Changes for new release, 2.6.1.0

Author: kwwall

pom.xml

@@ -3,7 +3,7 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>org.owasp.esapi</groupId>
     <artifactId>esapi</artifactId>
-    <version>2.7.0.0-SNAPSHOT</version>
+    <version>2.6.1.0</version>
     <packaging>jar</packaging>
 
     <distributionManagement>
@@ -132,16 +132,16 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
         <version.jmh>1.37</version.jmh>
         <version.findsecbugs>2.0.0-M3</version.findsecbugs>
-        <version.fluido>2.0.0-M11</version.fluido>  <!-- 2.0.0 fails on 'mvn site', but this works. -->
+        <version.fluido>2.0.0-M11</version.fluido>  <!-- Version 2.1.0 is available, but fails with this min Maven. -->
         <version.powermock>2.0.9</version.powermock>
-        <version.spotbugs>4.8.6</version.spotbugs>
-        <version.spotbugs.maven>4.8.6.6</version.spotbugs.maven>
-        <version.surefire>3.5.2</version.surefire>
+        <version.spotbugs>4.9.3</version.spotbugs>
+        <version.spotbugs.maven>4.9.3.0</version.spotbugs.maven>
+        <version.surefire>3.5.3</version.surefire>
         <project.java.target>1.8</project.java.target>
             <!-- TODO: Be sure to update. Should be date of previous official release -->
             <!-- Exact date in the form 'yyyy-dd-yy 00:00:00' should be used. You can find the previous release date -->
             <!-- in the previous release notes file under the 'documentation/' directory. -->
-        <date.prev_release>2024-10-08 00:00:00</date.prev_release>
+        <date.prev_release>2024-11-25 00:00:00</date.prev_release>
     </properties>
 
     <dependencies>
@@ -408,7 +408,7 @@
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
                     <artifactId>maven-dependency-plugin</artifactId>
-                    <version>3.8.0</version>
+                    <version>3.8.1</version>
                 </plugin>
                 <plugin>
                     <groupId>org.apache.maven.plugins</groupId>
@@ -418,7 +418,7 @@
                 <plugin>
                      <groupId>org.codehaus.mojo</groupId>
                      <artifactId>versions-maven-plugin</artifactId>
-                     <version>2.17.1</version>
+                     <version>2.18.0</version>
                      <configuration>
                          <rulesUri>file:${project.basedir}/versionRuleset.xml</rulesUri>
                      </configuration>
@@ -431,7 +431,7 @@
             <plugin>
                 <groupId>org.cyclonedx</groupId>
                 <artifactId>cyclonedx-maven-plugin</artifactId>
-                <version>2.8.2</version>
+                <version>2.9.1</version>
                 <executions>
                   <execution>
                     <phase>package</phase>
@@ -467,19 +467,24 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-changelog-plugin</artifactId>
-                <version>2.3</version>
+                    <!-- 3.0.0-M1 is a "milestone" release, which is generally
+                         to an alpha or beta release. Normally we would avoid
+                         those, but generating a changelog is not an essential
+                         task, so we're fine with this.
+                    -->
+                <version>3.0.0-M1</version>
             </plugin>
 
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-clean-plugin</artifactId>
-                <version>3.4.0</version>
+                <version>3.4.1</version>
             </plugin>
 
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-compiler-plugin</artifactId>
-                <version>3.13.0</version>
+                <version>3.14.0</version>
                 <configuration>
                     <source>${project.java.target}</source>
                     <target>${project.java.target}</target>
@@ -513,7 +518,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-deploy-plugin</artifactId>
-                <version>3.1.3</version>
+                <version>3.1.4</version>
             </plugin>
 
             <plugin>
@@ -533,7 +538,7 @@
                   <dependency>
                     <groupId>org.codehaus.mojo</groupId>
                     <artifactId>extra-enforcer-rules</artifactId>
-                    <version>1.9.0</version>
+                    <version>1.10.0</version>
                   </dependency>
                   <dependency>
                     <groupId>org.codehaus.mojo</groupId>
@@ -615,7 +620,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-install-plugin</artifactId>
-                <version>3.1.3</version>
+                <version>3.1.4</version>
             </plugin>
 
             <plugin>
@@ -635,7 +640,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-javadoc-plugin</artifactId>
-               <version>3.10.1</version>
+                <version>3.11.2</version>
                <configuration>
                  <source>8</source>
                  <doclint>none</doclint>
@@ -653,19 +658,19 @@
             <plugin>
               <groupId>org.apache.maven.plugins</groupId>
               <artifactId>maven-jxr-plugin</artifactId>
-              <version>3.5.0</version>
+              <version>3.6.0</version>
             </plugin>
 
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-pmd-plugin</artifactId>
-                <version>3.25.0</version>
+                <version>3.26.0</version>
             </plugin>
 
             <plugin>
                <groupId>org.apache.maven.plugins</groupId>
                <artifactId>maven-project-info-reports-plugin</artifactId>
-               <version>3.7.0</version>
+               <version>3.9.0</version>
             </plugin>
 
             <plugin>
@@ -740,7 +745,7 @@
             <plugin>
                 <groupId>org.owasp</groupId>
                 <artifactId>dependency-check-maven</artifactId>
-                <!-- Version 11.x is the latest, but 10.0.4 is the latest that we can use beccause 11.x has a breaking
+                <!-- Version 12.x is the latest, but 10.0.4 is the latest that we can use beccause 11.x has a breaking
                      change that requires Java 11 or later and our mimimal JDK is Java 8.
                 -->
                 <version>10.0.4</version>
@@ -776,7 +781,7 @@
                     <issueLinkUrl>https://github.com/ESAPI/esapi-java-legacy/issues/%ISSUE%</issueLinkUrl>
                     <type>date</type>
                     <dates>
-                        <!-- TODO: Be sure to update. Should be date of previous official release -->
+                        <!-- TODO: Be sure to update. Should be date of 10revious official release -->
                         <!-- Exact date should be in previous release notes file under 'documentation/' directory. -->
                         <date>${date.prev_release}</date>
                     </dates>