From 184bb82aaa0755844d9572fa7b0cf4df1afc07ea Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 17 Nov 2025 23:47:20 +0000
Subject: [PATCH] build(deps): bump com.google.zxing:core from 3.5.3 to 3.5.4
(#4925)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps [com.google.zxing:core](https://github.com/zxing/zxing) from 3.5.3
to 3.5.4.
Release notes
Sourced from com.google.zxing:core's
releases.
ZXing 3.5.4
What's Changed
Full Changelog: https://github.com/zxing/zxing/compare/zxing-3.5.3...zxing-3.5.4
Commits
f651b0a
[maven-release-plugin] prepare release zxing-3.5.46d66bd9
Restore 3.5.4-SNAPSHOTc65c550
[maven-release-plugin] prepare release zxing-3.5.400ff3cb
Add new Sonatype repo4a16098
[maven-release-plugin] rollback the release of zxing-3.5.47c58665
[maven-release-plugin] prepare for next development iterationb36e149
[maven-release-plugin] prepare release zxing-3.5.48536950
[maven-release-plugin] rollback the release of zxing-3.5.41fe940f
[maven-release-plugin] prepare release zxing-3.5.46cf1062
Manually update secondary packages to 3.5.4. parent- Additional commits viewable in compare
view
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
app/core/build.gradle | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/app/core/build.gradle b/app/core/build.gradle
index a9134e488..ed57554ef 100644
--- a/app/core/build.gradle
+++ b/app/core/build.gradle
@@ -59,7 +59,7 @@ dependencies {
implementation "org.bouncycastle:bcprov-jdk18on:$bouncycastleVersion"
implementation "org.bouncycastle:bcpkix-jdk18on:$bouncycastleVersion"
implementation 'io.micrometer:micrometer-core:1.16.0'
- implementation 'com.google.zxing:core:3.5.3'
+ implementation 'com.google.zxing:core:3.5.4'
implementation "org.commonmark:commonmark:$commonmarkVersion" // https://mvnrepository.com/artifact/org.commonmark/commonmark
implementation "org.commonmark:commonmark-ext-gfm-tables:$commonmarkVersion"