Bump the maven-dependencies group with 8 updates #41

dependabot · 2023-11-27T06:59:29Z

Bumps the maven-dependencies group with 8 updates:

Package	From	To
com.fasterxml.jackson.core:jackson-databind	`2.15.3`	`2.16.0`
com.fasterxml.jackson.core:jackson-annotations	`2.15.3`	`2.16.0`
org.junit.jupiter:junit-jupiter	`5.10.0`	`5.10.1`
org.mockito:mockito-core	`5.6.0`	`5.7.0`
org.apache.maven.plugins:maven-surefire-plugin	`3.2.1`	`3.2.2`
org.apache.maven.plugins:maven-javadoc-plugin	`3.6.0`	`3.6.2`
org.owasp:dependency-check-maven	`8.4.2`	`9.0.1`
org.codehaus.mojo:exec-maven-plugin	`3.1.0`	`3.1.1`

Updates com.fasterxml.jackson.core:jackson-databind from 2.15.3 to 2.16.0

Commits

See full diff in compare view

Updates com.fasterxml.jackson.core:jackson-annotations from 2.15.3 to 2.16.0

Commits

See full diff in compare view

Updates org.junit.jupiter:junit-jupiter from 5.10.0 to 5.10.1

Release notes

Sourced from org.junit.jupiter:junit-jupiter's releases.

JUnit 5.10.1 = Platform 1.10.1 + Jupiter 5.10.1 + Vintage 5.10.1

See Release Notes.

Full Changelog: junit-team/junit5@r5.10.0...r5.10.1

Commits

e5f50d8 Release 5.10.1
ac86d18 Fix typo in AfterAll documentation
388c5be Harmonize application of method and field filters in search algorithms
f82dd1e Apply field predicate before searching type hierarchy
1d1eb85 Polishing
5ce280e Update picocli to 4.7.5 and enable help width computation
fea05c3 Fix ConsoleLauncherTests and StandaloneTests
c556735 Use same expected files for all JDK versions
808493a Run StandaloneTests for Java 8 under Java 8
9ec5766 Unify messages about exit codes in StandaloneTests
Additional commits viewable in compare view

Updates org.mockito:mockito-core from 5.6.0 to 5.7.0

Release notes

Sourced from org.mockito:mockito-core's releases.

v5.7.0

Changelog generated by Shipkit Changelog Gradle Plugin

5.7.0

2023-11-02 - 15 commit(s) by Stefan M, Tim van der Lippe, Valery Yatsynovich, Vladimir Glinskikh, ascopes, dependabot[bot]

Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.10 to 1.9.20 [(#3166)](mockito/mockito#3166)

Bump org.jetbrains.kotlin:kotlin-stdlib from 1.9.10 to 1.9.20 [(#3165)](mockito/mockito#3165)

Attempt to detect system property mangling prior to loading ByteBuddy. [(#3164)](mockito/mockito#3164)

Handle Termux in InlineDelegateByteBuddyMockMaker.java [(#3158)](mockito/mockito#3158)

Bump versions.errorprone from 2.22.0 to 2.23.0 [(#3153)](mockito/mockito#3153)

Fix license url according to spdx license spec [(#3152)](mockito/mockito#3152)

Remove checks for unsupported Java version from unit tests [(#3150)](mockito/mockito#3150)

Add CodeCov token to upload coverage report [(#3149)](mockito/mockito#3149)

Migrate to JaCoCo 0.8.11 [(#3147)](mockito/mockito#3147)

Add Java 21 to CI build matrix [(#3145)](mockito/mockito#3145)

Feat: add generic-inferred methods for constructing ArgumentCaptors [(#3144)](mockito/mockito#3144)

Bump gradle from 8.2 to 8.4 [(#3142)](mockito/mockito#3142)

Bump com.github.ben-manes.versions from 0.48.0 to 0.49.0 [(#3139)](mockito/mockito#3139)

Bump versions.bytebuddy from 1.14.8 to 1.14.9 [(#3138)](mockito/mockito#3138)

Bump biz.aQute.bnd.builder from 6.4.0 to 7.0.0 [(#3135)](mockito/mockito#3135)

Commits

5c4e72c Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.10 to 1.9.20 (#3166)
f62fbe7 Bump org.jetbrains.kotlin:kotlin-stdlib from 1.9.10 to 1.9.20 (#3165)
f522f49 Attempt to detect system property mangling prior to loading ByteBuddy. (#3164)
a8adbf5 Handle Termux in InlineDelegateByteBuddyMockMaker.java (#3158)
1bca5b8 Bump versions.errorprone from 2.22.0 to 2.23.0 (#3153)
f5449f9 Fix license url according to spdx license spec (#3152)
73d6afc Remove checks for unsupported Java version from unit tests (#3150)
e736992 Add CodeCov token to upload coverage report (#3149)
9342e9a Add Java 21 to CI build matrix (#3145)
c574cea Update JaCoCo to 0.8.11 (#3147)
Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-surefire-plugin from 3.2.1 to 3.2.2

Release notes

Sourced from org.apache.maven.plugins:maven-surefire-plugin's releases.

3.2.2

🐛 Bug Fixes

[SUREFIRE-2205] - Use maven-plugin-report-plugin only in plugins modules (#681) @slawekjaranowski

[SUREFIRE-2206] - Downgrade plexus-xml to 3.0.0 (#675) @slawekjaranowski

📦 Dependency updates

[SUREFIRE-2208] - Bump org.codehaus.plexus:plexus-java from 1.1.2 to 1.2.0 (#682) @dependabot

[SUREFIRE-2206] - Downgrade plexus-xml to 3.0.0 (#675) @slawekjaranowski

🔧 Build

Use Maven 3.x.x and 3.6.3 on Jenkins (#674) @slawekjaranowski

Commits

2d76753 [maven-release-plugin] prepare release surefire-3.2.2
dd640bf [SUREFIRE-2208] Bump org.codehaus.plexus:plexus-java from 1.1.2 to 1.2.0 (#682)
dd2fcfd [SUREFIRE-2205] Use maven-plugin-report-plugin only in plugins modules
03c71d1 [SUREFIRE-2206] Downgrade plexus-xml to 3.0.0
c3c3c84 Use Maven 3.x.x and 3.6.3 on Jenkins
a540ef4 [SUREFIRE-2205] Mojo documentation links are broken
3a58f29 [maven-release-plugin] prepare for next development iteration
See full diff in compare view

Updates org.apache.maven.plugins:maven-javadoc-plugin from 3.6.0 to 3.6.2

Release notes

Sourced from org.apache.maven.plugins:maven-javadoc-plugin's releases.

3.6.2

🐛 Bug Fixes

[MJAVADOC-716] - Fix stale files detection failing because of the newline (#144) @gnodet

[MJAVADOC-713] - Skipping Javadoc reportset leaves empty Javadoc link i… (#246) @michael-o

[MJAVADOC-762] - don't share state between tests (#218) @elharo

[MJAVADOC-726] - exclude velocity (#243) @elharo

[MJAVADOC-726] - trivial Javadoc fixes to test state of CI (#244) @elharo

[MJAVADOC-774] - Mock repository should not change project sources (#241) @slawekjaranowski

MJAVADOC-774 create dev profile (#239) @hboutemy

Use a stable link in unit test (#240) @slawekjaranowski

📦 Dependency updates

Bump org.codehaus.mojo:mrm-maven-plugin from 1.5.0 to 1.6.0 (#247) @dependabot

[MJAVADOC-777] - Bump org.codehaus.plexus:plexus-java from 1.1.2 to 1.2.0 (#245) @dependabot

Commits

28a89f1 [maven-release-plugin] prepare release maven-javadoc-plugin-3.6.2
16ca43f [maven-release-plugin] prepare for next development iteration
88bc4a5 Align IT after MJAVADOC-716
4b881e8 Bump org.codehaus.mojo:mrm-maven-plugin from 1.5.0 to 1.6.0
45a8d29 [MJAVADOC-716] Fix stale files detection failing because of the added newline...
afb2dee [MJAVADOC-713] Skipping Javadoc reportset leaves empty Javadoc link in site
4bad23f [MJAVADOC-730] Deprecate parameter "old"
8364883 [MJAVADOC-777] Bump org.codehaus.plexus:plexus-java from 1.1.2 to 1.2.0 (#245)
6fa9c86 [MJAVADOC-762] don't share state between tests (#218)
05b12e8 [MJAVADOC-726] exclude velocity (#243)
Additional commits viewable in compare view

Updates org.owasp:dependency-check-maven from 8.4.2 to 9.0.1

Release notes

Sourced from org.owasp:dependency-check-maven's releases.

Version 9.0.1

fix: check java 8 update version; minimum JRE is 8 update 251 (#6118)

fix: add retry for failed NVD API requests (#6136)

docs: add default values to documentation for the NVD API Delay (#6135)

chore: Revert "build(deps): bump com.h2database:h2 from 2.1.214 to 2.2.224" (#6131)

this is a breaking change for anyone that successfully created the H2 database with 9.0.0.

fix: mute jcs logging (#6130)

docs: update NVD notice (#6110)

fix: Use the correct key for NVD API-Key from Maven Settings serverId (#6109)

See the full listing of changes.

Version 9.0.0

breaking changes: See the upgrade notice

feat: Utilize NVD API (#5978)

feat: gitlab dependency scanner report format #5919 (#5920)

fix: Use ASCII apostrophe for console message (#6076)

See the full listing of changes.

Version 8.4.3

fix: bump jcs3 (#6047)

docs: Corrected docs on hostedSuppressions (#6035)

See the full listing of changes.

Changelog

Sourced from org.owasp:dependency-check-maven's changelog.

Version 9.0.1 (2023-11-26)

breaking changes: See the upgrade notice

fix: check java 8 update version; minimum JRE is 8 update 251 (#6118)

fix: add retry for failed NVD API requests (#6136)

docs: add default values to documentation for the NVD API Delay (#6135)

chore: Revert "build(deps): bump com.h2database:h2 from 2.1.214 to 2.2.224" (#6131)

this is a breaking change for anyone that successfully created the H2 database with 9.0.0.

fix: mute jcs logging (#6130)

docs: update NVD notice (#6110)

fix: Use the correct key for NVD API-Key from Maven Settings serverId (#6109)

See the full listing of changes.

Version 9.0.0 (2023-11-22)

breaking changes: See the upgrade notice

feat: Utilize NVD API (#5978)

feat: gitlab dependency scanner report format #5919 (#5920)

fix: Use ASCII apostrophe for console message (#6076)

See the full listing of changes.

Version 8.4.3 (2023-11-15)

fix: bump jcs3 (#6047)

docs: Corrected docs on hostedSuppressions (#6035)

See the full listing of changes.

Commits

ff31186 build: prepare release v9.0.1
e55fe59 docs: prepare release
bf51025 fix: check java 8 update version (#6118)
5601e55 fix: add retry for failed NVD API requests (#6136)
daf8c98 docs: add default values to documentation for the NVD API Delay (#6135)
d0adc75 build(deps): bump org.apache.commons:commons-compress from 1.24.0 to 1.25.0 (...
b89273c chore: Revert "build(deps): bump com.h2database:h2 from 2.1.214 to 2.2.224" (...
5a3cef7 fix: mute jcs logging (#6130)
8706c3e fix: use fake nvd data feed for IT (#6113)
0b86bca fix: Configure nvd.api.delay default (#6112)
Additional commits viewable in compare view

Updates org.codehaus.mojo:exec-maven-plugin from 3.1.0 to 3.1.1

Release notes

Sourced from org.codehaus.mojo:exec-maven-plugin's releases.

3.1.1

🚀 New features and improvements

Remove unused killAfter options (#394) @slawekjaranowski

#391 Cope with Thread::stop being unavailable in JDK 20+ (#393) @kriegaex

Only prefix program output with thread name when running with multiple threads (#157) @hankolerd

#389 Add option 'blockSystemExit' to 'java' mojo (#390) @kriegaex

Require Maven 3.6.3+ (#385) @slachiewicz

Ensure maven.properties can be forwarded to system properties for exec:java (#346) @rmannibucau

🐛 Bug Fixes

Fix #158 - Fix non ascii character handling (#372) @jebeaudet

#323 exec arguments missing (#324) @bmarwell

📦 Dependency updates

Bump org.codehaus.plexus:plexus-utils from 3.0.16 to 3.0.24 in /src/it/projects/java_module-module+mainclass (#382) @dependabot

Bump org.codehaus.plexus:plexus-utils from 3.0.16 to 3.0.24 in /src/it/projects/java_module-mainclass (#380) @dependabot

Bump org.codehaus.plexus:plexus-utils from 3.0.16 to 3.0.24 in /src/it/projects/java_module-export (#379) @dependabot

Bump org.codehaus.plexus:plexus-utils from 3.0.16 to 3.0.24 in /src/it/projects/longModulepath with spaces (#383) @dependabot

Bump org.codehaus.plexus:plexus-utils from 3.0.16 to 3.0.24 in /src/it/projects/jigsaw (#381) @dependabot

Bump org.codehaus.plexus:plexus-utils from 3.0.16 to 3.0.24 in /src/it/mrm/java_module (#378) @dependabot

Bump org.codehaus.mojo:mojo-parent from 76 to 77 (#384) @dependabot

Require Maven 3.6.3+ (#385) @slachiewicz

Bump plexus-utils from 3.5.1 to 4.0.0 (#368) @dependabot

Bump parent from 70 to 76 (#375) @slawekjaranowski

Bump groovy from 3.0.17 to 3.0.18 (#371) @dependabot

Bump groovy from 3.0.16 to 3.0.17 (#365) @dependabot

Bump groovy from 3.0.15 to 3.0.16 (#363) @dependabot

Bump plexus-utils from 3.5.0 to 3.5.1 (#362) @dependabot

Bump groovy from 3.0.14 to 3.0.15 (#361) @dependabot

Bump groovy from 3.0.13 to 3.0.14 (#354) @dependabot

Bump mockito-core from 4.9.0 to 4.11.0 (#355) @dependabot

Bump mockito-core from 4.8.1 to 4.9.0 (#347) @dependabot

Bump groovy from 3.0.12 to 3.0.13 (#340) @dependabot

Bump plexus-utils from 3.4.2 to 3.5.0 (#343) @dependabot

Bump mockito-core from 4.7.0 to 4.8.1 (#344) @dependabot

Bump mojo-parent from 69 to 70 (#329) @dependabot

Bump mockito-core from 4.6.1 to 4.7.0 (#330) @dependabot

Bump groovy from 3.0.11 to 3.0.12 (#325) @dependabot

👻 Maintenance

Code cleanups - use newer JDK features (#396) @slawekjaranowski

Enable spotless for code formatting (#395) @slawekjaranowski

Require Maven 3.6.3+ (#385) @slachiewicz

ITs cleanups (#374) @slawekjaranowski

Use Resolver Api for dependency resolving (#349) @slawekjaranowski

... (truncated)

Commits

58be40b [maven-release-plugin] prepare release 3.1.1
285443b Use name and tag template for release-drafter from commons
2afa124 Code cleanups - use newer JDK features
5fb64ce Enable spotless for code formatting - reformat
69d648f Enable spotless for code formatting
b08fba0 Remove unused killAfter options
6fae009 #391 Cope with Thread::stop being unavailable in JDK 20+ (#393)
6fcb15b Only prefix program output with thread name when Maven is running with multip...
584c544 #389 Add option 'blockSystemExit' to 'java' mojo
c545089 Bump org.codehaus.plexus:plexus-utils
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the maven-dependencies group with 8 updates: | Package | From | To | | --- | --- | --- | | [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) | `2.15.3` | `2.16.0` | | [com.fasterxml.jackson.core:jackson-annotations](https://github.com/FasterXML/jackson) | `2.15.3` | `2.16.0` | | [org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit5) | `5.10.0` | `5.10.1` | | [org.mockito:mockito-core](https://github.com/mockito/mockito) | `5.6.0` | `5.7.0` | | [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.2.1` | `3.2.2` | | [org.apache.maven.plugins:maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) | `3.6.0` | `3.6.2` | | [org.owasp:dependency-check-maven](https://github.com/jeremylong/DependencyCheck) | `8.4.2` | `9.0.1` | | [org.codehaus.mojo:exec-maven-plugin](https://github.com/mojohaus/exec-maven-plugin) | `3.1.0` | `3.1.1` | Updates `com.fasterxml.jackson.core:jackson-databind` from 2.15.3 to 2.16.0 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `com.fasterxml.jackson.core:jackson-annotations` from 2.15.3 to 2.16.0 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `org.junit.jupiter:junit-jupiter` from 5.10.0 to 5.10.1 - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](junit-team/junit5@r5.10.0...r5.10.1) Updates `org.mockito:mockito-core` from 5.6.0 to 5.7.0 - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](mockito/mockito@v5.6.0...v5.7.0) Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.2.1 to 3.2.2 - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](apache/maven-surefire@surefire-3.2.1...surefire-3.2.2) Updates `org.apache.maven.plugins:maven-javadoc-plugin` from 3.6.0 to 3.6.2 - [Release notes](https://github.com/apache/maven-javadoc-plugin/releases) - [Commits](apache/maven-javadoc-plugin@maven-javadoc-plugin-3.6.0...maven-javadoc-plugin-3.6.2) Updates `org.owasp:dependency-check-maven` from 8.4.2 to 9.0.1 - [Release notes](https://github.com/jeremylong/DependencyCheck/releases) - [Changelog](https://github.com/jeremylong/DependencyCheck/blob/main/CHANGELOG.md) - [Commits](jeremylong/DependencyCheck@v8.4.2...v9.0.1) Updates `org.codehaus.mojo:exec-maven-plugin` from 3.1.0 to 3.1.1 - [Release notes](https://github.com/mojohaus/exec-maven-plugin/releases) - [Commits](mojohaus/exec-maven-plugin@exec-maven-plugin-3.1.0...3.1.1) --- updated-dependencies: - dependency-name: com.fasterxml.jackson.core:jackson-databind dependency-type: direct:production update-type: version-update:semver-minor dependency-group: maven-dependencies - dependency-name: com.fasterxml.jackson.core:jackson-annotations dependency-type: direct:production update-type: version-update:semver-minor dependency-group: maven-dependencies - dependency-name: org.junit.jupiter:junit-jupiter dependency-type: direct:development update-type: version-update:semver-patch dependency-group: maven-dependencies - dependency-name: org.mockito:mockito-core dependency-type: direct:development update-type: version-update:semver-minor dependency-group: maven-dependencies - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven-dependencies - dependency-name: org.apache.maven.plugins:maven-javadoc-plugin dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven-dependencies - dependency-name: org.owasp:dependency-check-maven dependency-type: direct:production update-type: version-update:semver-major dependency-group: maven-dependencies - dependency-name: org.codehaus.mojo:exec-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven-dependencies ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2023-11-28T18:04:16Z

The group that created this PR has been removed from your configuration.

dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Nov 27, 2023

dependabot bot mentioned this pull request Nov 27, 2023

Bump the maven-dependencies group with 8 updates #40

Closed

dependabot bot closed this Nov 28, 2023

dependabot bot deleted the dependabot/maven/maven-dependencies-bf99b0e970 branch November 28, 2023 18:04

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the maven-dependencies group with 8 updates #41

Bump the maven-dependencies group with 8 updates #41

dependabot bot commented on behalf of github Nov 27, 2023

dependabot bot commented on behalf of github Nov 28, 2023

Bump the maven-dependencies group with 8 updates #41

Bump the maven-dependencies group with 8 updates #41

Conversation

dependabot bot commented on behalf of github Nov 27, 2023

v5.7.0

5.7.0

3.2.2

🐛 Bug Fixes

📦 Dependency updates

🔧 Build

3.6.2

🐛 Bug Fixes

📦 Dependency updates

Version 9.0.1

Version 9.0.0

Version 8.4.3

Version 9.0.1 (2023-11-26)

Version 9.0.0 (2023-11-22)

Version 8.4.3 (2023-11-15)

3.1.1

🚀 New features and improvements

🐛 Bug Fixes

📦 Dependency updates

👻 Maintenance

dependabot bot commented on behalf of github Nov 28, 2023