Skip to content

chore(deps): bump io.appium:java-client from 9.4.0 to 10.1.1#17

Merged
jesmrec merged 1 commit into
masterfrom
dependabot/gradle/io.appium-java-client-10.1.1
Jul 13, 2026
Merged

chore(deps): bump io.appium:java-client from 9.4.0 to 10.1.1#17
jesmrec merged 1 commit into
masterfrom
dependabot/gradle/io.appium-java-client-10.1.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 21, 2026

Copy link
Copy Markdown

Bumps io.appium:java-client from 9.4.0 to 10.1.1.

Release notes

Sourced from io.appium:java-client's releases.

v10.1.1

10.1.1

  • [BUG FIX]
    • Perform additional security checks on overrideServerUrl API #2408
    • Make the library compatible to Selenium 4.44 #2410
  • [DEPENDENCY CHANGE]
    • Bump minimum Selenium version from 4.40.0 to 4.42.0 #2390

v10.1.0

10.1.0

  • [ENHANCEMENTS]
    • Add support for descendant and ancestor flutter locators #2357
  • [BUG FIX]
    • Fix ListOutputStream.close() to close all streams on failure #2392
    • Avoid using system default locale #2352
  • [REFACTOR]
    • Avoid using reflection to manage AppiumCommandExecutor state #2356
  • [DEPENDENCY CHANGE]
    • Bump minimum Selenium version from 4.35.0 to 4.40.0 #2383
    • Bump com.google.code.gson:gson from 2.13.1 to 2.13.2 #2342
    • Bump org.apache.commons:commons-lang3 from 3.18.0 to 3.20.0 #2350, #2374

v10.0.0

10.0.0

  • [DOCUMENTATION]
    • Document the migration guide from v9 to v10 #2331
    • updated maven central release badge #2316
    • updated CI badge to use ci.yml workflow #2317
  • [BREAKING CHANGE] #2327
    • Removed all deprecated methods with Selenium's Location and LocationContext (these classes have been removed in Selenium 4.35.0)
  • [ENHANCEMENTS]
    • Proxy commands issues via RemoteWebElement #2311
    • Automated Release to Maven Central Repository using JReleaser #2313
  • [BUG FIX]
    • Possible NPE in initBiDi() #2325
  • [DEPENDENCY CHANGE]
    • Bump minimum Selenium version to 4.35.0 #2327
    • Bump org.junit.jupiter:junit-jupiter from 5.13.2 to 5.13.3 #2314
    • Bump io.github.bonigarcia:webdrivermanager #2322
    • Bump com.gradleup.shadow from 8.3.7 to 8.3.8 #2315
    • Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 #2320

v.9.5.0

9.5.0

  • [ENHANCEMENTS]
    • Allow extension capability keys to contain dot characters #2271
    • Add a client for Appium server storage plugin #2275
    • Swap check for Widget and WebElement #2277

... (truncated)

Changelog

Sourced from io.appium:java-client's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

10.1.1

  • [BUG FIX]
    • Perform additional security checks on overrideServerUrl API #2408
    • Make the library compatible to Selenium 4.44 #2410
  • [DEPENDENCY CHANGE]
    • Bump minimum Selenium version from 4.40.0 to 4.42.0 #2390

10.1.0

  • [ENHANCEMENTS]
    • Add support for descendant and ancestor flutter locators #2357
  • [BUG FIX]
    • Fix ListOutputStream.close() to close all streams on failure #2392
    • Avoid using system default locale #2352
  • [REFACTOR]
    • Avoid using reflection to manage AppiumCommandExecutor state #2356
  • [DEPENDENCY CHANGE]
    • Bump minimum Selenium version from 4.35.0 to 4.40.0 #2383
    • Bump com.google.code.gson:gson from 2.13.1 to 2.13.2 #2342
    • Bump org.apache.commons:commons-lang3 from 3.18.0 to 3.20.0 #2350, #2374

10.0.0

  • [DOCUMENTATION]
    • Document the migration guide from v9 to v10 #2331
    • updated maven central release badge #2316
    • updated CI badge to use ci.yml workflow #2317
  • [BREAKING CHANGE] #2327
    • Removed all deprecated methods with Selenium's Location and LocationContext (these classes have been removed in Selenium 4.35.0)
  • [ENHANCEMENTS]
    • Proxy commands issues via RemoteWebElement #2311
    • Automated Release to Maven Central Repository using JReleaser #2313
  • [BUG FIX]
    • Possible NPE in initBiDi() #2325
  • [DEPENDENCY CHANGE]
    • Bump minimum Selenium version to 4.35.0 #2327
    • Bump org.junit.jupiter:junit-jupiter from 5.13.2 to 5.13.3 #2314
    • Bump io.github.bonigarcia:webdrivermanager #2322
    • Bump com.gradleup.shadow from 8.3.7 to 8.3.8 #2315
    • Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 #2320

9.5.0

  • [ENHANCEMENTS]
    • Allow extension capability keys to contain dot characters #2271
    • Add a client for Appium server storage plugin #2275

... (truncated)

Commits
  • 82a0e4a release: v10.1.1 (#2409)
  • bfe5cd5 fix: Make the library compatible to Selenium 4.44 (#2410)
  • 2b9cd44 fix: Perform additional security checks on overrideServerUrl API (#2408)
  • 6b7597f chore: make API changes compatible with Selenium 4.42.0 (#2390)
  • 40f0341 build(deps): Bump org.owasp.dependencycheck from 12.2.0 to 12.2.1 (#2407)
  • 29b3e9a build(deps): Bump io.github.bonigarcia:webdrivermanager (#2406)
  • aeb244d build(deps): Bump com.gradleup.shadow from 9.4.0 to 9.4.1 (#2404)
  • f6c838b build(deps): Bump gradle-wrapper from 9.4.0 to 9.4.1 (#2403)
  • 92ff52e build(deps): Bump org.projectlombok:lombok from 1.18.42 to 1.18.44 (#2401)
  • 9a36a4a build(deps): Bump com.gradleup.shadow from 9.3.2 to 9.4.0 (#2400)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [io.appium:java-client](https://github.com/appium/java-client) from 9.4.0 to 10.1.1.
- [Release notes](https://github.com/appium/java-client/releases)
- [Changelog](https://github.com/appium/java-client/blob/master/CHANGELOG.md)
- [Commits](appium/java-client@v9.4.0...v10.1.1)

---
updated-dependencies:
- dependency-name: io.appium:java-client
  dependency-version: 10.1.1
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Jun 21, 2026

@dj4oC dj4oC left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependabot gradle bump: io.appium:java-client 9.4.0→10.1.1 — a major version bump (test-only dependency, not shipped in the app APK).

Findings

Nothing blocking, one caveat for visibility: this is a major version with a documented v9→v10 migration guide (removed deprecated Selenium Location/LocationContext usages) and a Selenium floor bump to 4.42.0. compile check is green on the current head SHA, but this repo's e2e Appium test workflow doesn't run on dependency-bump PRs (only on schedule/manual), so compile-green is the only automated signal we have — it doesn't exercise actual Appium runtime behavior. No known CVE; 10.1.1 actually adds a security hardening fix to overrideServerUrl.

Verdict

Approved — Dependabot fast-lane eligible (CI green, no open human/bot questions, no known CVE). Flagging the major-version/compile-only-signal caveat for awareness, not blocking.


Generated by Claude Code

dj4oC commented Jul 9, 2026

Copy link
Copy Markdown
  • Security: no findings
  • Stability: 1 finding — see review (major-version bump, compile-only CI signal — not blocking)
  • Performance: no findings
  • Test coverage: N/A — dependency manifest bump, no new code
  • TODOs found: none
  • Dependency touched: yes — confirmed in dependabot.yml (gradle ecosystem)
  • CI status: all green
  • Stale review: no

Generated by Claude Code

@jesmrec jesmrec requested review from Copilot and jesmrec July 13, 2026 08:49
@jesmrec jesmrec merged commit 374d843 into master Jul 13, 2026
7 checks passed
@jesmrec jesmrec deleted the dependabot/gradle/io.appium-java-client-10.1.1 branch July 13, 2026 08:49

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates the Gradle version catalog to use a newer major release of Appium’s Java client library, aligning this repo’s E2E/Appium-based tests with the latest upstream fixes and Selenium compatibility range.

Changes:

  • Bump io.appium:java-client from 9.4.0 to 10.1.1 in the version catalog.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants