Update instrumentation Gradle dependencies

[dd-octo-sts]

What Does This Do

This PR updates the Gradle dependency locks for instrumentations and their tests.

Motivation

Refresh Gradle dependencies to make sure to test latest versions of dependencies within their supported versions.

Dependency age policy

48h cooldown, reverted

Too new and no older eligible version exists, so the lockfiles were reverted to the baseline.

• ch.qos.logback:logback-core:1.5.35 is 42h away from meeting cooldown
• io.vertx:vertx-auth-common:5.1.3 is 29h away from meeting cooldown
• io.vertx:vertx-bridge-common:5.1.3 is 29h away from meeting cooldown
• io.vertx:vertx-core-logging:5.1.3 is 29h away from meeting cooldown
• io.vertx:vertx-core:5.1.3 is 29h away from meeting cooldown
• io.vertx:vertx-eventbus-bridge-common:5.1.3 is 29h away from meeting cooldown
• io.vertx:vertx-uri-template:5.1.3 is 29h away from meeting cooldown
• io.vertx:vertx-web-client:5.1.3 is 29h away from meeting cooldown
• io.vertx:vertx-web-common:5.1.3 is 29h away from meeting cooldown
• io.vertx:vertx-web:5.1.3 is 29h away from meeting cooldown
• software.amazon.awssdk:annotations:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:apache-client:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:apache5-client:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:arns:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:auth:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:aws-cbor-protocol:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:aws-core:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:aws-json-protocol:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:aws-query-protocol:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:aws-xml-protocol:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:checksums-spi:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:checksums:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:crt-core:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:dynamodb:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:endpoints-spi:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:eventbridge:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:http-auth-aws-eventstream:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:http-auth-aws:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:http-auth-spi:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:http-auth:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:http-client-spi:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:identity-spi:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:json-utils:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:kinesis:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:metrics-spi:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:netty-nio-client:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:profiles:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:protocol-core:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:regions:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:retries-spi:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:retries:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:s3:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:sdk-core:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:sfn:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:sns:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:third-party-jackson-core:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:third-party-jackson-dataformat-cbor:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:utils-lite:2.46.17 is 37h away from meeting cooldown
• software.amazon.awssdk:utils:2.46.17 is 37h away from meeting cooldown

Contributor Checklist

• Update PR title if a code change is needed to support one of those new dependencies

[datadog-prod-us1-4]

More details

All 438 changed files are Gradle lockfiles with no production code modifications — only test-classpath dependency versions bumped (re2j 1.7→1.8, Jackson 2.21→2.22, Armeria 1.39→1.40, Micrometer 1.16→1.17, Netty 4.2.13→4.2.15). No behavioral regression is possible from lockfile-only changes; any library-instrumentation incompatibility would surface as CI failures before merge.

Was this helpful? React 👍 or 👎

_{Open Bits AI session}

_{🤖 Datadog Autotest · Commit 6a8e09f · What is Autotest? · Any feedback? Reach out in #autotest}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 6a8e09fdf7

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

[chatgpt-codex-connector]

Revert too-new logback-core lock

For dependency-update PRs, .github/workflows/update-gradle-dependencies.yaml enforces a 48h dependency-age cooldown, and this commit's generated summary says ch.qos.logback:logback-core:1.5.35 is still 42h short and should have been reverted. Leaving this lock entry advances the smoke test's compileProtoPath to the ineligible version despite the policy/revert summary, so please keep the previous 1.5.34 until it is eligible.

Useful? React with 👍 / 👎.

[AlexeyKuznetsov-DD]

@sarahchen6 Please take a look, why logback was added to PR description report and to gradle.lockfile ?

[sarahchen6]

Bug found and fixed in #11714!

[AlexeyKuznetsov-DD]

/merge

[gh-worker-devflow-routing-ef8351]

View all feedbacks in Devflow UI.

2026-06-23 15:46:56 UTC ℹ️ Start processing command /merge

---

2026-06-23 15:47:03 UTC ℹ️ MergeQueue: waiting for PR to be ready

This pull request is not mergeable according to GitHub. Common reasons include pending required checks, missing approvals, or merge conflicts — but it could also be blocked by other repository rules or settings.
It will be added to the queue as soon as checks pass and/or get approvals. View in MergeQueue UI.
Note: if you pushed new commits since the last approval, you may need additional approval.
You can remove it from the waiting list with /remove command.

---

2026-06-23 16:44:19 UTC ⚠️ MergeQueue: This merge request was unqueued

alexey.kuznetsov@datadoghq.com unqueued this merge request

[dd-octo-sts]

🟢 Java Benchmark SLOs — All performance SLOs passed

Suite	Status
Startup	🟢 pass

SLO thresholds are defined here based on automatically generated metrics. A warning is raised when results are within 5% of the threshold.

PR vs. master results

Scenario	Candidate	master	Δ (95% CI of mean)
startup:insecure-bank:iast:Agent	13.95 s	13.92 s	[-0.6%; +1.0%] (no difference)
startup:insecure-bank:tracing:Agent	12.88 s	12.93 s	[-1.1%; +0.4%] (no difference)

Commit: c06ac694 · CI Pipeline · Benchmarking Platform UI

---

Load and DaCapo benchmarks can be triggered manually in the GitLab pipeline. Results will appear in the Benchmarking Platform UI after completion.

[pr-commenter]

Kafka / producer-benchmark

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	ci/update-gradle-dependencies-instrumentation-20260623
git_commit_date	1782227951	1782229070
git_commit_sha	741789f	6a8e09f

See matching parameters

	Baseline	Candidate
ci_job_date	1782230461	1782230461
ci_job_id	1796547713	1796547713
ci_pipeline_id	120540723	120540723
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
jdkVersion	11.0.25	11.0.25
jmhVersion	1.36	1.36
jvm	/usr/lib/jvm/java-11-openjdk-amd64/bin/java	/usr/lib/jvm/java-11-openjdk-amd64/bin/java
jvmArgs	-Dfile.encoding=UTF-8 -Djava.io.tmpdir=/go/src/github.com/DataDog/apm-reliability/dd-trace-java/platform/src/producer-benchmark/build/tmp/jmh -Duser.country=US -Duser.language=en -Duser.variant	-Dfile.encoding=UTF-8 -Djava.io.tmpdir=/go/src/github.com/DataDog/apm-reliability/dd-trace-java/platform/src/producer-benchmark/build/tmp/jmh -Duser.country=US -Duser.language=en -Duser.variant
vmName	OpenJDK 64-Bit Server VM	OpenJDK 64-Bit Server VM
vmVersion	11.0.25+9-post-Ubuntu-1ubuntu122.04	11.0.25+9-post-Ubuntu-1ubuntu122.04

Summary

Found 1 performance improvements and 0 performance regressions! Performance is the same for 2 metrics, 0 unstable metrics.

scenario	Δ mean throughput
scenario:only-tracing-dsm-disabled-benchmarks/KafkaProduceBenchmark.benchProduce	better [+2006.232op/s; +8173.139op/s] or [+1.180%; +4.808%]

See unchanged results

scenario	Δ mean throughput
scenario:not-instrumented/KafkaProduceBenchmark.benchProduce	same
scenario:only-tracing-dsm-enabled-benchmarks/KafkaProduceBenchmark.benchProduce	same

[pr-commenter]

Kafka / consumer-benchmark

Parameters

	Baseline	Candidate
baseline_or_candidate	baseline	candidate
git_branch	master	ci/update-gradle-dependencies-instrumentation-20260623
git_commit_date	1782227951	1782229070
git_commit_sha	741789f	6a8e09f

See matching parameters

	Baseline	Candidate
ci_job_date	1782230492	1782230492
ci_job_id	1796547718	1796547718
ci_pipeline_id	120540723	120540723
cpu_model	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz	Intel(R) Xeon(R) Platinum 8259CL CPU @ 2.50GHz
jdkVersion	11.0.25	11.0.25
jmhVersion	1.36	1.36
jvm	/usr/lib/jvm/java-11-openjdk-amd64/bin/java	/usr/lib/jvm/java-11-openjdk-amd64/bin/java
jvmArgs	-Dfile.encoding=UTF-8 -Djava.io.tmpdir=/go/src/github.com/DataDog/apm-reliability/dd-trace-java/platform/src/consumer-benchmark/build/tmp/jmh -Duser.country=US -Duser.language=en -Duser.variant	-Dfile.encoding=UTF-8 -Djava.io.tmpdir=/go/src/github.com/DataDog/apm-reliability/dd-trace-java/platform/src/consumer-benchmark/build/tmp/jmh -Duser.country=US -Duser.language=en -Duser.variant
vmName	OpenJDK 64-Bit Server VM	OpenJDK 64-Bit Server VM
vmVersion	11.0.25+9-post-Ubuntu-1ubuntu122.04	11.0.25+9-post-Ubuntu-1ubuntu122.04

Summary

Found 0 performance improvements and 0 performance regressions! Performance is the same for 3 metrics, 0 unstable metrics.

See unchanged results

scenario	Δ mean throughput
scenario:not-instrumented/KafkaConsumerBenchmark.benchConsume	unsure [-9216.572op/s; -1704.052op/s] or [-3.100%; -0.573%]
scenario:only-tracing-dsm-disabled-benchmarks/KafkaConsumerBenchmark.benchConsume	same
scenario:only-tracing-dsm-enabled-benchmarks/KafkaConsumerBenchmark.benchConsume	same

[AlexeyKuznetsov-DD]

/merge --cancel

[gh-worker-devflow-routing-ef8351]

View all feedbacks in Devflow UI.

2026-06-23 16:44:13 UTC ℹ️ Start processing command /merge --cancel

[sarahchen6]

Closing this to test workflow following #11714