Bump the build-dependencies group with 6 updates

[dependabot]

Bumps the build-dependencies group with 6 updates:

Package	From	To
com.fasterxml.jackson.core:jackson-databind	2.19.2	2.20.0
com.fasterxml.jackson.core:jackson-annotations	2.19.2	2.20
com.puppycrawl.tools:checkstyle	11.0.0	11.0.1
org.apache.maven.plugins:maven-wrapper-plugin	3.3.2	3.3.3
org.sonarsource.scanner.maven:sonar-maven-plugin	5.1.0.4751	5.2.0.4988
com.gradle:common-custom-user-data-maven-extension	2.0.3	2.0.5

Updates com.fasterxml.jackson.core:jackson-databind from 2.19.2 to 2.20.0

Commits

• See full diff in compare view

Updates com.fasterxml.jackson.core:jackson-annotations from 2.19.2 to 2.20

Commits

• See full diff in compare view

Updates com.puppycrawl.tools:checkstyle from 11.0.0 to 11.0.1

Release notes

Sourced from com.puppycrawl.tools:checkstyle's releases.

checkstyle-11.0.1

Checkstyle 11.0.1 - https://checkstyle.org/releasenotes.html#Release_11.0.1

Bug fixes:

#3110 - some messages are still hardcoded in english #17563 - Google style: No proper way to check if the reason for swallowing the exception is actually appropriate #17551 - Missing violations on Unicode and Octal values of \s #17501 - Google style: Word TODO of Todo comment must be in all caps

Commits

• 93dd00f [maven-release-plugin] prepare release checkstyle-11.0.1
• 9160446 doc: release notes for 11.0.1
• 88f7085 Issue #3110: Remaining hardcoded english in DefaultLogger.java is translated ...
• 4dd7ff6 Issue #3110: Remaining hardcoded english in Checker.java is translated in mes...
• 17c6e37 supplemental: Documentation to disable LineLength Check on Text-blocks
• 1e22276 Issue #17701: update Cirrus CI configuration to use Temurin JDK instead of Op...
• 8a5fbf6 Issue #17429: Replacing JDK Back to 17 In Gradle Build to Fix CI
• af5ae24 dependency: bump actions/setup-java from 4 to 5
• f1084a7 supplemental: IT covering test methods names containing underscores
• 8f937b6 Revert "Issue #17104: migrate IDEA inpection in CI to 2025.2"
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-wrapper-plugin from 3.3.2 to 3.3.3

Release notes

Sourced from org.apache.maven.plugins:maven-wrapper-plugin's releases.

3.3.3

💥 Breaking changes

• Remove wrapper lifecycle (#357) @​slawekjaranowski

🚀 New features and improvements

• Fix Maven wrapper support for snapshot distributions (#335) @​gnodet

🐛 Bug Fixes

• [MWRAPPER-143] - The wrapperVersion property is not used in only-script mode (#145) @​bdemers
• fix: Maven wrapper relative distributionUrl does not work (fixes #272) (#107) @​danishcake
• Fix Windows Junction Link support in mvnw.cmd (#143) @​fp024
• [MWRAPPER-158] - Remove incorrect license header (#166) @​lbruun
• [MWRAPPER-161] - Improve script directory detection when using sh mvnw (#329) @​ppkarwasz
• [MWRAPPER-162] - Removed dead link was getting 404 (#167) @​montu376
• [MWRAPPER-159] - Fix shellcheck in mvnw (#168) @​slawekjaranowski
• [MWRAPPER-146] - Bad substitution on Windows if MVNW_REPOURL is set on script-only (#151) @​jahk04
• [MWRAPPER-147] - mvnw.cmd fails to launch maven if username contains space (#152) @​sebthom
• [MWRAPPER-150] - Fails to validate checksums on MacOS Sequoia (#155) @​jon-signal
• [MWRAPPER-111] - Trim whitespace when reading from properties file (#158) @​mhalbritter
• [MWRAPPER-153] - Fixed only-mvnw.cmd fails when FIPS mode is enabled on Windows hosts (#157) @​zbalkan

📝 Documentation updates

• Clarify usage of MAVEN_USER_HOME (#359) @​slawekjaranowski
• site is now /tools/wrapper (#336) @​hboutemy

👻 Maintenance

• Use invoker version from parent (#356) @​slawekjaranowski
• Refresh download page (#354) @​slawekjaranowski
• Update site descriptor to 2.0.0 (#351) @​slawekjaranowski
• Enable prevent branch protection rules (#348) @​slawekjaranowski
• Copy edit docs (#344) @​elharo
• Prefer @​Inject (#343) @​elharo
• Bump shellcheck to 0.10.0 (#333) @​slachiewicz
• Enable GitHub Issues (#169) @​slawekjaranowski
• [MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#163) @​Bukama

📦 Dependency updates

• Bump mavenVersion from 3.9.6 to 3.9.11 (#360) @dependabot[bot]
• Bump exec-maven-plugin to 3.5.1 in ITs (#355) @​slawekjaranowski
• Bump org.codehaus.mojo:mrm-maven-plugin from 1.6.0 to 1.7.0 (#350) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-archiver from 4.10.0 to 4.10.1 (#349) @dependabot[bot]
• Bump actions/checkout from 4 to 5 (#347) @dependabot[bot]
• Bump commons-io:commons-io from 2.19.0 to 2.20.0 (#339) @dependabot[bot]

... (truncated)

Commits

• e2a0c81 [maven-release-plugin] prepare release maven-wrapper-3.3.3
• 80952cd Clarify usage of MAVEN_USER_HOME
• 08e7200 Remove wrapper lifecycle
• 36886fa Support for snapshot distributions - fix (#352)
• d02d845 Use invoker version from parent
• af7671b Bump mavenVersion from 3.9.6 to 3.9.11 (#360)
• 7b39937 Bump exec-maven-plugin to 3.5.1 in ITs
• dea9bb6 Allow dependabot to track also org.apache.maven
• 54c3f85 Refresh download page
• 46f28cc Update site descriptor to 2.0.0
• Additional commits viewable in compare view

Updates org.sonarsource.scanner.maven:sonar-maven-plugin from 5.1.0.4751 to 5.2.0.4988

Release notes

Sourced from org.sonarsource.scanner.maven:sonar-maven-plugin's releases.

5.2.0.4988

Release notes - Sonar Scanner for Maven - 5.2

New Feature

SCANMAVEN-296 Include github actions folder in the scan

Task

SCANMAVEN-286 Update Slack notification in .github/workflows/slack_notify.yml

SCANMAVEN-287 Bump orchestrator to version 5.5 or greater

SCANMAVEN-294 Update sonar-scanner-java-library to 3.4.0.514

SCANMAVEN-298 Populate name in pom.xml

SCANMAVEN-299 Exclude tests from publication.

Commits

• ce7b226 SCANMAVEN-300 Ensure the automatic inclusion of ".github" in "sonar.sources" ...
• be97c55 SCANMAVEN-298 Populate name in pom.xml (#313)
• 421be1e SCANMAVEN-299 Exclude tests from publication. (#314)
• 5107268 BUILD-8875: Migrate to standardized GitHub runner names (#312)
• 45897a4 SCANMAVEN-296 Include github actions folder in the scan (#310)
• 4315ce7 SCANMAVEN-294 Update sonar-scanner-java-library to 3.4.0.514 (#309)
• 1a6dc10 BUILD-8073 Migrate public repositories workflows to large runners
• ae454f5 SCANMAVEN-287 Bump orchestrator to avoid polluting telemetry data
• e9c9c38 BUILD-7788 Migrate slack notification (#302)
• ebbab1d Prepare next development iteration (#301)
• Additional commits viewable in compare view

Updates com.gradle:common-custom-user-data-maven-extension from 2.0.3 to 2.0.5

Release notes

Sourced from com.gradle:common-custom-user-data-maven-extension's releases.

2.0.5

• [NEW] Add GitHub run attempt as custom value to precisely identify GitHub Action run

2.0.4

• [FIX] Add GitHub run number as custom value to precisely identify GitHub Action run

Commits

• 7f4841a [maven-release-plugin] prepare release v2.0.5
• 5ce40aa Update changes.md
• f82e887 Merge pull request #308 from gradle/erichaagdev/add-github-run-attempt
• 801c521 Add GitHub Run attempt as custom value
• 19367a0 Update to use version 2.0.4 of the Common Custom User Data Maven Extension
• c1c8c52 Prepare for next round of development
• 7341e1f [maven-release-plugin] prepare for next development iteration
• 0abc83d [maven-release-plugin] prepare release v2.0.4
• 538db59 Update changes.md with latest fix
• 1831207 Merge pull request #307 from jthurne/versatility/jthurne/add-github-run-number
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions