Skip to content

Bump the non-breaking group across 1 directory with 27 updates #594

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: 2.x
Choose a base branch
from
Open

Bump the non-breaking group across 1 directory with 27 updates #594

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Oct 17, 2025

Bumps the non-breaking group with 27 updates in the /log4j-parent directory:

Package From To
com.fasterxml.jackson:jackson-bom 2.19.1 2.20.0
org.eclipse.angus:angus-activation 2.0.2 2.0.3
org.assertj:assertj-core 3.27.3 3.27.6
com.code-intelligence:jazzer 0.24.0 0.26.0
com.code-intelligence:jazzer-api 0.24.0 0.26.0
commons-codec:commons-codec 1.18.0 1.19.0
org.apache.commons:commons-compress 1.27.1 1.28.0
org.apache.commons:commons-csv 1.14.0 1.14.1
commons-io:commons-io 2.19.0 2.20.0
org.apache.commons:commons-lang3 3.17.0 3.19.0
com.google.guava:guava 33.4.8-jre 33.5.0-jre
com.google.guava:guava-testlib 33.4.8-jre 33.5.0-jre
jakarta.activation:jakarta.activation-api 2.1.3 2.1.4
org.eclipse.angus:jakarta.mail 2.0.3 2.0.5
jakarta.mail:jakarta.mail-api 2.1.3 2.1.5
org.jmdns:jmdns 3.6.1 3.6.2
net.java.dev.jna:jna 5.17.0 5.18.1
org.apache.kafka:kafka-clients 4.0.0 4.1.0
org.apache.maven:maven-core 3.9.10 3.9.11
org.apache.maven:maven-model 3.9.10 3.9.11
org.openjdk.nashorn:nashorn-core 15.6 15.7
org.eclipse.platform:org.eclipse.osgi 3.23.100 3.23.200
org.xmlunit:xmlunit-core 2.10.3 2.10.4
org.xmlunit:xmlunit-matchers 2.10.3 2.10.4
com.github.spotbugs:spotbugs-annotations 4.9.3 4.9.7
org.gradlex:gradle-module-metadata-maven-plugin 1.0.1 1.2
org.apache.rat:apache-rat-plugin 0.16.1 0.17

Updates com.fasterxml.jackson:jackson-bom from 2.19.1 to 2.20.0

Commits
  • 54f854b [maven-release-plugin] prepare release jackson-bom-2.20.0
  • 9cc68d4 Prep for 2.20.0
  • cbef800 Version sync for 2.20.0 release (in near future)
  • 79bc4ed Back to snapshot deps
  • 94947a0 [maven-release-plugin] prepare for next development iteration
  • 369dffe [maven-release-plugin] prepare release jackson-bom-2.20.0-rc1
  • c5caaf2 Prep for 2.20.0-rc1
  • 8ad6e0a Move to 2.20.0-rc1-SNAPSHOT
  • 500ef4d Merge branch '2.19' into 2.x
  • 274f228 Back to snapshot deps
  • Additional commits viewable in compare view

Updates org.eclipse.angus:angus-activation from 2.0.2 to 2.0.3

Commits
  • 6eff4c5 Prepare release org.eclipse.angus:angus-activation-project:2.0.3
  • bcb3375 jaf api 2.1.4 (#55)
  • 84e5a0d Rename resources so javax and jakarta can live in same classpath #174
  • c3c4d67 Merge pull request #46 from eclipse-ee4j/2.0.2-RELEASE
  • 354de40 Update README.md
  • c62baf3 Update TCK-Results.md
  • 6cda1e7 Prepare next development cycle for 2.1.0-SNAPSHOT
  • See full diff in compare view

Updates org.assertj:assertj-core from 3.27.3 to 3.27.6

Release notes

Sourced from org.assertj:assertj-core's releases.

v3.27.6

🐛 Bug Fixes

Core

  • Add missing export for org.assertj.core.annotation #3951

❤️ Contributors

Thanks to all the contributors who worked on this release:

@​duponter

v3.27.5

⚡ Improvements

Core

  • ByteBuddy in AssertJ 3.27.4 not compatible with Java 25 #3946

🔨 Dependency Upgrades

Core

  • Upgrade to Byte Buddy 1.17.7 #3947
  • Upgrade to JUnit BOM 5.13.4 #3947

Guava

  • Upgrade to Guava 33.4.8-jre #3947

v3.27.4

🚫 Deprecated

Core

  • Deprecate org.assertj.core.annotations.Beta in favor of org.assertj.core.annotation.Beta
  • Deprecate org.assertj.core.util.CanIgnoreReturnValue in favor of org.assertj.core.annotation.CanIgnoreReturnValue
  • Deprecate org.assertj.core.util.CheckReturnValue in favor of org.assertj.core.annotation.CheckReturnValue

