build(deps): bump the dependabot-dependency-updates group with 17 updates #109

dependabot · 2026-01-01T23:02:15Z

Bumps the dependabot-dependency-updates group with 17 updates:

Package	From	To
com.siemens.pki:CmpRaComponent	`4.2.0`	`4.3.0`
jakarta.xml.bind:jakarta.xml.bind-api	`4.0.2`	`4.0.4`
org.glassfish.jaxb:jaxb-runtime	`4.0.5`	`4.0.6`
org.slf4j:slf4j-api	`2.0.16`	`2.0.17`
org.slf4j:slf4j-simple	`2.0.16`	`2.0.17`
org.eclipse.californium:californium-core	`3.13.0`	`3.14.0`
com.fasterxml.jackson.jaxrs:jackson-jaxrs-yaml-provider	`2.18.2`	`2.20.1`
com.fasterxml.jackson.core:jackson-databind	`2.18.2`	`2.20.1`
commons-cli:commons-cli	`1.10.0`	`1.11.0`
org.jacoco:jacoco-maven-plugin	`0.8.12`	`0.8.14`
org.apache.maven.shared:file-management	`3.1.0`	`3.2.0`
org.apache.maven.plugins:maven-dependency-plugin	`3.8.1`	`3.9.0`
org.apache.maven.plugins:maven-jar-plugin	`3.4.2`	`3.5.0`
org.apache.maven.plugins:maven-surefire-plugin	`3.5.2`	`3.5.4`
org.apache.maven.plugins:maven-javadoc-plugin	`3.11.2`	`3.12.0`
org.owasp:dependency-check-maven	`12.1.3`	`12.1.9`
org.apache.maven.plugins:maven-source-plugin	`3.3.1`	`3.4.0`

Updates com.siemens.pki:CmpRaComponent from 4.2.0 to 4.3.0

Release notes

Sourced from com.siemens.pki:CmpRaComponent's releases.

PQ support + maintenance tweaks

This version adds mainstream support of post-quantum algorithms and brings other minor improvements.

Changelog

Sourced from com.siemens.pki:CmpRaComponent's changelog.

4.3.0 (Dec 10 2025)

feat: Implement PQ support

feat: Enhance CMP error message with original upstream exception details

fix: Incorrect key length parameter handling for PBMAC1

fix: Update dependencies

fix: If not forced, reprotect response to MAC-protected requests

doc: Partially clean up overall structure of README.md

chore: Java update from 11 to 17

Commits

13a4a3c Merge pull request #164 from siemens/fix/release
eeb8fe4 fix: changelog update
bcb3942 Merge pull request #163 from siemens/fix/162_maven_jar_plugin_version
9eaff37 chore: Change maven-jar-plugin version from 3.5.0 to 3.4.2 - Eclipse fix
229e419 Merge pull request #161 from siemens/dependency-bump
3fbb4c5 Bump dependencies to their current versions
609cae6 Merge pull request #159 from siemens/fix/157-fix-bc-oid
c584ef5 fix: code format fix and spotless update
99b8a81 fix: BC's Oid names
865ed59 Fix reprotection of MAC-protected requests
Additional commits viewable in compare view

Updates jakarta.xml.bind:jakarta.xml.bind-api from 4.0.2 to 4.0.4

Commits

1df980a Update API version of : to 4.0.4
5548633 fix #315
b44c5ca activation-api 2.1.4
b106241 Create TCK challenge template
d91e825 Merge pull request #322 from jakartaee/4.0.3-RELEASE
85e2fb6 Update API version of : to 4.0.4-SNAPSHOT
cae8cae Update API version of : to 4.0.3
256b24e fix: Unmarshalling hexBinary with leading whitespaces yields null (#313)
57884ff Fix #316, Unable to override JAXBContextFactory through properties (#317)
3cb177a Handle empty string input for parseBase64Binary instead of throwing IllegalAr...
Additional commits viewable in compare view

Updates org.glassfish.jaxb:jaxb-runtime from 4.0.5 to 4.0.6

Updates org.slf4j:slf4j-api from 2.0.16 to 2.0.17

Updates org.slf4j:slf4j-simple from 2.0.16 to 2.0.17

Updates org.eclipse.californium:californium-core from 3.13.0 to 3.14.0

Updates com.fasterxml.jackson.jaxrs:jackson-jaxrs-yaml-provider from 2.18.2 to 2.20.1

Updates com.fasterxml.jackson.core:jackson-databind from 2.18.2 to 2.20.1

Commits

See full diff in compare view

Updates commons-cli:commons-cli from 1.10.0 to 1.11.0

Changelog

Sourced from commons-cli:commons-cli's changelog.

