Bump com.squareup.wire:wire-runtime from 3.7.1 to 6.3.0

[dependabot]

Bumps com.squareup.wire:wire-runtime from 3.7.1 to 6.3.0.

Changelog

Sourced from com.squareup.wire:wire-runtime's changelog.

Version 6.3.0

2026-05-13

Common

• Security: Reject negative lengths when skipping groups, so crafted protobuf payloads throw ProtocolException instead of unchecked runtime exceptions (#3597, [GHSA-7xpr-hc2w-34m9][GHSA-7xpr-hc2w-34m9], reported by [TrekLaps][TrekLaps])

Version 7.0.0-alpha02

2026-05-11

Kotlin

• ⚠ Breaking: CamelCase for generated oneof's as sealed classes (#3592)

Version 7.0.0-alpha01

2026-05-06

Common

• ⚠ Breaking: Correctly merge singular embedded message fields when the same field appears multiple times on the wire (#3538) Previously, the last value would have won.
• Fix parsing of trailing comments on Windows (#2908)
• Avoid mixed path separators in Location (#3576)

Gradle plugin

• ⚠ Breaking: Gradle plugin now requires Gradle 8.2+.

• ⚠ Breaking: Expose Wire extension and output configuration as Gradle Property, ListProperty, and MapProperty values so the DSL can use provider-backed configuration (#3570, #3582 by [Stephen Edwards][steve-the-edwards]) In Kotlin DSL, migrate provider-backed output and custom target assignments to set(...).

  // Before.
  wire {
    protoLibrary = true
  kotlin {
  out = "$buildDir/generated/wire"
  }

... (truncated)

Commits

• 86cffed Prepare for release 6.3.0.
• 28594a1 Merge pull request #3597 from square/bquenaudon.2026-05-13.patchforwire6
• 47d5b0d Add negative-length check in skipGroup
• 49cbae3 Prepare for release 6.2.0.
• d8f58b7 Merge pull request #3536 from jhansche/fix-null-option-values
• 14628e1 Prepare next development version.
• 2316d46 Prepare for release 6.1.0.
• fafd987 Merge pull request #3554 from square/bquenaudon.2026-03-23.parsing
• 8d73b78 Read quoted string when expecting an import
• 5eea608 Merge pull request #3551 from square/renovate/com.gradle.plugin-publish-2.x
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.