chore: bump the production-minor-patch group across 1 directory with 9 updates

[dependabot]

Bumps the production-minor-patch group with 9 updates in the / directory:

Package	From	To
org.slf4j:slf4j-simple	2.0.16	2.0.17
org.owasp:dependency-check-maven	12.1.1	12.1.2
org.junit.jupiter:junit-jupiter-api	5.11.3	5.13.1
org.junit.jupiter:junit-jupiter	5.11.3	5.13.1
org.assertj:assertj-core	3.26.3	3.27.3
org.slf4j:slf4j-api	2.0.16	2.0.17
org.springframework.boot:spring-boot	3.4.4	3.5.0
org.springframework:spring-core	6.2.5	6.2.7
org.springframework:spring-test	6.2.5	6.2.7

Updates org.slf4j:slf4j-simple from 2.0.16 to 2.0.17

Updates org.owasp:dependency-check-maven from 12.1.1 to 12.1.2

Release notes

Sourced from org.owasp:dependency-check-maven's releases.

Version 12.1.2

Refer to the CHANGELOG.md for information about improvements and upgrade notes.

Changelog

Sourced from org.owasp:dependency-check-maven's changelog.

Version 12.1.2 (2025-06-07)

• fix: Allow configuring OSS Index user/pw directly (#7640)
• fix: remove vulnerable transitive dependency - beanutils (#7705)
• fix: Simplify PHP framework suppression for Composer (#7693)
• fix: update CPE pattern to remove FP (#7684)
• fix(cli): Patch generated Windows shell script for JAVACMD installs with spaces (#7653)
• fix: Resolve various WCAG accessibility / css issues in the HTML report (#7629)
• fix: #7510 Display a dedicated message when receiving an HTTP 403 (#7575)
• docs: Make Vulnerability Sources in Related Work clearer (#7691)
• docs: #7610 add a reference to NVD mirroring in getting started documentation (#7611)

See the full listing of changes

Commits

• 4744206 build: prepare release v12.1.2
• 624c3ca docs: release 12.1.2
• ce126c7 build(deps-dev): bump io.netty:netty-codec-http from 4.2.1.Final to 4.2.2.Fin...
• 9c1312a Merge branch 'main' into dependabot/maven/io.netty-netty-codec-http-4.2.2.Final
• a6abd65 build(deps): bump golang from 1.24.3-alpine to 1.24.4-alpine (#7710)
• 4cde0d7 build(deps-dev): bump io.netty:netty-codec-http
• 116fdab build(deps): bump golang from 1.24.3-alpine to 1.24.4-alpine
• f551343 fix(fp): remove iicu4j FP (#7707)
• 6296163 fix(fp): remove iicu4j FP
• 0e0cd58 fix: remove vulnerable transitive dependency - beanutils (#7705)
• Additional commits viewable in compare view

Updates org.junit.jupiter:junit-jupiter-api from 5.11.3 to 5.13.1

Release notes

Sourced from org.junit.jupiter:junit-jupiter-api's releases.

JUnit 5.13.1 = Platform 1.13.1 + Jupiter 5.13.1 + Vintage 5.13.1

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.0...r5.13.1

JUnit 5.13.0 = Platform 1.13.0 + Jupiter 5.13.0 + Vintage 5.13.0

See Release Notes.

New Contributors

• @​Oyster-zx made their first contribution in junit-team/junit5#4311
• @​etrandafir93 made their first contribution in junit-team/junit5#4336
• @​hanszt made their first contribution in junit-team/junit5#3377
• @​ngocnhan-tran1996 made their first contribution in junit-team/junit5#4545

Full Changelog: junit-team/junit-framework@r5.12.2...r5.13.0

JUnit 5.13.0-RC1 = Platform 1.13.0-RC1 + Jupiter 5.13.0-RC1 + Vintage 5.13.0-RC1

See Release Notes.