🐛 Bug Fixes

Core

  • Fix thread-safety in AbstractDateAssert #3874

⚡ Improvements

  • Migrate to the Central Publisher Portal, enable snapshot publishing #3881

... (truncated)

Commits
  • 716b1e0 [maven-release-plugin] prepare release assertj-build-3.27.6
  • e189652 Add missing export for org.assertj.core.annotation (#3951)
  • 0cb489e Update Maven Central URL
  • 7286309 [maven-release-plugin] prepare for next development iteration
  • dd4cc1d [maven-release-plugin] prepare release assertj-build-3.27.5
  • 1d0defc Add missing permission to release workflow
  • 844d5d0 Add missing GitHub Actions pinning to CodeQL workflow
  • bdd7106 Add CodeQL custom workflow
  • a93d7e6 Remove EOL Java 24
  • 26ea866 Update production dependencies (#3947)
  • Additional commits viewable in compare view

Updates com.code-intelligence:jazzer from 0.24.0 to 0.26.0

Release notes

Sourced from com.code-intelligence:jazzer's releases.

v0.26.0

What's Changed

New Contributors

Full Changelog: CodeIntelligenceTesting/jazzer@v0.25.1...v0.26.0

v0.25.1

What's Changed

New Contributors

Full Changelog: CodeIntelligenceTesting/jazzer@v0.25.0...v0.25.1

v0.25.0

What's Changed

... (truncated)

Commits
  • 86378b7 chore: update protobuf dependencies
  • 6440ed6 chore: set -std=c++17 for macos & windows builds
  • 2852b69 chore: update runtime JDK to 21.0.8
  • d8125c4 feat: fail early if min > max in ArrayMutator
  • cb1fb37 fix: support maxSize > 1000 in map mutator
  • d88ad22 chore: add test to validate hook method descriptors
  • b5bf267 fix: method descriptor for RegexRoadblocks hook
  • 862de64 fix: correct method descriptor in path traversal sanitizer
  • 0c95927 fix: correct method descriptors in LDAP sanitizer
  • d57e869 Add Javadoc to Finite
  • Additional commits viewable in compare view

Updates com.code-intelligence:jazzer-api from 0.24.0 to 0.26.0

Release notes

Sourced from com.code-intelligence:jazzer-api's releases.

v0.26.0

What's Changed

New Contributors

Full Changelog: CodeIntelligenceTesting/jazzer@v0.25.1...v0.26.0

v0.25.1

What's Changed

New Contributors

Full Changelog: CodeIntelligenceTesting/jazzer@v0.25.0...v0.25.1

v0.25.0

What's Changed

... (truncated)

Commits
  • 86378b7 chore: update protobuf dependencies
  • 6440ed6 chore: set -std=c++17 for macos & windows builds
  • 2852b69 chore: update runtime JDK to 21.0.8
  • d8125c4 feat: fail early if min > max in ArrayMutator
  • cb1fb37 fix: support maxSize > 1000 in map mutator
  • d88ad22 chore: add test to validate hook method descriptors
  • b5bf267 fix: method descriptor for RegexRoadblocks hook
  • 862de64 fix: correct method descriptor in path traversal sanitizer
  • 0c95927 fix: correct method descriptors in LDAP sanitizer
  • d57e869 Add Javadoc to Finite
  • Additional commits viewable in compare view

Updates com.code-intelligence:jazzer-api from 0.24.0 to 0.26.0

Release notes

Sourced from com.code-intelligence:jazzer-api's releases.

v0.26.0

What's Changed

New Contributors

Full Changelog: CodeIntelligenceTesting/jazzer@v0.25.1...v0.26.0

v0.25.1

What's Changed

New Contributors

Full Changelog: CodeIntelligenceTesting/jazzer@v0.25.0...v0.25.1

v0.25.0

What's Changed

... (truncated)

Commits
  • 86378b7 chore: update protobuf dependencies
  • 6440ed6 chore: set -std=c++17 for macos & windows builds
  • 2852b69 chore: update runtime JDK to 21.0.8
  • d8125c4 feat: fail early if min > max in ArrayMutator
  • cb1fb37 fix: support maxSize > 1000 in map mutator
  • d88ad22 chore: add test to validate hook method descriptors
  • b5bf267 fix: method descriptor for RegexRoadblocks hook
  • 862de64 fix: correct method descriptor in path traversal sanitizer
  • 0c95927 fix: correct method descriptors in LDAP sanitizer
  • d57e869 Add Javadoc to Finite
  • Additional commits viewable in compare view

Updates commons-codec:commons-codec from 1.18.0 to 1.19.0

Changelog

Sourced from commons-codec:commons-codec's changelog.

Apache Commons Codec 1.19.0 Release Notes

The Apache Commons Codec team is pleased to announce the release of Apache Commons Codec 1.19.0.

The Apache Commons Codec component contains encoders and decoders for formats such as Base16, Base32, Base64, digest, and Hexadecimal. In addition to these widely used encoders and decoders, the codec package also maintains a collection of phonetic encoding utilities.

This is a feature and maintenance release. Java 8 or later is required.

New features

  •         Add HmacUtils.hmac(Path). Thanks to Gary Gregory.

  •         Add HmacUtils.hmacHex(Path). Thanks to Gary Gregory.

  •         Add PMD check to the default Maven goal. Thanks to Gary Gregory.

  •         Add SpotBugs check to the default Maven goal. Thanks to Gary Gregory.

Fixed Bugs

  •         Remove -nouses directive from maven-bundle-plugin. OSGi package imports now state 'uses' definitions for package imports, this doesn't affect JPMS (from org.apache.commons:commons-parent:80). Thanks to Gary Gregory.

  •         Refactor DigestUtils.updateDigest(MessageDigest, File) to use NIO. Thanks to Gary Gregory.
  • CODEC-328: Clarify Javadoc for org.apache.commons.codec.digest.UnixCrypt.crypt(byte[],String). Thanks to Gary Gregory.
  •         Precompile regular expressions in DaitchMokotoffSoundex.Rule. Thanks to Gary Gregory.

  •         Precompile regular expressions in DaitchMokotoffSoundex.parseRules(Scanner, String, Map, Map). Thanks to Gary Gregory.

  •         Precompile regular expressions in Lang.loadFromResource(String, Languages). Thanks to Gary Gregory.

  •         Precompile regular expressions in PhoneticEngine.encode(String, LanguageSet). Thanks to Gary Gregory.

  •         Precompile regular expressions in org.apache.commons.codec.language.bm.Rule.parse*(*). Thanks to Gary Gregory.

  •         Remove redundant checks for whitespace in DaitchMokotoffSoundex.soundex(String, boolean). Thanks to Gary Gregory.

  •         Javadoc typo in Base16.java [#380](https://github.com/apache/commons-codec/issues/380). Thanks to Sebastian Baunsgaard.

  •         Deprecate unused constant org.apache.commons.codec.language.bm.Rule.ALL. Thanks to Gary Gregory.
  • CODEC-331: org.apache.commons.codec.language.bm.Rule.parsePhonemeExpr(String) adds duplicate empty phoneme when input ends with |. Thanks to IlikeCode, Gary Gregory.
  • CODEC-331: org.apache.commons.codec.language.DaitchMokotoffSoundex.cleanup(String) does not remove special characters like punctuation. Thanks to IlikeCode, Gary Gregory.
  •         Fix PMD multiple UnnecessaryFullyQualifiedName in org.apache.commons.codec.binary.StringUtils. Thanks to Gary Gregory.

  •         Fix PMD UnusedFormalParameter in private constructor in org.apache.commons.codec.binary.Base16. Thanks to Gary Gregory.

  •         Fix PMD multiple UnnecessaryFullyQualifiedName in org.apache.commons.codec.digest.Blake3. Thanks to Gary Gregory.

  •         Fix PMD UnnecessaryFullyQualifiedName in org.apache.commons.codec.digest.Md5Crypt. Thanks to Gary Gregory.

  •         Fix PMD EmptyControlStatement in org.apache.commons.codec.language.Metaphone. Thanks to Gary Gregory.

  •         Fix SpotBugs [ERROR] Medium: org.apache.commons.codec.binary.BaseNCodec$AbstractBuilder.setEncodeTable(byte[]) may expose internal representation by storing an externally mutable object into BaseNCodec$AbstractBuilder.encodeTable [org.apache.commons.codec.binary.BaseNCodec$AbstractBuilder] At BaseNCodec.java:[line 131] EI_EXPOSE_REP2. Thanks to Gary Gregory.

  •         The method org.apache.commons.codec.binary.BaseNCodec.AbstractBuilder.setLineSeparator(byte...) now makes a defensive copy. Thanks to Gary Gregory.

  •         Avoid unnecessary String conversion in org.apache.commons.codec.language.bm.PhoneticEngine.applyFinalRules(PhonemeBuilder, Map). Thanks to Gary Gregory.

  •         Fix SpotBugs [ERROR] High: Potentially dangerous use of non-short-circuit logic in org.apache.commons.codec.language.DaitchMokotoffSoundex.cleanup(String) [org.apache.commons.codec.language.DaitchMokotoffSoundex] At DaitchMokotoffSoundex.java:[line 350] NS_DANGEROUS_NON_SHORT_CIRCUIT. Thanks to Gary Gregory.

