Bump fastlane from 2.235.0 to 2.236.0 by dependabot[bot] · Pull Request #1775 · RevenueCat/purchases-flutter

dependabot · 2026-06-09T16:52:46Z

Bumps fastlane from 2.235.0 to 2.236.0.

Release notes

2.236.0 Improvements

[ci] fix: add 'multi_json' as direct dep due to upstream googleapis bug. (#30062) via Connor Tumbleson (@iBotPeaches)

Fix --copy_to_clipboard flag for spaceauth command (#29888) via owurman (@owurman)

[transporter] Decode Base64 key content for .p8 file generation in Al… (#30057) via Kaan Çembertaş (@kaancembertas)

[ci] remove xcode 16.3 as CircleCI dropped it (#30058) via Connor Tumbleson (@iBotPeaches)

[action] Add update_app_age_rating action for standalone age rating updates (#30025) via Pratik Patil (@PratikPatil131)

[core] Set ruby-jwt gem to v2.10.3 minimum. (#30056) via Nakshatra Singh (@nakshatrasinghh)

[snapshot] run simulator using Rosetta2 for Apple Silicon (#21559) via Iceman (@sidepelican)

[snapshot] use simulator UDIDs for destinations (#30054) via Philip Niedertscheider (@philprime)

[spaceship] remove dots from names (#30052) via Tim Shedor (@tshedor)

[docs] keep docs assets moving along during update_docs (#30051) via Connor Tumbleson (@iBotPeaches)

Commits

0c70b67 Version bump to 2.236.0 (#30064)
4a6c792 [core] fix: add 'multi_json' as direct dep due to upstream googleapis bug. (#...
e979ad4 [spaceauth] Fix --copy_to_clipboard flag for spaceauth command (#29888)
274a470 [transporter] Decode Base64 key content for .p8 file generation in (#30057)
efa4cab [ci] remove xcode 16.3 as CircleCI dropped it (#30058)
3f73c21 [action] Add update_app_age_rating action for standalone age rating updates (...
c30e449 [core] Set ruby-jwt gem to v2.10.3 minimum. (#30056)
57a2d0d [snapshot] run simulator using Rosetta2 for Apple Silicon (#21559)
43dc4fa [snapshot] use simulator UDIDs for destinations (#30054)
5f94ef3 [spaceship] remove dots (.) from names (#30052)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note

Medium Risk
Lockfile-only but fastlane powers release and E2E/API CI; minor version includes auth/JWT and App Store tooling changes that could affect pipelines.

Overview
Bumps fastlane from 2.235.0 to 2.236.0 via Gemfile.lock only (Dependabot). The resolved tree also moves several fastlane-related gems (AWS S3 stack, Google Play/Storage APIs, googleauth, signet, json, retriable).

Upstream 2.236.0 tightens jwt to >= 2.10.3, adds multi_json as a direct dependency (workaround for a googleapis issue), and includes App Store / transporter / snapshot / spaceship fixes plus a new update_app_age_rating action. This repo drives CI and release flows through bundle exec fastlane (API tests, Maestro iOS/Android, hybrid-common updates, releases), so behavior changes land in those lanes rather than application code.

^{Reviewed by Cursor Bugbot for commit 732b44e. Bugbot is set up for automated code reviews on this repo. Configure here.}

Bumps [fastlane](https://github.com/fastlane/fastlane) from 2.235.0 to 2.236.0. - [Release notes](https://github.com/fastlane/fastlane/releases) - [Changelog](https://github.com/fastlane/fastlane/blob/master/CHANGELOG.latest.md) - [Commits](fastlane/fastlane@fastlane/2.235.0...fastlane/2.236.0) --- updated-dependencies: - dependency-name: fastlane dependency-version: 2.236.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>

@RCGitBot

**This is an automatic release.** ## RevenueCat SDK ### 📦 Dependency Updates * [AUTOMATIC BUMP] Updates purchases-hybrid-common to 18.14.1 (#1777) via RevenueCat Git Bot (@RCGitBot) * [Android 10.9.0](https://github.com/RevenueCat/purchases-android/releases/tag/10.9.0) * [iOS 5.78.0](https://github.com/RevenueCat/purchases-ios/releases/tag/5.78.0) * [iOS 5.77.0](https://github.com/RevenueCat/purchases-ios/releases/tag/5.77.0) * [Web 1.42.3](https://github.com/RevenueCat/purchases-js/releases/tag/1.42.3) * [Web 1.42.2](https://github.com/RevenueCat/purchases-js/releases/tag/1.42.2) * [Web 1.42.1](https://github.com/RevenueCat/purchases-js/releases/tag/1.42.1) ### 🔄 Other Changes * Bump fastlane from 2.236.0 to 2.236.1 (#1779) via dependabot[bot] (@dependabot[bot]) * Bump fastlane from 2.235.0 to 2.236.0 (#1775) via dependabot[bot] (@dependabot[bot])  --- > [!NOTE] > **Medium Risk** > Bumps native billing SDKs via hybrid-common (purchase/subscription paths); no Dart API changes in the diff, but downstream store behavior follows Android/iOS/Web release notes. > > **Overview** > **Automatic release 10.2.3** bumps the Flutter SDK and `purchases_ui_flutter` from **10.2.2** to **10.2.3**, and refreshes release metadata (`CHANGELOG`, `VERSIONS.md`, `.version`). > > The functional dependency change is **`purchases-hybrid-common` 18.10.0 → 18.14.1** on Android (`common_version` in both `android/build.gradle` and `purchases_ui_flutter/android/build.gradle`), which pulls in **Android 10.9.0**, **iOS 5.77.0/5.78.0**, and **Web 1.42.1–1.42.3**. Reported plugin version strings are updated on Android, iOS/macOS podspecs, and the web plugin; `purchases_ui_flutter` now depends on **`purchases_flutter: ^10.2.3`**. > > Changelog also notes **fastlane** bumps (2.235.0 → 2.236.1) from Dependabot; those are not in this diff snippet beyond the changelog lines. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit b370b21. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup>

dependabot Bot added dependencies Pull requests that update a dependency file ruby Pull requests that update ruby code labels Jun 9, 2026

dependabot Bot requested a review from a team as a code owner June 9, 2026 16:52

tonidero approved these changes Jun 9, 2026

View reviewed changes

tonidero enabled auto-merge (squash) June 9, 2026 16:53

tonidero merged commit 08b18f4 into main Jun 9, 2026
18 of 19 checks passed

tonidero deleted the dependabot/bundler/fastlane-2.236.0 branch June 9, 2026 17:00

RCGitBot mentioned this pull request Jun 12, 2026

[AUTOMATIC] Release/10.2.3 #1780

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump fastlane from 2.235.0 to 2.236.0#1775

Bump fastlane from 2.235.0 to 2.236.0#1775
tonidero merged 1 commit into
mainfrom
dependabot/bundler/fastlane-2.236.0

dependabot Bot commented on behalf of github Jun 9, 2026 •

edited by cursor Bot

Loading

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github Jun 9, 2026 • edited by cursor Bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

2.236.0 Improvements

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot Bot commented on behalf of github Jun 9, 2026 •

edited by cursor Bot

Loading