New Contributors

• @​hanszt made their first contribution in junit-team/junit5#3377

Full Changelog: junit-team/junit-framework@r5.13.0-M3...r5.13.0-RC1

JUnit 5.13.0-M3 = Platform 1.13.0-M3 + Jupiter 5.13.0-M3 + Vintage 5.13.0-M3

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.0-M2...r5.13.0-M3

JUnit 5.13.0-M2 = Platform 1.13.0-M2 + Jupiter 5.13.0-M2 + Vintage 5.13.0-M2

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.0-M1...r5.13.0-M2

JUnit 5.13.0-M1 = Platform 1.13.0-M1 + Jupiter 5.13.0-M1 + Vintage 5.13.0-M1

See Release Notes.

New Contributors

• @​Oyster-zx made their first contribution in junit-team/junit5#4311
• @​etrandafir93 made their first contribution in junit-team/junit5#4336

Full Changelog: junit-team/junit-framework@r5.12.1...r5.13.0-M1

JUnit 5.12.2 = Platform 1.12.2 + Jupiter 5.12.2 + Vintage 5.12.2

... (truncated)

Commits

• b580aa9 Release 5.13.1
• 97095e9 Finalize 5.13.1 release notes
• f0747f1 Use GraphQL API to list matching milestones to avoid pagination issues
• af5e3bd Fix support pre-5.13 AnnotationBasedArgumentsProvider implementations (#4611)
• 4170597 Restore compatibility with Java 8
• a866c01 Ensure @Nested classes are executed after sibling test methods (#4603)
• 2d58467 Create initial 5.13.1 release notes from template
• 3447d71 Update supported versions
• 6a7998b Revert "Don't error on already closed milestones"
• d7c8216 Back to snapshots for further development
• Additional commits viewable in compare view

Updates org.junit.jupiter:junit-jupiter from 5.11.3 to 5.13.1

Release notes

Sourced from org.junit.jupiter:junit-jupiter's releases.

JUnit 5.13.1 = Platform 1.13.1 + Jupiter 5.13.1 + Vintage 5.13.1

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.0...r5.13.1

JUnit 5.13.0 = Platform 1.13.0 + Jupiter 5.13.0 + Vintage 5.13.0

See Release Notes.

New Contributors

• @​Oyster-zx made their first contribution in junit-team/junit5#4311
• @​etrandafir93 made their first contribution in junit-team/junit5#4336
• @​hanszt made their first contribution in junit-team/junit5#3377
• @​ngocnhan-tran1996 made their first contribution in junit-team/junit5#4545

Full Changelog: junit-team/junit-framework@r5.12.2...r5.13.0

JUnit 5.13.0-RC1 = Platform 1.13.0-RC1 + Jupiter 5.13.0-RC1 + Vintage 5.13.0-RC1

See Release Notes.

New Contributors

• @​hanszt made their first contribution in junit-team/junit5#3377

Full Changelog: junit-team/junit-framework@r5.13.0-M3...r5.13.0-RC1

JUnit 5.13.0-M3 = Platform 1.13.0-M3 + Jupiter 5.13.0-M3 + Vintage 5.13.0-M3

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.0-M2...r5.13.0-M3

JUnit 5.13.0-M2 = Platform 1.13.0-M2 + Jupiter 5.13.0-M2 + Vintage 5.13.0-M2

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.0-M1...r5.13.0-M2

JUnit 5.13.0-M1 = Platform 1.13.0-M1 + Jupiter 5.13.0-M1 + Vintage 5.13.0-M1

See Release Notes.

New Contributors

• @​Oyster-zx made their first contribution in junit-team/junit5#4311
• @​etrandafir93 made their first contribution in junit-team/junit5#4336

Full Changelog: junit-team/junit-framework@r5.12.1...r5.13.0-M1

JUnit 5.12.2 = Platform 1.12.2 + Jupiter 5.12.2 + Vintage 5.12.2

... (truncated)

Commits

• b580aa9 Release 5.13.1
• 97095e9 Finalize 5.13.1 release notes
• f0747f1 Use GraphQL API to list matching milestones to avoid pagination issues
• af5e3bd Fix support pre-5.13 AnnotationBasedArgumentsProvider implementations (#4611)
• 4170597 Restore compatibility with Java 8
• a866c01 Ensure @Nested classes are executed after sibling test methods (#4603)
• 2d58467 Create initial 5.13.1 release notes from template
• 3447d71 Update supported versions
• 6a7998b Revert "Don't error on already closed milestones"
• d7c8216 Back to snapshots for further development
• Additional commits viewable in compare view

Updates org.junit.jupiter:junit-jupiter from 5.11.3 to 5.13.1

Release notes

Sourced from org.junit.jupiter:junit-jupiter's releases.

JUnit 5.13.1 = Platform 1.13.1 + Jupiter 5.13.1 + Vintage 5.13.1

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.0...r5.13.1

JUnit 5.13.0 = Platform 1.13.0 + Jupiter 5.13.0 + Vintage 5.13.0

See Release Notes.

New Contributors

• @​Oyster-zx made their first contribution in junit-team/junit5#4311
• @​etrandafir93 made their first contribution in junit-team/junit5#4336
• @​hanszt made their first contribution in junit-team/junit5#3377
• @​ngocnhan-tran1996 made their first contribution in junit-team/junit5#4545

Full Changelog: junit-team/junit-framework@r5.12.2...r5.13.0

JUnit 5.13.0-RC1 = Platform 1.13.0-RC1 + Jupiter 5.13.0-RC1 + Vintage 5.13.0-RC1

See Release Notes.

New Contributors

• @​hanszt made their first contribution in junit-team/junit5#3377

Full Changelog: junit-team/junit-framework@r5.13.0-M3...r5.13.0-RC1

JUnit 5.13.0-M3 = Platform 1.13.0-M3 + Jupiter 5.13.0-M3 + Vintage 5.13.0-M3

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.0-M2...r5.13.0-M3

JUnit 5.13.0-M2 = Platform 1.13.0-M2 + Jupiter 5.13.0-M2 + Vintage 5.13.0-M2

See Release Notes.

Full Changelog: junit-team/junit-framework@r5.13.0-M1...r5.13.0-M2

JUnit 5.13.0-M1 = Platform 1.13.0-M1 + Jupiter 5.13.0-M1 + Vintage 5.13.0-M1

See Release Notes.

New Contributors

• @​Oyster-zx made their first contribution in junit-team/junit5#4311
• @​etrandafir93 made their first contribution in junit-team/junit5#4336

Full Changelog: junit-team/junit-framework@r5.12.1...r5.13.0-M1

JUnit 5.12.2 = Platform 1.12.2 + Jupiter 5.12.2 + Vintage 5.12.2

... (truncated)

Commits

• b580aa9 Release 5.13.1
• 97095e9 Finalize 5.13.1 release notes
• f0747f1 Use GraphQL API to list matching milestones to avoid pagination issues
• af5e3bd Fix support pre-5.13 AnnotationBasedArgumentsProvider implementations (#4611)
• 4170597 Restore compatibility with Java 8
• a866c01 Ensure @Nested classes are executed after sibling test methods (#4603)
• 2d58467 Create initial 5.13.1 release notes from template
• 3447d71 Update supported versions
• 6a7998b Revert "Don't error on already closed milestones"
• d7c8216 Back to snapshots for further development
• Additional commits viewable in compare view

Updates org.assertj:assertj-core from 3.26.3 to 3.27.3

Release notes

Sourced from org.assertj:assertj-core's releases.

v3.27.3

💥 Breaking Changes

Core

• Revert "Propagate common basetype for the extracting method" #3737

  The enhancement introduced with #3673 breaks existing code on Kotlin 1.9; therefore, it has been reverted.

  As Spring Boot 3.4 currently supports Kotlin 1.9, we want to keep the same compatibility on AssertJ 3.x, while AssertJ 4.x will require Kotlin 2.x.

  Existing code relying on the changes introduced with #3673 will no longer compile and should be refactored.

🐛 Bug Fixes

Core

• Fix StandardRepresentation regression for unquoted strings #3735

⚡ Improvements

Core

• Add Class info to class loading strategy failures #3746

❤️ Contributors

Thanks to all the contributors who worked on this release:

@​ccrvincent

v3.27.2

🐛 Bug Fixes

Core

• Restore support for null-valued maps when ignoring fields #3723

v3.27.1

🚫 Deprecated

Core

• Deprecate usingComparatorForFields and remove deprecated assertions from usingComparatorForType documentation #3711
• Deprecate hasCauseReference(Throwable) from Throwable assertions #3715

... (truncated)

Commits

• c928dd3 [maven-release-plugin] prepare release assertj-build-3.27.3
• f308d95 Fix StandardRepresentation regression for unquoted strings (#3735)
• e5959f4 Add Java and Kotlin release references
• 3eb809d Add Kotlin EAP reference
• b39a8cf Add Kotlin 2.1.10-RC
• e20e40d Add Class info to failure exception (#3746)
• 79b87f0 Revert "Propagate common basetype for the extracting method (#3673)" (#3737)
• bf439b3 chore(deps): bump com.diffplug.spotless:spotless-maven-plugin from 2.43.0 to ...
• 30936ca Restructure Kotlin tests, add DisplayNameGenerator
• b5b86cc Add Kotlin cross-version job (#3732)
• Additional commits viewable in compare view

Updates org.slf4j:slf4j-api from 2.0.16 to 2.0.17

Updates org.springframework.boot:spring-boot from 3.4.4 to 3.5.0

Release notes

Sourced from org.springframework.boot:spring-boot's releases.

v3.5.0

Full release notes for Spring Boot 3.5 are available on the wiki.

⭐ New Features

• Make heapdump endpoint restricted by default #45624
• Remove SSL status tag from metrics #45602
• Remove 'spring.http.client' deprecation and change 'spring.http.reactiveclient.settings' to 'spring.http.reactiveclient' #45507

🐞 Bug Fixes

• Unable to override/set nested ConfigurationProperties by passing as a system property #45639
• ValidationAutoConfiguration triggers early initialization of properties binding #45618
• Micrometer "enable" annotations property does not cover observed aspect #45617
• spring.graphql.sse.timeout is no longer exposed #45613
• SpringApplication.setEnvironmentPrefix is ignored when reading SPRING_PROFILES_ACTIVE #45549
• IllegalStateException when extracting using layers a module with no code of its own #45449
• Removed spring.batch.initialize-schema property is still considered #45380
• ReactorHttpClientBuilder does not offer a factory method to create the HttpClient #45378
• Suggested values for spring.jpa.hibernate.ddl-auto are not aligned with Hibernate #45351
• Custom default units declared on a field are ignored when binding properties in a native image #45347
• DockerRegistryConfigAuthentication uses the wrong serverUrl as a fallback for the Credentials helper #45345
• Various spring.datasource properties are mistakenly marked as ignored #45342
• JerseyWebApplicationInitializer always gets loaded, setting a ServletContext initParameter #45297
• DockerRegistryConfigAuthentication does not align with Docker CLI #45292
• Unlike the Docker CLI, "\x00" characters are not trimmed from a decoded Docker Registry password #45290
• CloudFoundry security matcher logs a warning due to use of the 'ignoring()' method #32622

📔 Documentation

• Document the java info contribution #45634
• Document the process info contribution #45632
• Document the os info contribution #45630
• Document typical spring.application.group and name use #45628
• Document that bean methods should be static when annotated with @ConfigurationPropertiesBinding #45626
• Document the way that primary Kotlin constructors are used when binding #45553
• Improve "profile" reference documentation with additional admonitions #45551
• Improve setEnvironmentPrefix(...) reference documentation #45376
• Document all the available Testcontainers integrations #45367
• Document when a spring.config.import value is relative and when it is fixed #45363
• Update org.cyclonedx.bom version in docs to 2.3.0 #45320
• Update link to "Parameter Name Retention" section of Spring Framework's release notes #45299

🔨 Dependency Upgrades

• Prevent upgrade to Prometheus Client 1.3.7 #45541
• Upgrade to Couchbase Client 3.8.1 #45539
• Upgrade to Elasticsearch 8.18.1 #45447
• Upgrade to GraphQL Java 24.0 #45588
• Upgrade to Hibernate 6.6.15.Final #45540

... (truncated)

Commits

• 8c2d645 Release v3.5.0
• 0b49e78 Merge branch '3.4.x'
• c684fa4 Switch make-default for publish-to-sdkman to 3.5.x
• 5695192 Ensure descendants are always recalculated on cache refresh
• 31f549e Merge branch '3.4.x'
• 68df6f5 Next development version (v3.4.7-SNAPSHOT)
• 9f46877 Merge branch '3.4.x'
• 404a0df Merge branch '3.3.x' into 3.4.x
• e331846 Next development version (v3.3.13-SNAPSHOT)
• b142798 Merge branch '3.4.x'
• Additional commits viewable in compare view

Updates org.springframework:spring-core from 6.2.5 to 6.2.7

Release notes

Sourced from org.springframework:spring-core's releases.

v6.2.7

⭐ New Features

• Forward more methods to underlying InputStream in NonClosingInputStream #34893
• Introduce Spring property for the default property placeholder escape character #34865
• Close ApplicationContext once AOT processing has completed #34841
• Fix AbstractJackson2HttpMessageConverter#getObjectMappersForType nullness #34811
• Add option for case-insensitive match to PatternMatchUtils #34801
• RestClient @RequestBody parameters lose generic type information when creating HTTP service beans #34793
• Adds option to set Principal in MockServerWebExchange #34789

🐞 Bug Fixes

• Beans created by FactoryBean are not considered as autowiring candidates if another thread holds a singletonLock #34902
• PropertySourcesPlaceholderConfigurer placeholder resolution fails in several scenarios #34861
• HttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 #34851
• Fragment.create() requires mutable map - which is unusable when used with Kotlin #34848
• Duplicate BeanOverrideHandler discovered in @Nested test case with superclass from different class or in interface implemented multiple times #34844
• Accidental ClassLoader defineClass enforcement after #34677 #34824
• HttpEntity.EMPTY headers should not be possible to mutate via HttpHeaders constructor #34812
• AbstractFileResolvingResource.exists incorrectly reports result for resources inside of spring-boot executable jar #34796
• Correctly expand query param with same name from URI variables array #34783
• R2DBC NamedParameterUtils only expands reused collection parameter once #34768
• PathMatchingResourcePatternResolver wrongly assumes that target/classes always exists #34764

📔 Documentation

• Clarify CompositePropertySource behavior for EnumerablePropertySource contract #34886
• Javadoc and @Nullable annotation for servletContext parameter of ConfigurableWebEnvironment.initPropertySources are contradictory #34845
• Spring MVC: @EnableAsync needs to be redeclared for each ApplicationContext #34843
• Provide a working example instead of unclear placeholders #34828

🔨 Dependency Upgrades

• Upgrade to Micrometer 1.14.7 #34889
• Upgrade to Reactor 2024.0.6 #34898

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​Artur-, @​blake-bauman, @​iifawzi, @​kilink, @​quaff, @​whlit, and @​zzoe2346

v6.2.6

⭐ New Features

• An option for SimpleAsyncTaskExecutor to throw an exception when limit is reached #34727
• Provide first-class support for Bean Overrides with @ContextHierarchy #34723
• Micro performance optimizations #34717
• Suppress "Unable to rollback against JDBC Connection" in case of timeout (connection closed) #34714

... (truncated)

Commits

• ba590ac Release v6.2.7
• ee62701 Make use of PatternMatchUtils ignoreCase option
• fa168ca Revise FactoryBean locking behavior for strict/lenient consistency
• 3c228a5 Add missing @​since tags in PatternMatchUtils
• 9bf6b8c Upgrade to Reactor 2024.0.6
• 37ecdd1 Forward more methods to underlying InputStream in NonClosingInputStream
• 73f1c5a Polishing
• 4d296fb Upgrade to Micrometer 1.14.7
• 6a94444 Clarify CompositePropertySource behavior for EnumerablePropertySource contract
• 03ae97b Introduce Spring property for default escape character for placeholders
• Additional commits viewable in compare view

Updates org.springframework:spring-test from 6.2.5 to 6.2.7

Release notes

Sourced from org.springframework:spring-test's releases.

v6.2.7

⭐ New Features

• Forward more methods to underlying InputStream in NonClosingInputStream #34893
• Introduce Spring property for the default property placeholder escape character #34865
• Close ApplicationContext once AOT processing has completed #34841
• Fix AbstractJackson2HttpMessageConverter#getObjectMappersForType nullness #34811
• Add option for case-insensitive match to PatternMatchUtils #34801
• RestClient @RequestBody parameters lose generic type information when creating HTTP service beans #34793
• Adds option to set Principal in MockServerWebExchange #34789

🐞 Bug Fixes

• Beans created by FactoryBean are not considered as autowiring candidates if another thread holds a singletonLock #34902
• PropertySourcesPlaceholderConfigurer placeholder resolution fails in several scenarios #34861
• HttpComponentsClientHttpRequestFactory setConnectionRequestTimeout not working with httpclient 5.3.1 #34851
• Fragment.create() requires mutable map - which is unusable when used with Kotlin #34848
• Duplicate BeanOverrideHandler discovered in @Nested test case with superclass from different class or in interface implemented multiple times #34844
• Accidental ClassLoader defineClass enforcement after #34677 #34824
• HttpEntity.EMPTY headers should not be possible to mutate via HttpHeaders constructor #34812
• AbstractFileResolvingResource.exists incorrectly reports result for resources inside of spring-boot executable jar #34796
• Correctly expand query param with same name from URI variables array #34783
• R2DBC NamedParameterUtils only expands reused collection parameter once #34768
• PathMatchingResourcePatternResolver wrongly assumes that target/classes always exists #34764

📔 Documentation

• Clarify CompositePropertySource behavior for EnumerablePropertySource contract #34886
• Javadoc and @Nullable annotation for servletContext parameter of ConfigurableWebEnvironment.initPropertySources are contradictory #34845
• Spring MVC: @EnableAsync needs to be redeclared for each ApplicationContext #34843
• Provide a working example instead of unclear placeholders #34828

🔨 Dependency Upgrades

• Upgrade to Micrometer 1.14.7 #34889
• Upgrade to Reactor 2024.0.6 #34898

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​Artur-, @​blake-bauman, @​iifawzi, @​kilink, @​quaff, @​whlit, and @​zzoe2346

v6.2.6

⭐ New Features

• An option for SimpleAsyncTaskExecutor to throw an exception when limit is reached #34727
• Provide first-class support for Bean Overrides with @ContextHierarchy #34723
• Micro performance optimizations #34717
• Suppress "Unable to rollback against JDBC Connection" in case of timeout (connection closed) #34714

... (truncated)

Commits

• ba590ac Release v6.2.7
• ee62701 Make use of PatternMatchUtils ignoreCase option
• fa168ca Revise FactoryBean locking behavior for strict/lenient consistency
• 3c228a5 Add missing @​since tags in PatternMatchUtils
• 9bf6b8c Upgrade to Reactor 2024.0.6
• 37ecdd1 Forward more methods to underlying InputStream in NonClosingInputStream
• 73f1c5a Polishing
• 4d296fb Upgrade to Micrometer 1.14.7
• 6a94444 Clarify CompositePropertySource behavior for EnumerablePropertySource contract
• 03ae97b Introduce Spring property for default escape character for placeholders
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.