Update Samples dependencies

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Type	Update	Change	Age	Confidence
gradle (source)		patch	8.14.3 → 8.14.4
ch.qos.logback:logback-classic (source, changelog)	dependencies	patch	1.5.20 → 1.5.31
io.grpc:grpc-netty	dependencies	minor	1.76.0 → 1.79.0
org.jetbrains.kotlinx:kotlinx-serialization-core	dependencies	minor	1.9.0 → 1.10.0
org.jetbrains.kotlinx:kotlinx-serialization-json	dependencies	minor	1.9.0 → 1.10.0
io.ktor.plugin	plugin	minor	3.3.1 → 3.4.0
io.ktor:ktor-client-js	dependencies	minor	3.3.1 → 3.4.0
io.ktor:ktor-client-cio	dependencies	minor	3.3.1 → 3.4.0
io.ktor:ktor-client-websockets	dependencies	minor	3.3.1 → 3.4.0
io.ktor:ktor-client-core	dependencies	minor	3.3.1 → 3.4.0
io.ktor:ktor-server-test-host	dependencies	minor	3.3.1 → 3.4.0
io.ktor:ktor-server-host-common-jvm	dependencies	minor	3.3.1 → 3.4.0
io.ktor:ktor-server-websockets-jvm	dependencies	minor	3.3.1 → 3.4.0
io.ktor:ktor-server-cors-jvm	dependencies	minor	3.3.1 → 3.4.0
io.ktor:ktor-server-netty-jvm	dependencies	minor	3.3.1 → 3.4.0
io.ktor:ktor-server-core-jvm	dependencies	minor	3.3.1 → 3.4.0
io.ktor:ktor-serialization-kotlinx-json	dependencies	minor	3.3.1 → 3.4.0
io.ktor:ktor-client-serialization	dependencies	minor	3.3.1 → 3.4.0
io.ktor:ktor-client-content-negotiation	dependencies	minor	3.3.1 → 3.4.0
io.ktor:ktor-client-okhttp	dependencies	minor	3.3.1 → 3.4.0
io.ktor:ktor-client-websockets-js	dependencies	minor	3.3.1 → 3.4.0
io.ktor:ktor-server-cio	dependencies	minor	3.3.1 → 3.4.0
org.jetbrains.compose	plugin	minor	1.9.1 → 1.10.1
androidx.compose.ui:ui-tooling-preview (source)	dependencies	minor	1.9.4 → 1.10.3
androidx.compose.ui:ui-tooling (source)	dependencies	minor	1.9.4 → 1.10.3
androidx.compose:compose-bom	dependencies	minor	2025.10.01 → 2025.12.01
org.jetbrains.kotlinx.rpc.plugin	plugin	patch	0.10.0-grpc-127 → 0.10.2
androidx.compose.foundation:foundation (source)	dependencies	minor	1.9.4 → 1.10.3
androidx.compose.ui:ui-test-junit4 (source)	dependencies	minor	1.9.4 → 1.10.3
androidx.compose.ui:ui-test-manifest (source)	dependencies	minor	1.9.4 → 1.10.3
androidx.compose.ui:ui-graphics (source)	dependencies	minor	1.9.4 → 1.10.3
androidx.compose.ui:ui (source)	dependencies	minor	1.9.4 → 1.10.3
androidx.activity:activity-compose (source)	dependencies	minor	1.11.0 → 1.12.4
org.jetbrains.kotlin-wrappers:kotlin-wrappers-bom	dependencies	minor	2025.10.12 → 2025.12.12
com.android.library (source)	plugin	patch	8.13.0 → 8.13.2
com.android.application (source)	plugin	patch	8.13.0 → 8.13.2