Apache Commons CLI 1.11.0 Release Notes

The Apache Commons CLI team is pleased to announce the release of Apache Commons CLI 1.11.0.

Apache Commons CLI provides a simple API for presenting, processing, and validating a Command Line Interface.

This is a feature and maintenance release. Java 8 or later is required.

New Features
      Add CommandLine.getOptionCount() to measure option repetition [#396](https://github.com/apache/commons-cli/issues/396). Thanks to David Larochette, Gary Gregory.
Fixed Bugs

CLI-351: Multiple trailing BREAK_CHAR_SET characters cause infinite loop in HelpFormatter. Thanks to Damien Carbonne, Claude Warren, Gary Gregory.

CLI-351: Fix issue with groups not being reported in help output. #411. Thanks to Damien Carbonne, Claude Warren, Gary Gregory.

Updates
      Bump org.apache.commons:commons-parent from 85 to 91 [#393](https://github.com/apache/commons-cli/issues/393). Thanks to Gary Gregory, Dependabot.
      Bump commons-io:commons-io from 2.20.0 to 2.21.0. Thanks to Gary Gregory.
Historical list of changes: https://commons.apache.org/proper/commons-cli/changes.html

For complete information on Apache Commons CLI, including instructions on how to submit bug reports, patches, or suggestions for improvement, see the Apache Commons CLI website:

https://commons.apache.org/proper/commons-cli/

Download page: https://commons.apache.org/proper/commons-cli/download_cli.cgi

Have fun! The Apache Commons Team

Apache Commons CLI 1.11.0 Release Notes

The Apache Commons CLI team is pleased to announce the release of Apache Commons CLI 1.11.0.

Apache Commons CLI provides a simple API for presenting, processing, and validating a Command Line Interface.

This is a feature and maintenance release. Java 8 or later is required.

... (truncated)

Commits

d746133 Prepare for the release candidate 1.11.0 RC1
966ddd6 Prepare for the next release candidate
234a34d Use ternary to reduce duplication
ef98fc4 Better test assertions
a9baf80 No need to create an intermediary array
4c46459 Reduce returns
7108379 Javadoc
7199a70 Use forEachRemaining
e852acf Reuse constants
395346c Better exception message
Additional commits viewable in compare view

Updates org.jacoco:jacoco-maven-plugin from 0.8.12 to 0.8.14

Release notes

Sourced from org.jacoco:jacoco-maven-plugin's releases.

0.8.14

New Features

JaCoCo now officially supports Java 25 (GitHub #1950).

Experimental support for Java 26 class files (GitHub #1870).

Branches added by the Kotlin compiler for default argument number 33 or higher are filtered out during generation of report (GitHub #1655).

Part of bytecode generated by the Kotlin compiler for elvis operator that follows safe call operator is filtered out during generation of report (GitHub #1814, #1954).

Part of bytecode generated by the Kotlin compiler for more cases of chained safe call operators is filtered out during generation of report (GitHub #1956).

Part of bytecode generated by the Kotlin compiler for invocations of suspendCoroutineUninterceptedOrReturn intrinsic is filtered out during generation of report (GitHub #1929).

Part of bytecode generated by the Kotlin compiler for suspending lambdas with parameters is filtered out during generation of report (GitHub #1945).

Part of bytecode generated by the Kotlin compiler for suspending functions and lambdas with suspension points that return inline value class is filtered out during generation of report (GitHub #1871).

Part of bytecode generated by the Kotlin Compose compiler plugin for pausable composition is filtered out during generation of report (GitHub #1911).

Methods generated by the Kotlin serialization compiler plugin are filtered out (GitHub #1885, #1970, #1971).

Fixed bugs

Fixed handling of implicit else clause of when with String subject in Kotlin (GitHub #1813, #1940).

Fixed handling of implicit default clause of switch by String in Java when compiled by ECJ (GitHub #1813, #1940). Fixed handling of exceptions in chains of safe call operators in Kotlin (GitHub #1819).

Non-functional Changes

JaCoCo now depends on ASM 9.9 (GitHub #1965).

0.8.13

New Features

JaCoCo now officially supports Java 23 and Java 24 (GitHub #1757, #1631, #1867).

Experimental support for Java 25 class files (GitHub #1807).

Calculation of line coverage for Kotlin inline functions (GitHub #1670).

Calculation of line coverage for Kotlin inline functions with reified type parameter (GitHub #1670, #1700).

Calculation of coverage for Kotlin JvmSynthetic functions (GitHub #1700).

Part of bytecode generated by the Kotlin Compose compiler plugin is filtered out during generation of report (GitHub #1616).

Part of bytecode generated by the Kotlin compiler for inline value classes is filtered out during generation of report (GitHub #1475).

Part of bytecode generated by the Kotlin compiler for suspending lambdas without suspension points is filtered out during generation of report (GitHub #1283).

Part of bytecode generated by the Kotlin compiler for when expressions and statements with nullable enum subject is filtered out during generation of report (GitHub #1774).

Part of bytecode generated by the Kotlin compiler for when expressions and statements with nullable String subject is filtered out during generation of report (GitHub #1769).

Part of bytecode generated by the Kotlin compiler for chains of safe call operators is filtered out during generation of report (GitHub #1810, #1818).

Method getEntries generated by the Kotlin compiler for enum classes is filtered out during generation of report (GitHub #1625).

Methods generated by the Kotlin compiler for constructors and functions with JvmOverloads annotation are filtered out (GitHub #1768).

Fixed bugs

Fixed interpretation of Kotlin SMAP (GitHub #1525).

File extensions are preserved in HTML report in case of clashes of normalized file names (GitHub #1660).

Non-functional Changes

JaCoCo build now uses Maven Wrapper and requires at least Maven 3.9.9 (GitHub #1708, #1707, #1681).

JaCoCo now depends on ASM 9.8 (GitHub #1862).

More context information when IllegalArgumentException occurs during reading of zip file (GitHub #1833).

Commits

2eb2483 Prepare release v0.8.14
de76181 KotlinSerializableFilter should filter more methods (#1971)
89c4bd5 Fix NPE in KotlinSerializableFilter (#1970)
0981128 Migrate release staging to the Central Publisher Portal (#1968)
d07bc6b Add filter for bytecode generated by Kotlin serialization compiler plugin (#1...
5e35fd5 Upgrade maven-dependency-plugin to 3.9.0 (#1966)
c2fe5cc Upgrade ASM to 9.9 (#1965)
b0f8e23 KotlinSafeCallOperatorFilter should filter "unoptimized" safe call followed b...
c7bd3f4 Upgrade spotless-maven-plugin to 3.0.0 (#1961)
faa289d KotlinSafeCallOperatorFilter should not be affected by presence of pseudo ins...
Additional commits viewable in compare view

Updates org.apache.maven.shared:file-management from 3.1.0 to 3.2.0

Release notes

Sourced from org.apache.maven.shared:file-management's releases.

3.2.0

🚀 New features and improvements

Enable GitHub Issues (#44) @slawekjaranowski

Add Release Drafter (#41) @slawekjaranowski

[MSHARED-1203] - no longer need to shell out to create a symbolic link (#24) @elharo

Java 7 can detect symbolic links (#20) @elharo

👻 Maintenance

Update site descriptor (#47) @slawekjaranowski

Skip generating of xml reader and writer for FileSet (#46) @slawekjaranowski

Use version of modello-maven-plugin from parent (#43) @slawekjaranowski

Add PR Automation and Stale actions (#42) @slawekjaranowski

[MSHARED-1448] - Refresh download page (#39) @slawekjaranowski

remove duplicate tests and unneeded code (#23) @elharo

fix JUnit dependencies (#25) @elharo

[MSHARED-1265] - use JUnit assumptions (#22) @elharo

[MSHARED-1203] - use JUnit @TempDir (#19) @elharo

[MSHARED-1264] - Convert to JUnit5 (#16) @slachiewicz

Add GitHub Actions setup and Dependabot (#14) @slachiewicz

📦 Dependency updates

Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#48) @dependabot[bot]

Bump org.apache.maven.shared:maven-shared-components from 43 to 44 (#45) @dependabot[bot]

[MSHARED-1380] - Bump commons-io:commons-io from 2.17.0 to 2.18.0 (#40) @dependabot[bot]

[MSHARED-1381] - Bump org.apache.maven.shared:maven-shared-components from 42 to 43 (#36) @dependabot[bot]

[MSHARED-1380] - Bump commons-io:commons-io from 2.16.1 to 2.17.0 (#37) @dependabot[bot]

[MSHARED-1380] - Bump commons-io:commons-io from 2.13.0 to 2.16.1 (#34) @dependabot[bot]

[MSHARED-1381] - Upgrade parent pom to 42 (#35) @slachiewicz

Bump apache/maven-gh-actions-shared from 3 to 4 (#32) @dependabot[bot]

Bump org.junit:junit-bom from 5.10.1 to 5.10.2 (#31) @dependabot[bot]

Bump org.junit:junit-bom from 5.10.0 to 5.10.1 (#28) @dependabot[bot]

Bump org.junit:junit-bom from 5.9.3 to 5.10.0 (#27) @dependabot[bot]

[MSHARED-1266] - upgrade commons-io 2.11.0 --> 2.13.0 (#21) @elharo

update to parent pom 39 (#12) @elharo

Commits

36efd6f [maven-release-plugin] prepare release v3.2.0
ce8a9aa Bump commons-io:commons-io from 2.18.0 to 2.19.0
58068b0 Update site descriptor
0b43f78 Skip generating of xml reader and writer for FileSet
8e2c8d3 Bump org.apache.maven.shared:maven-shared-components from 43 to 44
a6255a6 Use version of modello-maven-plugin from parent
5e0bf0f Enable GitHub Issues
1ad7648 Add Release Drafter
995453c Add PR Automation and Stale actions
401f048 [MSHARED-1380] Bump commons-io:commons-io from 2.17.0 to 2.18.0 (#40)
Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-dependency-plugin from 3.8.1 to 3.9.0

Release notes

Sourced from org.apache.maven.plugins:maven-dependency-plugin's releases.

3.9.0

🚀 New features and improvements

Use Resolver API in go-offline for dependencies resolving (#1533) @slawekjaranowski

Use Resolver API in go-offline for plugins resolving (#1532) @slawekjaranowski

Fixes #1522, add render-dependencies mojo (#1523) @rmannibucau

Use Resolver API in resolve-plugin (#1521) @slawekjaranowski

[MEDP-964] - unconditionally ignore dependencies known to be loaded by reflection (#1492) @elharo

Update maven-dependency-analyzer to support Java24 (#528) @talios

[MDEP-972] - copy-dependencies: copy signatures alongside artifacts (#514) @Ndacyayisenga-droid

[MDEP-776] - Warn when multiple dependencies have the same file name (#463) @elharo

[MDEP-966] - Migrate AnalyzeDepMgt to Sisu (#473) @elharo

[MDEP-957] - By default, don't report slf4j-simple as unused (#433) @elharo

🐛 Bug Fixes

ProjectBuildingRequest should not be modified (#1520) @slawekjaranowski

Fix - markersDirectory is not working when unpack goal is executed from command line (#537) @vaibhavbatra15

Fix broken link for analyze-exclusions-mojo on usage-page (#521) @Bukama

[MDEP-839] - Avoid extra blank lines in file (#495) @elharo

Update collect URL (#510) @elharo

[MDEP-689] - Fixes ignored dependency filtering in go-offline goal (#417) @ldhardy

[MDEP-960] - Repair silent logging (#447) @elharo

📝 Documentation updates

[MDEP-933] - Document dependency tree output formats (#535) @Ndacyayisenga-droid

Add additional comment to clarify the minimal supported version of ou… (#465) @gluxhappy

[MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#511) @Bukama

Unix file separators (#507) @elharo

👻 Maintenance

Simplify usage of RepositoryManager and DependencyResolver (#1518) @slawekjaranowski

Use Resolver API in copy and unpack (#1514) @slawekjaranowski

Update site descriptor to 2.0.0 (#1508) @slawekjaranowski

Enable prevent branch protection rules (#1503) @slawekjaranowski

Fix [MDEP-931] - Replace PrintWriter with Writer in AbstractSerializing Visitor and subclasses (#530) @Ndacyayisenga-droid

Cleanups dependencies (#1496) @slawekjaranowski

Copy edit parameter descriptions (#1488) @elharo

Small Javadoc clarifications (#533) @elharo

[MDEP-967] - Change info to debug logging in AbstractFromConfigurationMojo (#529) @Ndacyayisenga-droid

fix: remove duplicate maven-resolver-api and maven-resolver-util dependencies in pom.xml (#526) @Ndacyayisenga-droid

Enable GH issues (#522) @Bukama

Remove redundant/unneeded code (#519) @elharo

Add PR Automation and Stale actions (#513) @slawekjaranowski

Keep files in temporary directory to be deleted after test (#508) @pzygielo

Drop unnecessary call (#509) @pzygielo

Avoid deprecated ArtifactFactory (#489) @elharo

... (truncated)

Commits

826e5f0 [maven-release-plugin] prepare release maven-dependency-plugin-3.9.0
0db1acc Use Resolver API in go-offline for dependencies resolving (#1533)
e50031a Use Resolver API in go-offline for plugins resolving
6ed4b1a Bump org.apache.commons:commons-lang3 from 3.18.0 to 3.19.0
8776c61 Bump org.assertj:assertj-core from 3.27.5 to 3.27.6
d2af78e Ignore Mockito 5.x and SLF4j 2.x by dependabot
dcd4b7d Bump org.assertj:assertj-core from 3.27.4 to 3.27.5
7523948 Strict check of dependencies usage
23186d4 Fixes #1522, add render-dependencies mojo (#1523)
bc1893f Use Resolver API in resolve-plugin
Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-jar-plugin from 3.4.2 to 3.5.0

Release notes

Sourced from org.apache.maven.plugins:maven-jar-plugin's releases.

3.5.0

🚀 New features and improvements

Add new "attach" configuration parameter (3.x port of #482) (#483) @hgschmie

add Java-Version to MANIFEST.MF (#465) @hboutemy

🐛 Bug Fixes

Fix detecting java version for toolchains and JDK 1.8 (#500) @slawekjaranowski

Ignore stderr when parsing javac version from toolchain (#471) @jaredstehler

👻 Maintenance

Update site descriptor to 2.0.0 (#501) @slawekjaranowski

chore: remove junit3 references (#494) @slawekjaranowski

Migrate component injection to JSR-330 (#492) @slawekjaranowski

Add PR Automation to 3.x (#132) @slawekjaranowski

Improve release-drafter configuration (#128) @slawekjaranowski

Fix for Maven 4.0.0-rc-3 (#130) @slawekjaranowski

[MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#119) @Bukama

🔧 Build

Bump m-invoker-p to 3.9.1 for Java 25 (#480) @hboutemy

📦 Dependency updates

Bump commons-io:commons-io from 2.20.0 to 2.21.0 (#499) @dependabot[bot]

Bump org.codehaus.plexus:plexus-archiver from 4.10.3 to 4.10.4 (#498) @dependabot[bot]

Use maven-plugin-testing-harness version 3.4.0 (#491) @slawekjaranowski

Bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.15.1 to 3.15.2 (#488) @dependabot[bot]

Bump org.codehaus.plexus:plexus-archiver from 4.10.1 to 4.10.3 (#478) @dependabot[bot]

Bump org.codehaus.plexus:plexus-archiver from 4.10.0 to 4.10.1 (#464) @dependabot[bot]

Bump org.apache.maven.plugins:maven-plugins from 42 to 45 (#452) @dependabot[bot]

Bump org.apache.maven:maven-archiver from 3.6.2 to 3.6.4 (#461) @dependabot[bot]

Bump commons-io:commons-io from 2.19.0 to 2.20.0 (#457) @dependabot[bot]

Bump mavenVersion from 3.9.10 to 3.9.11 (#456) @dependabot[bot]

Bump mavenVersion from 3.9.9 to 3.9.10 (#146) @dependabot[bot]

Bump org.apache.maven.shared:file-management from 3.1.0 to 3.2.0 (#143) @dependabot[bot]

Bump mavenVersion from 3.6.3 to 3.9.9 (#107) @dependabot[bot]

Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#140) @dependabot[bot]

Bump commons-io:commons-io from 2.16.1 to 2.18.0 (#114) @dependabot[bot]

Bump org.codehaus.plexus:plexus-archiver from 4.9.2 to 4.10.0 (#109) @dependabot[bot]

Commits

68d00f1 [maven-release-plugin] prepare release maven-jar-plugin-3.5.0
357b9bf Update site descriptor to 2.0.0
340249c Fix detecting java version for toolchains and JDK 1.8
06a6245 chore: remove junit3 references
d302b2c Bump commons-io:commons-io from 2.20.0 to 2.21.0
6081bdb Bump org.codehaus.plexus:plexus-archiver from 4.10.3 to 4.10.4
ef8ed4c Migrate component injection to JSR-330
704a35c Ignore stderr when parsing javac version from toolchain (#471)
0beb969 Use maven-plugin-testing-harness version 3.4.0
c2624c8 Bump org.apache.maven.plugin-tools:maven-plugin-annotations (#488)
Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-surefire-plugin from 3.5.2 to 3.5.4

Release notes

Sourced from org.apache.maven.plugins:maven-surefire-plugin's releases.

3.5.4

🚀 New features and improvements

Name the shutdown hook (#3170) @cstamas

Implement fail-fast behavior for JUnit Platform provider (#3155) @marcphilipp

Create a single LauncherSession for invocations of JUnitPlatformProvider (#863) @marcphilipp

🐛 Bug Fixes

[SUREFIRE-2298] - fix xml output with junit 5 nested classes (fix integration with Cucumber and Archunit) (#828) @olamy

👻 Maintenance

feat: enable prevent branch protection rules (#3168) @sparsick

Get rid of plexus-annotations (#3163) @olamy

Remove maven-changes-plugin (#861) @sparsick

Enable GitHub Issues (#831) @Bukama

📦 Dependency updates

Bump org.htmlunit:htmlunit from 4.15.0 to 4.16.0 (#3173) @dependabot[bot]

Bump org.codehaus.plexus:plexus-i18n from 1.0-beta-10 to 1.0.0 (#3172) @dependabot[bot]

Bump org.htmlunit:htmlunit from 4.13.0 to 4.15.0 (#3171) @dependabot[bot]

Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 (#3167) @dependabot[bot]

Bump org.apache.commons:commons-compress from 1.27.1 to 1.28.0 (#3165) @dependabot[bot]

Bump commons-io:commons-io from 2.19.0 to 2.20.0 (#3161) @dependabot[bot]

Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 (#3158) @dependabot[bot]

Bump org.htmlunit:htmlunit from 4.12.0 to 4.13.0 (#856) @dependabot[bot]

Bump org.xmlunit:xmlunit-core from 2.10.2 to 2.10.3 (#860) @dependabot[bot]

Bump commons-beanutils:commons-beanutils from 1.7.0 to 1.11.0 in /surefire-its/src/test/resources/webapp (#851) @dependabot[bot]

Bump org.htmlunit:htmlunit from 4.11.1 to 4.12.0 (#844) @dependabot[bot]

Bump org.fusesource.jansi:jansi from 2.4.1 to 2.4.2 (#836) @dependabot[bot]

Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#833) @dependabot[bot]

Bump org.codehaus.plexus:plexus-interpolation from 1.27 to 1.28 (#829) @dependabot[bot]

Bump org.codehaus.plexus:plexus-java from 1.4.0 to 1.5.0 (#830) @dependabot[bot]

Bump jacocoVersion from 0.8.12 to 0.8.13 (#827) @dependabot[bot]

3.5.3

🐛 Bug Fixes

[SUREFIRE-1737] - Fix disable in statelessTestsetReporter (#816) @slawekjaranowski

[SUREFIRE-1643] - surefire junit5 parallel tests (#815) @olamy

[SUREFIRE-2289] - Make exceptions more appropriate to context (#798) @elharo

👻 Maintenance

surefire shared utils version current version (#825) @olamy

Update site descriptors (#821) @slawekjaranowski

... (truncated)

Commits

88513d8 [maven-release-plugin] prepare release surefire-3.5.4
9c48828 Simplify cuncumber IT configuration and make windows build working again (#3174)
74b2d8c Bump org.htmlunit:htmlunit from 4.15.0 to 4.16.0 (#3173)
6c30bf1 [SUREFIRE-2298] fix xml output with junit 5 nested classes (#828)
9f49866 Bump org.codehaus.plexus:plexus-i18n from 1.0-beta-10 to 1.0.0 (#3172)
fb96954 Bump org.htmlunit:htmlunit from 4.13.0 to 4.15.0 (#3171)
1e63159 Name the shutdown hook (#3170)
76e806a feat: enable prevent branch protection rules (#3168)
0fbfb27 Implement fail-fast behavior for JUnit Platform provider (#3155)
98d081e Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 (#3167)
Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-javadoc-plugin from 3.11.2 to 3.12.0

Release notes

Sourced from org.apache.maven.plugins:maven-javadoc-plugin's releases.

3.12.0

💥 Breaking changes

remove fix mojo (#1263) @elharo

detectOfflineLinks is now false per default for all jar mojo issue #1258 (#1259) @olamy

🐛 Bug Fixes

Fix legacyMode (#1265) @fridrich

Fix package {...} does not exist in legacyMode (#1243) @JackPGreen

Ensure UTF-8 charset is used to avoid IllegalArgumentException: Null charset name (#1245) @elharo

Remove Javadoc 1.4+ / -1.1 switch related warning (#1240) @perceptron8

👻 Maintenance

protect 3.8.x branch (#1238) @hboutemy

feat: enable prevent branch protection rules (#1228) @sparsick

📦 Dependency updates

Bump org.codehaus.mojo:mrm-maven-plugin from 1.6.0 to 1.7.0 (#1257) @dependabot[bot]

3.11.3

🚨 Removed

Remove workaround for long patched CVE in javadoc (#388) @elharo

🚀 New features and improvements

Issue #369 Support --no-fonts option per default for jdk 23+ (#375) @olamyDescription has been truncated

…ates Bumps the dependabot-dependency-updates group with 17 updates: | Package | From | To | | --- | --- | --- | | [com.siemens.pki:CmpRaComponent](https://github.com/siemens/cmp-ra-component) | `4.2.0` | `4.3.0` | | [jakarta.xml.bind:jakarta.xml.bind-api](https://github.com/jakartaee/jaxb-api) | `4.0.2` | `4.0.4` | | org.glassfish.jaxb:jaxb-runtime | `4.0.5` | `4.0.6` | | org.slf4j:slf4j-api | `2.0.16` | `2.0.17` | | org.slf4j:slf4j-simple | `2.0.16` | `2.0.17` | | org.eclipse.californium:californium-core | `3.13.0` | `3.14.0` | | com.fasterxml.jackson.jaxrs:jackson-jaxrs-yaml-provider | `2.18.2` | `2.20.1` | | [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) | `2.18.2` | `2.20.1` | | [commons-cli:commons-cli](https://github.com/apache/commons-cli) | `1.10.0` | `1.11.0` | | [org.jacoco:jacoco-maven-plugin](https://github.com/jacoco/jacoco) | `0.8.12` | `0.8.14` | | [org.apache.maven.shared:file-management](https://github.com/apache/maven-file-management) | `3.1.0` | `3.2.0` | | [org.apache.maven.plugins:maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin) | `3.8.1` | `3.9.0` | | [org.apache.maven.plugins:maven-jar-plugin](https://github.com/apache/maven-jar-plugin) | `3.4.2` | `3.5.0` | | [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.5.2` | `3.5.4` | | [org.apache.maven.plugins:maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) | `3.11.2` | `3.12.0` | | [org.owasp:dependency-check-maven](https://github.com/dependency-check/DependencyCheck) | `12.1.3` | `12.1.9` | | [org.apache.maven.plugins:maven-source-plugin](https://github.com/apache/maven-source-plugin) | `3.3.1` | `3.4.0` | Updates `com.siemens.pki:CmpRaComponent` from 4.2.0 to 4.3.0 - [Release notes](https://github.com/siemens/cmp-ra-component/releases) - [Changelog](https://github.com/siemens/cmp-ra-component/blob/main/CHANGELOG.md) - [Commits](siemens/cmp-ra-component@v4.2.0...v4.3.0) Updates `jakarta.xml.bind:jakarta.xml.bind-api` from 4.0.2 to 4.0.4 - [Release notes](https://github.com/jakartaee/jaxb-api/releases) - [Commits](jakartaee/jaxb-api@4.0.2...4.0.4) Updates `org.glassfish.jaxb:jaxb-runtime` from 4.0.5 to 4.0.6 Updates `org.slf4j:slf4j-api` from 2.0.16 to 2.0.17 Updates `org.slf4j:slf4j-simple` from 2.0.16 to 2.0.17 Updates `org.eclipse.californium:californium-core` from 3.13.0 to 3.14.0 Updates `com.fasterxml.jackson.jaxrs:jackson-jaxrs-yaml-provider` from 2.18.2 to 2.20.1 Updates `com.fasterxml.jackson.core:jackson-databind` from 2.18.2 to 2.20.1 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `commons-cli:commons-cli` from 1.10.0 to 1.11.0 - [Changelog](https://github.com/apache/commons-cli/blob/master/RELEASE-NOTES.txt) - [Commits](apache/commons-cli@rel/commons-cli-1.10.0...rel/commons-cli-1.11.0) Updates `org.jacoco:jacoco-maven-plugin` from 0.8.12 to 0.8.14 - [Release notes](https://github.com/jacoco/jacoco/releases) - [Commits](jacoco/jacoco@v0.8.12...v0.8.14) Updates `org.apache.maven.shared:file-management` from 3.1.0 to 3.2.0 - [Release notes](https://github.com/apache/maven-file-management/releases) - [Commits](apache/maven-file-management@file-management-3.1.0...v3.2.0) Updates `org.apache.maven.plugins:maven-dependency-plugin` from 3.8.1 to 3.9.0 - [Release notes](https://github.com/apache/maven-dependency-plugin/releases) - [Commits](apache/maven-dependency-plugin@maven-dependency-plugin-3.8.1...maven-dependency-plugin-3.9.0) Updates `org.apache.maven.plugins:maven-jar-plugin` from 3.4.2 to 3.5.0 - [Release notes](https://github.com/apache/maven-jar-plugin/releases) - [Commits](apache/maven-jar-plugin@maven-jar-plugin-3.4.2...maven-jar-plugin-3.5.0) Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.5.2 to 3.5.4 - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](apache/maven-surefire@surefire-3.5.2...surefire-3.5.4) Updates `org.apache.maven.plugins:maven-javadoc-plugin` from 3.11.2 to 3.12.0 - [Release notes](https://github.com/apache/maven-javadoc-plugin/releases) - [Commits](apache/maven-javadoc-plugin@maven-javadoc-plugin-3.11.2...maven-javadoc-plugin-3.12.0) Updates `org.owasp:dependency-check-maven` from 12.1.3 to 12.1.9 - [Release notes](https://github.com/dependency-check/DependencyCheck/releases) - [Changelog](https://github.com/dependency-check/DependencyCheck/blob/main/CHANGELOG.md) - [Commits](dependency-check/DependencyCheck@v12.1.3...v12.1.9) Updates `org.apache.maven.plugins:maven-source-plugin` from 3.3.1 to 3.4.0 - [Release notes](https://github.com/apache/maven-source-plugin/releases) - [Commits](apache/maven-source-plugin@maven-source-plugin-3.3.1...maven-source-plugin-3.4.0) --- updated-dependencies: - dependency-name: com.siemens.pki:CmpRaComponent dependency-version: 4.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependabot-dependency-updates - dependency-name: jakarta.xml.bind:jakarta.xml.bind-api dependency-version: 4.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependabot-dependency-updates - dependency-name: org.glassfish.jaxb:jaxb-runtime dependency-version: 4.0.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependabot-dependency-updates - dependency-name: org.slf4j:slf4j-api dependency-version: 2.0.17 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependabot-dependency-updates - dependency-name: org.slf4j:slf4j-simple dependency-version: 2.0.17 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependabot-dependency-updates - dependency-name: org.eclipse.californium:californium-core dependency-version: 3.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependabot-dependency-updates - dependency-name: com.fasterxml.jackson.jaxrs:jackson-jaxrs-yaml-provider dependency-version: 2.20.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependabot-dependency-updates - dependency-name: com.fasterxml.jackson.core:jackson-databind dependency-version: 2.20.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependabot-dependency-updates - dependency-name: commons-cli:commons-cli dependency-version: 1.11.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependabot-dependency-updates - dependency-name: org.jacoco:jacoco-maven-plugin dependency-version: 0.8.14 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependabot-dependency-updates - dependency-name: org.apache.maven.shared:file-management dependency-version: 3.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependabot-dependency-updates - dependency-name: org.apache.maven.plugins:maven-dependency-plugin dependency-version: 3.9.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependabot-dependency-updates - dependency-name: org.apache.maven.plugins:maven-jar-plugin dependency-version: 3.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependabot-dependency-updates - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-version: 3.5.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependabot-dependency-updates - dependency-name: org.apache.maven.plugins:maven-javadoc-plugin dependency-version: 3.12.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependabot-dependency-updates - dependency-name: org.owasp:dependency-check-maven dependency-version: 12.1.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependabot-dependency-updates - dependency-name: org.apache.maven.plugins:maven-source-plugin dependency-version: 3.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependabot-dependency-updates ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Jan 1, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

build(deps): bump the dependabot-dependency-updates group with 17 updates #109

build(deps): bump the dependabot-dependency-updates group with 17 updates #109

Uh oh!

dependabot bot commented on behalf of github Jan 1, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

build(deps): bump the dependabot-dependency-updates group with 17 updates #109

Are you sure you want to change the base?

build(deps): bump the dependabot-dependency-updates group with 17 updates #109

Uh oh!

Conversation

dependabot bot commented on behalf of github Jan 1, 2026

PQ support + maintenance tweaks

4.3.0 (Dec 10 2025)

Apache Commons CLI 1.11.0 Release Notes

New Features

Fixed Bugs

Updates

Apache Commons CLI 1.11.0 Release Notes

0.8.14

New Features

Fixed bugs

Non-functional Changes

0.8.13

New Features

Fixed bugs

Non-functional Changes

3.2.0

🚀 New features and improvements

👻 Maintenance

📦 Dependency updates

3.9.0

🚀 New features and improvements

🐛 Bug Fixes

📝 Documentation updates

👻 Maintenance

3.5.0

🚀 New features and improvements

🐛 Bug Fixes

👻 Maintenance

🔧 Build

📦 Dependency updates

3.5.4

🚀 New features and improvements

🐛 Bug Fixes

👻 Maintenance

📦 Dependency updates

3.5.3

🐛 Bug Fixes

👻 Maintenance

3.12.0

💥 Breaking changes

🐛 Bug Fixes

👻 Maintenance

📦 Dependency updates

3.11.3

🚨 Removed

🚀 New features and improvements

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant