Bump the dependencies group with 7 updates #72

dependabot · 2025-09-22T09:34:24Z

Bumps the dependencies group with 7 updates:

Package	From	To
org.projectlombok:lombok	`1.18.40`	`1.18.42`
net.datafaker:datafaker	`2.4.4`	`2.5.0`
com.google.code.gson:gson	`2.13.1`	`2.13.2`
org.apache.logging.log4j:log4j-api	`2.25.1`	`2.25.2`
org.apache.logging.log4j:log4j-core	`2.25.1`	`2.25.2`
org.apache.maven.plugins:maven-compiler-plugin	`3.14.0`	`3.14.1`
org.apache.maven.plugins:maven-surefire-plugin	`3.5.3`	`3.5.4`

Updates org.projectlombok:lombok from 1.18.40 to 1.18.42

Changelog

Sourced from org.projectlombok:lombok's changelog.

v1.18.42 (September 18th, 2025)

FEATURE: All the various @Log annotations now allow you to change their access level (they still default to private). #2280. Thanks to new contributor Liam Pace!

BUGFIX: Javadoc parsing was broken in Netbeans and ErrorProne for JDK25 #3940.

Commits

2031eb0 [release] pre-release version bump for v1.18.42
c95a6c1 Merge branch 'logger-access'
71d85ca #2280 Add delivery of this 'access for logging' to the changelog.
99ba3e3 [trivial] Slightly reworded the javadoc on each @Log annotation's `access()...
e9cf11e [trivial][style]
a6d5568 [deprecation] Marked AccessLevel.MODULE as deprecated. It was written for a...
492011d Refactored to use Javac/Eclipse utility function
c1f7f66 Update copyright in logger files
f63f40a Add myself to AUTHORS
9152c34 Fix failing tests
Additional commits viewable in compare view

Updates net.datafaker:datafaker from 2.4.4 to 2.5.0

Release notes

Sourced from net.datafaker:datafaker's releases.

2.5.0

What's Changed

Updated release documentation and set autopublish while publishing to… by @bodiam in datafaker-net/datafaker#1588

Add some new titles to the Zelda game list by @yuokada in datafaker-net/datafaker#1589

Fix Singapore ID number generation by @asolntsev in datafaker-net/datafaker#1594

Removing parent, not sure if still needed. by @bodiam in datafaker-net/datafaker#1600

[build] Use jdk25-ea in CI by @snuyanzin in datafaker-net/datafaker#1601

Refactor tests extending BaseFakerTest by @asolntsev in datafaker-net/datafaker#1606

Refactor BaseFakerTest (provider list test) by @asolntsev in datafaker-net/datafaker#1607

Fix csv generate by limit by @abudevich in datafaker-net/datafaker#1615

Avoid useless NoSuchMethodRuntimeException in logs by @asolntsev in datafaker-net/datafaker#1620

Remove duplicates in "*.yml" files by @asolntsev in datafaker-net/datafaker#1608

Fix flaky test WeightedRandomSelectorTest by @asolntsev in datafaker-net/datafaker#1626

Fixed toLocalPart; Fixed tests; Fixed formatting by @rcriosbr in datafaker-net/datafaker#1624

Creates new Credential provider; Deprecated Internet provider methods by @rcriosbr in datafaker-net/datafaker#1628

Renamed Credential to Credentials by @bodiam in datafaker-net/datafaker#1630

make Brazilian ID Number accessible via faker.idNumber() by @asolntsev in datafaker-net/datafaker#1631

Removed System.out.printlns and other useless bits. by @bodiam in datafaker-net/datafaker#1632

Fix Correct typo in kpop.boy_bands key in ko.yml by @Chanwon-Seo in datafaker-net/datafaker#1635

Feat Improve Korean name data in ko.yml by @Chanwon-Seo in datafaker-net/datafaker#1636

Update CreditCard formats in Finance provider by @Fishbowler in datafaker-net/datafaker#1637

Finance Provider - update Swift IBAN data standard from v87 to v99 by @Fishbowler in datafaker-net/datafaker#1641

Add missing javadoc for the Finance provider by @Fishbowler in datafaker-net/datafaker#1640

Add Starships to the Star Trek provider by @Fishbowler in datafaker-net/datafaker#1642

Make Finance provider's UnionPay test more readable, especially on failure by @Fishbowler in datafaker-net/datafaker#1643

Make "as" message more informative in few tests by @asolntsev in datafaker-net/datafaker#1644

Less logs in tests by @asolntsev in datafaker-net/datafaker#1646

Corrected typos in ko.yml by @momoysm in datafaker-net/datafaker#1645

Add methods to generate random port within given range by @asolntsev in datafaker-net/datafaker#1651

Remove unneeded test testNoDuplications by @asolntsev in datafaker-net/datafaker#1652

Refactoring: eliminate recursive provider calls by @asolntsev in datafaker-net/datafaker#1650

New Contributors

@abudevich made their first contribution in datafaker-net/datafaker#1615

@rcriosbr made their first contribution in datafaker-net/datafaker#1624

@Chanwon-Seo made their first contribution in datafaker-net/datafaker#1635

@Fishbowler made their first contribution in datafaker-net/datafaker#1637

@momoysm made their first contribution in datafaker-net/datafaker#1645

Full Changelog: datafaker-net/datafaker@2.4.4...2.5.0

Commits

32126b1 Update all non-major dependencies (#1655)
075b24a Updated references from 2.4.5 to 2.5.0, since that most likely will become th...
2bb19f9 reformat too long line in Internet.getIpV4Address()
b5820fb slightly simplify Hearthstone
7c92031 use faker.options() to pick element from list
e4c04a9 remove calls from provider to itself
c3d5c3f Bump com.googlecode.libphonenumber:libphonenumber from 9.0.13 to 9.0.14 (#1653)
81e529f remove unneeded test testNoDuplications (#1652)
ad01d4c add methods to generate random port within given range (#1651)
e412160 Bump kotlin.version from 2.2.10 to 2.2.20
Additional commits viewable in compare view

Updates com.google.code.gson:gson from 2.13.1 to 2.13.2

Release notes

Sourced from com.google.code.gson:gson's releases.

Gson 2.13.2

The main changes in this release are just newer dependencies.

What's Changed

Improved packaging of JPMS module declaration in Gson jar
This fixes an issue where Eclipse and VS Code users could not refer to the Gson module name com.google.gson. See issue google/gson#2679.

Remove internal class GsonPreconditions by @Marcono1234 in google/gson#2879

Switch to using central-publishing-maven-plugin by @eamonnmcmanus in google/gson#2900

New Contributors

@MukjepScarlet made their first contribution in google/gson#2852

@ChrisCraik made their first contribution in google/gson#2856

Full Changelog: google/gson@gson-parent-2.13.1...gson-parent-2.13.2

Commits

686fad7 [maven-release-plugin] prepare release gson-parent-2.13.2
c2d252a Switch to using central-publishing-maven-plugin. (#2900)
69cb755 Bump the github-actions group with 5 updates (#2894)
ea552c2 Bump the maven group across 1 directory with 3 updates (#2898)
fdc616d Set top-level permissions for CodeQL workflow (#2889)
9334715 Create scorecard.yml (#2888)
f7de5c2 Bump the maven group with 8 updates (#2885)
8c23cd3 Update sources to satisfy a new Error Prone check. (#2887)
5eab3ed Bump the github-actions group with 2 updates (#2886)
5f5c200 Bump the maven group across 1 directory with 10 updates (#2872)
Additional commits viewable in compare view

Updates org.apache.logging.log4j:log4j-api from 2.25.1 to 2.25.2

Updates org.apache.logging.log4j:log4j-core from 2.25.1 to 2.25.2

Updates org.apache.maven.plugins:maven-compiler-plugin from 3.14.0 to 3.14.1

Release notes

Sourced from org.apache.maven.plugins:maven-compiler-plugin's releases.

3.14.1

🚀 New features and improvements

Improve DeltaList behavior for large projects (#335) @gsmet

Allow to not use --module-version for the Java compiler (#331) @pzygielo

🐛 Bug Fixes

Add generatedSourcesPath back to the maven project (#312) @mensinda

[MCOMPILER-538] - Do not add target/generated-sources/annotations to the source roots (#191) @mensinda

📦 Dependency updates

Enforce asm version used here, to not depend on brittle transitive (#964) @olamy

Bump mavenVersion from 3.9.10 to 3.9.11 (#952) @dependabot[bot]

Bump org.apache.maven.plugins:maven-plugins from 44 to 45 (#935) @dependabot[bot]

Bump mavenVersion from 3.9.9 to 3.9.10 (#336) @dependabot[bot]

Bump org.codehaus.plexus:plexus-java from 1.4.0 to 1.5.0 (#324) @dependabot[bot]

Bump org.apache.maven.plugins:maven-plugins from 43 to 44 (#316) @dependabot[bot]

Commits

0df6940 [maven-release-plugin] prepare release maven-compiler-plugin-3.14.1
1bf9e5a Enforce asm version used here, to not depend on brittle transitive (#964)
f5161c4 Bump mavenVersion from 3.9.10 to 3.9.11 (#952)
63846f1 Improve DeltaList behavior for large projects (#335)
ab3f845 Bump org.apache.maven.plugins:maven-plugins from 44 to 45
164bad4 Allow to not use --module-version for the Java compiler
0b76ccd Bump mavenVersion from 3.9.9 to 3.9.10
5dbc9c3 Bump org.codehaus.plexus:plexus-java from 1.4.0 to 1.5.0
17949d1 Bump org.apache.maven.plugins:maven-plugins from 43 to 44 (#316)
d44d1be Add generatedSourcesPath back to the maven project
Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-surefire-plugin from 3.5.3 to 3.5.4

Release notes

Sourced from org.apache.maven.plugins:maven-surefire-plugin's releases.

3.5.4

🚀 New features and improvements

Name the shutdown hook (#3170) @cstamas

Implement fail-fast behavior for JUnit Platform provider (#3155) @marcphilipp

Create a single LauncherSession for invocations of JUnitPlatformProvider (#863) @marcphilipp

🐛 Bug Fixes

[SUREFIRE-2298] - fix xml output with junit 5 nested classes (fix integration with Cucumber and Archunit) (#828) @olamy

👻 Maintenance

feat: enable prevent branch protection rules (#3168) @sparsick

Get rid of plexus-annotations (#3163) @olamy

Remove maven-changes-plugin (#861) @sparsick

Enable GitHub Issues (#831) @Bukama

📦 Dependency updates

Bump org.htmlunit:htmlunit from 4.15.0 to 4.16.0 (#3173) @dependabot[bot]

Bump org.codehaus.plexus:plexus-i18n from 1.0-beta-10 to 1.0.0 (#3172) @dependabot[bot]

Bump org.htmlunit:htmlunit from 4.13.0 to 4.15.0 (#3171) @dependabot[bot]

Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 (#3167) @dependabot[bot]

Bump org.apache.commons:commons-compress from 1.27.1 to 1.28.0 (#3165) @dependabot[bot]

Bump commons-io:commons-io from 2.19.0 to 2.20.0 (#3161) @dependabot[bot]

Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 (#3158) @dependabot[bot]

Bump org.htmlunit:htmlunit from 4.12.0 to 4.13.0 (#856) @dependabot[bot]

Bump org.xmlunit:xmlunit-core from 2.10.2 to 2.10.3 (#860) @dependabot[bot]

Bump commons-beanutils:commons-beanutils from 1.7.0 to 1.11.0 in /surefire-its/src/test/resources/webapp (#851) @dependabot[bot]

Bump org.htmlunit:htmlunit from 4.11.1 to 4.12.0 (#844) @dependabot[bot]

Bump org.fusesource.jansi:jansi from 2.4.1 to 2.4.2 (#836) @dependabot[bot]

Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#833) @dependabot[bot]

Bump org.codehaus.plexus:plexus-interpolation from 1.27 to 1.28 (#829) @dependabot[bot]

Bump org.codehaus.plexus:plexus-java from 1.4.0 to 1.5.0 (#830) @dependabot[bot]

Bump jacocoVersion from 0.8.12 to 0.8.13 (#827) @dependabot[bot]

Commits

88513d8 [maven-release-plugin] prepare release surefire-3.5.4
9c48828 Simplify cuncumber IT configuration and make windows build working again (#3174)
74b2d8c Bump org.htmlunit:htmlunit from 4.15.0 to 4.16.0 (#3173)
6c30bf1 [SUREFIRE-2298] fix xml output with junit 5 nested classes (#828)
9f49866 Bump org.codehaus.plexus:plexus-i18n from 1.0-beta-10 to 1.0.0 (#3172)
fb96954 Bump org.htmlunit:htmlunit from 4.13.0 to 4.15.0 (#3171)
1e63159 Name the shutdown hook (#3170)
76e806a feat: enable prevent branch protection rules (#3168)
0fbfb27 Implement fail-fast behavior for JUnit Platform provider (#3155)
98d081e Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 (#3167)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the dependencies group with 7 updates: | Package | From | To | | --- | --- | --- | | [org.projectlombok:lombok](https://github.com/projectlombok/lombok) | `1.18.40` | `1.18.42` | | [net.datafaker:datafaker](https://github.com/datafaker-net/datafaker) | `2.4.4` | `2.5.0` | | [com.google.code.gson:gson](https://github.com/google/gson) | `2.13.1` | `2.13.2` | | org.apache.logging.log4j:log4j-api | `2.25.1` | `2.25.2` | | org.apache.logging.log4j:log4j-core | `2.25.1` | `2.25.2` | | [org.apache.maven.plugins:maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) | `3.14.0` | `3.14.1` | | [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.5.3` | `3.5.4` | Updates `org.projectlombok:lombok` from 1.18.40 to 1.18.42 - [Changelog](https://github.com/projectlombok/lombok/blob/master/doc/changelog.markdown) - [Commits](projectlombok/lombok@v1.18.40...v1.18.42) Updates `net.datafaker:datafaker` from 2.4.4 to 2.5.0 - [Release notes](https://github.com/datafaker-net/datafaker/releases) - [Changelog](https://github.com/datafaker-net/datafaker/blob/main/RELEASE_PROCESS.md) - [Commits](datafaker-net/datafaker@2.4.4...2.5.0) Updates `com.google.code.gson:gson` from 2.13.1 to 2.13.2 - [Release notes](https://github.com/google/gson/releases) - [Changelog](https://github.com/google/gson/blob/main/CHANGELOG.md) - [Commits](google/gson@gson-parent-2.13.1...gson-parent-2.13.2) Updates `org.apache.logging.log4j:log4j-api` from 2.25.1 to 2.25.2 Updates `org.apache.logging.log4j:log4j-core` from 2.25.1 to 2.25.2 Updates `org.apache.maven.plugins:maven-compiler-plugin` from 3.14.0 to 3.14.1 - [Release notes](https://github.com/apache/maven-compiler-plugin/releases) - [Commits](apache/maven-compiler-plugin@maven-compiler-plugin-3.14.0...maven-compiler-plugin-3.14.1) Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.5.3 to 3.5.4 - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](apache/maven-surefire@surefire-3.5.3...surefire-3.5.4) --- updated-dependencies: - dependency-name: org.projectlombok:lombok dependency-version: 1.18.42 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: net.datafaker:datafaker dependency-version: 2.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: com.google.code.gson:gson dependency-version: 2.13.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.apache.logging.log4j:log4j-api dependency-version: 2.25.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.apache.logging.log4j:log4j-core dependency-version: 2.25.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.apache.maven.plugins:maven-compiler-plugin dependency-version: 3.14.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-version: 3.5.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Sep 22, 2025

mfaisalkhatri merged commit 9042d10 into main Sep 22, 2025
1 check failed

mfaisalkhatri deleted the dependabot/maven/main/dependencies-059932db97 branch September 22, 2025 09:43

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the dependencies group with 7 updates #72

Bump the dependencies group with 7 updates #72

Uh oh!

dependabot bot commented on behalf of github Sep 22, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Bump the dependencies group with 7 updates #72

Bump the dependencies group with 7 updates #72

Uh oh!

Conversation

dependabot bot commented on behalf of github Sep 22, 2025

v1.18.42 (September 18th, 2025)

2.5.0

What's Changed

New Contributors

Gson 2.13.2

What's Changed

New Contributors

3.14.1

🚀 New features and improvements

🐛 Bug Fixes

📦 Dependency updates

3.5.4

🚀 New features and improvements

🐛 Bug Fixes

👻 Maintenance

📦 Dependency updates

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants