From 646afc3d9e9140cc82022a4e9c9c66b0355d552e Mon Sep 17 00:00:00 2001
From: ricekot <git@ricekot.com>
Date: Sat, 4 Oct 2025 00:09:55 +0530
Subject: [PATCH 1/2] Test dependabot

Signed-off-by: ricekot <git@ricekot.com>
---
 .github/dependabot.yml | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 1b52049975f..eedb2b905ca 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -9,3 +9,30 @@ updates:
         applies-to: version-updates
         patterns:
         - "*"
+  - package-ecosystem: "gradle"
+    directory: "/"
+    exclude-paths:
+      - "buildSrc"
+    schedule:
+      interval: "weekly"
+    groups:
+      gradle:
+        applies-to: version-updates
+        patterns:
+        - "*"
+    ignore:
+      # network add-on dependencies are managed manually
+      - dependency-name: "io.netty:*"
+      - dependency-name: "org.bouncycastle:*"
+      - dependency-name: "com.aayushatharva.brotli4j:*"
+      - dependency-name: "org.apache.httpcomponents.client5:httpclient5"
+      - dependency-name: "org.jitsi:ice4j"
+      - dependency-name: "com.diffplug.spotless*" # newer versions lead to runtime error, will need to update common plugin first
+      - dependency-name: "org.apache.logging.log4j:*" # provided by core
+      - dependency-name: "org.jruby:jruby-complete"
+        versions: [ ">= 10" ] # versions 10.x and later require Java 21
+      - dependency-name: "org.xhtmlrenderer:flying-saucer-pdf"
+        versions: [ ">= 10" ] # versions 10.x and later require Java 21
+      - dependency-name: "org.seleniumhq.selenium:htmlunit3-driver" # dependabot uses the wrong version when updating
+      - dependency-name: "com.google.inject.extensions:guice-assistedinject" # updating this leads to errors and this is transitive dependency
+      - dependency-name: "org.zaproxy:zap" # core versions are manually updated when targeting a new core

From 79f24d621adec900c35068fc8ed5fbbae0bd9747 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 3 Oct 2025 18:41:05 +0000
Subject: [PATCH 2/2] build(deps): bump gradle/actions from 4.4.4 to 5.0.0 in
 the gha group

Bumps the gha group with 1 update: [gradle/actions](https://github.com/gradle/actions).


Updates `gradle/actions` from 4.4.4 to 5.0.0
- [Release notes](https://github.com/gradle/actions/releases)
- [Commits](https://github.com/gradle/actions/compare/748248ddd2a24f49513d8f472f81c3a07d4d50e1...4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2)

---
updated-dependencies:
- dependency-name: gradle/actions
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gha
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/ci.yml        | 2 +-
 .github/workflows/ci_remote.yml | 2 +-
 .github/workflows/codeql.yml    | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 4cd6d1c4671..3828fc29518 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -27,7 +27,7 @@ jobs:
         with:
           distribution: 'temurin'
           java-version: ${{ matrix.java }}
-      - uses: gradle/actions/setup-gradle@748248ddd2a24f49513d8f472f81c3a07d4d50e1 # v4.4.4
+      - uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
         with:
           gradle-home-cache-includes: |
             caches
diff --git a/.github/workflows/ci_remote.yml b/.github/workflows/ci_remote.yml
index 07e2dd7831b..2e8751fdb94 100644
--- a/.github/workflows/ci_remote.yml
+++ b/.github/workflows/ci_remote.yml
@@ -16,7 +16,7 @@ jobs:
         with:
           distribution: 'temurin'
           java-version: 17
-      - uses: gradle/actions/setup-gradle@748248ddd2a24f49513d8f472f81c3a07d4d50e1 # v4.4.4
+      - uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
         with:
           gradle-home-cache-includes: |
             caches
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 171fa3d5347..bc40592c02e 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -35,7 +35,7 @@ jobs:
         uses: github/codeql-action/autobuild@v3
 
       - if: matrix.language == 'java'
-        uses: gradle/actions/setup-gradle@748248ddd2a24f49513d8f472f81c3a07d4d50e1 # v4.4.4
+        uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
         with:
           cache-read-only: true
           gradle-home-cache-includes: |