Changes

... (truncated)

Commits
  • 351cb22 Prepare for the release candidate 1.19.0 RC1
  • 0d501b6 Prepare for the next release candidate
  • d6d4b82 Refactor duplicate code
  • 6d6456c No need to exclude abstract test classes from Surefire runs
  • 22d62e4 No need to specify the default value for linkXref
  • c4daf34 No longer need to override the version of the Jacoco Maven plugin
  • 8f2b673 Remove workaround for [SUREFIRE-2253]
  • 466a61d Fix Javadoc
  • ca27bd3 Fix Checkstyle
  • 1dfb4e5 Better internal method name
  • Additional commits viewable in compare view

Updates org.apache.commons:commons-compress from 1.27.1 to 1.28.0

Changelog

Sourced from org.apache.commons:commons-compress's changelog.

Apache Commons Compress 1.28.0 Release Notes

The Apache Commons Compress team is pleased to announce the release of Apache Commons Compress 1.28.0.

Apache Commons Compress defines an API for working with compression and archive formats. These include bzip2, gzip, pack200, LZMA, XZ, Snappy, traditional Unix Compress, DEFLATE, DEFLATE64, LZ4, Brotli, Zstandard and ar, cpio, jar, tar, zip, dump, 7z, arj.

This is a feature and maintenance release. Java 8 or later is required.

This release updates Apache Commons Lang to 3.18.0 to pick up the fix for CVE-2025-48924 (https://nvd.nist.gov/vuln/detail/CVE-2025-48924), but is not affected by it.

Changes in this version

Changes in this version include the following.

New Features

  •        Add GzipParameters.getModificationInstant(). Thanks to Gary Gregory. 

  •        Add GzipParameters.setModificationInstant(Instant). Thanks to Gary Gregory. 

  •        Add GzipParameters.OS, setOS(OS), getOS(). Thanks to Gary Gregory. 

  •        Add GzipParameters.toString(). Thanks to Gary Gregory.
  • COMPRESS-638: Add GzipParameters.setFileNameCharset(Charset) and getFileNameCharset() to override the default ISO-8859-1 Charset #602. Thanks to vincexjl, Gary Gregory, Piotr P. Karwasz.
  •        Add support for gzip extra subfields, see GzipParameters.setExtra(HeaderExtraField) [#604](https://github.com/apache/commons-compress/issues/604). Thanks to ddeschenes-1, Gary Gregory. 

  •        Add CompressFilterOutputStream and refactor to use. Thanks to Gary Gregory. 

  •        Add ZipFile.stream(). Thanks to Gary Gregory. 

  •        GzipCompressorInputStream reads the modification time (MTIME) and stores its value incorrectly multiplied by 1,000. Thanks to Danny Deschenes, Gary Gregory. 

  •        GzipCompressorInputStream writes the modification time (MTIME) the value incorrectly divided by 1,000. Thanks to Danny Deschenes, Gary Gregory. 

  •        Add optional FHCRC to GZIP header [#627](https://github.com/apache/commons-compress/issues/627). Thanks to Danny Deschenes, Gary Gregory. 

  •        Add GzipCompressorInputStream.Builder allowing to customize the file name and comment Charsets. Thanks to Gary Gregory. 

  •        Add GzipCompressorInputStream.Builder.setOnMemberStart(IOConsumer) to monitor member parsing. Thanks to Gary Gregory. 

  •        Add GzipCompressorInputStream.Builder.setOnMemberEnd(IOConsumer) to monitor member parsing. Thanks to Gary Gregory. 

  •        Add PMD check to default Maven goal. Thanks to Gary Gregory. 

  •        Add SevenZFile.Builder.setMaxMemoryLimitKiB(int). Thanks to Gary Gregory. 

  •        Add MemoryLimitException.MemoryLimitException(long, int, Throwable) and deprecate MemoryLimitException.MemoryLimitException(long, int, Exception). Thanks to Gary Gregory.
  • COMPRESS-692: Add support for zstd compression in zip archives. Thanks to Mehmet Karaman, Andrey Loskutov, Gary Gregory.
  •        Add support for XZ compression in ZIP archives. Thanks to Gary Gregory.
  • COMPRESS-695: Add ZipArchiveInputStream.createZstdInputStream(InputStream) to provide a different InputStream implementation for Zstandard (Zstd) #649. Thanks to Gary Gregory.
  •        Add org.apache.commons.compress.harmony.pack200.Pack200Exception.Pack200Exception(String, Throwable). Thanks to Gary Gregory.
  • COMPRESS-697: Move BitStream.nextBit() method to BitInputStream #663. Thanks to Fredrik Kjellberg, Gary Gregory.
  •        Add org.apache.commons.compress.compressors.lzma.LZMACompressorInputStream.builder/Builder(). Thanks to Gary Gregory. 

  •        Add org.apache.commons.compress.compressors.lzma.LZMACompressorOutputStream.builder/Builder(). Thanks to Gary Gregory. 

  •        Add org.apache.commons.compress.compressors.xz.XZCompressorInputStream.builder/Builder(). Thanks to Gary Gregory. 

  •        Add org.apache.commons.compress.compressors.xz.XZCompressorOutputStream.builder/Builder(). Thanks to Gary Gregory. 

  •        Add org.apache.commons.compress.compressors.xz.ZstdCompressorOutputStream.builder/Builder() [#666](https://github.com/apache/commons-compress/issues/666). Thanks to Gary Gregory, David Walluck, Piotr P. Karwasz. 

  •        Add org.apache.commons.compress.compressors.xz.ZstdConstants [#666](https://github.com/apache/commons-compress/issues/666). Thanks to Gary Gregory, David Walluck, Piotr P. Karwasz.

... (truncated)

Commits

Updates org.apache.commons:commons-csv from 1.14.0 to 1.14.1

Changelog

Sourced from org.apache.commons:commons-csv's changelog.

Apache Commons CSV 1.14.1 Release Notes

The Apache Commons CSV team is pleased to announce the release of Apache Commons CSV 1.14.1.

This document contains the release notes for the 1.14.1 version of Apache Commons CSV. Commons CSV reads and writes files in Comma Separated Value (CSV) format variations.

Commons CSV requires at least Java 8.

The Apache Commons CSV library provides a simple interface for reading and writing CSV files of various types.

This is a feature and maintenance release. Java 8 or later is required.

Changes in this version include:

Fixed Bugs

  • CSV-318: CSVPrinter.printRecord(Stream) hangs if given a parallel stream. Thanks to Joseph Shraibman, Gary Gregory.
  • CSV-318: CSVPrinter now uses an internal lock instead of synchronized methods. Thanks to Joseph Shraibman, Gary Gregory.
  •       org.apache.commons.csv.CSVPrinter.printRecords(ResultSet) now writes one record at a time using a lock. Thanks to Gary Gregory.

Changes

  •       Bump org.apache.commons:commons-parent from 81 to 85 [#542](https://github.com/apache/commons-csv/issues/542). Thanks to Gary Gregory, Dependabot.

  •       Bump commons-io:commons-io from 2.18.0 to 2.20.0. Thanks to Gary Gregory.

  •       Bump com.opencsv:opencsv from 5.10 to 5.11.2 [#545](https://github.com/apache/commons-csv/issues/545), [#551](https://github.com/apache/commons-csv/issues/551), [#553](https://github.com/apache/commons-csv/issues/553). Thanks to Gary Gregory, Dependabot.

  •       Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 [#556](https://github.com/apache/commons-csv/issues/556). Thanks to Gary Gregory, Dependabot.

  •       Bump commons-codec:commons-codec from 1.18.0 to 1.19.0. Thanks to Gary Gregory.

Historical list of changes: https://commons.apache.org/proper/commons-csv/changes.html

For complete information on Apache Commons CSV, including instructions on how to submit bug reports, patches, or suggestions for improvement, see the Apache Commons CSV website:

https://commons.apache.org/proper/commons-csv/

Download page: https://commons.apache.org/proper/commons-csv/download_csv.cgi

Have fun! -Apache Commons CSV team

Commits
  • e14ef86 Ignore macOS file
  • d8724bf Prepare for the release candidate 1.14.1 RC1
  • b76971c Prepare for the next release candidate
  • b66814e Merge pull request #557 from apache/dependabot/github_actions/github/codeql-a...
  • 9c95e92 Bump github/codeql-action from 3.29.2 to 3.29.4
  • 1fb3716 Bump commons-codec:commons-codec from 1.18.0 to 1.19.0
  • 7b72c50 Merge some string literals
  • 9658373 Update the GitHub pull request template for AI
  • 67192a9 Bump commons-io:commons-io from 2.19.0 to 2.20.0
  • 59164c8 Bump com.opencsv:opencsv from 5.11.1 to 5.11.2 #553
  • Additional commits viewable in compare view

Updates commons-io:commons-io from 2.19.0 to 2.20.0

Changelog

Sourced from commons-io:commons-io's changelog.

Apache Commons IO 2.20.0 Release Notes

The Apache Commons IO team is pleased to announce the release of Apache Commons IO 2.20.0.

Introduction

The Apache Commons IO library contains utility classes, stream implementations, file filters, file comparators, endian transformation classes, and much more.

Version 2.19.1: Java 8 or later is required.

New features

o IO-875: Add org.apache.commons.io.file.CountingPathVisitor.accept(Path, BasicFileAttributes) #743. Thanks to ...

Description has been truncated

@dependabot
Bump the non-breaking group across 1 directory with 27 updates
48f6236 
Bumps the non-breaking group with 27 updates in the /log4j-parent directory:

| Package | From | To |
| --- | --- | --- |
| [com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) | `2.19.1` | `2.20.0` |
| [org.eclipse.angus:angus-activation](https://github.com/eclipse-ee4j/angus-activation) | `2.0.2` | `2.0.3` |
| [org.assertj:assertj-core](https://github.com/assertj/assertj) | `3.27.3` | `3.27.6` |
| [com.code-intelligence:jazzer](https://github.com/CodeIntelligenceTesting/jazzer) | `0.24.0` | `0.26.0` |
| [com.code-intelligence:jazzer-api](https://github.com/CodeIntelligenceTesting/jazzer) | `0.24.0` | `0.26.0` |
| [commons-codec:commons-codec](https://github.com/apache/commons-codec) | `1.18.0` | `1.19.0` |
| [org.apache.commons:commons-compress](https://github.com/apache/commons-compress) | `1.27.1` | `1.28.0` |
| [org.apache.commons:commons-csv](https://github.com/apache/commons-csv) | `1.14.0` | `1.14.1` |
| [commons-io:commons-io](https://github.com/apache/commons-io) | `2.19.0` | `2.20.0` |
| org.apache.commons:commons-lang3 | `3.17.0` | `3.19.0` |
| [com.google.guava:guava](https://github.com/google/guava) | `33.4.8-jre` | `33.5.0-jre` |
| [com.google.guava:guava-testlib](https://github.com/google/guava) | `33.4.8-jre` | `33.5.0-jre` |
| [jakarta.activation:jakarta.activation-api](https://github.com/jakartaee/jaf-api) | `2.1.3` | `2.1.4` |
| org.eclipse.angus:jakarta.mail | `2.0.3` | `2.0.5` |
| [jakarta.mail:jakarta.mail-api](https://github.com/jakartaee/mail-api) | `2.1.3` | `2.1.5` |
| [org.jmdns:jmdns](https://github.com/jmdns/jmdns) | `3.6.1` | `3.6.2` |
| [net.java.dev.jna:jna](https://github.com/java-native-access/jna) | `5.17.0` | `5.18.1` |
| org.apache.kafka:kafka-clients | `4.0.0` | `4.1.0` |
| org.apache.maven:maven-core | `3.9.10` | `3.9.11` |
| org.apache.maven:maven-model | `3.9.10` | `3.9.11` |
| [org.openjdk.nashorn:nashorn-core](https://github.com/openjdk/nashorn) | `15.6` | `15.7` |
| [org.eclipse.platform:org.eclipse.osgi](https://github.com/eclipse-equinox/equinox) | `3.23.100` | `3.23.200` |
| [org.xmlunit:xmlunit-core](https://github.com/xmlunit/xmlunit) | `2.10.3` | `2.10.4` |
| [org.xmlunit:xmlunit-matchers](https://github.com/xmlunit/xmlunit) | `2.10.3` | `2.10.4` |
| [com.github.spotbugs:spotbugs-annotations](https://github.com/spotbugs/spotbugs) | `4.9.3` | `4.9.7` |
| [org.gradlex:gradle-module-metadata-maven-plugin](https://github.com/gradlex-org/gradle-module-metadata-maven-plugin) | `1.0.1` | `1.2` |
| org.apache.rat:apache-rat-plugin | `0.16.1` | `0.17` |



Updates `com.fasterxml.jackson:jackson-bom` from 2.19.1 to 2.20.0
- [Commits](FasterXML/jackson-bom@jackson-bom-2.19.1...jackson-bom-2.20.0)

Updates `org.eclipse.angus:angus-activation` from 2.0.2 to 2.0.3
- [Release notes](https://github.com/eclipse-ee4j/angus-activation/releases)
- [Commits](eclipse-ee4j/angus-activation@2.0.2...2.0.3)

Updates `org.assertj:assertj-core` from 3.27.3 to 3.27.6
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](assertj/assertj@assertj-build-3.27.3...assertj-build-3.27.6)

Updates `com.code-intelligence:jazzer` from 0.24.0 to 0.26.0
- [Release notes](https://github.com/CodeIntelligenceTesting/jazzer/releases)
- [Commits](CodeIntelligenceTesting/jazzer@v0.24.0...v0.26.0)

Updates `com.code-intelligence:jazzer-api` from 0.24.0 to 0.26.0
- [Release notes](https://github.com/CodeIntelligenceTesting/jazzer/releases)
- [Commits](CodeIntelligenceTesting/jazzer@v0.24.0...v0.26.0)

Updates `com.code-intelligence:jazzer-api` from 0.24.0 to 0.26.0
- [Release notes](https://github.com/CodeIntelligenceTesting/jazzer/releases)
- [Commits](CodeIntelligenceTesting/jazzer@v0.24.0...v0.26.0)

Updates `commons-codec:commons-codec` from 1.18.0 to 1.19.0
- [Changelog](https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt)
- [Commits](apache/commons-codec@rel/commons-codec-1.18.0...rel/commons-codec-1.19.0)

Updates `org.apache.commons:commons-compress` from 1.27.1 to 1.28.0
- [Changelog](https://github.com/apache/commons-compress/blob/master/RELEASE-NOTES.txt)
- [Commits](apache/commons-compress@rel/commons-compress-1.27.1...rel/commons-compress-1.28.0)

Updates `org.apache.commons:commons-csv` from 1.14.0 to 1.14.1
- [Changelog](https://github.com/apache/commons-csv/blob/master/RELEASE-NOTES.txt)
- [Commits](apache/commons-csv@rel/commons-csv-1.14.0...rel/commons-csv-1.14.1)

Updates `commons-io:commons-io` from 2.19.0 to 2.20.0
- [Changelog](https://github.com/apache/commons-io/blob/master/RELEASE-NOTES.txt)
- [Commits](apache/commons-io@rel/commons-io-2.19.0...rel/commons-io-2.20.0)

Updates `org.apache.commons:commons-lang3` from 3.17.0 to 3.19.0

Updates `com.google.guava:guava` from 33.4.8-jre to 33.5.0-jre
- [Release notes](https://github.com/google/guava/releases)
- [Commits](https://github.com/google/guava/commits)

Updates `com.google.guava:guava-testlib` from 33.4.8-jre to 33.5.0-jre
- [Release notes](https://github.com/google/guava/releases)
- [Commits](https://github.com/google/guava/commits)

Updates `com.google.guava:guava-testlib` from 33.4.8-jre to 33.5.0-jre
- [Release notes](https://github.com/google/guava/releases)
- [Commits](https://github.com/google/guava/commits)

Updates `jakarta.activation:jakarta.activation-api` from 2.1.3 to 2.1.4
- [Release notes](https://github.com/jakartaee/jaf-api/releases)
- [Commits](jakartaee/jaf-api@2.1.3...2.1.4)

Updates `org.eclipse.angus:jakarta.mail` from 2.0.3 to 2.0.5

Updates `jakarta.mail:jakarta.mail-api` from 2.1.3 to 2.1.5
- [Release notes](https://github.com/jakartaee/mail-api/releases)
- [Commits](jakartaee/mail-api@2.1.3...2.1.5)

Updates `org.jmdns:jmdns` from 3.6.1 to 3.6.2
- [Release notes](https://github.com/jmdns/jmdns/releases)
- [Changelog](https://github.com/jmdns/jmdns/blob/main/CHANGELOG.txt)
- [Commits](jmdns/jmdns@3.6.1...3.6.2)

Updates `net.java.dev.jna:jna` from 5.17.0 to 5.18.1
- [Changelog](https://github.com/java-native-access/jna/blob/master/CHANGES.md)
- [Commits](java-native-access/jna@5.17.0...5.18.1)

Updates `org.apache.kafka:kafka-clients` from 4.0.0 to 4.1.0

Updates `org.apache.maven:maven-core` from 3.9.10 to 3.9.11

Updates `org.apache.maven:maven-model` from 3.9.10 to 3.9.11

Updates `org.apache.maven:maven-model` from 3.9.10 to 3.9.11

Updates `org.openjdk.nashorn:nashorn-core` from 15.6 to 15.7
- [Changelog](https://github.com/openjdk/nashorn/blob/main/CHANGELOG.md)
- [Commits](openjdk/nashorn@release-15.6...release-15.7)

Updates `org.eclipse.platform:org.eclipse.osgi` from 3.23.100 to 3.23.200
- [Commits](https://github.com/eclipse-equinox/equinox/commits)

Updates `org.xmlunit:xmlunit-core` from 2.10.3 to 2.10.4
- [Release notes](https://github.com/xmlunit/xmlunit/releases)
- [Changelog](https://github.com/xmlunit/xmlunit/blob/main/RELEASE_NOTES.md)
- [Commits](xmlunit/xmlunit@v2.10.3...v2.10.4)

Updates `org.xmlunit:xmlunit-matchers` from 2.10.3 to 2.10.4
- [Release notes](https://github.com/xmlunit/xmlunit/releases)
- [Changelog](https://github.com/xmlunit/xmlunit/blob/main/RELEASE_NOTES.md)
- [Commits](xmlunit/xmlunit@v2.10.3...v2.10.4)

Updates `org.xmlunit:xmlunit-matchers` from 2.10.3 to 2.10.4
- [Release notes](https://github.com/xmlunit/xmlunit/releases)
- [Changelog](https://github.com/xmlunit/xmlunit/blob/main/RELEASE_NOTES.md)
- [Commits](xmlunit/xmlunit@v2.10.3...v2.10.4)

Updates `com.github.spotbugs:spotbugs-annotations` from 4.9.3 to 4.9.7
- [Release notes](https://github.com/spotbugs/spotbugs/releases)
- [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md)
- [Commits](spotbugs/spotbugs@4.9.3...4.9.7)

Updates `org.gradlex:gradle-module-metadata-maven-plugin` from 1.0.1 to 1.2
- [Release notes](https://github.com/gradlex-org/gradle-module-metadata-maven-plugin/releases)
- [Changelog](https://github.com/gradlex-org/gradle-module-metadata-maven-plugin/blob/main/CHANGELOG.md)
- [Commits](gradlex-org/gradle-module-metadata-maven-plugin@v1.0.1...v1.2)

Updates `org.apache.rat:apache-rat-plugin` from 0.16.1 to 0.17

---
updated-dependencies:
- dependency-name: com.fasterxml.jackson:jackson-bom
  dependency-version: 2.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-breaking
- dependency-name: org.eclipse.angus:angus-activation
  dependency-version: 2.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: non-breaking
- dependency-name: org.assertj:assertj-core
  dependency-version: 3.27.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: non-breaking
- dependency-name: com.code-intelligence:jazzer
  dependency-version: 0.26.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-breaking
- dependency-name: com.code-intelligence:jazzer-api
  dependency-version: 0.26.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-breaking
- dependency-name: com.code-intelligence:jazzer-api
  dependency-version: 0.26.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-breaking
- dependency-name: commons-codec:commons-codec
  dependency-version: 1.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-breaking
- dependency-name: org.apache.commons:commons-compress
  dependency-version: 1.28.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-breaking
- dependency-name: org.apache.commons:commons-csv
  dependency-version: 1.14.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: non-breaking
- dependency-name: commons-io:commons-io
  dependency-version: 2.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-breaking
- dependency-name: org.apache.commons:commons-lang3
  dependency-version: 3.19.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-breaking
- dependency-name: com.google.guava:guava
  dependency-version: 33.5.0-jre
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-breaking
- dependency-name: com.google.guava:guava-testlib
  dependency-version: 33.5.0-jre
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-breaking
- dependency-name: com.google.guava:guava-testlib
  dependency-version: 33.5.0-jre
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-breaking
- dependency-name: jakarta.activation:jakarta.activation-api
  dependency-version: 2.1.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: non-breaking
- dependency-name: org.eclipse.angus:jakarta.mail
  dependency-version: 2.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: non-breaking
- dependency-name: jakarta.mail:jakarta.mail-api
  dependency-version: 2.1.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: non-breaking
- dependency-name: org.jmdns:jmdns
  dependency-version: 3.6.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: non-breaking
- dependency-name: net.java.dev.jna:jna
  dependency-version: 5.18.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-breaking
- dependency-name: org.apache.kafka:kafka-clients
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-breaking
- dependency-name: org.apache.maven:maven-core
  dependency-version: 3.9.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: non-breaking
- dependency-name: org.apache.maven:maven-model
  dependency-version: 3.9.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: non-breaking
- dependency-name: org.apache.maven:maven-model
  dependency-version: 3.9.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: non-breaking
- dependency-name: org.openjdk.nashorn:nashorn-core
  dependency-version: '15.7'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-breaking
- dependency-name: org.eclipse.platform:org.eclipse.osgi
  dependency-version: 3.23.200
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: non-breaking
- dependency-name: org.xmlunit:xmlunit-core
  dependency-version: 2.10.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: non-breaking
- dependency-name: org.xmlunit:xmlunit-matchers
  dependency-version: 2.10.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: non-breaking
- dependency-name: org.xmlunit:xmlunit-matchers
  dependency-version: 2.10.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: non-breaking
- dependency-name: com.github.spotbugs:spotbugs-annotations
  dependency-version: 4.9.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: non-breaking
- dependency-name: org.gradlex:gradle-module-metadata-maven-plugin
  dependency-version: '1.2'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-breaking
- dependency-name: org.apache.rat:apache-rat-plugin
  dependency-version: '0.17'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: non-breaking
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Oct 17, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants