Skip to content

[deps]: Lock file maintenance#6974

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/lock-file-maintenance
Open

[deps]: Lock file maintenance#6974
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/lock-file-maintenance

Conversation

@renovate

@renovate renovate Bot commented May 25, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Update Change
lockFileMaintenance All locks refreshed

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

🔧 This Pull Request updates lock files to use the latest dependency versions.


Configuration

📅 Schedule: (UTC)

  • Branch creation
    • "every 2nd week starting on the 2 week of the year before 4am on Monday"
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot added the t:deps Change Type - Dependencies label May 25, 2026
@renovate renovate Bot requested review from a team and david-livefront as code owners May 25, 2026 02:48
@renovate renovate Bot added the t:deps Change Type - Dependencies label May 25, 2026
@bitwarden-bot bitwarden-bot changed the title [deps]: Lock file maintenance [PM-38040] [deps]: Lock file maintenance May 25, 2026
@bitwarden-bot

Copy link
Copy Markdown
Collaborator

Internal tracking:

@codecov

codecov Bot commented May 25, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 86.25%. Comparing base (65a5031) to head (24e7070).

Additional details and impacted files
@@           Coverage Diff           @@
##             main    #6974   +/-   ##
=======================================
  Coverage   86.25%   86.25%           
=======================================
  Files         912      912           
  Lines       65480    65480           
  Branches     9600     9600           
=======================================
  Hits        56478    56478           
  Misses       5558     5558           
  Partials     3444     3444           
Flag Coverage Δ
app-data 17.38% <ø> (ø)
app-ui-auth-tools 18.67% <ø> (ø)
app-ui-platform 16.44% <ø> (ø)
app-ui-vault 28.06% <ø> (ø)
authenticator 6.13% <ø> (ø)
lib-core-network-bridge 4.05% <ø> (ø)
lib-data-ui 1.14% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@renovate renovate Bot changed the title [PM-38040] [deps]: Lock file maintenance [deps]: Lock file maintenance May 25, 2026
@renovate renovate Bot force-pushed the renovate/lock-file-maintenance branch from 73fdddf to 24e7070 Compare July 6, 2026 19:24
@renovate

renovate Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor Author

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: build.gradle.kts
Command failed: ./gradlew -Dorg.gradle.jvmargs=-Xms512m -Xmx512m --console=plain --dependency-verification lenient -q properties

FAILURE: Build failed with an exception.

* Where:
Build file '/tmp/renovate/repos/github/bitwarden/android/build.gradle.kts' line: 3

* What went wrong:
Plugin [id: 'io.gitlab.arturbosch.detekt', version: '1.23.8'] was not found in any of the following sources:

- Gradle Core Plugins (plugin is not in 'org.gradle' namespace)
- Included Builds (No included builds contain this plugin)
- Plugin Repositories (could not resolve plugin artifact 'io.gitlab.arturbosch.detekt:io.gitlab.arturbosch.detekt.gradle.plugin:1.23.8')
  Searched in the following repositories:
    Google
    MavenRepo
    Gradle Central Plugin Repository

* Try:
> Run with --stacktrace option to get the stack trace.
> Run with --info or --debug option to get more log output.
> Run with --scan to get full insights from a Build Scan (powered by Develocity).
> Get more help at https://help.gradle.org.

BUILD FAILED in 57s

@david-livefront david-livefront deleted the renovate/lock-file-maintenance branch July 6, 2026 19:31
@david-livefront david-livefront restored the renovate/lock-file-maintenance branch July 6, 2026 19:33
@github-actions

github-actions Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

🤖 Bitwarden Claude Code Review

Overall Assessment: APPROVE

Automated Renovate lockFileMaintenance PR that refreshes Gemfile.lock to the latest dependency versions within the existing Gemfile constraints. Changes are confined to the Ruby build/deploy tooling chain (fastlane and its transitive dependencies) — no application runtime code, manifest, or version-constraint changes. This is routine Stage 5 monitoring activity.

Code Review Details

No blocking findings.

Dependency Changes

Package Change Ecosystem
jwt 2.10.3 → 3.2.0 (major) RubyGems
xcodeproj 1.27.0 → 1.28.1 RubyGems
json 2.19.9 → 2.20.0 RubyGems
google-cloud-storage 1.61.0 → 1.62.0 RubyGems
google-apis-* minor bumps RubyGems
faraday 1.10.5 → 1.10.6 RubyGems
aws-partitions 1.1261.0 → 1.1265.0 RubyGems

Notes:

  • These are all transitive dependencies of the fastlane build/deploy tooling, resolved by Renovate within unchanged Gemfile constraints (lock-file-only change). This is the expected pattern for lock file maintenance.
  • jwt crosses a major version (2.x → 3.x), but as a transitive dev/CI-tooling dependency with no manifest constraint change and passing CI, it does not warrant blocking review. Worth a quick confirmation that fastlane lanes still run green on CI before merge.
  • base64 and nkf appear as new sub-dependencies of the xcodeproj 1.28.1 bump; these are transitive, not net-new direct dependencies.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

t:deps Change Type - Dependencies

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants