chore(deps): bump the android-deps group across 1 directory with 9 updates

[dependabot]

Bumps the android-deps group with 9 updates in the /apps/android directory:

Package	From	To
gradle-wrapper	9.4.1	9.5.1
androidx.compose:compose-bom	2026.04.01	2026.05.01
dnsjava:dnsjava	3.6.4	3.6.5
org.junit.vintage:junit-vintage-engine	6.0.3	6.1.0
org.jetbrains.kotlinx:kotlinx-coroutines-android	1.10.2	1.11.0
org.jetbrains.kotlinx:kotlinx-coroutines-test	1.10.2	1.11.0
com.google.android.material:material	1.13.0	1.14.0
com.android.application	9.2.0	9.2.1
com.android.test	9.2.0	9.2.1

Updates gradle-wrapper from 9.4.1 to 9.5.1

Release notes

Sourced from gradle-wrapper's releases.

9.5.1

The Gradle team is excited to announce Gradle 9.5.1.

Here are the highlights of this release:

• Task provenance in reports and failure messages
• Type-safe accessors for precompiled Kotlin Settings plugins

Read the Release Notes

We would like to thank the following community members for their contributions to this release of Gradle: atm1020, mataha, Adam, Attila Kelemen, Benedikt Ritter, Björn Kautler, Caro Silva Rode, CHANHAN, Dmitry Nezavitin, Eng Zer Jun, KugelLibelle, Madalin Valceleanu, Markus Gaisbauer, Oliver Kopp, Philip Wedemann, ploober, Roberto Perez Alcolea, Rohit Anand, Suvrat Acharya, Ujwal Suresh Vanjare, Victor Merkulov

Upgrade instructions

Switch your build to use Gradle 9.5.1 by updating your wrapper:

./gradlew wrapper --gradle-version=9.5.1 && ./gradlew wrapper

See the Gradle 9.x upgrade guide to learn about deprecations, breaking changes and other considerations when upgrading.

For Java, Groovy, Kotlin and Android compatibility, see the full compatibility notes.

Reporting problems

If you find a problem with this release, please file a bug on GitHub Issues adhering to our issue guidelines. If you're not sure you're encountering a bug, please use the forum.

We hope you will build happiness with Gradle, and we look forward to your feedback via Twitter or on GitHub.

9.5.0

... (truncated)

Commits

• fd78213 Update Documentation Infrastructure: Fix scrolling issue in user manual (#37861)
• 7758437 fix scroll
• 2fd605f Only try to run as worker thread in DefaultBuildOperationQueue (#37845)
• af69849 Release notes for Gradle 9.5.1 (#37853)
• f4d9d03 Release notes for Gradle 9.5.1
• 01eda3a Address review feedback on worker-lease retry changes
• 7024e15 Revert enrich file visitor with size info on release branch (#37848)
• d51476f Fix tryRunAsWorkerThread null-return test to match contract
• 090ebab Revert "Add getLength() to FilePropertyVisitor.VisitState"
• bceab24 Revert "Fix annotation"
• Additional commits viewable in compare view

Updates androidx.compose:compose-bom from 2026.04.01 to 2026.05.01

Updates dnsjava:dnsjava from 3.6.4 to 3.6.5

Release notes

Sourced from dnsjava:dnsjava's releases.

v3.6.5

• Handle canceled keys in UDP client (#129)
• Handle interrupts on NIO selector thread (#396, #397)
• Fix config option key names in README (@​lostnet, #399)
• Handle invalid/uninitialized file times in hosts file (#400)
• Add getXxxAsByteArray() getters and overload with escape boolean (@​MMauro94, #404, #405)

Note: The tag for this release is v3.6.5-1, because the v3.6.5 tag accidentally pointed to a local branch and cannot be changed anymore because of the immutable releases. The Maven artifacts from the Actions run are correct.

Full Changelog: dnsjava/dnsjava@v3.6.4...v3.6.5-1

Changelog

Sourced from dnsjava:dnsjava's changelog.

05/23/2026

• 3.6.5 released
• Handle canceled keys in UDP client (#129)
• Handle interrupts on NIO selector thread (#396, #397)
• Fix config option key names in README (@​lostnet, #399)
• Handle invalid/uninitialized file times in hosts file (#400)
• Add getXxxAsByteArray() getters and overload with escape boolean (@​MMauro94, #404, #405)

01/18/2026

• 3.6.4 released
• Fix Zone-class serialization (#391)
• Avoid Double DNS Lookup for Names with Labels >= ndots (#388)
• Prevent NPE when calling Message#getTSIG() on DNS request with bad header (#384)
• Unwrap an exception in the legacy callback-based async interface (#383)
• Prevent ConcurrentModificationException in NIO clients (#379, @​bhaveshthakker)
• Handle null in all setSearchPath overloads equally (#157)
• Reduce warning level of invalid hosts file entries (#371)
• Remove a lock on the hot-path in the hosts file parser (#371)
• DoH Resolver makes use of the Multi-Release jar and tests are executed for Java 8 and 11+ implementations (#385)
• Fix DoH Resolver initial request delay (#385)

01/26/2025

• 3.6.3 released
• Support custom hosts file size (@​flaming-archer, #349)
• Fix origin handling in zone loaded from file or stream (#346)
• Prevent TCP port leak when closing IO (#351)
• Fix confusing parameter name in CNAMERecord (@​chkal, #354)
• Optionally disable ShutdownHook in NioClient (@​SvenssonWeb, #359)
• TSIG algorithm names from RFC 8945
• Message.toWire can exceed MAXLENGTH (#355)
• TCP query might fail if the shared buffer is full (#357)
• Dynamic updates silently truncates records (#356)
• Fix DoH initial request using recommended nanoTime calculation (@​LinZong, #345)

09/21/2024

• 3.6.2 released
• Add new IANA Trust Anchor (@​technolord, #337)
• Fix Zone handling with signed SOA (@​frankarinnet, #335)

07/28/2024

• 3.6.1 released
• Properly fix LookupSession doesn't cache CNAMEs (#316)
• Move JEP-418 SPI to Java 18 to support EOL workflows (#329)

07/21/2024

... (truncated)

Commits

• See full diff in compare view

Updates org.junit.vintage:junit-vintage-engine from 6.0.3 to 6.1.0

Release notes

Sourced from org.junit.vintage:junit-vintage-engine's releases.

JUnit 6.1.0 = Platform 6.1.0 + Jupiter 6.1.0 + Vintage 6.1.0

See Release Notes.

New Contributors

• @​JarvisCraft made their first contribution in junit-team/junit-framework#5633
• @​Maran23 made their first contribution in junit-team/junit-framework#5644

Full Changelog: junit-team/junit-framework@r6.0.3...r6.1.0

JUnit 6.1.0-RC1 = Platform 6.1.0-RC1 + Jupiter 6.1.0-RC1 + Vintage 6.1.0-RC1

See Release Notes.

New Contributors

• @​mariokhoury4 made their first contribution in junit-team/junit-framework#4574
• @​Ogu1208 made their first contribution in junit-team/junit-framework#5145
• @​HyungGeun94 made their first contribution in junit-team/junit-framework#5271
• @​yalishevant made their first contribution in junit-team/junit-framework#5316
• @​JINU-CHANG made their first contribution in junit-team/junit-framework#5290
• @​jaschdoc made their first contribution in junit-team/junit-framework#5427
• @​kawshikbuet17 made their first contribution in junit-team/junit-framework#5561
• @​msridhar made their first contribution in junit-team/junit-framework#5602

Full Changelog: junit-team/junit-framework@r6.1.0-M1...r6.1.0-RC1

JUnit 6.1.0-M1 = Platform 6.1.0-M1 + Jupiter 6.1.0-M1 + Vintage 6.1.0-M1

See Release Notes.

New Contributors

• @​vy made their first contribution in junit-team/junit-framework#5041
• @​Pankraz76 made their first contribution in junit-team/junit-framework#5006
• @​arukiidou made their first contribution in junit-team/junit-framework#5066
• @​laeubi made their first contribution in junit-team/junit-framework#5092
• @​jihun4452 made their first contribution in junit-team/junit-framework#5088
• @​TWiStErRob made their first contribution in junit-team/junit-framework#5133

Full Changelog: junit-team/junit-framework@r6.0.0...r6.1.0-M1

Commits

• 0dc3af1 Release 6.1.0
• 1d13002 Prepare 6.1.0 release notes
• 072b217 Update plugin spotless to v8.5.0 (#5668)
• 3a53480 Update Gradle to v9.5.1 (#5666)
• 0e18a20 Update zizmorcore/zizmor-action action to v0.5.4 (#5669)
• 0a2634f Update github/codeql-action action to v4.35.5 (#5671)
• 4dbd556 Restructure workflows to have single "status" job (#5670)
• f2194ce Increase timeout to reduce flakiness
• 5c8fdd2 Update dependency org.apache.groovy:groovy to v5.0.6 (#5659)
• 43c6982 Update dependency org.slf4j:slf4j-jdk14 to v2.0.18 (#5667)
• Additional commits viewable in compare view

Updates org.jetbrains.kotlinx:kotlinx-coroutines-android from 1.10.2 to 1.11.0

Release notes

Sourced from org.jetbrains.kotlinx:kotlinx-coroutines-android's releases.

1.11.0

Various

• Kotlin was updated to 2.2.20 (#4545).
• Improved the published jar files (#3842, #4599).
• Various documentation improvements, including complete rewrites of structured concurrency and error handling-related KDoc (#4433, #4596).

Breaking changes and deprecations

• Moved Promise-related functions from JS and Wasm/JS to the new web target. On Wasm/JS, this is a breaking change. Before the change, Promise on Wasm/JS could work with arbitrary Kotlin types, but now, only JsAny subtypes are accepted (#4563).
• Changed handling of coroutine exceptions that can't be propagated on JS and Wasm/JS. B efore, exceptions were logged, but now, they are reported to the JS runtime (#4451, #4631).
• Deprecated using CoroutineDispatcher as the coroutine context key; now, ContinuationInterceptor has to be used instead (#4333).
• Advanced the deprecation levels on kotlinx-coroutines-test APIs (#4604).
• Added lint functions that mark passing a Job to coroutine builders as deprecated (#4435).

Bug fixes and improvements

• Added a callsInPlace(EXACTLY_ONCE) contract to runBlocking in code shared between JVM and Native (#4368).
• Added a callsInPlace(EXACTLY_ONCE) contract to suspendCancellableCoroutine (#4574).
• Fixed flowOn incorrectly handling ThreadContextElement updates (#4403).
• Fixed exceptions in user-supplied Thread.UncaughtExceptionHandler instances causing the internal coroutines machinery to fail (#4516).
• Fixed CoroutineDispatcher.asScheduler in the RxJava integration not cancelling outstanding work when a Worker gets cancelled, which led to memory leaks in some scenarios (#4615).
• Fixed SharedFlow entering an invalid state when a subscriber and an emitter are cancelled simultaneously (#4583).
• Fixed an R8 optimization leading to shareIn/stateIn coroutines getting garbage-collected (#4646). Thanks, @​solevic!

Small additions

• Added CompletableDeferred.asDeferred for obtaining a read-only Deferred view (#4408).
• Added SharedFlow.asFlow for obtaining a Flow view with hidden hot flow semantics (#4530). Thanks, @​g000sha256!
• Added a StateFlow.collectLatest overload returning Nothing to assist with finding unreachable code (#4454).
• Added ReceiveChannel.consumeTo for consuming a ReceiveChannel into a MutableCollection (#4520).
• Added a StateFlow<T>.onSubscription overload returning a StateFlow<T>, similar to SharedFlow<T>.onSubscription returning SharedFlow<T> (#4275). Thanks, @​xit0c!
• Added terminal Flow operators for collecting a Flow to a Map (#1541).

Changelog relative to version 1.11.0

No changes, only the version is increased.

1.11.0-rc02

Restored binary compatibility with 1.10.2 and older versions on Wasm/JS for usages of Promise-related functions (#4661).

1.11.0-rc01

Various

• Kotlin was updated to 2.2.20 (#4545).
• Improved the published jar files (#3842, #4599).
• Various documentation improvements, including complete rewrites of structured concurrency and error handling-related KDoc (#4433, #4596).

Breaking changes and deprecations

... (truncated)

Changelog

Sourced from org.jetbrains.kotlinx:kotlinx-coroutines-android's changelog.

Version 1.11.0

Various

• Kotlin was updated to 2.2.20 (#4545).
• Improved the published jar files (#3842, #4599).
• Various documentation improvements, including complete rewrites of structured concurrency and error handling-related KDoc (#4433, #4596).

Breaking changes and deprecations

• Moved Promise-related functions from JS and Wasm/JS to the new web target. On Wasm/JS, this is a breaking change. Before the change, Promise on Wasm/JS could work with arbitrary Kotlin types, but now, only JsAny subtypes are accepted (#4563).
• Changed handling of coroutine exceptions that can't be propagated on JS and Wasm/JS. Before, exceptions were logged, but now, they are reported to the JS runtime (#4451, #4631).
• Deprecated using CoroutineDispatcher as the coroutine context key; now, ContinuationInterceptor has to be used instead (#4333).
• Advanced the deprecation levels on kotlinx-coroutines-test APIs (#4604).
• Added lint functions that mark passing a Job to coroutine builders as deprecated (#4435).

Bug fixes and improvements

• Added a callsInPlace(EXACTLY_ONCE) contract to runBlocking in code shared between JVM and Native (#4368).
• Added a callsInPlace(EXACTLY_ONCE) contract to suspendCancellableCoroutine (#4574).
• Fixed flowOn incorrectly handling ThreadContextElement updates (#4403).
• Fixed exceptions in user-supplied Thread.UncaughtExceptionHandler instances causing the internal coroutines machinery to fail (#4516).
• Fixed CoroutineDispatcher.asScheduler in the RxJava integration not cancelling outstanding work when a Worker gets cancelled, which led to memory leaks in some scenarios (#4615).
• Fixed SharedFlow entering an invalid state when a subscriber and an emitter are cancelled simultaneously (#4583).
• Fixed an R8 optimization leading to shareIn/stateIn coroutines getting garbage-collected (#4646). Thanks, @​solevic!

Small additions

• Added CompletableDeferred.asDeferred for obtaining a read-only Deferred view (#4408).
• Added SharedFlow.asFlow for obtaining a Flow view with hidden hot flow semantics (#4530). Thanks, @​g000sha256!
• Added a StateFlow.collectLatest overload returning Nothing to assist with finding unreachable code (#4454).
• Added ReceiveChannel.consumeTo for consuming a ReceiveChannel into a MutableCollection (#4520).
• Added a StateFlow<T>.onSubscription overload returning a StateFlow<T>, similar to SharedFlow<T>.onSubscription returning SharedFlow<T> (#4275). Thanks, @​xit0c!
• Added terminal Flow operators for collecting a Flow to a Map (#1541).

Changelog relative to version 1.11.0

No changes, only the version is increased.

Version 1.11.0-rc02

Restored binary compatibility with 1.10.2 and older versions on Wasm/JS for usages of Promise-related functions (#4661).

Version 1.11.0-rc01

Various

• Kotlin was updated to 2.2.20 (#4545).
• Improved the published jar files (#3842, #4599).
• Various documentation improvements, including complete rewrites of structured concurrency and error handling-related KDoc (#4433, #4596).

... (truncated)

Commits

• 8564f65 Version 1.11.0
• a4c6af9 Merge remote-tracking branch 'origin/master' into develop
• ef917b4 KT-84955: mark apple x64 tagets as deprecated error (#4645)
• 5ebc421 Update the release procedure description (#4670)
• 95f46a0 Remove old maven repository settings (#4672)
• b4f4f0a Fix package name of ToMapCollectionSamplesTest. (#4674)
• 86738dc Added templates to the issue creation wizard (#4654)
• 330fcc2 Version 1.11.0-rc02
• e31cef6 Merge remote-tracking branch 'origin/master' into develop
• dc6e9f6 Restore Promise-related functions on Wasm/JS as HIDDEN (#4661)
• Additional commits viewable in compare view

Updates org.jetbrains.kotlinx:kotlinx-coroutines-test from 1.10.2 to 1.11.0

Release notes

Sourced from org.jetbrains.kotlinx:kotlinx-coroutines-test's releases.

1.11.0

Various

• Kotlin was updated to 2.2.20 (#4545).
• Improved the published jar files (#3842, #4599).
• Various documentation improvements, including complete rewrites of structured concurrency and error handling-related KDoc (#4433, #4596).

Breaking changes and deprecations

• Moved Promise-related functions from JS and Wasm/JS to the new web target. On Wasm/JS, this is a breaking change. Before the change, Promise on Wasm/JS could work with arbitrary Kotlin types, but now, only JsAny subtypes are accepted (#4563).
• Changed handling of coroutine exceptions that can't be propagated on JS and Wasm/JS. B efore, exceptions were logged, but now, they are reported to the JS runtime (#4451, #4631).
• Deprecated using CoroutineDispatcher as the coroutine context key; now, ContinuationInterceptor has to be used instead (#4333).
• Advanced the deprecation levels on kotlinx-coroutines-test APIs (#4604).
• Added lint functions that mark passing a Job to coroutine builders as deprecated (#4435).

Bug fixes and improvements

• Added a callsInPlace(EXACTLY_ONCE) contract to runBlocking in code shared between JVM and Native (#4368).
• Added a callsInPlace(EXACTLY_ONCE) contract to suspendCancellableCoroutine (#4574).
• Fixed flowOn incorrectly handling ThreadContextElement updates (#4403).
• Fixed exceptions in user-supplied Thread.UncaughtExceptionHandler instances causing the internal coroutines machinery to fail (#4516).
• Fixed CoroutineDispatcher.asScheduler in the RxJava integration not cancelling outstanding work when a Worker gets cancelled, which led to memory leaks in some scenarios (#4615).
• Fixed SharedFlow entering an invalid state when a subscriber and an emitter are cancelled simultaneously (#4583).
• Fixed an R8 optimization leading to shareIn/stateIn coroutines getting garbage-collected (#4646). Thanks, @​solevic!

Small additions

• Added CompletableDeferred.asDeferred for obtaining a read-only Deferred view (#4408).
• Added SharedFlow.asFlow for obtaining a Flow view with hidden hot flow semantics (#4530). Thanks, @​g000sha256!
• Added a StateFlow.collectLatest overload returning Nothing to assist with finding unreachable code (#4454).
• Added ReceiveChannel.consumeTo for consuming a ReceiveChannel into a MutableCollection (#4520).
• Added a StateFlow<T>.onSubscription overload returning a StateFlow<T>, similar to SharedFlow<T>.onSubscription returning SharedFlow<T> (#4275). Thanks, @​xit0c!
• Added terminal Flow operators for collecting a Flow to a Map (#1541).

Changelog relative to version 1.11.0

No changes, only the version is increased.

1.11.0-rc02

Restored binary compatibility with 1.10.2 and older versions on Wasm/JS for usages of Promise-related functions (#4661).

1.11.0-rc01

Various

• Kotlin was updated to 2.2.20 (#4545).
• Improved the published jar files (#3842, #4599).
• Various documentation improvements, including complete rewrites of structured concurrency and error handling-related KDoc (#4433, #4596).

Breaking changes and deprecations

... (truncated)

Changelog

Sourced from org.jetbrains.kotlinx:kotlinx-coroutines-test's changelog.

Version 1.11.0

Various

• Kotlin was updated to 2.2.20 (#4545).
• Improved the published jar files (#3842, #4599).
• Various documentation improvements, including complete rewrites of structured concurrency and error handling-related KDoc (#4433, #4596).

Breaking changes and deprecations

• Moved Promise-related functions from JS and Wasm/JS to the new web target. On Wasm/JS, this is a breaking change. Before the change, Promise on Wasm/JS could work with arbitrary Kotlin types, but now, only JsAny subtypes are accepted (#4563).
• Changed handling of coroutine exceptions that can't be propagated on JS and Wasm/JS. Before, exceptions were logged, but now, they are reported to the JS runtime (#4451, #4631).
• Deprecated using CoroutineDispatcher as the coroutine context key; now, ContinuationInterceptor has to be used instead (#4333).
• Advanced the deprecation levels on kotlinx-coroutines-test APIs (#4604).
• Added lint functions that mark passing a Job to coroutine builders as deprecated (#4435).

Bug fixes and improvements

• Added a callsInPlace(EXACTLY_ONCE) contract to runBlocking in code shared between JVM and Native (#4368).
• Added a callsInPlace(EXACTLY_ONCE) contract to suspendCancellableCoroutine (#4574).
• Fixed flowOn incorrectly handling ThreadContextElement updates (#4403).
• Fixed exceptions in user-supplied Thread.UncaughtExceptionHandler instances causing the internal coroutines machinery to fail (#4516).
• Fixed CoroutineDispatcher.asScheduler in the RxJava integration not cancelling outstanding work when a Worker gets cancelled, which led to memory leaks in some scenarios (#4615).
• Fixed SharedFlow entering an invalid state when a subscriber and an emitter are cancelled simultaneously (#4583).
• Fixed an R8 optimization leading to shareIn/stateIn coroutines getting garbage-collected (#4646). Thanks, @​solevic!

Small additions

• Added CompletableDeferred.asDeferred for obtaining a read-only Deferred view (#4408).
• Added SharedFlow.asFlow for obtaining a Flow view with hidden hot flow semantics (#4530). Thanks, @​g000sha256!
• Added a StateFlow.collectLatest overload returning Nothing to assist with finding unreachable code (#4454).
• Added ReceiveChannel.consumeTo for consuming a ReceiveChannel into a MutableCollection (#4520).
• Added a StateFlow<T>.onSubscription overload returning a StateFlow<T>, similar to SharedFlow<T>.onSubscription returning SharedFlow<T> (#4275). Thanks, @​xit0c!
• Added terminal Flow operators for collecting a Flow to a Map (#1541).

Changelog relative to version 1.11.0

No changes, only the version is increased.

Version 1.11.0-rc02

Restored binary compatibility with 1.10.2 and older versions on Wasm/JS for usages of Promise-related functions (#4661).

Version 1.11.0-rc01

Various

• Kotlin was updated to 2.2.20 (#4545).
• Improved the published jar files (#3842, #4599).
• Various documentation improvements, including complete rewrites of structured concurrency and error handling-related KDoc (#4433, #4596).

... (truncated)

Commits

• 8564f65 Version 1.11.0
• a4c6af9 Merge remote-tracking branch 'origin/master' into develop
• ef917b4 KT-84955: mark apple x64 tagets as deprecated error (#4645)
• 5ebc421 Update the release procedure description (#4670)
• 95f46a0 Remove old maven repository settings (#4672)
• b4f4f0a Fix package name of ToMapCollectionSamplesTest. (#4674)
• 86738dc Added templates to the issue creation wizard (#4654)
• 330fcc2 Version 1.11.0-rc02
• e31cef6 Merge remote-tracking branch 'origin/master' into develop
• dc6e9f6 Restore Promise-related functions on Wasm/JS as HIDDEN (#4661)
• Additional commits viewable in compare view

Updates org.jetbrains.kotlinx:kotlinx-coroutines-test from 1.10.2 to 1.11.0

Release notes

Sourced from org.jetbrains.kotlinx:kotlinx-coroutines-test's releases.

1.11.0

Various

• Kotlin was updated to 2.2.20 (#4545).
• Improved the published jar files (#3842, #4599).
• Various documentation improvements, including complete rewrites of structured concurrency and error handling-related KDoc (#4433, #4596).

Breaking changes and deprecations

• Moved Promise-related functions from JS and Wasm/JS to the new web target. On Wasm/JS, this is a breaking change. Before the change, Promise on Wasm/JS could work with arbitrary Kotlin types, but now, only JsAny subtypes are accepted (#4563).
• Changed handling of coroutine exceptions that can't be propagated on JS and Wasm/JS. B efore, exceptions were logged, but now, they are reported to the JS runtime (#4451, #4631).
• Deprecated using CoroutineDispatcher as the coroutine context key; now, ContinuationInterceptor has to be used instead (#4333).
• Advanced the deprecation levels on kotlinx-coroutines-test APIs (#4604).
• Added lint functions that mark passing a Job to coroutine builders as deprecated (#4435).

Bug fixes and improvements

• Added a callsInPlace(EXACTLY_ONCE) contract to runBlocking in code shared between JVM and Native (#4368).
• Added a callsInPlace(EXACTLY_ONCE) contract to suspendCancellableCoroutine (#4574).
• Fixed flowOn incorrectly handling ThreadContextElement updates (#4403).
• Fixed exceptions in user-supplied Thread.UncaughtExceptionHandler instances causing the internal coroutines machinery to fail (#4516).
• Fixed CoroutineDispatcher.asScheduler in the RxJava integration not cancelling outstanding work when a Worker gets cancelled, which led to memory leaks in some scenarios (#4615).
• Fixed SharedFlow entering an invalid state when a subscriber and an emitter are cancelled simultaneously (#4583).
• Fixed an R8 optimization leading to shareIn/stateIn coroutines getting garbage-collected (#4646). Thanks, @​solevic!

Small additions

• Added CompletableDeferred.asDeferred for obtaining a read-only Deferred view (#4408).
• Added SharedFlow.asFlow for obtaining a Flow view with hidden hot flow semantics (#4530). Thanks, @​g000sha256!
• Added a StateFlow.collectLatest overload returning Nothing to assist with finding unreachable code (#4454).
• Added ReceiveChannel.consumeTo for consuming a ReceiveChannel into a MutableCollection (#4520).
• Added a StateFlow<T>.onSubscription overload returning a StateFlow<T>, similar to SharedFlow<T>.onSubscription returning SharedFlow<T> (#4275). Thanks, @​xit0c!
• Added terminal Flow operators for collecting a Flow to a Map (#1541).

Changelog relative to version 1.11.0

No changes, only the version is increased.

1.11.0-rc02

Restored binary compatibility with 1.10.2 and older versions on Wasm/JS for usages of Promise-related functions (#4661).

1.11.0-rc01

Various

• Kotlin was updated to 2.2.20 (#4545).
• Improved the published jar files (#3842, #4599).
• Various documentation improvements, including complete rewrites of structured concurrency and error handling-related KDoc (#4433, #4596).

Breaking changes and deprecations

... (truncated)

Changelog

Sourced from org.jetbrains.kotlinx:kotlinx-coroutines-test's changelog.

Version 1.11.0

Various

• Kotlin was updated to 2.2.20 (#4545).
• Improved the published jar files (#3842, #4599).
• Various documentation improvements, including complete rewrites of structured concurrency and error handling-related KDoc (#4433, #4596).

Breaking changes and deprecations

• Moved Promise-related functions from JS and Wasm/JS to the new web target. On Wasm/JS, this is a breaking change. Before the change, Promise on Wasm/JS could work with arbitrary Kotlin types, but now, only JsAny subtypes are accepted (#4563).
• Changed handling of coroutine exceptions that can't be propagated on JS and Wasm/JS. Before, exceptions were logged, but now, they are reported to the JS runtime (#4451, #4631).
• Deprecated using CoroutineDispatcher as the coroutine context key; now, ContinuationInterceptor has to be used instead (#4333).
• Advanced the deprecation levels on kotlinx-coroutines-test APIs (#4604).
• Added lint functions that mark passing a Job to coroutine builders as deprecated (#4435).

Bug fixes and improvements

• Added a callsInPlace(EXACTLY_ONCE) contract to runBlocking in code shared between JVM and Native (#4368).
• Added a callsInPlace(EXACTLY_ONCE) contract to suspendCancellableCoroutine (#4574).
• Fixed flowOn incorrectly handling ThreadContextElement updates (#4403).
• Fixed exceptions in user-supplied Thread.UncaughtExceptionHandler instances causing the internal coroutines machinery to fail (#4516).
• Fixed CoroutineDispatcher.asScheduler in the RxJava integration not cancelling outstanding work when a Worker gets cancelled, which led to memory leaks in some scenarios (#4615).
• Fixed SharedFlow entering an invalid state when a subscriber and an emitter are cancelled simultaneously (#4583).
• Fixed an R8 optimization leading to shareIn/stateIn coroutines getting garbage-collected (#4646). Thanks, @​solevic!

Small additions

• Added CompletableDeferred.asDeferred for obtaining a read-only Deferred view (#4408).
• Added SharedFlow.asFlow for obtaining a Flow view with hidden hot flow semantics (#4530). Thanks, @​g000sha256!
• Added a StateFlow.collectLatest overload returning Nothing to assist with finding unreachable code (#4454).
• Added ReceiveChannel.consumeTo for consuming a ReceiveChannel into a MutableCollection (#4520).
• Added a StateFlow<T>.onSubscription overload returning a StateFlow<T>, similar to SharedFlow<T>.onSubscription returning SharedFlow<T> (#4275). Thanks, @​xit0c!
• Added terminal Flow operators for collecting a Flow to a Map (#1541).

Changelog relative to version 1.11.0

No changes, only the version is increased.

Version 1.11.0-rc02

Restored binary compatibility with 1.10.2 and older versions on Wasm/JS fo...

Description has been truncated

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	maven/​dnsjava/​dnsjava@​3.6.4 ⏵ 3.6.5
	maven/​org.junit.vintage/​junit-vintage-engine@​6.0.3 ⏵ 6.1.0
	maven/​org.jetbrains.kotlinx/​kotlinx-coroutines-android@​1.10.2 ⏵ 1.11.0
	maven/​org.jetbrains.kotlinx/​kotlinx-coroutines-test@​1.10.2 ⏵ 1.11.0

View full report

[clawsweeper]

Codex review: needs maintainer review before merge. Reviewed June 5, 2026, 4:43 AM ET / 08:43 UTC.

Summary
This PR bumps nine Android Gradle/Maven dependencies under apps/android, including Gradle wrapper 9.4.1 to 9.5.1, AGP, Compose BOM, dnsjava, JUnit Vintage, coroutines, and Material.

PR surface: Other -9. Total -9 across 5 files.

Reproducibility: Do we have a high-confidence way to reproduce the issue? Not applicable; this is a dependency maintenance PR rather than a reported bug, and current main still has the older Android dependency versions.

Review metrics: 2 noteworthy metrics.

• Android dependency bumps: 9 updated. The PR updates Android build, runtime, and test dependencies together, which is the main compatibility surface maintainers need to accept.
• Gradle wrapper properties: 2 added, 1 changed. Wrapper download settings are operator-facing build behavior and should be noticed separately from ordinary version catalog edits.

Merge readiness
Overall: 🐚 platinum hermit
Proof: 🌊 off-meta tidepool
Patch quality: 🐚 platinum hermit
Result: ready for maintainer review.

Overall follows the weaker of proof and patch quality, so missing proof can cap an otherwise strong patch.

Rank-up moves:

• [P2] Maintainer reviews and accepts the grouped dependency and wrapper risk before merge.

Risk before merge

• [P1] The grouped update changes Android build tooling plus runtime and test libraries, so it can affect build behavior, Compose UI, coroutine behavior, DNS discovery, and test execution even with the focused CI checks passing.
• [P1] The wrapper jar checksum matches Gradle's official 9.5.1 wrapper jar, but the PR still changes generated wrapper scripts and wrapper download settings, which is a maintainer supply-chain and platform-compatibility acceptance point.

Maintainer options:

1. Accept the grouped update (recommended)
   Merge after maintainer dependency review with the Android build/test and dependency-guard checks green, accepting the normal compatibility risk of grouped Android dependency bumps.
2. Split the high-risk surfaces
   If maintainers want lower blast radius, ask Dependabot or a maintainer to separate the Gradle wrapper/AGP update from runtime library updates.
3. Pause on dependency concerns
   If the upstream Gradle/AGP or Socket signals are not acceptable for Android right now, close this grouped PR and wait for narrower or later dependency updates.

Next step before merge

• [P2] The remaining action is maintainer dependency and wrapper-risk acceptance, not an automated code repair.

Security
Cleared: No concrete security or supply-chain defect was found; the Gradle wrapper jar checksum matches Gradle's official 9.5.1 wrapper checksum.

Review details

Best possible solution:

Land the dependency bump only after maintainers accept the grouped Android dependency and wrapper risk with the Android build/test and dependency-guard checks green; otherwise split the wrapper/tooling and runtime library updates into narrower PRs.

Do we have a high-confidence way to reproduce the issue?

Do we have a high-confidence way to reproduce the issue? Not applicable; this is a dependency maintenance PR rather than a reported bug, and current main still has the older Android dependency versions.

Is this the best way to solve the issue?

Is this the best way to solve the issue? It is an acceptable Dependabot maintenance path, but maintainers may prefer splitting the wrapper/tooling update from runtime libraries if they want a smaller compatibility blast radius.

AGENTS.md: found and applied where relevant.

Codex review notes: model gpt-5.5, reasoning high; reviewed against 1a3ce7c2a8da.

Label changes

Label changes:

• add rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🌊 off-meta tidepool and patch quality is 🐚 platinum hermit.
• add status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Not applicable: This is a Dependabot bot dependency PR, so contributor real-behavior proof is not applicable; CI is supplemental merge evidence.
• remove rating: 🦐 gold shrimp: Current PR rating is rating: 🐚 platinum hermit, so this older rating label is no longer current.
• remove status: ⏳ waiting on author: Current PR status label is status: 👀 ready for maintainer look.

Label justifications:

• P3: This is routine Android dependency maintenance with limited blast radius and no reported user-facing regression.
• merge-risk: 🚨 compatibility: The grouped Android Gradle, Compose, coroutine, DNS, Material, and test dependency updates can change build and runtime behavior for Android users.
• merge-risk: 🚨 other: The PR changes generated Gradle wrapper artifacts and dependency supply-chain inputs that require maintainer acceptance beyond green CI.
• rating: 🐚 platinum hermit: Overall readiness is 🐚 platinum hermit; proof is 🌊 off-meta tidepool and patch quality is 🐚 platinum hermit.
• status: 👀 ready for maintainer look: ClawSweeper has no concrete contributor-facing blocker left for this PR. Not applicable: This is a Dependabot bot dependency PR, so contributor real-behavior proof is not applicable; CI is supplemental merge evidence.

Evidence reviewed

PR surface:

Other -9. Total -9 across 5 files.

View PR surface stats

Area	Files	Added	Removed	Net
Source	0	0	0	0
Tests	0	0	0	0
Docs	0	0	0	0
Config	0	0	0	0
Generated	0	0	0	0
Other	5	20	29	-9
Total	5	20	29	-9

What I checked:

• Repository policy read: Root AGENTS.md was read fully; its dependency-touching review guidance applies, and no scoped apps/android/AGENTS.md or matching Android maintainer note was found. (AGENTS.md, 1a3ce7c2a8da)
• Current main still has older versions: The version catalog on current main still pins AGP 9.2.0, Compose BOM 2026.04.01, coroutines 1.10.2, dnsjava 3.6.4, JUnit Vintage 6.0.3, and Material 1.13.0, so this PR is not already implemented. (apps/android/gradle/libs.versions.toml:2, 1a3ce7c2a8da)
• Current main still has older Gradle wrapper: The wrapper properties on current main still point at gradle-9.4.1-bin.zip; the PR changes this to 9.5.1 and adds wrapper retry properties. (apps/android/gradle/wrapper/gradle-wrapper.properties:3, 1a3ce7c2a8da)
• Android runtime and test surface: The bumped catalog entries feed the Android app runtime, DNS discovery, coroutine use, and unit-test runtime dependencies. (apps/android/app/build.gradle.kts:174, 1a3ce7c2a8da)
• Live PR file surface: The live PR head 0b138cf9e93793659064a0bab867375626006491 changes five Android files: the version catalog, wrapper jar, wrapper properties, and both wrapper scripts. (0b138cf9e937)
• Wrapper jar provenance check: The PR's gradle-wrapper.jar SHA-256 matches the official Gradle 9.5.1 wrapper jar checksum, which reduces but does not eliminate maintainer supply-chain review for the wrapper update. (apps/android/gradle/wrapper/gradle-wrapper.jar, 0b138cf9e937)

Likely related people:

• steipete: GitHub path history shows steipete on the current Android version catalog and repeated recent Android release/build file updates. (role: recent Android area contributor; confidence: high; commits: 2276f660f323, 1878ca082085, eaebf4b89641; files: apps/android/gradle/libs.versions.toml, apps/android/app/build.gradle.kts, apps/android/gradle/wrapper/gradle-wrapper.properties)
• obviyus: GitHub path history shows obviyus authored the recent build(android): update Gradle tooling change on the Gradle wrapper path. (role: adjacent Gradle tooling contributor; confidence: medium; commits: 4c60956d8e54; files: apps/android/gradle/wrapper/gradle-wrapper.properties, apps/android/gradlew, apps/android/gradlew.bat)

What the crustacean ranks mean

• 🦀 challenger crab: rare, exceptional readiness with strong proof, clean implementation, and convincing validation.
• 🦞 diamond lobster: very strong readiness with only minor maintainer review expected.
• 🐚 platinum hermit: good normal PR, likely mergeable with ordinary maintainer review.
• 🦐 gold shrimp: useful signal, but proof or patch confidence is still limited.
• 🦪 silver shellfish: thin signal; proof, validation, or implementation needs work.
• 🧂 unranked krab: not merge-ready because proof is missing/unusable or there are serious correctness or safety concerns.
• 🌊 off-meta tidepool: rating does not apply to this item.

Shiny media proof means a screenshot, video, or linked artifact directly shows the changed behavior. Runtime, network, CSP, and security claims still need visible diagnostics.

How this review workflow works

• ClawSweeper keeps one durable marker-backed review comment per issue or PR.
• Re-runs edit this comment so the latest verdict, findings, and automation markers stay together instead of adding duplicate bot comments.
• A fresh review can be triggered by eligible @clawsweeper re-review comments, exact-item GitHub events, scheduled/background review runs, or manual workflow dispatch.
• PR/issue authors and users with repository write access can comment @clawsweeper re-review or @clawsweeper re-run on an open PR or issue to request a fresh review only.
• Maintainers can also comment @clawsweeper review to request a fresh review only.
• Fresh-review commands do not start repair, autofix, rebase, CI repair, or automerge.
• Maintainer-only repair and merge flows require explicit commands such as @clawsweeper autofix, @clawsweeper automerge, @clawsweeper fix ci, or @clawsweeper address review.
• Maintainers can comment @clawsweeper explain to ask for more context, or @clawsweeper stop to stop active automation.

[clawsweeper]

ClawSweeper PR egg: ✨ hatched 🥚 common Gilded Signal Puff. Rarity: 🥚 common. Trait: keeps receipts.

Details

Share on X: post this hatch
Copy: My PR egg hatched a 🥚 common Gilded Signal Puff in ClawSweeper.
Hatchability:

• Merged PRs are hatchable.
• Open PRs are hatchable when they are status: 👀 ready for maintainer look, status: 🚀 automerge armed, or labeled clawsweeper:automerge.
• Closed unmerged PRs are hatchable only when one of those hatchable labels is still present in the durable record.

About:

• Eggs appear after real-behavior proof passes. They are collectible flavor only.
• Review momentum changes the shell state: follow-up work warms it, re-review makes it wobble, and a clean final review lets it hatch.
• The hatch is seeded from this repository and PR number, so the same PR keeps the same creature; the reviewed head SHA can only change safe visual details.
• Rarity is just collectible sparkle: 🥚 common, 🌱 uncommon, 💎 rare, ✨ glimmer, and 🌈 legendary.