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

gradle/gradle (gradle)

v8.14.4

Compare Source

grpc/grpc-java (io.grpc:grpc-netty)

v1.79.0

v1.78.0

Bug Fixes

• core: Fix shutdown failing accepted RPCs during channel startup (02e98a8). This fixes a race where RPCs could fail with "UNAVAILABLE: Channel shutdown invoked" even though they were created before channel.shutdown()
• okhttp: Fix race condition overwriting MAX_CONCURRENT_STREAMS (#​12548) (8d49dc1)
• binder: Stop leaking this from BinderServerTransport's ctor (#​12453) (89d77e0)
• rls: Avoid missed config update from reentrancy (55ae1d0). This fixes a regression since 1.75.0 triggered by CdsLb being converted to XdsDepManager. Without this fix, a second channel to the same target may hang when starting, causing DEADLINE_EXCEEDED, and unhang when the control plane delivers an update (e.g., endpoint address update)

Improvements

• xds: gRFC A88 - Changes to XdsClient Watcher APIs (#​12446) (f385add). We now have improved xDS error handling and this provides a clearer mechanism for the xDS server to report per-resource errors to the client, resulting in better error messages for debugging and faster detection of non-existent resources. This also improves the handling of all xDS-related data errors and the behavior of the xDS resource timer.
• rls: Control plane channel monitor state and back off handling (#​12460) (26c1c13). Resets RLS request backoff timers when the Control plane channel state transitions to READY. Also when the backoff timer expires, instead of making a RLS request immediately, it just causes a picker update to allow making rpc again to the RLS target.
• core: simplify DnsNameResolver.resolveAddresses() (4843256)
• netty: Run handshakeCompleteRunnable in success cases (283f103)
• api,netty: Add custom header support for HTTP CONNECT proxy (bbc0aa3)
• binder: Pre-factor out the guts of the BinderClientTransport handshake. (9313e87)
• compiler: Add RISC-V 64-bit architecture support to compiler build configuration (725ab22)
• core: Release lock before closing shared resource (cb73f21). Shared resources are internal to gRPC for sharing expensive objects across channels and servers, like threads. This reduces the chances of forming a deadlock, like seen with s2a in d50098f
• Upgrade gson to 2.12.1 (6dab2ce)
• Upgrade dependencies (f36defa). proto-google-common-protos to 2.63.1, google-auth-library to 1.40.0, error-prone annotations to 2.44.0, guava to 33.5.0-android, opentelemetry to 1.56.0
• compiler: Update maximum supported protobuf edition to EDITION_2024 (2f64092)
• binder: Introduce server authorization strategy v2 (d971072). Adds support for android:isolatedProcess Services and moves all security checks to the handshake, making subsequent transactions more efficient.

New Features

• compiler: Upgrade to C++ protobuf 33.1 (#​12534) (58ae5f8).
• util: Add gRFC A68 random subsetting LB (48a4288). The policy uses the name random_subsetting_experimental. If it is working for you, tell us so we can gauge marking it stable. While the xDS portions haven’t yet landed, it is possible to use with xDS with JSON-style Structs as supported by gRFC A52
• xds: Support for System Root Certs (#​12499) (51611ba). Most service mesh workloads use mTLS, as described in gRFC A29. However, there are cases where it is useful for applications to use normal TLS rather than using certificates for workload identity, such as when a mesh wants to move some workloads behind a reverse proxy. The xDS CertificateValidationContext message (see envoyproxy/envoy#34235) has a system_root_certs field. In the gRPC client, if this field is present and the ca_certificate_provider_instance field is unset, system root certificates will be used for validation. This implements gRFC A82.
• xds: Support for GCP Authentication Filter (#​12499) (51611ba). In service mesh environments, there are cases where intermediate proxies make it impossible to rely on mTLS for end-to-end authentication. These cases can be addressed instead by the use of service account identity JWT tokens. The xDS GCP Authentication filter provides a mechanism for attaching such JWT tokens as gRPC call credentials on GCP. gRPC already supports a framework for xDS HTTP filters, as described in gRFC A39. This release supports the GCP Authentication filter under this framework as described in gRFC A83.
• xds: Support for xDS-based authority rewriting (#​12499) (51611ba). gRPC supports getting routing configuration from an xDS server, as described in gRFCs A27 and A28. The xDS configuration can configure the client to rewrite the authority header on requests. This functionality can be useful in cases where the server is using the authority header to make decisions about how to process the request, such as when multiple hosts are handled via a reverse proxy. Note that this feature is solely about rewriting the authority header on data plane RPCs; it does not affect the authority used in the TLS handshake.
  As mentioned in gRFC A29, there are use-cases for gRPC that prohibit trusting the xDS server to control security-centric configuration. The authority rewriting feature falls under the same umbrella as mTLS configuration. As a result, the authority rewriting feature will only be enabled when the bootstrap config for the xDS server has trusted_xds_server in the server_features field.
• xds: xDS based SNI setting and SAN validation (#​12378) (0567531). When using xDS credentials make SNI for the Tls handshake to be configured via xDS, rather than use the channel authority as the SNI, and make SAN validation to be able to use the SNI sent when so instructed via xDS. Implements gRFC A101.

Documentation

• api: Document gRFC A18 TCP_USER_TIMEOUT handling for keepalive (da70387)
• core: Fix AbstractClientStream Javadoc (28a6130)
• examples: Document how to preserve META-INF/services in uber jars (97695d5)

Thanks to

• @​panchenko
• @​Dayuxiaoshui
• @​becomeStar
• @​kssumin
• @​marcindabrowski
• @​MariusVolkhart
• @​Zgoda91
• @​devalkone

v1.77.1

Bug Fixes

• rls: Avoid missed config update from reentrancy (#​12549). This fixes a regression since 1.75.0 triggered by CdsLb being converted to XdsDepManager. Without this fix, a second channel to the same target may hang when starting, causing DEADLINE_EXCEEDED, and unhang when the control plane delivers an update (e.g., endpoint address update)

v1.77.0

API Changes

• binder: Remove experimental BinderChannelBuilder.bindAsUser() method, deprecated since 1.69 (#​12401) (f96ce06)

Bug Fixes

• api: Fix name resolver bridge listener handling for address resolution errors for custom name resolvers (#​12441) (acbbf86). This fixes regression introduced in v1.68.1 causing a “IllegalStateException: No value present.” exception
• core: Fix NullPointerException during address update with Happy Eyeballs (5e8af56). This should not impact many people as the code is disabled by default, behind two experimental environment variables
• okhttp: Fix bidirectional keep-alive causing spurious GOAWAY (6fc3fd0). This fixes the grpc-okhttp server incorrectly closing the connection with GOAWAY: too_many_pings
• xds: SslContext updates handling when using system root certs (#​12340) (63fdaac). Since FileWatcherCertificateProvider isn't used when using system root trust store, the SslContext update for the handshake that depended on it wasn't happening. This fix creates a separate CertificateProvider for handling system root certs that doesn't rely on the FileWatcherCertificateProvider.
• xds: Make cluster selection interceptor run before other filters (#​12381) (82f9b8e). This is needed when there is GcpAuthenticationFilter in the filter chain to make available the cluster resource in CallOptions.
• xds: Handle wildcards in DNS SAN exact matching (#​12345) (5b876cc)
• android: Fix UdsChannelBuilder with WiFi Proxy (349a35a)
• binder: Avoid potential deadlock when canceling AsyncSecurityPolicy futures (#​12283) (4725ced)
• binder: Fix a BinderServerTransport crash in the rare shutdown-before-start case (#​12440) (91f3f4d)

Improvements

• Improve status messages by including causal error details in config parsing errors for outlier detection and xds’s wrr locality policies (86e8b56)
• xds: Detect negative ref count for xds client (21696cd). A negative reference count could cause NullPointerExceptions, so when too many unrefs are detected it produces a SEVERE warning and prevents the reference count from going negative
• xds: Support deprecated xDS TLS fields for Istio compat (#​12435) (53cd1a2). This fixes a regression with Istio introduced in v1.73.0. This gives time for Istio’s new xDS field support to roll out
• googleapis: Allow wrapping NameResolver to inject XdsClient (#​12450) (27d1508). This allows googleapis to inject an xDS bootstrap to use with its channels even if one is already specified in the environment variable or system property. When the code was originally written there was a single global XdsClient, but since gRFC A71 Xds Fallback each target string has its own XdsClient and thus can have its own bootstrap
• alts: Allow overriding metadata server address with env variable (9ac12ef) (498f717)
• binder: Let the server know when the client fails to authorize it. (#​12445) (599a0a1) This avoids the server needing to wait for the handshake timeout before realizing the handshake failed

New Features

• opentelemetry: Implement otel retry metrics from gRFC A96 (#​12064) (d380191)
• opentelemetry: propagate baggage to server metrics for custom attributes (#​12389) (155308d)
• xds: Allow EC Keys in SPIFFE Bundle Map parsing (#​12399) (559e3ba)
• xds: Enable authority rewriting (gRFC A81), system root cert support (gRFC A82), GCP authentication filter (gRFC A83), and SNI (gRFC A101) (#​12499) (246c2b1). Authority rewriting requires the control plane to be labeled trusted_xds_server in the bootstrap. System root cert support and SNI require using XdsChannelCredentials
• rls: Add route lookup reason to request whether it is due to a cache miss or stale cache entry (#​12442) (795ce02)

Dependencies

• compiler: C++ protobuf used by codegen upgraded to 26.1 (#​12330) (55aefd5)
• alts: Remove dep on grpclb (b769f96). ALTS is no longer used with grpclb, so this removes dead code
• Upgrade netty to 4.1.127.Final (b37ee67)

Thanks to

@​panchenko
@​benjaminp
@​HyunSangHan
@​becomeStar
@​ZachChuba
@​oliviamariacodes
@​kssumin
@​laz-canva

v1.76.3

Dependencies

• Downgrade OpenTelemetry to 1.51.0 to make it easier for people dealing with the OkHttp 4.x → 5.x upgrade of some OpenTelemetry modules (354d8b4). gRPC is not using the impacted OpenTelemetry modules. Users are still free to upgrade to newer versions of OpenTelemetry of their choosing.

v1.76.2

Bug Fixes

• rls: Avoid missed config update from reentrancy (#​12550). This fixes a regression since 1.75.0 triggered by CdsLb being converted to XdsDepManager. Without this fix, a second channel to the same target may hang when starting, causing DEADLINE_EXCEEDED, and unhang when the control plane delivers an update (e.g., endpoint address update)

v1.76.1

Bug Fixes

• core: Fix NullPointerException during address update with Happy Eyeballs (5e8af56). This should not impact many people as the code is disabled by default, behind two experimental environment variables

Kotlin/kotlinx.serialization (org.jetbrains.kotlinx:kotlinx-serialization-core)

v1.10.0

==================

This release is based on Kotlin 2.3.0 and contains all of the changes from 1.10.0-RC.
The only additional change is a fix for ProtoBuf packing of Kotlin unsigned types (#​3079).
Big thanks to KosmX for contributing the fix.

For your convenience, the changelog for 1.10.0-RC is duplicated below:

Stabilization of APIs

kotlinx-serialization 1.10 and subsequent releases will be focused on stabilization of existing APIs.
The following APIs and configuration options are no longer experimental because they're widely used without any known major issues:

• Json configuration options: decodeEnumsCaseInsensitive, allowTrailingComma, allowComments, and prettyPrintIndent. (#​3100)
• @EncodeDefault annotation and its modes. (#​3106)
• JsonUnquotedLiteral constructor function (#​2900)
• JsonPrimitive constructor function overloads that accept unsigned types. (#​3117)
• JSON DSL functions on JsonElement with Nothing? overloads. (#​3117)

Readiness for return value checker

Kotlin 2.3.0 introduces a new feature aimed
at helping you to catch bugs related to the accidentally ignored return value of the function.
kotlinx-serialization 1.10.0-RC code is fully marked for this feature, meaning that you
can get warnings for unused function calls like Json.encodeToString(...).
To get the warnings, the feature has to be enabled in your project as described here.

Polymorphism improvements

Polymorphic serialization received a couple of improvements in this release:

New subclassesOfSealed utility to automatically register sealed subclasses serializers in polymorphic modules (#​2201).
Use it in your SerializersModule when configuring a polymorphic hierarchy which contains both abstract and sealed classes.
For example, when root of your hierarchy is an interface, but most of your inheritors are sealed classes.
The new function will register all known sealed subclasses for you, so you don’t need to list them one by one.
This makes writing your SerializerModules much faster and simpler.
Big thanks to Paul de Vrieze for contributing this feature.

Class discriminator conflict check rework (#​3105).
If a payload already contains a property with the same name as the configured discriminator (for example, type),
it is called a class discriminator conflict.
To produce a correct output and allow more inputs to be deserialized at the same time, the following changes were made:

• Conflicts introduced by JsonNamingStrategy transformations are now detected during serialization as well and will cause SerializationException.
  It also affects non-polymorphic classes.
• Conflicts from ClassDisciminatorMode.ALL_JSON_OBJECTS and SerializersModuleBuilder.polymorphicDefaultSerializer are also detected.
• It is allowed to deserialize such a conflicting key for both sealed and open polymorphic hierarchies.
  Previously, it was possible in the sealed hierarchies alone due to missing assertion. See #​1664 for details.

General improvements

• Add .serialName to MissingFieldException for clearer diagnostics. (#​3114)
• Generate unique Automatic-Module-Name entries for metadata JARs. (#​3109)
• Revised ProGuard rules and added R8 tests. (#​3041)
• CBOR: Improved error message when a byte string/array type mismatch is encountered. (#​3052)

Bugfixes

• Fix the type in the BIGNUM_NEGATIVE tag name. (#​3090)
• CBOR: Fix various bugs in the decoder implementation to be more strict and consistent with the specification.

ktorio/ktor (io.ktor:ktor-client-js)

v3.4.0

Published 22 January 2026

Features

• KTOR-8316 Support OpenAPI specification for the Ktor Client and Server Application
  • KTOR-9085 Read OpenAPI security details from authentication plugin
  • KTOR-8993 Use runtime-generated spec for OpenAPI / Swagger plugins
  • KTOR-9086 Read OpenAPI default content type information from ContentNegotiation plugin
  • KTOR-8859 Routing documentation compiler plugin
  • KTOR-8936 Routing documentation runtime API
  • KTOR-9087 Generate JSON schema for type references when using Jackson and Gson
• KTOR-7075 Zstd support
• KTOR-9209 Support Jackson 3
• KTOR-9198 Auth/Bearer: Make BearerAuthProvider detect disguised Bearer scheme
• KTOR-8927 Support for respondResource
• KTOR-9162 Auth API key plugin
• KTOR-7882 Support HTTP QUERY method
• KTOR-8195 Partial HTML response
• KTOR-8985 EngineMain: Support reading trust store settings from the configuration
• KTOR-9066 Add duplex streaming for OkHttpClient
• KTOR-8180 Auth: Provide control over tokens to user code
• KTOR-8273 iOS native interop for WebRTC client
• KTOR-8956 DI: Allow file configuration
• KTOR-9157 Support SIGINT on web and SIGTERM on Native

Improvements

• KTOR-8890 Rename target jsAndWasmShared to web
• KTOR-9242 Upgrade to Kotlin 2.3
• KTOR-9243 Update libcurl to 8.18.0
• KTOR-9014 Deprecate DarwinLegacy engine
• KTOR-8931 Test iOS target of the WebRTC Client in Ktor-Chat
• KTOR-9199 Make HttpHeaders strings const
• KTOR-9208 Expose plusIsSpace in parseUrlEncodedParameters
• KTOR-2404 Ktor Oauth2 feature sends 401 response when the client secret is invalid
• KTOR-9097 Java: Use HTTP/2 by default
• KTOR-8740 HTMX: Missing DSL for some attributes
• KTOR-9171 Redesign ByteReadChannel.readUTF8Line API
• KTOR-4219 Make readUTF8LineTo return number of read symbols instead of boolean
• KTOR-6761 Apache5: Simplify configuration of ConnectionManager
• KTOR-9037 Multipart/form-data: Make formData's block inline
• KTOR-9126 Missing function ByteReadChannel.readTo(sink: RawSink, byteCount: Long)
• KTOR-9026 Introduce/reuse interfaces for logging selectors
• KTOR-6766 Deprecate Apache 4 engine
• KTOR-8642 Excessive memory allocations while writing bytes into write channel of TCP/IP socket
• KTOR-9137 ByteReadChannel.readUTF8Line is inefficient for long lines
• KTOR-8657 Remove kotlinx-datetime from ktor-server-default-headers dependencies
• KTOR-8941 Add override DI conflict policy

Bugfixes

• KTOR-9258 headers { } block does not affect the request in defaultRequest due to function name collision with io.ktor.http.headers
• KTOR-9235 HttpCookies: Support parsing non-compilant Expires dates of Set-Cookie header
• KTOR-8945 ByteReadChannel.readUTF8Line doesn't throw TooLongLineException when the limit is reached
• KTOR-8339 Curl: caPath is not set by default in the Curl client on linuxArm64
• KTOR-9188 WebRTC. IceServer.urls should be a list.
• KTOR-9148 Logging: Body logging of multipart/form-data requests hangs when OkHttp format is on
• KTOR-9166 CORS: Excessive logs on INFO level since 3.3.3
• KTOR-9130 Missing implementation of getPluginId method error with Kotlin 2.3.0-RC
• KTOR-9147 OpenAPI: "AssertionError: Cannot add a performance measurements" leading to StackOverflowError within a multimodule project
• KTOR-2162 JettyKtorHandler executor will never grow beyond core size
• KTOR-9201 audio/x-matroska is wrongly recognized as mkv type
• KTOR-9146 Run HttpStatement.execute on the engine's dispatcher
• KTOR-6300 Native engines should use Dispatchers.IO not Dispatchers.Unconfined
• KTOR-9098 Curl: HttpResponse.version always returns HTTP_1_1
• KTOR-9100 Curl always uses HTTP/1.1
• KTOR-7162 DefaultRequest: Configuration applied twice for client created with HttpClient.config
• KTOR-9102 SSE: Java engine does not close the underlying connection when SSE session is canceled
• KTOR-9108 SSE: The handler adds Connection: Keep-Alive header, which is incompatible with HTTP/2
• KTOR-7884 Auth: The MutableList cannot be accessed since 3.0.0
• KTOR-6569 Bearer auth: Don't cache client bearer token (option)
• KTOR-4946 Auth: Bearer authentication - unable to update tokens
• KTOR-4759 Auth: BearerAuthProvider caches result of loadToken until process death
• KTOR-9129 Fix SendCountExceedException when maxRetries = Int.MAX_VALUE
• KTOR-9113 Netty HTTP2 server hangs on the plugin exception
• KTOR-9135 buildOpenApi fails with unknown serializer
• KTOR-8285 Bearer Auth: request cancellation causes refresh token invalidation
• KTOR-5241 The decodeBase64Bytes method doesn't throw an exception on illegal base64 characters
• KTOR-8912 Incorrect KDoc of ApplicationConfig.tryGetStringList
• KTOR-9079 The ktor-server-test-host module, having junit-jupiter runtime dependency, causes conflicts
• KTOR-7713 HttpCallValidatorConfig.handleResponseException() should receive a CallExceptionHandler
• KTOR-7121 testApplication: Test HTTP client does not use specified coroutine dispatcher
• KTOR-8785 DI: JobCancellationException during cleanup
• KTOR-6198 Client/WebSocket/Darwin close code and reason are incorrect
• KTOR-7824 Ktor doesn't parse multiple headers

v3.3.3

Published 26 November 2025

Improvements

• KTOR-6837 Discrepancies when parsing URL host with CIO and Darwin engines compared to the rest engines
• KTOR-9050 Logging: SimpleLogger should be an object, not a class
• KTOR-9094 Jetty Client: Support HTTP/2 over cleartext (h2c)
• KTOR-9120 OpenAPI gen: missing operationId for KDoc fields
• KTOR-3019 Improve logging for CORS plugin

