Skip to content

Bump the maven-dependencies group across 1 directory with 13 updates#4296

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/maven/maven-dependencies-9746c7e387
Open

Bump the maven-dependencies group across 1 directory with 13 updates#4296
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/maven/maven-dependencies-9746c7e387

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 17, 2026

Copy link
Copy Markdown
Contributor

Bumps the maven-dependencies group with 13 updates in the / directory:

Package From To
org.junit:junit-bom 6.1.0 6.1.2
ch.qos.logback:logback-classic 1.5.36 1.5.38
io.smallrye.config:smallrye-config 3.17.2 3.18.1
org.mongodb:mongodb-driver-sync 5.8.0 5.9.0
org.mongodb:mongodb-driver-legacy 5.8.0 5.9.0
org.zeroturnaround:zt-exec 1.12 1.13.0
com.fasterxml.jackson.core:jackson-databind 2.22.0 2.22.1
com.fasterxml.jackson.dataformat:jackson-dataformat-yaml 2.22.0 2.22.1
com.github.spotbugs:spotbugs-annotations 4.10.2 4.10.3
net.bytebuddy:byte-buddy 1.18.10 1.18.11
com.google.devtools.ksp:symbol-processing-api 2.3.9 2.3.10
com.google.devtools.ksp:symbol-processing-common-deps 2.3.9 2.3.10
com.google.devtools.ksp:symbol-processing-aa-embeddable 2.3.9 2.3.10

Updates org.junit:junit-bom from 6.1.0 to 6.1.2

Release notes

Sourced from org.junit:junit-bom's releases.

JUnit 6.1.2 = Platform 6.1.2 + Jupiter 6.1.2 + Vintage 6.1.2

See Release Notes.

Full Changelog: junit-team/junit-framework@r6.1.1...r6.1.2

JUnit 6.1.1 = Platform 6.1.1 + Jupiter 6.1.1 + Vintage 6.1.1

See Release Notes.

Full Changelog: junit-team/junit-framework@r6.1.0...r6.1.1

Commits
  • b685426 Release 6.1.2
  • ae244a6 Remove blanket outputDirectoryCreator from SuiteEngineTests (#5793)
  • 43bd154 Finalize 6.1.2 release notes
  • 0cd9510 Fix order of release note sections
  • a1507cb Add initial 6.1.2 release notes to release notes index
  • 9326641 Fix NoTestsDiscoveredException for suites containing only dynamic tests (#5839)
  • 2ef1123 Create initial 6.1.2 release notes from template
  • 83fa9ab Back to snapshots for further development
  • 0d85889 Release 6.1.1
  • 0363eee Finalize 6.1.1 release notes
  • Additional commits viewable in compare view

Updates ch.qos.logback:logback-classic from 1.5.36 to 1.5.38

Release notes

Sourced from ch.qos.logback:logback-classic's releases.

Logback 1.5.38

2026-07-09 Release of logback version 1.5.38

• In HardenedObjectInputStream, fixed a typo preventing Throwable objects from being white-filtered. This issue was reported in [PR #1045](qos-ch/logback#1045) by t0rchwo0d.

• A bitwise identical binary of this version can be reproduced by building from source code at commit d04984a41fce42977466f45a2f076f0ee5cc4207 associated with the tag v_1.5.38. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.37

2026-06-26 Release of logback version 1.5.37

  1. • Given the numerous vulnerabilities related to conditional configuration processing based on the evaluation of Java expressions using the Janino library, support for such expressions has been removed. Users are offered the an online migration service or the <condition> element introduced in version 1.5.20. See the relevant documentation for more details.

• A bitwise identical binary of this version can be reproduced by building from source code at commit c1df7f522e648eec7b4ef6a12c8758fec0f00048 associated with the tag v_1.5.37. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Commits
  • d04984a prepare release 1.5.38
  • 4fffda6 updateversion of maven-gpg-plugin
  • 7ee48a1 Fixed a typo where java,lang.Throwable was written with a comma instead of a ...
  • 84580a2 remove license profile
  • f817c8d start work on 1.5.28-SNAPSHOT
  • c1df7f5 prepare release 1.5.37
  • a189967 remove conditional based on janino
  • aaa9052 start work on 1.5.37-SNAPSHOT
  • See full diff in compare view

Updates io.smallrye.config:smallrye-config from 3.17.2 to 3.18.1

Release notes

Sourced from io.smallrye.config:smallrye-config's releases.

3.18.1

3.18.0

  • #1544 Release 3.18.0
  • #1543 Bump io.smallrye:smallrye-parent from 50 to 51
  • #1541 Fix ConfigMapping hashCode collision for Map properties with equal keys and values
  • #1540 Bump Python version from 3.9 to 3.12 in CI documentation workflows
  • #1539 Remove deprecated Jasypt support
  • #1538 Support nested config classes in class-based mappings
  • #1537 Bump actions/checkout from 6 to 7
  • #1536 Configure Surefire to display parameterized test names in reports
  • #1535 Fix HOCON property name rendering
  • #1534 Reproduce issue with @WithUnnamedKey config group considered present even if unconfigured
  • #1533 Bump io.smallrye:smallrye-parent from 49 to 50
  • #1532 Add SPI ConfigMappingHandler to split handling of @​ConfigMapping and @​ConfigProperties
  • #1531 Bump io.smallrye.common:smallrye-common-bom from 2.18.1 to 2.19.0
  • #1530 Bump com.typesafe:config from 1.4.8 to 1.4.9
  • #1529 Bump kotlin.version from 2.3.21 to 2.4.0
  • #1528 Update MicroProfile Config to 3.1.1
  • #1527 Stabilize hashCode of ConfigClass
  • #1526 Bump org.ow2.asm:asm from 9.10 to 9.10.1
  • #1525 Bump idna from 3.11 to 3.15 in /documentation
  • #1524 Bump pymdown-extensions from 10.21.2 to 10.21.3 in /documentation
  • #1523 Bump org.ow2.asm:asm from 9.9.1 to 9.10
  • #1522 Bump io.smallrye.common:smallrye-common-bom from 2.18.0 to 2.18.1
  • #1520 Bump urllib3 from 2.6.3 to 2.7.0 in /documentation
  • #1519 Bump io.smallrye.common:smallrye-common-bom from 2.17.1 to 2.18.0
  • #1518 Bump com.typesafe:config from 1.4.7 to 1.4.8
  • #1516 Bump com.typesafe:config from 1.4.6 to 1.4.7
  • #1515 Bump io.smallrye:smallrye-parent from 48 to 49
  • #1514 Bump kotlin.version from 2.3.20 to 2.3.21
  • #1513 Bump org.jboss.bridger:bridger from 1.6.Final to 1.8
  • #1510 Bump io.sundr:sundr-maven-plugin from 0.240.1 to 0.300.0
Commits
  • d576664 [maven-release-plugin] prepare release 3.18.1
  • c628013 Release 3.18.1 (#1547)
  • 8a86d44 @​WithUnnamedKey#eager to control if default keys are present in the mapping M...
  • fb0c3bf [maven-release-plugin] prepare for next development iteration
  • 21ceb75 [maven-release-plugin] prepare release 3.18.0
  • a7bafe6 Update release preparation condition in workflow
  • c94a186 Add workflow_dispatch trigger to release workflow
  • e93eddf Release 3.18.0 (#1544)
  • 0daa482 Reproduce issue with @WithUnnamedKey config group considered present even i...
  • 3d6d5dc Bump io.smallrye:smallrye-parent from 50 to 51 (#1543)
  • Additional commits viewable in compare view

Updates org.mongodb:mongodb-driver-sync from 5.8.0 to 5.9.0

Release notes

Sourced from org.mongodb:mongodb-driver-sync's releases.

Java Driver 5.9.0 (July 07, 2026)

What's Changed

Verifying artifact signatures

Please refer to https://www.mongodb.com/docs/drivers/java/sync/current/security/validate-signatures/ for the full procedure.

To download and import the public key for verifying signatures, execute

gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 1a75005e142192223d6a7c3b76e0008d166740a8

Full Changelog: mongodb/mongo-java-driver@r5.8.0...r5.9.0

Commits
  • 90d54c4 Version: bump 5.9.0
  • 32cbe4b JAVA-6168 JAVA-6244 JAVA-6196: QE prefix/suffix/substring GA + rename Text AP...
  • 6612f5d JAVA-6237: Explicit Encryption Case 2 uses contention-10 collection (#2003)
  • d84dabb Fix reactive streams MongoClient.getTimeout always returning null (#2009)
  • aad04d1 Update Specs to latest (#2001)
  • 4d81e85 Add Windows CI testing (#1935)
  • 8aa3242 Update the Git specifications submodule from 25bee54 to 4484038 (#1992)
  • 321bdb7 Evergreen: fixes - gpg and oidc (#1987)
  • 606ed03 build(deps): bump testing/resources/specifications from b519824 to `25bee54...
  • d120c75 Version: bump 5.9.0-SNAPSHOT
  • See full diff in compare view

Updates org.mongodb:mongodb-driver-legacy from 5.8.0 to 5.9.0

Release notes

Sourced from org.mongodb:mongodb-driver-legacy's releases.

Java Driver 5.9.0 (July 07, 2026)

What's Changed

Verifying artifact signatures

Please refer to https://www.mongodb.com/docs/drivers/java/sync/current/security/validate-signatures/ for the full procedure.

To download and import the public key for verifying signatures, execute

gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 1a75005e142192223d6a7c3b76e0008d166740a8

Full Changelog: mongodb/mongo-java-driver@r5.8.0...r5.9.0

Commits
  • 90d54c4 Version: bump 5.9.0
  • 32cbe4b JAVA-6168 JAVA-6244 JAVA-6196: QE prefix/suffix/substring GA + rename Text AP...
  • 6612f5d JAVA-6237: Explicit Encryption Case 2 uses contention-10 collection (#2003)
  • d84dabb Fix reactive streams MongoClient.getTimeout always returning null (#2009)
  • aad04d1 Update Specs to latest (#2001)
  • 4d81e85 Add Windows CI testing (#1935)
  • 8aa3242 Update the Git specifications submodule from 25bee54 to 4484038 (#1992)
  • 321bdb7 Evergreen: fixes - gpg and oidc (#1987)
  • 606ed03 build(deps): bump testing/resources/specifications from b519824 to `25bee54...
  • d120c75 Version: bump 5.9.0-SNAPSHOT
  • See full diff in compare view

Updates org.mongodb:mongodb-driver-legacy from 5.8.0 to 5.9.0

Release notes

Sourced from org.mongodb:mongodb-driver-legacy's releases.

Java Driver 5.9.0 (July 07, 2026)

What's Changed

Verifying artifact signatures

Please refer to https://www.mongodb.com/docs/drivers/java/sync/current/security/validate-signatures/ for the full procedure.

To download and import the public key for verifying signatures, execute

gpg --keyserver hkps://keyserver.ubuntu.com --recv-keys 1a75005e142192223d6a7c3b76e0008d166740a8

Full Changelog: mongodb/mongo-java-driver@r5.8.0...r5.9.0

Commits
  • 90d54c4 Version: bump 5.9.0
  • 32cbe4b JAVA-6168 JAVA-6244 JAVA-6196: QE prefix/suffix/substring GA + rename Text AP...
  • 6612f5d JAVA-6237: Explicit Encryption Case 2 uses contention-10 collection (#2003)
  • d84dabb Fix reactive streams MongoClient.getTimeout always returning null (#2009)
  • aad04d1 Update Specs to latest (#2001)
  • 4d81e85 Add Windows CI testing (#1935)
  • 8aa3242 Update the Git specifications submodule from 25bee54 to 4484038 (#1992)
  • 321bdb7 Evergreen: fixes - gpg and oidc (#1987)
  • 606ed03 build(deps): bump testing/resources/specifications from b519824 to `25bee54...
  • d120c75 Version: bump 5.9.0-SNAPSHOT
  • See full diff in compare view

Updates org.zeroturnaround:zt-exec from 1.12 to 1.13.0

Release notes

Sourced from org.zeroturnaround:zt-exec's releases.

v1.13.0

What's Changed

New Contributors

Full Changelog: https://github.com/zeroturnaround/zt-exec/commits/v1.13.0

Changelog

Sourced from org.zeroturnaround:zt-exec's changelog.

[1.13.0] - 2026-07-10

Added

  • LogOutputStream.create(LineConsumer) to build a LogOutputStream from a lambda (#107).
  • LogOutputStream.setOutputCharset(String) to control the charset used to decode the process output (#89).
  • An OSGi bundle manifest (Bundle-SymbolicName, Export-Package) in the published jar (#85).
  • A JPMS module descriptor for module org.zeroturnaround.exec, shipped as a Java 9 multi-release entry (#106).

Changed

  • Raised the minimum Java runtime from 6 to 8 (bytecode target moved from 1.6 to 1.8).
  • Upgraded the slf4j-api dependency from 1.7.2 to 1.7.32.
  • Migrated the build from Maven to Gradle; releases now publish to Maven Central through the Sonatype Central Portal.
Commits
  • f71a22a Release 1.13.0
  • 13ca7bd List all consumer-facing changes since 1.12 in the changelog
  • a614f50 Bump the minor-and-patch group across 1 directory with 4 updates
  • d20fae7 Bump org.apache.commons:commons-lang3 from 3.12.0 to 3.18.0
  • f16fd4e Bump commons-io:commons-io from 2.11.0 to 2.14.0
  • 09612ed Suppress automatic-module warning on the slf4j requires directive
  • 38f6ee9 Add CHANGELOG.md, security policy, and changelog release automation
  • 1711820 Adopt vMAJOR.MINOR.PATCH release tags
  • 6e8e4a6 Bump build tooling to current versions
  • 5e0b895 Drop defunct ZeroTurnaround references from POM metadata
  • Additional commits viewable in compare view

Updates com.fasterxml.jackson.core:jackson-databind from 2.22.0 to 2.22.1

Commits

Updates com.fasterxml.jackson.dataformat:jackson-dataformat-yaml from 2.22.0 to 2.22.1

Commits
  • 681f699 [maven-release-plugin] prepare release jackson-dataformats-text-2.22.1
  • 8e25852 Prep for 2.22.1 release
  • e1ed4d2 Merge branch '2.21' into 2.22
  • 3f3257c Post-release dep version bump
  • 3348a1a [maven-release-plugin] prepare for next development iteration
  • 687ad4f [maven-release-plugin] prepare release jackson-dataformats-text-2.21.5
  • 955c59f Prep for 2.21.5 release
  • 588933e Post-release dep version bump
  • 38f3683 [maven-release-plugin] prepare for next development iteration
  • See full diff in compare view

Updates com.fasterxml.jackson.dataformat:jackson-dataformat-yaml from 2.22.0 to 2.22.1

Commits
  • 681f699 [maven-release-plugin] prepare release jackson-dataformats-text-2.22.1
  • 8e25852 Prep for 2.22.1 release
  • e1ed4d2 Merge branch '2.21' into 2.22
  • 3f3257c Post-release dep version bump
  • 3348a1a [maven-release-plugin] prepare for next development iteration
  • 687ad4f [maven-release-plugin] prepare release jackson-dataformats-text-2.21.5
  • 955c59f Prep for 2.21.5 release
  • 588933e Post-release dep version bump
  • 38f3683 [maven-release-plugin] prepare for next development iteration
  • See full diff in compare view

Updates com.github.spotbugs:spotbugs-annotations from 4.10.2 to 4.10.3

Release notes

Sourced from com.github.spotbugs:spotbugs-annotations's releases.

4.10.3

SpotBugs 4.10.3

CHANGELOG

Fixed

  • Fix LI_LAZY_INIT_STATIC false negative when the null guard is written in yoda-style (null == field) (#4144)
  • Fix DC_DOUBLECHECK, NP_SYNC_AND_NULL_CHECK_FIELD and SP_SPIN_ON_FIELD false negatives when the null guard is written in yoda-style (null == field) (#4144)
  • Fix message for UNS_UNSAFE_CALL bug pattern
  • Restore CLI plugin loading by fixing DetectorFactoryCollection bootstrap ordering (#4191)
  • Fix UWF_NULL_FIELD false negative for fields initialized with cast null values (#4034)
  • Fix UMAC_UNCALLABLE_METHOD_OF_ANONYMOUS_CLASS false positive for methods reached only through method references (#4059)

Changed

  • Ant FindBugsViewerTask: use default look and feel by default. (#4165)

Refactor

  • Ant FindBugsViewerTask: extend AbstractFindBugsTask to reduce duplicate code. (#4165)

CHECKSUM

file checksum (sha256)
spotbugs-4.10.3-javadoc.jar 9670d6569864fd9a45c4aa92f6e3dc2d11e2c24b4ff0a3eabe64b293dc3f0534
spotbugs-4.10.3-sources.jar e00994265d6b771db8cc79edd70500ab8af6334f636d3ac7bf169c5d7daefcbc
spotbugs-4.10.3.tgz 53c03a77da9746ed0c17aae6c0a9419a12ddeb8bf61dd7209a2e417550afd01d
spotbugs-4.10.3.zip e814ee5bf9665412658c4d684e45eae3cf993148a71bc8bc93fb343e92288151
spotbugs-annotations-4.10.3-javadoc.jar 5da6c2d1fe6ef37022dda7fdf221965bb6de57a0276e1735f518840f56ccab1f
spotbugs-annotations-4.10.3-sources.jar 87974d23caffbc8c6e66c567747627267b5ed06573cee966d7af6d236b8d65bd
spotbugs-annotations.jar 3fabaf088f8cd10803cc87dba4666cf874bdcd2e07ad154ed3fe403647ce3f2a
spotbugs-ant-4.10.3-javadoc.jar fab78b3c109057689dc2057a18071b1a997048bb18b45ae39835c1007b18f440
spotbugs-ant-4.10.3-sources.jar af1c78c8e194c2f82ea3e0517ab38a5eb6ba608c8d0e776c9097605d6b7efca6
spotbugs-ant.jar 9ec240477b7c87270be7dfe3196180cd3763f04c369e5691feeb12e66110a065
spotbugs.jar 5b12b471979fd8d664e9772d4c7e7e11b25a55d71dbb0ef2d2dcb749959052e7
test-harness-4.10.3-javadoc.jar 1a495602098f524a4a62f227bc556f75236a0231d08d7bedaeae73d478067e94
test-harness-4.10.3-sources.jar 805d2d124b0d4ea513ee9262d4ad6027c3471d45defd80fd7d20e23425d17df7
test-harness-4.10.3.jar bd10d1f11a1b93e4ca4db4d27772f611bd3407f9452dbbd2d1ba62584ddc171f
test-harness-core-4.10.3-javadoc.jar cb08bb86e5c9d5b4c4459ab103b9cd0dd99527a56f6fa645ec10d07b0fe75735
test-harness-core-4.10.3-sources.jar 043a55d99a517c0d9cf702b0c183b4afd3f03af9eff4a86d59bb37df1b35b532
test-harness-core-4.10.3.jar 1f9a0ee8f150dd71f960ca4f59dcf7912a45d0e9e6aefc4585fd44b975454bc0
test-harness-jupiter-4.10.3-javadoc.jar 02b463d272ccc7e6f9c7dcbfe7087da23afb6f9b8ad24316362397ae21fcf4cc
test-harness-jupiter-4.10.3-sources.jar 17144f315686bfd01c02fa4ae7c916060c41de8eed58d5b8470416fa08f46ced
test-harness-jupiter-4.10.3.jar a91146da3e993479cfefd2690781cbd102c6360ecc63a96d88995be3bd60fcbb
Changelog

Sourced from com.github.spotbugs:spotbugs-annotations's changelog.

4.10.3 - 2026-07-12

Fixed

  • Fix LI_LAZY_INIT_STATIC false negative when the null guard is written in yoda-style (null == field) (#4144)
  • Fix DC_DOUBLECHECK, NP_SYNC_AND_NULL_CHECK_FIELD and SP_SPIN_ON_FIELD false negatives when the null guard is written in yoda-style (null == field) (#4144)
  • Fix message for UNS_UNSAFE_CALL bug pattern
  • Restore CLI plugin loading by fixing DetectorFactoryCollection bootstrap ordering (#4191)
  • Fix UWF_NULL_FIELD false negative for fields initialized with cast null values (#4034)
  • Fix UMAC_UNCALLABLE_METHOD_OF_ANONYMOUS_CLASS false positive for methods reached only through method references (#4059)

Changed

  • Ant FindBugsViewerTask: use default look and feel by default. (#4165)

Refactor

  • Ant FindBugsViewerTask: extend AbstractFindBugsTask to reduce duplicate code. (#4165)
Commits
  • 8d5cad4 release v4.10.3
  • f849bce Update junit-framework monorepo to v6.1.2 (#4199)
  • 368a213 Fixes #4138 : Detect yoda-style null guards in lazy-init and related detector...
  • 21ba538 Update actions/stale digest to 1e223db (#4197)
  • 6c91a0d Update dependency net.sf.saxon:Saxon-HE to v12.10 (#4198)
  • 7fb263e Update actions/setup-java digest to 0f481fc (#4196)
  • c8f9bb1 fix(deprecations): Replace deprecated io close with try with resources (#4194)
  • 1c78756 chore{build): Update eclipse-convention.gradle.kts file (#4193)
  • 1aec284 fix: improve EQ_DOESNT_OVERRIDE_EQUALS warning to mention symmetry risk (#4016)
  • f3ddc36 Fixes #4055 : Record method-reference targets as called methods (#4059)
  • Additional commits viewable in compare view

Updates net.bytebuddy:byte-buddy from 1.18.10 to 1.18.11

Release notes

Sourced from net.bytebuddy:byte-buddy's releases.

Byte Buddy 1.18.11

  • Add SBOM to published artifacts.
  • Check for traversable paths injected into class files as a rather hypothetical attack vector.
Changelog

Sourced from net.bytebuddy:byte-buddy's changelog.

2. July 2026: version 1.18.11

  • Add SBOM to published artifacts.
  • Check for traversable paths injected into class files as a rather hypothetical attack vector.
Commits
  • 88dd0a3 [publish] Releasing Byte Buddy 1.18.11
  • 46fcade [release] Release new version
  • 6a68de6 Prevent path traversal from crafted type names when writing class files to fo...
  • 9ba4ab6 Pin ClusterFuzzLite base image and actions by hash.
  • dd4f81e Add SBOM to build.
  • 7dd9a0d Update internal Byte Buddy and release notes
  • d6b3e15 [publish] Start next development iteration 1.18.11-SNAPSHOT
  • See full diff in compare view

Updates com.google.devtools.ksp:symbol-processing-api from 2.3.9 to 2.3.10

Release notes

Sourced from com.google.devtools.ksp:symbol-processing-api's releases.

2.3.10

What's Changed

  • Fix OOMs caused by unstopped coroutine Dispatcher threads by moving KSP task cache to a gradle build service (#2817)
  • Sanitize ':' in internal-name module suffix so KSP works with Kotlin 2.4.0 default module names (#2964)
  • Filter source file trees in KspAATask to restore NO-SOURCE skipping behaviour (#2947)
  • Fix R-class resolution in KSP when AGP 9 built-in Kotlin is enabled (#2857)
  • Fix KSP2 incremental cache path normalization mismatch (#2854)
  • Normalize line endings for KspAATask source roots to prevent cross-platform remote build cache misses (#2849)
  • Fix bug where KSP incremental compilation does not consider library class references in annotations (#3011)
  • Consume all Kotlin sources in KSP to support other code generators (#3001)
  • Fix configuration cache invalidation in klib cross-compilation check (#3014)
  • Memoized hash code for KSTypeImpl to speed up processing (#2896)
  • Fix incorrect name generation for data classes annotated with @JvmRecord (#2813)
  • Include kotlinx.coroutines in the distributed uber jar symbol-processing-aa-embeddable (#2938)
  • New debugging features for incremental compilation, including additional logging and dependency graph visualization (#3015)
  • Deprecate the ksp(...) Gradle configuration in Kotlin Multiplatform (KMP) projects in favor of target-specific configurations (#2956). Note: Non-KMP projects are also affected. For migration details, see the documentation.

Contributors

Full Changelog: google/ksp@2.3.9...2.3.10

Commits
  • ccf45ce Remove unreachable code
  • e1f7634 Rename tpe to kaType
  • b29f39b Make calcValue's parent parameter non-nullable
  • fcbd0a5 Record references to classes in annotation arguments
  • caea1d4 Add integration test for module names
  • 35a2599 Add logging for dependency graph
  • f28914d Clean up module name tests
  • 04666c1 fix: sanitize ':' in internal-name module suffix so KSP 2.3.9 works with Kotl...
  • abea428 Add negative test for incremental compilation
  • e0c0033 Qualify shadowing name
  • Additional commits viewable in

Bumps the maven-dependencies group with 13 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [org.junit:junit-bom](https://github.com/junit-team/junit-framework) | `6.1.0` | `6.1.2` |
| [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) | `1.5.36` | `1.5.38` |
| [io.smallrye.config:smallrye-config](https://github.com/smallrye/smallrye-config) | `3.17.2` | `3.18.1` |
| [org.mongodb:mongodb-driver-sync](https://github.com/mongodb/mongo-java-driver) | `5.8.0` | `5.9.0` |
| [org.mongodb:mongodb-driver-legacy](https://github.com/mongodb/mongo-java-driver) | `5.8.0` | `5.9.0` |
| [org.zeroturnaround:zt-exec](https://github.com/zeroturnaround/zt-exec) | `1.12` | `1.13.0` |
| [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) | `2.22.0` | `2.22.1` |
| [com.fasterxml.jackson.dataformat:jackson-dataformat-yaml](https://github.com/FasterXML/jackson-dataformats-text) | `2.22.0` | `2.22.1` |
| [com.github.spotbugs:spotbugs-annotations](https://github.com/spotbugs/spotbugs) | `4.10.2` | `4.10.3` |
| [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy) | `1.18.10` | `1.18.11` |
| [com.google.devtools.ksp:symbol-processing-api](https://github.com/google/ksp) | `2.3.9` | `2.3.10` |
| [com.google.devtools.ksp:symbol-processing-common-deps](https://github.com/google/ksp) | `2.3.9` | `2.3.10` |
| [com.google.devtools.ksp:symbol-processing-aa-embeddable](https://github.com/google/ksp) | `2.3.9` | `2.3.10` |



Updates `org.junit:junit-bom` from 6.1.0 to 6.1.2
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r6.1.0...r6.1.2)

Updates `ch.qos.logback:logback-classic` from 1.5.36 to 1.5.38
- [Release notes](https://github.com/qos-ch/logback/releases)
- [Commits](qos-ch/logback@v_1.5.36...v_1.5.38)

Updates `io.smallrye.config:smallrye-config` from 3.17.2 to 3.18.1
- [Release notes](https://github.com/smallrye/smallrye-config/releases)
- [Commits](smallrye/smallrye-config@3.17.2...3.18.1)

Updates `org.mongodb:mongodb-driver-sync` from 5.8.0 to 5.9.0
- [Release notes](https://github.com/mongodb/mongo-java-driver/releases)
- [Commits](mongodb/mongo-java-driver@r5.8.0...r5.9.0)

Updates `org.mongodb:mongodb-driver-legacy` from 5.8.0 to 5.9.0
- [Release notes](https://github.com/mongodb/mongo-java-driver/releases)
- [Commits](mongodb/mongo-java-driver@r5.8.0...r5.9.0)

Updates `org.mongodb:mongodb-driver-legacy` from 5.8.0 to 5.9.0
- [Release notes](https://github.com/mongodb/mongo-java-driver/releases)
- [Commits](mongodb/mongo-java-driver@r5.8.0...r5.9.0)

Updates `org.zeroturnaround:zt-exec` from 1.12 to 1.13.0
- [Release notes](https://github.com/zeroturnaround/zt-exec/releases)
- [Changelog](https://github.com/zeroturnaround/zt-exec/blob/main/CHANGELOG.md)
- [Commits](zeroturnaround/zt-exec@zt-exec-1.12...v1.13.0)

Updates `com.fasterxml.jackson.core:jackson-databind` from 2.22.0 to 2.22.1
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-yaml` from 2.22.0 to 2.22.1
- [Commits](FasterXML/jackson-dataformats-text@jackson-dataformats-text-2.22.0...jackson-dataformats-text-2.22.1)

Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-yaml` from 2.22.0 to 2.22.1
- [Commits](FasterXML/jackson-dataformats-text@jackson-dataformats-text-2.22.0...jackson-dataformats-text-2.22.1)

Updates `com.github.spotbugs:spotbugs-annotations` from 4.10.2 to 4.10.3
- [Release notes](https://github.com/spotbugs/spotbugs/releases)
- [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md)
- [Commits](spotbugs/spotbugs@4.10.2...4.10.3)

Updates `net.bytebuddy:byte-buddy` from 1.18.10 to 1.18.11
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](raphw/byte-buddy@byte-buddy-1.18.10...byte-buddy-1.18.11)

Updates `com.google.devtools.ksp:symbol-processing-api` from 2.3.9 to 2.3.10
- [Release notes](https://github.com/google/ksp/releases)
- [Commits](google/ksp@2.3.9...2.3.10)

Updates `com.google.devtools.ksp:symbol-processing-common-deps` from 2.3.9 to 2.3.10
- [Release notes](https://github.com/google/ksp/releases)
- [Commits](google/ksp@2.3.9...2.3.10)

Updates `com.google.devtools.ksp:symbol-processing-aa-embeddable` from 2.3.9 to 2.3.10
- [Release notes](https://github.com/google/ksp/releases)
- [Commits](google/ksp@2.3.9...2.3.10)

Updates `com.google.devtools.ksp:symbol-processing-common-deps` from 2.3.9 to 2.3.10
- [Release notes](https://github.com/google/ksp/releases)
- [Commits](google/ksp@2.3.9...2.3.10)

Updates `com.google.devtools.ksp:symbol-processing-aa-embeddable` from 2.3.9 to 2.3.10
- [Release notes](https://github.com/google/ksp/releases)
- [Commits](google/ksp@2.3.9...2.3.10)

---
updated-dependencies:
- dependency-name: org.junit:junit-bom
  dependency-version: 6.1.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven-dependencies
- dependency-name: ch.qos.logback:logback-classic
  dependency-version: 1.5.38
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: maven-dependencies
- dependency-name: io.smallrye.config:smallrye-config
  dependency-version: 3.18.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-dependencies
- dependency-name: org.mongodb:mongodb-driver-sync
  dependency-version: 5.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-dependencies
- dependency-name: org.mongodb:mongodb-driver-legacy
  dependency-version: 5.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-dependencies
- dependency-name: org.mongodb:mongodb-driver-legacy
  dependency-version: 5.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-dependencies
- dependency-name: org.zeroturnaround:zt-exec
  dependency-version: 1.13.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: maven-dependencies
- dependency-name: com.fasterxml.jackson.core:jackson-databind
  dependency-version: 2.22.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: maven-dependencies
- dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-yaml
  dependency-version: 2.22.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: maven-dependencies
- dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-yaml
  dependency-version: 2.22.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: maven-dependencies
- dependency-name: com.github.spotbugs:spotbugs-annotations
  dependency-version: 4.10.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven-dependencies
- dependency-name: net.bytebuddy:byte-buddy
  dependency-version: 1.18.11
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven-dependencies
- dependency-name: com.google.devtools.ksp:symbol-processing-api
  dependency-version: 2.3.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven-dependencies
- dependency-name: com.google.devtools.ksp:symbol-processing-common-deps
  dependency-version: 2.3.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven-dependencies
- dependency-name: com.google.devtools.ksp:symbol-processing-aa-embeddable
  dependency-version: 2.3.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven-dependencies
- dependency-name: com.google.devtools.ksp:symbol-processing-common-deps
  dependency-version: 2.3.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven-dependencies
- dependency-name: com.google.devtools.ksp:symbol-processing-aa-embeddable
  dependency-version: 2.3.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jul 17, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants