From aee5abece4b91e7d34aaa466d1bdc862a9371e41 Mon Sep 17 00:00:00 2001
From: Guillermo Mazzola <gmazzo65@gmail.com>
Date: Wed, 20 Aug 2025 10:00:45 +0200
Subject: [PATCH 1/4] Updated `dependabot`'s docs to add `Gradle Wrapper`

---
 data/reusables/dependabot/supported-package-managers.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/data/reusables/dependabot/supported-package-managers.md b/data/reusables/dependabot/supported-package-managers.md
index 4ff7b8f9ae32..7ab22f3b67f9 100644
--- a/data/reusables/dependabot/supported-package-managers.md
+++ b/data/reusables/dependabot/supported-package-managers.md
@@ -122,6 +122,7 @@ For more information about using {% data variables.product.prodname_dependabot_v
 
 {% data variables.product.prodname_dependabot %} doesn't run Gradle but supports updates to the following files:
 * `build.gradle`, `build.gradle.kts` (for Kotlin projects)
+* `gradle/wrapper/gradle-wrapper.properties` (for Gradle wrapper)
 * `gradle/libs.versions.toml` (for projects using a standard Gradle version catalog)
 * `gradle.lockfile` (for projects using Gradle dependency locking)
 * Files included via the `apply` declaration that have `dependencies` in the filename. Note that `apply` does not support `apply to`, recursion, or advanced syntaxes (for example, Kotlin's `apply` with `mapOf`, filenames defined by property).

From 9bd0c80b29d2fb53857adbc33ea69cada2193bb1 Mon Sep 17 00:00:00 2001
From: kbukum1 <kbukum1@github.com>
Date: Fri, 16 Jan 2026 16:26:33 -0600
Subject: [PATCH 2/4] Update Gradle wrapper description in documentation

Clarified the terminology for the Gradle wrapper in the documentation.
---
 data/reusables/dependabot/supported-package-managers.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/data/reusables/dependabot/supported-package-managers.md b/data/reusables/dependabot/supported-package-managers.md
index 7ab22f3b67f9..a7df5867df6b 100644
--- a/data/reusables/dependabot/supported-package-managers.md
+++ b/data/reusables/dependabot/supported-package-managers.md
@@ -122,7 +122,7 @@ For more information about using {% data variables.product.prodname_dependabot_v
 
 {% data variables.product.prodname_dependabot %} doesn't run Gradle but supports updates to the following files:
 * `build.gradle`, `build.gradle.kts` (for Kotlin projects)
-* `gradle/wrapper/gradle-wrapper.properties` (for Gradle wrapper)
+* `gradle/wrapper/gradle-wrapper.properties` (for the Gradle Wrapper)
 * `gradle/libs.versions.toml` (for projects using a standard Gradle version catalog)
 * `gradle.lockfile` (for projects using Gradle dependency locking)
 * Files included via the `apply` declaration that have `dependencies` in the filename. Note that `apply` does not support `apply to`, recursion, or advanced syntaxes (for example, Kotlin's `apply` with `mapOf`, filenames defined by property).

From 9675fd8a2a7c68bb29377793d2eb55ed3bf81328 Mon Sep 17 00:00:00 2001
From: Yeikel Santana <email@yeikel.com>
Date: Wed, 28 Jan 2026 04:40:13 -0500
Subject: [PATCH 3/4] Explain the dependency name for the Gradle Wrapper (#1)

* Updated `dependabot`'s docs to add `Gradle Wrapper`

* Explain the dependency name for the Gradle Wrapper

* Reword

---------

Co-authored-by: Guillermo Mazzola <gmazzo65@gmail.com>
---
 data/reusables/dependabot/supported-package-managers.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/data/reusables/dependabot/supported-package-managers.md b/data/reusables/dependabot/supported-package-managers.md
index a7df5867df6b..56c957b363ad 100644
--- a/data/reusables/dependabot/supported-package-managers.md
+++ b/data/reusables/dependabot/supported-package-managers.md
@@ -122,7 +122,7 @@ For more information about using {% data variables.product.prodname_dependabot_v
 
 {% data variables.product.prodname_dependabot %} doesn't run Gradle but supports updates to the following files:
 * `build.gradle`, `build.gradle.kts` (for Kotlin projects)
-* `gradle/wrapper/gradle-wrapper.properties` (for the Gradle Wrapper)
+* `gradle/wrapper/gradle-wrapper.properties` (for Gradle wrapper)
 * `gradle/libs.versions.toml` (for projects using a standard Gradle version catalog)
 * `gradle.lockfile` (for projects using Gradle dependency locking)
 * Files included via the `apply` declaration that have `dependencies` in the filename. Note that `apply` does not support `apply to`, recursion, or advanced syntaxes (for example, Kotlin's `apply` with `mapOf`, filenames defined by property).
@@ -134,6 +134,7 @@ For {% data variables.product.prodname_dependabot_security_updates %}, Gradle su
 > [!NOTE]
 > * When you upload Gradle dependencies to the dependency graph using the {% data variables.dependency-submission-api.name %}, all project dependencies are uploaded, even transitive dependencies that aren't explicitly mentioned in any dependency file. When an alert is detected in a transitive dependency, {% data variables.product.prodname_dependabot %} isn't able to find the vulnerable dependency in the repository, and therefore won't create a security update for that alert.
 > * {% data variables.product.prodname_dependabot_version_updates %} will, however, create pull requests when the parent dependency is explicitly declared as a direct dependency in the project's manifest file.
+> * When updating the Gradle Wrapper, {% data variables.product.prodname_dependabot %} uses `gradle-wrapper` for the dependency name.
 
 ### Helm Charts
 

From c68dbb5f001f63bc8cdf068b45d07f9e9579163b Mon Sep 17 00:00:00 2001
From: Yeikel Santana <email@yeikel.com>
Date: Wed, 28 Jan 2026 04:40:47 -0500
Subject: [PATCH 4/4] Document that Gradle runs when updating the Gradle
 Wrapper (#2)

* Updated `dependabot`'s docs to add `Gradle Wrapper`

* Document that Gradle runs when updating the Gradle Wrapper

* Remove empty line

---------

Co-authored-by: Guillermo Mazzola <gmazzo65@gmail.com>
---
 data/reusables/dependabot/supported-package-managers.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/data/reusables/dependabot/supported-package-managers.md b/data/reusables/dependabot/supported-package-managers.md
index 56c957b363ad..b42a51a7ea49 100644
--- a/data/reusables/dependabot/supported-package-managers.md
+++ b/data/reusables/dependabot/supported-package-managers.md
@@ -127,6 +127,12 @@ For more information about using {% data variables.product.prodname_dependabot_v
 * `gradle.lockfile` (for projects using Gradle dependency locking)
 * Files included via the `apply` declaration that have `dependencies` in the filename. Note that `apply` does not support `apply to`, recursion, or advanced syntaxes (for example, Kotlin's `apply` with `mapOf`, filenames defined by property).
 
+{% data variables.product.prodname_dependabot %} runs Gradle to update the Gradle Wrapper: 
+* `gradle/wrapper/gradle-wrapper.properties`
+* `gradlew`
+* `gradlew.bat`
+* `gradle/wrapper/gradle-wrapper.jar`
+
 {% data variables.product.prodname_dependabot %} uses information from the `pom.xml` file of dependencies to add links to release information in update pull requests. If the information is omitted from the `pom.xml` file, then it cannot be included in {% data variables.product.prodname_dependabot %} pull requests, see [AUTOTITLE](/code-security/dependabot/ecosystems-supported-by-dependabot/optimizing-java-packages-dependabot).
 
 For {% data variables.product.prodname_dependabot_security_updates %}, Gradle support is limited to manual uploads of the dependency graph data using the {% data variables.dependency-submission-api.name %}. For more information about the {% data variables.dependency-submission-api.name %}, see [AUTOTITLE](/code-security/supply-chain-security/understanding-your-software-supply-chain/using-the-dependency-submission-api).