Bugfixes

• KTOR-8671 Netty: RejectedExecutionException during shutdown on MacOS when dev mode is enabled
• KTOR-9096 Darwin: New SSE handlers stop responding after canceling few SSE sessions
• KTOR-9125 Double ResponseSent invocation when exception is thrown after respond
• KTOR-8878 OpenAPI: StackOverflowError when a response object has property with @​Contextual serializer
• KTOR-8947 Java, ContentEncoding: IllegalHeaderNameException is thrown for ":status" pseudo header with HTTP/2
• KTOR-9092 NettyHttp2Handler throws IllegalArgumentException: 'ktor.ApplicationCall' is already in use
• KTOR-8924 Curl: Client sends both Transfer-Encoding and Content-Length headers for DELETE requests with body
• KTOR-8838 Exception handling issue in client cache

v3.3.2

Published 5 November 2025

Improvements

• WebRTC Client. Remove redundant targets (KTOR-9062)
• Add Socks proxy support to Darwin engine (KTOR-8968)
• Java: Improve error message when SOCKS proxy is used (KTOR-2908)

Bugfixes

• HttpRequestRetry: SendCountExceedException when max retries is more than maxSendCount of HttpSend (KTOR-5850)
• Darwin: The maxFrameSize option has no effect (KTOR-6963)
• OpenAPI: StackOverflowError when a response object has property with @​Contextual serializer (KTOR-8878)
• OpenAPI gen: missing KDoc fields (KTOR-9021)
• Server call.request.path() returns routing selectors in path (KTOR-7639)
• StaticContent doesn't allow siblings (KTOR-9012)
• HttpCache: FileStorage doesn't use given dispatcher for all file operations (KTOR-8832)
• Curl: SOCKS proxy doesn't work (KTOR-9008)
• Netty: java.lang.VerifyError is thrown on Android since 3.3.0 (KTOR-8916)
• Response body channel is canceled while the body is being saved when having HttpRequestRetry and onDownload (KTOR-8975)
• HttpCache: InvalidCacheStateException when varyKeys stored in files contain uppercase letters since 3.3.0 (KTOR-8970)

JetBrains/compose-jb (org.jetbrains.compose)

v1.10.1

Changes since 1.10.0

Fixes

Multiple Platforms

• Improved the deprecation message for compose.materialIconsExtended to explain that the artifact is pinned to version 1.7.3 and suggest migration to Material Symbols #​5521

iOS

• Fix possible text styles cache corruption (text color is sometimes randomly black) #​2630
• Fix an issue where fonts and icons may become corrupted #​2693
• Fix an issue where the first frame may not be rendered on Compose container appearance #​2692
• Fix the crash that may occur when the Compose container disposes #​2691

Web

• Fix Ctrl/Cmd + C (copy) event handling for the selected text wrapped in SelectionContainer #​2701
• Fix mouse wheel scrolling on web by accounting for screen density #​2725

Resources

• Fixes an issue where web resources failed to load when calling the Cache Storage API with unsupported protocols (e.g., vscode-webview: in VS Code webviews) #​5518

Components

Gradle plugin

org.jetbrains.compose version 1.10.1

Libraries

Library group	Coordinates	Based on Jetpack
Runtime	org.jetbrains.compose.runtime:runtime*:1.10.1	Runtime 1.10.2
UI	org.jetbrains.compose.ui:ui*:1.10.1	UI 1.10.2
Foundation	org.jetbrains.compose.foundation:foundation*:1.10.1	Foundation 1.10.2
Material	org.jetbrains.compose.material:material*:1.10.1	Material 1.10.2
Material3	org.jetbrains.compose.material3:material3*:1.10.0-alpha05	Material3 1.5.0-alpha08
Material3 Adaptive	org.jetbrains.compose.material3.adaptive:adaptive*:1.3.0-alpha02	Material3 Adaptive 1.3.0-alpha03
Lifecycle	org.jetbrains.androidx.lifecycle:lifecycle-*:2.10.0-alpha06	Lifecycle 2.10.0
Navigation	org.jetbrains.androidx.navigation:navigation-*:2.9.2	Navigation 2.9.7
Navigation3	org.jetbrains.androidx.navigation3:navigation3-*:1.0.0-alpha06	Navigation3 1.0.0
Navigation Event	org.jetbrains.androidx.navigationevent:navigationevent-compose:1.0.1	Navigation Event 1.0.2
Savedstate	org.jetbrains.androidx.savedstate:savedstate*:1.4.0	Savedstate 1.4.0
WindowManager Core	org.jetbrains.androidx.window:window-core:1.5.1	WindowManager 1.5.1

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.