Make readUTF8LineTo return number of read symbols instead of boolean
  • KTOR-6761 Apache5: Simplify configuration of ConnectionManager
  • KTOR-9037 Multipart/form-data: Make formData's block inline
  • KTOR-9126 Missing function ByteReadChannel.readTo(sink: RawSink, byteCount: Long)
  • KTOR-9026 Introduce/reuse interfaces for logging selectors
  • KTOR-6766 Deprecate Apache 4 engine
  • KTOR-8642 Excessive memory allocations while writing bytes into write channel of TCP/IP socket
  • KTOR-9137 ByteReadChannel.readUTF8Line is inefficient for long lines
  • KTOR-8657 Remove kotlinx-datetime from ktor-server-default-headers dependencies
  • KTOR-8941 Add override DI conflict policy

Bugfixes

... (truncated)

Changelog

Sourced from io.ktor:ktor-version-catalog's changelog.

3.4.0

Published 22 January 2026

Features

  • KTOR-8316 Support OpenAPI specification for the Ktor Client and Server Application
    • KTOR-9085 Read OpenAPI security details from authentication plugin
    • KTOR-8993 Use runtime-generated spec for OpenAPI / Swagger plugins
    • KTOR-9086 Read OpenAPI default content type information from ContentNegotiation plugin
    • KTOR-8859 Routing documentation compiler plugin
    • KTOR-8936 Routing documentation runtime API
    • KTOR-9087 Generate JSON schema for type references when using Jackson and Gson
  • KTOR-7075 Zstd support
  • KTOR-9209 Support Jackson 3
  • KTOR-9198 Auth/Bearer: Make BearerAuthProvider detect disguised Bearer scheme
  • KTOR-8927 Support for respondResource
  • KTOR-9162 Auth API key plugin
  • KTOR-7882 Support HTTP QUERY method
  • KTOR-8195 Partial HTML response
  • KTOR-8985 EngineMain: Support reading trust store settings from the configuration
  • KTOR-9066 Add duplex streaming for OkHttpClient
  • KTOR-8180 Auth: Provide control over tokens to user code
  • KTOR-8273 iOS native interop for WebRTC client
  • KTOR-8956 DI: Allow file configuration
  • KTOR-9157 Support SIGINT on web and SIGTERM on Native

Improvements

  • KTOR-8890 Rename target jsAndWasmShared to web
  • KTOR-9242 Upgrade to Kotlin 2.3
  • KTOR-9243 Update libcurl to 8.18.0
  • KTOR-9014 Deprecate DarwinLegacy engine
  • KTOR-8931 Test iOS target of the WebRTC Client in Ktor-Chat
  • KTOR-9199 Make HttpHeaders strings const
  • KTOR-9208 Expose plusIsSpace in parseUrlEncodedParameters
  • KTOR-2404 Ktor Oauth2 feature sends 401 response when the client secret is invalid
  • KTOR-9097 Java: Use HTTP/2 by default
  • KTOR-8740 HTMX: Missing DSL for some attributes
  • KTOR-9171 Redesign ByteReadChannel.readUTF8Line API
  • KTOR-4219 Make readUTF8LineTo return number of read symbols instead of boolean
  • KTOR-6761 Apache5: Simplify configuration of ConnectionManager
  • KTOR-9037 Multipart/form-data: Make formData's block inline
  • KTOR-9126 Missing function ByteReadChannel.readTo(sink: RawSink, byteCount: Long)
  • KTOR-9026 Introduce/reuse interfaces for logging selectors
  • KTOR-6766 Deprecate Apache 4 engine
  • KTOR-8642 Excessive memory allocations while writing bytes into write channel of TCP/IP socket
  • KTOR-9137 ByteReadChannel.readUTF8Line is inefficient for long lines
  • KTOR-8657 Remove kotlinx-datetime from ktor-server-default-headers dependencies
  • KTOR-8941 Add override DI conflict policy

Bugfixes

... (truncated)

Commits
  • bf25bb9 Release 3.4.0 (#5325)
  • 1178f8a Update "Report a problem" links (#5322)
  • f99d0af KTOR-9258 Add headers member function to DefaultRequestBuilder to prevent sil...
  • 7452420 Yaml config. Resolve references only once. (#5320)
  • 3798824 WebSockets. Added frame queues backpressure configuration. (#5274)
  • 761eeac KTOR-9235: Ignore exceptions when parsing cookie expires date (#5288)
  • b8817e5 KTOR-9210 Migrate Zstd into standalone module (#5318)
  • f5e2864 Merge pull request #5316 from ktorio/zibet27/fix-auth-binary-compatibility
  • cbcdc39 Auth. Fix binary compatibility.
  • 95a7734 Fix RETURN_IN_FUNCTION_WITH_EXPRESSION_BODY_AND_IMPLICIT_TYPE
  • Additional commits viewable in compare view

Updates org.http4k:http4k-server-netty from 6.26.0.0 to 6.27.0.0

Release notes

Sourced from org.http4k:http4k-server-netty's releases.

6.27.0.0

Changelog:

  • http4k-*: Upgrade versions
  • http4k-connect-amazon-dynamo-fake:[Fix #1477] Fake DynamoDB KeyConditionExpression sometimes fails with floating-point values
  • http4k-*: [Breaking] Upgrades to Exposed v1.0.0 will mean API changes are required. See the Exposed docs for details
  • http4k-testing-webdriver: [Fix] Was throwing wrong NoSuchElementException.

6.26.1.0

Changelog:

Changelog

Sourced from org.http4k:http4k-server-netty's changelog.

v6.27.0.0

  • http4k-*: Upgrade versions
  • http4k-connect-amazon-dynamo-fake:[Fix #1477] Fake DynamoDB KeyConditionExpression sometimes fails with floating-point values
  • http4k-*: [Breaking] Upgrades to Exposed v1.0.0 will mean API changes are required for modules relying on that library. See the Exposed docs for details
  • http4k-testing-webdriver: [Fix] Was throwing wrong NoSuchElementException.

v6.26.1.0

Commits

Updates gradle-wrapper from 9.2.1 to 9.3.1

Updates org.jetbrains.kotlinx:kotlinx-serialization-hocon from 1.9.0 to 1.10.0

Release notes

Sourced from org.jetbrains.kotlinx:kotlinx-serialization-hocon's releases.

1.10.0

This release is based on Kotlin 2.3.0 and contains all of the changes from 1.10.0-RC. The only additional change is a fix for ProtoBuf packing of Kotlin unsigned types (#3079). Big thanks to KosmX for contributing the fix.

For your convenience, the changelog for 1.10.0-RC is duplicated below:

Stabilization of APIs

kotlinx-serialization 1.10 and subsequent releases will be focused on stabilization of existing APIs. The following APIs and configuration options are no longer experimental because they're widely used without any known major issues:

  • Json configuration options: decodeEnumsCaseInsensitive, allowTrailingComma, allowComments, and prettyPrintIndent. (#3100)
  • @EncodeDefault annotation and its modes. (#3106)
  • JsonUnquotedLiteral constructor function (#2900)
  • JsonPrimitive constructor function overloads that accept unsigned types. (#3117)
  • JSON DSL functions on JsonElement with Nothing? overloads. (#3117)

Readiness for return value checker

Kotlin 2.3.0 introduces a new feature aimed at helping you to catch bugs related to the accidentally ignored return value of the function. kotlinx-serialization 1.10.0-RC code is fully marked for this feature, meaning that you can get warnings for unused function calls like Json.encodeToString(...). To get the warnings, the feature has to be enabled in your project as described here.

Polymorphism improvements

Polymorphic serialization received a couple of improvements in this release:

New subclassesOfSealed utility to automatically register sealed subclasses serializers in polymorphic modules (#2201).

Use it in your SerializersModule when configuring a polymorphic hierarchy which contains both abstract and sealed classes. For example, when root of your hierarchy is an interface, but most of your inheritors are sealed classes. The new function will register all known sealed subclasses for you, so you don’t need to list them one by one. This makes writing your SerializerModules much faster and simpler. Big thanks to Paul de Vrieze for contributing this feature.

Class discriminator conflict check rework (#3105).

If a payload already contains a property with the same name as the configured discriminator (for example, type), it is called a class discriminator conflict. To produce a correct output and allow more inputs to be deserialized at the same time, the following changes were made:

  • Conflicts introduced by JsonNamingStrategy transformations are now detected during serialization as well and will cause SerializationException. It also affects non-polymorphic classes.
  • Conflicts from ClassDisciminatorMode.ALL_JSON_OBJECTS and SerializersModuleBuilder.polymorphicDefaultSerializer are also detected.
  • It is allowed to deserialize such a conflicting key for both sealed and open polymorphic hierarchies. Previously, it was possible in the sealed hierarchies alone due to missing assertion. See #1664 for details.

General improvements

  • Add .serialName to MissingFieldException for clearer diagnostics. (#3114)
  • Generate unique Automatic-Module-Name entries for metadata JARs. (#3109)
  • Revised ProGuard rules and added R8 tests. (#3041)
  • CBOR: Improved error message when a byte string/array type mismatch is encountered. (#3052)

Bugfixes

... (truncated)

Changelog

Sourced from org.jetbrains.kotlinx:kotlinx-serialization-hocon's changelog.

1.10.0 / 2026-01-21

This release is based on Kotlin 2.3.0 and contains all of the changes from 1.10.0-RC. The only additional change is a fix for ProtoBuf packing of Kotlin unsigned types (#3079). Big thanks to KosmX for contributing the fix.

For your convenience, the changelog for 1.10.0-RC is duplicated below:

Stabilization of APIs

kotlinx-serialization 1.10 and subsequent releases will be focused on stabilization of existing APIs. The following APIs and configuration options are no longer experimental because they're widely used without any known major issues:

  • Json configuration options: decodeEnumsCaseInsensitive, allowTrailingComma, allowComments, and prettyPrintIndent. (#3100)
  • @EncodeDefault annotation and its modes. (#3106)
  • JsonUnquotedLiteral constructor function (#2900)
  • JsonPrimitive constructor function overloads that accept unsigned types. (#3117)
  • JSON DSL functions on JsonElement with Nothing? overloads. (#3117)

Readiness for return value checker

Kotlin 2.3.0 introduces a new feature aimed at helping you to catch bugs related to the accidentally ignored return value of the function. kotlinx-serialization 1.10.0-RC code is fully marked for this feature, meaning that you can get warnings for unused function calls like Json.encodeToString(...). To get the warnings, the feature has to be enabled in your project as described here.

Polymorphism improvements

Polymorphic serialization received a couple of improvements in this release:

New subclassesOfSealed utility to automatically register sealed subclasses serializers in polymorphic modules (#2201). Use it in your SerializersModule when configuring a polymorphic hierarchy which contains both abstract and sealed classes. For example, when root of your hierarchy is an interface, but most of your inheritors are sealed classes. The new function will register all known sealed subclasses for you, so you don’t need to list them one by one. This makes writing your SerializerModules much faster and simpler. Big thanks to Paul de Vrieze for contributing this feature.

Class discriminator conflict check rework (#3105). If a payload already contains a property with the same name as the configured discriminator (for example, type), it is called a class discriminator conflict. To produce a correct output and allow more inputs to be deserialized at the same time, the following changes were made:

  • Conflicts introduced by JsonNamingStrategy transformations are now detected during serialization as well and will cause SerializationException. It also affects non-polymorphic classes.
  • Conflicts from ClassDisciminatorMode.ALL_JSON_OBJECTS and SerializersModuleBuilder.polymorphicDefaultSerializer are also detected.
  • It is allowed to deserialize such a conflicting key for both sealed and open polymorphic hierarchies. Previously, it was possible in the sealed hierarchies alone due to missing assertion. See #1664 for details.

General improvements

... (truncated)

Commits
  • 370c4e3 Prepare 1.10.0 release (#3142)
  • eaa4b0b Merge remote-tracking branch 'origin/master' into dev
  • 0311f16 Fix ProtoBuf packing for kotlin unsigned types (#3079)
  • a19df8c Add a disclaimer to "Other community-supported formats" section and slightly ...
  • 2f8a874 Add JSON5 to community-supported formats (#3134)
  • 975af2c Actualize releasing process document
  • e8be81f Prepare 1.10.0-RC release
  • e334d1c [CBOR] Fix various bugs in the decoder implementation
  • d7ca108 Merge remote-tracking branch 'origin/master' into dev
  • a5a3c97 IR inliner: Enable intra-module mode for kotlinx.serialization (#3128)
  • Additional commits viewable in compare view

Updates org.jetbrains.kotlinx:kotlinx-serialization-json from 1.9.0 to 1.10.0

Release notes

Sourced from org.jetbrains.kotlinx:kotlinx-serialization-json's releases.

1.10.0

This release is based on Kotlin 2.3.0 and contains all of the changes from 1.10.0-RC. The only additional change is a fix for ProtoBuf packing of Kotlin unsigned types (#3079). Big thanks to KosmX for contributing the fix.

For your convenience, the changelog for 1.10.0-RC is duplicated below:

Stabilization of APIs

kotlinx-serialization 1.10 and subsequent releases will be focused on stabilization of existing APIs. The following APIs and configuration options are no longer experimental because they're widely used without any known major issues:

  • Json configuration options: decodeEnumsCaseInsensitive, allowTrailingComma, allowComments, and prettyPrintIndent. (#3100)
  • @EncodeDefault annotation and its modes. (#3106)
  • JsonUnquotedLiteral constructor function (#2900)
  • JsonPrimitive constructor function overloads that accept unsigned types. (#3117)
  • JSON DSL functions on JsonElement with Nothing? overloads. (#3117)

Readiness for return value checker

Kotlin 2.3.0 introduces a new feature aimed at helping you to catch bugs related to the accidentally ignored return value of the function. kotlinx-serialization 1.10.0-RC code is fully marked for this feature, meaning that you can get warnings for unused function calls like Json.encodeToString(...). To get the warnings, the feature has to be enabled in your project as described here.

Polymorphism improvements

Polymorphic serialization received a couple of improvements in this release:

New subclassesOfSealed utility to automatically register sealed subclasses serializers in polymorphic modules (#2201).

Use it in your SerializersModule when configuring a polymorphic hierarchy which contains both abstract and sealed classes. For example, when root of your hierarchy is an interface, but most of your inheritors are sealed classes. The new function will register all known sealed subclasses for you, so you don’t need to list them one by one. This makes writing your SerializerModules much faster and simpler. Big thanks to Paul de Vrieze for contributing this feature.

Class discriminator conflict check rework (#3105).

If a payload already contains a property with the same name as the configured discriminator (for example, type), it is called a class discriminator conflict. To produce a correct output and allow more inputs to be deserialized at the same time, the following changes were made:

  • Conflicts introduced by JsonNamingStrategy transformations are now detected during serialization as well and will cause SerializationException. It also affects non-polymorphic classes.
  • Conflicts from ClassDisciminatorMode.ALL_JSON_OBJECTS and SerializersModuleBuilder.polymorphicDefaultSerializer are also detected.
  • It is allowed to deserialize such a conflicting key for both sealed and open polymorphic hierarchies. Previously, it was possible in the sealed hierarchies alone due to missing assertion. See #1664 for details.

General improvements

  • Add .serialName to MissingFieldException for clearer diagnostics. (#3114)
  • Generate unique Automatic-Module-Name entries for metadata JARs. (#3109)
  • Revised ProGuard rules and added R8 tests. (#3041)
  • CBOR: Improved error message when a byte string/array type mismatch is encountered. (#3052)

Bugfixes

... (truncated)

Changelog

Sourced from org.jetbrains.kotlinx:kotlinx-serialization-json's changelog.

1.10.0 / 2026-01-21

This release is based on Kotlin 2.3.0 and contains all of the changes from 1.10.0-RC. The only additional change is a fix for ProtoBuf packing of Kotlin unsigned types (#3079). Big thanks to KosmX for contributing the fix.

For your convenience, the changelog for 1.10.0-RC is duplicated below:

Stabilization of APIs

kotlinx-serialization 1.10 and subsequent releases will be focused on stabilization of existing APIs. The following APIs and configuration options are no longer experimental because they're widely used without any known major issues:

  • Json configuration options: decodeEnumsCaseInsensitive, allowTrailingComma, allowComments, and prettyPrintIndent. (#3100)
  • @EncodeDefault annotation and its modes. (#3106)
  • JsonUnquotedLiteral constructor function (#2900)
  • JsonPrimitive constructor function overloads that accept unsigned types. (#3117)
  • JSON DSL functions on JsonElement with Nothing? overloads. (#3117)

Readiness for return value checker

Kotlin 2.3.0 introduces a new feature aimed at helping you to catch bugs related to the accidentally ignored return value of the function. kotlinx-serialization 1.10.0-RC code is fully marked for this feature, meaning that you can get warnings for unused function calls like Json.encodeToString(...). To get the warnings, the feature has to be enabled in your project as described here.

Polymorphism improvements

Polymorphic serialization received a couple of improvements in this release:

New subclassesOfSealed utility to automatically register sealed subclasses serializers in polymorphic modules (#2201). Use it in your SerializersModule when configuring a polymorphic hierarchy which contains both abstract and sealed classes. For example, when root of your hierarchy is an interface, but most of your inheritors are sealed classes. The new function will register all known sealed subclasses for you, so you don’t need to list them one by one. This makes writing your SerializerModules much faster and simpler. Big thanks to Paul de Vrieze for contributing this feature.

Class discriminator conflict check rework (#3105). If a payload already contains a property with the same name as the configured discriminator (for example, type), it is called a class discriminator conflict. To produce a correct output and allow more inputs to be deserialized at the same time, the following changes were made:

  • Conflicts introduced by JsonNamingStrategy transformations are now detected during serialization as well and will cause SerializationException. It also affects non-polymorphic classes.
  • Conflicts from ClassDisciminatorMode.ALL_JSON_OBJECTS and SerializersModuleBuilder.polymorphicDefaultSerializer are also detected.
  • It is allowed to deserialize such a conflicting key for both sealed and open polymorphic hierarchies. Previously, it was possible in the sealed hierarchies alone due to missing assertion. See #1664 for details.

General improvements

... (truncated)

Commits
  • 370c4e3 Prepare 1.10.0 release (#3142)
  • eaa4b0b Merge remote-tracking branch 'origin/master' into dev
  • 0311f16 Fix ProtoBuf packing for kotlin unsigned types (#3079)
  • a19df8c Add a disclaimer to "Other community-supported formats" section and slightly ...
  • 2f8a874 Add JSON5 to community-supported formats (#3134)
  • 975af2c Actualize releasing process document
  • e8be81f Prepare 1.10.0-RC release
  • e334d1c [CBOR] Fix various bugs in the decoder implementation
  • d7ca108 Merge remote-tracking branch 'origin/master' into dev
  • a5a3c97 IR inliner: Enable intra-module mode for kotlinx.serialization (#3128)
  • Additional commits viewable in compare view

Updates org.jetbrains.kotlinx:kotlinx-serialization-json from 1.9.0 to 1.10.0

Release notes

Sourced from org.jetbrains.kotlinx:kotlinx-serialization-json's releases.

1.10.0

This release is based on Kotlin 2.3.0 and contains all of the changes from 1.10.0-RC. The only additional change is a fix for ProtoBuf packing of Kotlin unsigned types (#3079). Big thanks to KosmX for contributing the fix.

For your convenience, the changelog for 1.10.0-RC is duplicated below:

Stabilization of APIs

kotlinx-serialization 1.10 and subsequent releases will be focused on stabilization of existing APIs. The following APIs and configuration options are no longer experimental because they're widely used without any known major issues:

  • Json configuration options: decodeEnumsCaseInsensitive, allowTrailingComma, allowComments, and prettyPrintIndent. (#3100)
  • @EncodeDefault annotation and its modes. (#3106)
  • JsonUnquotedLiteral constructor function (#2900)
  • JsonPrimitive constructor function overloads that accept unsigned types. (#3117)
  • JSON DSL functions on JsonElement with Nothing? overloads. (#3117)

Readiness for return value checker

Kotlin 2.3.0 introduces a new feature aimed at helping you to catch bugs related to the accidentally ignored return value of the function. kotlinx-serialization 1.10.0-RC code is fully marked for this feature, meaning that you can get warnings for unused function calls like Json.encodeToString(...). To get the warnings, the feature has to be enabled in your project as described here.

Polymorphism improvements

Polymorphic serialization received a couple of improvements in this release:

New subclassesOfSealed utility to automatically register sealed subclasses serializers in polymorphic modules (#2201).

Use it in your SerializersModule when configuring a polymorphic hierarchy which contains both abstract and sealed classes. For example, when root of your hierarchy is an interface, but most of your inheritors are sealed classes. The new function will register all known sealed subclasses for you, so you don’t need to list them one by one. This makes writing your SerializerModules much faster and simpler. Big thanks to Paul de Vrieze for contributing this feature.

Class discriminator conflict check rework (#3105).

If a payload already contains a property with the same name as the configured discriminator (for example, type), it is called a class discriminator conflict. To produce a correct output and allow more inputs to be deserialized at the same time, the following changes were made:

  • Conflicts introduced by JsonNamingStrategy transformations are now detected during serialization as well and will cause SerializationException. It also affects non-polymorphic classes.
  • Conflicts from ClassDisciminatorMode.ALL_JSON_OBJECTS and SerializersModuleBuilder.polymorphicDefaultSerializer are also detected.
  • It is allowed to deserialize such a conflicting key for both sealed and open polymorphic hierarchies. Previously, it was possible in the sealed hierarchies alone due to missing assertion. See #1664 for details.

General improvements

  • Add .serialName to MissingFieldException for clearer diagnostics. (#3114)
  • Generate unique Automatic-Module-Name entries for metadata JARs. (#3109)
  • Revised ProGuard rules and added R8 tests. (#3041)
  • CBOR: Improved error message when a byte string/array type mismatch is encountered. (#3052)

Bugfixes

... (truncated)

Changelog

Sourced from org.jetbrains.kotlinx:kotlinx-serialization-json's changelog.

1.10.0 / 2026-01-21

This release is based on Kotlin 2.3.0 and contains all of the changes from 1.10.0-RC. The only additional change is a fix for ProtoBuf packing of Kotlin unsigned types (#3079). Big thanks to KosmX for contributing the fix.

For your convenience, the changelog for 1.10.0-RC is duplicated below:

Stabilization of APIs

kotlinx-serialization 1.10 and subsequent releases will be focused on stabilization of existing APIs. The following APIs and configuration options are no longer experimental because they're widely used without any known major issues:

  • Json configuration options: decodeEnumsCaseInsensitive, allowTrailingComma, allowComments, and prettyPrintIndent. (#3100)
  • @EncodeDefault annotation and its modes. (#3106)
  • JsonUnquotedLiteral constructor function (#2900)
  • JsonPrimitive constructor function overloads that accept unsigned types. (#3117)
  • JSON DSL functions on JsonElement with Nothing? overloads. (#3117)

Readiness for return value checker

Kotlin 2.3.0 introduces a new feature aimed at helping you to catch bugs related to the accidentally ignored return value of the function. kotlinx-serialization 1.10.0-RC code is fully marked for this feature, meaning that you can get warnings for unused function calls like Json.encodeToString(...). To get the warnings, the feature has to be enabled in your project as described here.

Polymorphism improvements

Polymorphic serialization received a couple of improvements in this release:

New subclassesOfSealed utility to automatically register sealed subclasses serializers in polymorphic modules (#2201). Use it in your SerializersModule when configuring a polymorphic hierarchy which contains both abstract and sealed classes. For example, when root of your hierarchy is an interface, but most of your inheritors are sealed classes. The new function will register all known sealed subclasses for you, so you don’t need to list them one by one. This makes writing your SerializerModules much faster and simpler. Big thanks to Paul de Vrieze for contributing this feature.

Class discriminator conflict check rework (#3105). If a payload already contains a property with the same name as the configured discriminator (for example, type), it is called a class discriminator conflict. To produce a correct output and allow more inputs to be deserialized at the same time, the following changes were made:

  • Conflicts introduced by JsonNamingStrategy transformations are now detected during serialization as well and will cause SerializationException. It also affects non-polymorphic classes.
  • Conflicts from ClassDisciminatorMode.ALL_JSON_OBJECTS and SerializersModuleBuilder.polymorphicDefaultSerializer are also detected.
  • It is allowed to deserialize such a conflicting key for both sealed and open polymorphic hierarchies. Previously, it was possible in the sealed hierarchies alone due to missing assertion. See #1664 for details.

General improvements

... (truncated)

Commits
  • 370c4e3 Prepare 1.10.0 release (#3142)
  • eaa4b0b Merge remote-tracking branch 'origin/master' into dev
  • 0311f16 Fix ProtoBuf packing for kotlin unsigned types (#3079)
  • a19df8c Add a disclaimer to "Other community-supported formats" section and slightly ...
  • 2f8a874 Add JSON5 to community-supported formats (#3134)
  • 975af2c Actualize releasing process document
  • e8be81f Prepare 1.10.0-RC release
  • e334d1c [CBOR] Fix various bugs in the decoder implementation
  • d7ca108 Merge remote-tracking branch 'origin/master' into dev
  • a5a3c97 IR inliner: Enable intra-module mode for kotlinx.serialization (#3128)
  • Additional commits viewable in compare view

Updates com.google.devtools.ksp:symbol-processing-api from 2.3.4 to 2.3.5

Release notes

Sourced from com.google.devtools.ksp:symbol-processing-api's releases.

2.3.5

What's Changed

  • KSPCoreEnvironment.instance_prop leaks memory when used programmatically #2742
  • Missing first annotation argument when toByte is used #2672
  • Fix circular dependency between KSP and KAPT in AGP 9.0 #2743

Contributors

  • Thanks to everyone who reported bugs and participated in discussions!

Full Changelog: google/ksp@2.3.4...2.3.5

Commits
  • d97389e Dispose of threadlocals in KSPCoreEnvironment after processing
  • 24d46e3 Update shadow-validation-baseline.txt
  • 924a66a Update metalava to 1.0.0-alpha14
  • 9edb159 Remove JavaVersion.java
  • d6ac494 UPDATE_AA_VERSION: 2.3.20-dev-7064
  • 1a5a5f4 UPDATE_AA_VERSION: 2.3.20-dev-5706
  • c410900 Get rid of KotlinCoreEnvironment.createForTests()
  • 6d5137b UPDATE_AA_VERSION: 2.3.20-dev-4294
  • fee6609 UPDATE_AA_VERSION: 2.3.20-dev-2826
  • 6aad46a Switch to intellij's coroutines
  • Additional commits viewable in compare view

Updates com.google.devtools.ksp from 2.3.4 to 2.3.5

Release notes

Sourced from com.google.devtools.ksp's releases.

2.3.5

What's Changed

  • KSPCoreEnvironment.instance_prop leaks memory when used programmatically #2742
  • Missing first annotation argument when toByte is used #2672
  • Fix circular dependency between KSP and KAPT in AGP 9.0 #2743

Contributors

  • Thanks to everyone who reported bugs and participated in discussions!

Full Changelog: google/ksp@2.3.4...2.3.5

Commits
  • d97389e Dispose of threadlocals in KSPCoreEnvironment after processing
  • 24d46e3 Update shadow-validation-baseline.txt
  • 924a66a Update metalava to 1.0.0-alpha14
  • 9edb159 Remove JavaVersion.java
  • d6ac494 UPDATE_AA_VERSION: 2.3.20-dev-7064
  • 1a5a5f4 UPDATE_AA_VERSION: 2.3.20-dev-5706
  • c410900 Get rid of KotlinCoreEnvironment.createForTests()
  • 6d5137b UPDATE_AA_VERSION: 2.3.20-dev-4294
  • fee6609 UPDATE_AA_VERSION: 2.3.20-dev-2826
  • 6aad46a Switch to intellij's coroutines
  • Additional commits viewable in compare view

Updates ch.qos.logback:logback-classic from 1.5.25 to 1.5.27

Release notes

Sourced from ch.qos.logback:logback-classic's releases.

Logback 1.5.27

2026-01-30 Release of logback version 1.5.27

• Updated license to Eclipse Public License version 2.0 from version 1.0, retaining the GPL 2.1 dual-license.

• Fixed missing MDC data transmitted by SocketAppender reported in issues/1010 by Lars Vogel.

• Removed all Receiver classes and components which were already disabled for several years.

• Refactored file scanning code for improved clarity.

• In SizeAndTimeBasedRollingPolicy modified totalSizeCap and maxFileSize comparison to taking into account file compression. This fixes issues/1007.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 3618eb01aad6672f9cd250dccf7546a69cbe982f associated with the tag v_1.5.27. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.26

2026-01-25 Release of logback version 1.5.26

• InsertFromJNDIModelHandler was accessing javax.naming package forcing the inclusion of the optional java.naming module. This problem was raised in issues/1003 by Marius Hanl who also provided the relevant PR.

• In applications using shadow/fat/shade jars, module or package information could be lost. Thus, in the absence of version information, logback-classic would warn about version mismatches. Lo...

Description has been truncated

@dependabot
Bump the all group across 1 directory with 9 updates
2d020a6 
Bumps the all group with 9 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [io.ktor:ktor-version-catalog](https://github.com/ktorio/ktor) | `3.3.3` | `3.4.0` |
| [org.http4k:http4k-server-netty](https://github.com/http4k/http4k) | `6.26.0.0` | `6.27.0.0` |
| gradle-wrapper | `9.2.1` | `9.3.1` |
| [org.jetbrains.kotlinx:kotlinx-serialization-hocon](https://github.com/Kotlin/kotlinx.serialization) | `1.9.0` | `1.10.0` |
| [org.jetbrains.kotlinx:kotlinx-serialization-json](https://github.com/Kotlin/kotlinx.serialization) | `1.9.0` | `1.10.0` |
| [com.google.devtools.ksp:symbol-processing-api](https://github.com/google/ksp) | `2.3.4` | `2.3.5` |
| [com.google.devtools.ksp](https://github.com/google/ksp) | `2.3.4` | `2.3.5` |
| [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) | `1.5.25` | `1.5.27` |
| [io.mockk:mockk](https://github.com/mockk/mockk) | `1.14.7` | `1.14.9` |



Updates `io.ktor:ktor-version-catalog` from 3.3.3 to 3.4.0
- [Release notes](https://github.com/ktorio/ktor/releases)
- [Changelog](https://github.com/ktorio/ktor/blob/main/CHANGELOG.md)
- [Commits](ktorio/ktor@3.3.3...3.4.0)

Updates `org.http4k:http4k-server-netty` from 6.26.0.0 to 6.27.0.0
- [Release notes](https://github.com/http4k/http4k/releases)
- [Changelog](https://github.com/http4k/http4k/blob/master/CHANGELOG.md)
- [Commits](http4k/http4k@6.26.0.0...6.27.0.0)

Updates `gradle-wrapper` from 9.2.1 to 9.3.1

Updates `org.jetbrains.kotlinx:kotlinx-serialization-hocon` from 1.9.0 to 1.10.0
- [Release notes](https://github.com/Kotlin/kotlinx.serialization/releases)
- [Changelog](https://github.com/Kotlin/kotlinx.serialization/blob/master/CHANGELOG.md)
- [Commits](Kotlin/kotlinx.serialization@v1.9.0...v1.10.0)

Updates `org.jetbrains.kotlinx:kotlinx-serialization-json` from 1.9.0 to 1.10.0
- [Release notes](https://github.com/Kotlin/kotlinx.serialization/releases)
- [Changelog](https://github.com/Kotlin/kotlinx.serialization/blob/master/CHANGELOG.md)
- [Commits](Kotlin/kotlinx.serialization@v1.9.0...v1.10.0)

Updates `org.jetbrains.kotlinx:kotlinx-serialization-json` from 1.9.0 to 1.10.0
- [Release notes](https://github.com/Kotlin/kotlinx.serialization/releases)
- [Changelog](https://github.com/Kotlin/kotlinx.serialization/blob/master/CHANGELOG.md)
- [Commits](Kotlin/kotlinx.serialization@v1.9.0...v1.10.0)

Updates `com.google.devtools.ksp:symbol-processing-api` from 2.3.4 to 2.3.5
- [Release notes](https://github.com/google/ksp/releases)
- [Commits](google/ksp@2.3.4...2.3.5)

Updates `com.google.devtools.ksp` from 2.3.4 to 2.3.5
- [Release notes](https://github.com/google/ksp/releases)
- [Commits](google/ksp@2.3.4...2.3.5)

Updates `ch.qos.logback:logback-classic` from 1.5.25 to 1.5.27
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](qos-ch/logback@v_1.5.25...v_1.5.27)

Updates `io.mockk:mockk` from 1.14.7 to 1.14.9
- [Release notes](https://github.com/mockk/mockk/releases)
- [Commits](mockk/mockk@1.14.7...1.14.9)

Updates `com.google.devtools.ksp` from 2.3.4 to 2.3.5
- [Release notes](https://github.com/google/ksp/releases)
- [Commits](google/ksp@2.3.4...2.3.5)

---
updated-dependencies:
- dependency-name: io.ktor:ktor-version-catalog
  dependency-version: 3.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: org.http4k:http4k-server-netty
  dependency-version: 6.27.0.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: gradle-wrapper
  dependency-version: 9.3.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: org.jetbrains.kotlinx:kotlinx-serialization-hocon
  dependency-version: 1.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: org.jetbrains.kotlinx:kotlinx-serialization-json
  dependency-version: 1.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: org.jetbrains.kotlinx:kotlinx-serialization-json
  dependency-version: 1.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: com.google.devtools.ksp:symbol-processing-api
  dependency-version: 2.3.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: com.google.devtools.ksp
  dependency-version: 2.3.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.27
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: io.mockk:mockk
  dependency-version: 1.14.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: com.google.devtools.ksp
  dependency-version: 2.3.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Feb 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants