Bump the dependencies group with 35 updates #1876

dependabot · 2024-02-12T09:39:51Z

Bumps the dependencies group with 35 updates:

Package	From	To
org.junit:junit-bom	`5.10.0`	`5.10.2`
org.owasp:dependency-check-maven	`8.4.0`	`9.0.9`
org.jacoco:jacoco-maven-plugin	`0.8.10`	`0.8.11`
org.apache.maven.plugins:maven-javadoc-plugin	`3.5.0`	`3.6.3`
org.apache.maven.plugins:maven-compiler-plugin	`3.11.0`	`3.12.1`
org.apache.maven.plugins:maven-surefire-plugin	`3.1.2`	`3.2.5`
ch.qos.logback:logback-classic	`1.4.11`	`1.4.14`
org.slf4j:jul-to-slf4j	`2.0.7`	`2.0.12`
org.slf4j:slf4j-api	`2.0.7`	`2.0.12`
org.apache.maven.plugins:maven-dependency-plugin	`3.6.0`	`3.6.1`
org.slf4j:slf4j-api	`2.0.7`	`2.0.12`
org.postgresql:postgresql	`42.6.0`	`42.7.1`
net.postgis:postgis-jdbc	`2021.1.0`	`2023.1.0`
com.fasterxml.jackson.core:jackson-annotations	`2.15.2`	`2.16.1`
com.fasterxml.jackson.core:jackson-core	`2.15.2`	`2.16.1`
com.fasterxml.jackson.core:jackson-databind	`2.15.2`	`2.16.1`
com.fasterxml.jackson.core:jackson-core	`2.15.2`	`2.16.1`
org.apache.commons:commons-text	`1.10.0`	`1.11.0`
com.fasterxml.jackson.core:jackson-databind	`2.15.2`	`2.16.1`
org.apache.commons:commons-lang3	`3.13.0`	`3.14.0`
net.java.dev.javacc:javacc	`7.0.12`	`7.0.13`
io.github.git-commit-id:git-commit-id-maven-plugin	`6.0.0`	`7.0.0`
org.apache.commons:commons-dbcp2	`2.9.0`	`2.11.0`
net.time4j:time4j-sqlxml	`5.9.3`	`5.9.4`
net.time4j:time4j-base	`5.9.3`	`5.9.4`
org.jooq:jooq	`3.16.21`	`3.19.3`
org.jooq:jooq-meta	`3.16.21`	`3.19.3`
org.jooq:jooq-codegen	`3.16.21`	`3.19.3`
org.jooq:jooq-meta	`3.16.21`	`3.19.3`
org.jooq:jooq-codegen	`3.16.21`	`3.19.3`
org.liquibase:liquibase-core	`4.12.0`	`4.26.0`
org.keycloak:keycloak-servlet-filter-adapter	`22.0.1`	`23.0.6`
commons-io:commons-io	`2.13.0`	`2.15.1`
net.time4j:time4j-base	`5.9.3`	`5.9.4`
org.openjfx:javafx-fxml	`19.0.2.1`	`21.0.2`
org.openjfx:javafx-controls	`19.0.2.1`	`21.0.2`
org.openjfx:javafx-controls	`19.0.2.1`	`21.0.2`
org.apache.maven.plugins:maven-shade-plugin	`3.5.0`	`3.5.1`
org.testcontainers:junit-jupiter	`1.19.1`	`1.19.5`
com.google.guava:guava	`32.1.2-jre`	`33.0.0-jre`
org.eclipse.jetty:jetty-servlet	`10.0.15`	`10.0.20`
org.json:json	`20230618`	`20240205`

Updates org.junit:junit-bom from 5.10.0 to 5.10.2

Release notes

Sourced from org.junit:junit-bom's releases.

JUnit 5.10.2 = Platform 1.10.2 + Jupiter 5.10.2 + Vintage 5.10.2

See Release Notes.

Full Changelog: junit-team/junit5@r5.10.1...r5.10.2

JUnit 5.10.1 = Platform 1.10.1 + Jupiter 5.10.1 + Vintage 5.10.1

See Release Notes.

Full Changelog: junit-team/junit5@r5.10.0...r5.10.1

Commits

4c0ddda Release 5.10.2
463a147 Finalize release notes for 5.10.2
43c105a Revert "Apply method predicate before searching type hierarchy"
63d464d Revert "Harmonize application of method and field filters in search algorithms"
85ec2fc Revert "Apply field predicate before searching type hierarchy"
6209006 Update release notes
5ee499f Fix CI build
d919ba7 Namespace user-specific build parameters
e26cd83 Prepare release notes for 5.10.2
ec8d428 Include LauncherInterceptor in launcher module declaration
Additional commits viewable in compare view

Updates org.owasp:dependency-check-maven from 8.4.0 to 9.0.9

Release notes

Sourced from org.owasp:dependency-check-maven's releases.

Version 9.0.9

Refer to the CHANGELOG.md for information about improvements and upgrade notes.

Version 9.0.8

Refer to the CHANGELOG.md for information about improvements and upgrade notes.

Version 9.0.7

Refer to the CHANGELOG.md for information about improvements and upgrade notes.

Version 9.0.6

Refer to the CHANGELOG.md for information about improvements and upgrade notes.

Version 9.0.5

Refer to the CHANGELOG.md for information about improvements and upgrade notes.

Version 9.0.4

fix: utilize maven proxy if present (#6255)

fix: allow api key in cli to be quoted (#6253)

fix: use correct maven plugin reporting plugin (#6244)

fix: correct trailing comma in JSON report (#6245)

See the full listing of changes.

Version 9.0.3

fix: use Java properties for proxy configuration (#6238)

docs: update proxy configuration documentation (#6237)

docs: add documentation on caching (#6204)

docs: Clarify H2 database caching strategy (#6220)

docs: Update list of supported report formats (#6224)

docs: example 5 with new nvdDatafeedUrl parameter (#6215)

fix: prevent NPEs (#6232 and #6206)

fix: check valid for hours for NVD API (#6225)

fix: correct NVD cache last checked logic (#6218)

fix: nvd datafeed should process current year (#6213)

fix: correct references to cvssv2 and cvssv3 fields in json and xml reports (#6212)

fix: correct name on reference links in report (#6205)

fix: flaws int the gitlab report (#6193)

See the full listing of changes.

v9.0.2

fix: remove virtual match string on NVD API Request (#6177)

fix: correct meta data in report after switching the NVD API (#6154)

fix: retry HTTP connections to NVD on 502 and 504 errors (#6151)

fix: Gitlab report format needs severity capitalized (#6182)

fix: improve JDK update version parsing (#6163)

fix: mute JCS logging (again) (#6153)

See the full listing of changes.

... (truncated)

Changelog

Sourced from org.owasp:dependency-check-maven's changelog.

Version 9.0.9 (2024-01-17)

fix: for #6374 to delete non-empty directories (#6375)

fix: NoSuchMethodError closeQuietly(java.io.Closeable[]) (#6377)

chore: close stream to prevent possible resource leak (#6382)

docs: Document default for CLI --data (#6359)

docs: document gradle build (#6371)

See the full listing of changes.

Version 9.0.8 (2024-01-06)

fix: favor stability over performance (#6349)

chore: replace commons-io with core java calls (#6343)

fix: improve error reporting for invalid H2 database (#6339)

fix: rework fix for closing input streams on errors correctly (#6338)

fix: reduce chance NVD API block updates due to rate limit (#6333)

fix: ensure open handles will not leak on errors (#6326)

fix: improve error reporting (#6324)

See the full listing of changes.

Version 9.0.7 (2023-12-18)

docs: document insecure configuration for GHSA-qqhq-8r2c-c3f5 (#6315)

fix: improve memory usage on NVD update (#6321)

fix: skip pyproject.toml unless it contains tool.poetry (#6316)

fix: resolve build error that may cause an issue on some JDK versions (#6312)

See the full listing of changes.

Version 9.0.6 (2023-12-15)

build: bump [email protected] (#6308)

fix: mask nvd.api.key in logs; see GHSA-qqhq-8r2c-c3f5 (#6307)

fix: update java version check (#6297)

fix: more efficient memory usage (#6299)

fix: stream NVD data via Jackson to reduce memory footprint (#6275)

docs: document github action caching (#6301)

See the full listing of changes.

Version 9.0.5 (2023-12-13)

fix: make NVD API endpoint configurable (#6287)

fix: synch last modified timestamp for NVD API (#6281)

fix: read NVD cache meta files if cache.properties does not exist (#6282)

fix: correct property for nonProxyHosts (#6285)

fix: reduce apache http logging (#6280)

fix: store last modified timestamp for RetireJS and the Hosted Suppression File in db (#6271)

... (truncated)

Commits

73c3014 build: prepare release v9.0.9
9cd133f docs: release 9.0.9
f5570a0 build(deps): bump JamesIves/github-pages-deploy-action from 4.4.3 to 4.5.0 (#...
22a7f7c build(deps): bump org.apache.commons:commons-lang3 from 3.13.0 to 3.14.0 (#6179)
1dec982 docs: Document default for CLI --data (#6359)
0d96989 fix: NoSuchMethodError closeQuietly(java.io.Closeable[]) (#6377)
a6c3909 chore: close stream to prevent possible resource leak (#6382)
18c70f7 docs: fix links to releases in CHANGELOG.md (#6384)
99af41d docs: remove missed git merge conflict from MD file (#6379)
85d0359 docs: document gradle build (#6371)
Additional commits viewable in compare view

Updates org.jacoco:jacoco-maven-plugin from 0.8.10 to 0.8.11

Release notes

Sourced from org.jacoco:jacoco-maven-plugin's releases.

0.8.11

New Features

JaCoCo now officially supports Java 21 (GitHub #1520).

Experimental support for Java 22 class files (GitHub #1479).

Part of bytecode generated by the Java compilers for exhaustive switch expressions is filtered out during generation of report (GitHub #1472).

Part of bytecode generated by the Java compilers for record patterns is filtered out during generation of report (GitHub #1473).

Fixed bugs

Instrumentation should not cause VerifyError when the last local variable of method parameters is overridden in the method body to store a value of type long or double (GitHub #893).

Restore exec file compatibility with versions from 0.7.5 to 0.8.8 in case of class files with zero line numbers (GitHub #1492).

Non-functional Changes

jacoco-maven-plugin now requires at least Java 8 (GitHub #1466, #1468).

JaCoCo build now requires at least Maven 3.5.4 (GitHub #1467).

Maven 3.9.2 should not produce warnings for jacoco-maven-plugin (GitHub #1468).

JaCoCo build now requires JDK 17 (GitHub #1482).

JaCoCo now depends on ASM 9.6 (GitHub #1518).

Commits

f33756c Prepare release 0.8.11
0670530 Upgrade animal-sniffer-maven-plugin to 1.23
206e5be Restore exec file compatibility after upgrade of ASM to version 9.5 (#1492)
36fc079 Update documentation: JDK version 21 is officially supported (#1520)
7162917 Add validation tests for boolean expressions (#1505)
4bc9267 Fix link to Bytecode Outline Plug-In (#1519)
ded62fc Upgrade ASM to 9.6 (#1518)
6798260 Fix links to ASM website (#1515)
4ba332f Fix misleading outdated javadoc (#1513)
7ca0f0f Opcodes.RET should be processed by visitVarInsn instead of visitInsn (#...
Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-javadoc-plugin from 3.5.0 to 3.6.3

Release notes

Sourced from org.apache.maven.plugins:maven-javadoc-plugin's releases.

3.6.2

🐛 Bug Fixes

[MJAVADOC-716] - Fix stale files detection failing because of the newline (#144) @gnodet

[MJAVADOC-713] - Skipping Javadoc reportset leaves empty Javadoc link i… (#246) @michael-o

[MJAVADOC-762] - don't share state between tests (#218) @elharo

[MJAVADOC-726] - exclude velocity (#243) @elharo

[MJAVADOC-726] - trivial Javadoc fixes to test state of CI (#244) @elharo

[MJAVADOC-774] - Mock repository should not change project sources (#241) @slawekjaranowski

MJAVADOC-774 create dev profile (#239) @hboutemy

Use a stable link in unit test (#240) @slawekjaranowski

📦 Dependency updates

Bump org.codehaus.mojo:mrm-maven-plugin from 1.5.0 to 1.6.0 (#247) @dependabot

[MJAVADOC-777] - Bump org.codehaus.plexus:plexus-java from 1.1.2 to 1.2.0 (#245) @dependabot

3.6.0

🚀 New features and improvements

[MJAVADOC-642] - Make offline mode configurable (#238) @hgschmie

[MJAVADOC-642] - Make offline mode configurable (#232) @hgschmie

[MJAVADOC-770] - Implement legacy mode for Java 9+ (#228) @hgschmie

[MJAVADOC-743] - Drop deprecated mojo parameter (#185) @cstamas

🐛 Bug Fixes

[MJAVADOC-742] - Fix resolution of docletArtifacts (#186) @cstamas

[MJAVADOC-758] - correct exception in JavadocUtil (#230) @hgschmie

[MJAVADOC-769] - fix for transitive filename based modules (#227) @hgschmie

[MJAVADOC-767] - javadoc creates invalid --patch-module statements (#225) @hgschmie

[MJAVADOC-763] - remove test that doesn't test what it claims (#219) @elharo

[MJAVADOC-757] - fix Javadoc warnings (#212) @elharo

Fix UmlGraph link in site example (#198) @ParkerM

📦 Dependency updates

[JAVADOC-771] - Upgrade Parent to 40 (#234) @hgschmie

Bump org.apache.maven:maven-core from 3.6.0 to 3.8.1 in /src/it/projects/MJAVADOC-568_manifest-splitpackage/mojo (#226) @dependabot

Bump com.google.guava:guava from 31.1-jre to 32.0.0-jre in /src/it/projects/MJAVADOC-769 (#229) @dependabot

[MJAVADOC-766] - Bump org.codehaus.plexus:plexus-archiver from 4.7.1 to 4.8.0 (#222) @dependabot

Bump hamcrest-core from 1.3 to 2.2 (#221) @dependabot

Bump guava from 27.0.1-jre to 32.0.0-jre in /src/it/projects/MJAVADOC-555_link-automatic-modules (#207) @dependabot

Bump javax.servlet-api from 3.1.0 to 4.0.1 (test dependency) (#220) @dependabot

[MJAVADOC-761] - commons-io 2.13.0 (#215) @elharo

Bump plexus-utils from 3.5.0 to 3.5.1 (#201) @dependabot

Bump mockito-core from 4.4.0 to 4.11.0 (#196) @dependabot

... (truncated)

Commits

8205008 [maven-release-plugin] prepare release maven-javadoc-plugin-3.6.3
b69af90 [MJAVADOC-682] Reactor builds fail when multiple modules with same groupId:ar...
b47b280 directory, not folder
488624f [MJAVADOC-782] Align read-only parameters naming with other plugins
867dc73 [MJAVADOC-781] Upgrade plugins and components (in ITs)
0104ab2 Fix incorrect config in test-javadoc-test-plugin-config.xml
dd39c0c [MJAVADOC-780] add missing plugin configuration
e6e6180 Remove junk from 692d7a8a9918efd24633a44f0f3d4dfd22d0fec4
692d7a8 [MJAVADOC-779] - Upgrade maven-plugin parent to 41
386d4ea Remove dead link
Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-compiler-plugin from 3.11.0 to 3.12.1

Release notes

Sourced from org.apache.maven.plugins:maven-compiler-plugin's releases.

3.12.1

🐛 Bug Fixes

[MCOMPILER-567] - Fail to compile if the generated-sources/annotation… (#218) @jorsol

📦 Dependency updates

[MCOMPILER-568] - Bump plexusCompilerVersion from 2.14.1 to 2.14.2 (#220) @dependabot

3.12.0

🚀 New features and improvements

[MCOMPILER-562] - Add property maven.compiler.outputDirectory to CompilerMojo (#213) @jGauravGupta

[MCOMPILER-381] - Refactor incremental detection (#181) @jorsol

[MCOMPILER-542] - Clean JDK patch version in module-info.class (#208) @jorsol

[MCOMPILER-558] - compileSourceRoots in testCompile should be writable (#209) @lorenzsimon

[MCOMPILER-559] - Warn if overwriting the project's artifact's file to a different value (#211) @gnodet

[MCOMPILER-550] - make outputDirectory writable (#202) @bmarwell

[MCOMPILER-549] - Improve log message in case of recompilation - fix jenkins build (#203) @slawekjaranowski

[MCOMPILER-549] - Improve log message in case of recompilation (#201) @BrowneMonke

[MCOMPILER-391] - Use dep mgmt when resolving annotation processors and their deps (#180) @psiroky

[MCOMPILER-531] - Prepare for Java 20(-ea) (#184) @slachiewicz

🐛 Bug Fixes

[MCOMPILER-333] - Cleanup generated source files (#214) @jorsol

[MCOMPILER-544] - don't add items to classpath that are not used for that (#198) @laeubi

[MCOMPILER-547] - : Initialize pathElements to empty (#199) @rovarga

📦 Dependency updates

[MCOMPILER-564] - Bump plexusCompilerVersion from 2.13.0 to 2.14.1 (#216) @dependabot

[MCOMPILER-557] - Upgrade maven-plugin parent to 41 - fix build (#210) @slawekjaranowski

[MCOMPILER-554] - Update plexus-java to 1.2.0 (#207) @jorsol

[MCOMPILER-551] - Upgrade Parent to 40 (#205) @slawekjaranowski

[MCOMPILER-541] - update maven-shared-utils to 3.4.2 (#195) @elharo

Bump apache/maven-gh-actions-shared from 2 to 3 (#182) @dependabot

Bump maven-invoker-plugin from 3.4.0 to 3.5.0 (#179) @dependabot

👻 Maintenance

[MCOMPILER-565] - Allow project build by Maven 4 (#217) @slawekjaranowski

[MCOMPILER-552] - Refresh download page (#204) @slawekjaranowski

Remove references to old Maven versions. (#194) @elharo

(doc) Drop unused and vulnerable dependency to log4j (#190) @slachiewicz

[MNG-6829] - Replace StringUtils#isEmpty(String) & #isNotEmpty(String) (#189) @timtebeek

Update plexus-utils to 3.0.24 - in its (#183) @slachiewicz

Commits

736da68 [maven-release-plugin] prepare release maven-compiler-plugin-3.12.1
ef93f3d [MCOMPILER-568] Bump plexusCompilerVersion from 2.14.1 to 2.14.2 (#220)
eb7840c [MCOMPILER-567] - Fail to compile if the "generated-sources/annotations" does...
2a7a73b [maven-release-plugin] prepare for next development iteration
c08b0fd [maven-release-plugin] prepare release maven-compiler-plugin-3.12.0
a1c5b13 [MCOMPILER-565] Allow project build by Maven 4
4855773 Bump plexusCompilerVersion from 2.13.0 to 2.14.1
1d05342 [MCOMPILER-562] Add property maven.compiler.outputDirectory to CompilerMojo (...
ea74978 [MCOMPILER-381] - Refactor incremental detection (#181)
fd37f09 [MCOMPILER-333] Cleanup generated source files (#214)
Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-surefire-plugin from 3.1.2 to 3.2.5

Release notes

Sourced from org.apache.maven.plugins:maven-surefire-plugin's releases.

3.2.5

JIRA link

Release Notes - Maven Surefire - Version 3.2.5

What's Changed

Bump org.htmlunit:htmlunit from 3.8.0 to 3.9.0 by @dependabot in apache/maven-surefire#695

Bump org.fusesource.jansi:jansi from 2.4.0 to 2.4.1 by @dependabot in apache/maven-surefire#684

Bump doxiaVersion from 1.11.1 to 1.12.0 by @dependabot in apache/maven-surefire#609

[SUREFIRE-2221] Document minimum supported Java version for Toolchains by @sbernard31 in apache/maven-surefire#701

[SUREFIRE-2224] StatelessXmlReporter#getTestProblems() does not properly reflect report schema structure by @michael-o in apache/maven-surefire#702

[SUREFIRE-2223] Surefire evaluates parameter jvm before skip by @michael-o in apache/maven-surefire#703

Use uppercase convention for enum member names by @michael-o in apache/maven-surefire#704

[SUREFIRE-2225] Surefire ITs fail when project directory contains space by @michael-o in apache/maven-surefire#705

Run CI tests also with Java 21 by @slachiewicz in apache/maven-surefire#707

Bump org.apache.maven.wagon:wagon-http-lightweight from 3.5.1 to 3.5.3 by @dependabot in apache/maven-surefire#699

Bump org.htmlunit:htmlunit from 3.8.0 to 3.9.0 in /maven-failsafe-plugin/src/it/jetty-war-test-failing by @dependabot in apache/maven-surefire#694

Bump org.htmlunit:htmlunit from 3.8.0 to 3.9.0 in /maven-failsafe-plugin/src/it/jetty-war-test-passing by @dependabot in apache/maven-surefire#693

Bump commons-io:commons-io from 2.15.0 to 2.15.1 by @dependabot in apache/maven-surefire#712

Bump net.java.dev.javacc:javacc from 7.0.12 to 7.0.13 by @dependabot in apache/maven-surefire#711

Bump org.apache.maven.plugins:maven-docck-plugin from 1.1 to 1.2 by @dependabot in apache/maven-surefire#713

[SUREFIRE-2231] JaCoCo 0.8.11 fails with old TestNG releases on Java 17+ by @michael-o in apache/maven-surefire#710

Bump org.assertj:assertj-core from 3.24.2 to 3.25.1 by @dependabot in apache/maven-surefire#714

Bump org.codehaus.plexus:plexus-component-metadata from 2.1.1 to 2.2.0 by @dependabot in apache/maven-surefire#715

... (truncated)

Commits

4b3a271 [maven-release-plugin] prepare release surefire-3.2.5
eb3f1d9 Bump org.codehaus.plexus:plexus-component-metadata from 2.1.1 to 2.2.0
430c406 Bump org.assertj:assertj-core from 3.24.2 to 3.25.1
2d92f2d [SUREFIRE-2231] JaCoCo 0.8.11 fails with old TestNG releases on Java 17+
3290740 Bump org.apache.maven.plugins:maven-docck-plugin from 1.1 to 1.2
25a9776 Bump net.java.dev.javacc:javacc from 7.0.12 to 7.0.13
7752f7e Bump commons-io:commons-io from 2.15.0 to 2.15.1
8874add Revert "Bump jacocoVersion from 0.8.8 to 0.8.11"
c0f7755 Fix formatting
e5f4545 Bump jacocoVersion from 0.8.8 to 0.8.11
Additional commits viewable in compare view

Updates ch.qos.logback:logback-classic from 1.4.11 to 1.4.14

Commits

407f935 prepare release 1.4.14
7018a36 fix missing deseialization filter init call, enable commented out test case
8a746eb start work on 1.4.14-SNAPSHOT
7ee000a prepare release 1.4.13
867bf58 remove superflus system.out call
88abf59 prepare release 1.4.12
2cd8cab cater for array size marked with -1
9c782b4 prevent DOS attacks using on malicious serialized input
f6d690d further support for Virtual threads, issues 737
9a1fc44 add support for Virtual threads
Additional commits viewable in compare view

Updates org.slf4j:jul-to-slf4j from 2.0.7 to 2.0.12

Updates org.slf4j:slf4j-api from 2.0.7 to 2.0.12

Updates org.apache.maven.plugins:maven-dependency-plugin from 3.6.0 to 3.6.1

Commits

4d18cfb [maven-release-plugin] prepare release maven-dependency-plugin-3.6.1
34348ec [MNG-6847] Use diamond operator
0062083 [MDEP-883] - Upgrade maven-plugin parent to 40
c6973da [MDEP-832] - Remove commons-collections-4
0243c41 Bump org.codehaus.plexus:plexus-archiver from 4.7.1 to 4.8.0
4ed696e Add Javadoc 'author' tag to prevent dangling contributor name
3c877fb MDEP-875 prevent possible NPE
9e479d4 [MDEP-872] update commons-io to 2.13.0 (#326)
03bc34e Tighten language (#327)
694655d MDEP-868 update maven-shared-utils to 3.4.2 (#322)
Additional commits viewable in compare view

Updates org.slf4j:slf4j-api from 2.0.7 to 2.0.12

Updates org.postgresql:postgresql from 42.6.0 to 42.7.1

Release notes

Sourced from org.postgresql:postgresql's releases.

v42.7.1

Fixed regressions since 42.7.0

Revert "Use canonical DateStyle name (#2925)" @vlsi (#3035)

Revert "feat: support SET statements combining with other queries with semicolon in PreparedStatement" @vlsi (#3010)

chore: use java.release=8 when building pgjdbc from the generated source distribution @vlsi (#3038), the driver uses Java 8 methods only

Changes

Apply connectTimeout before SSLSocket.startHandshake to avoid infinite wait in case the connection is broken @davecramer (#3040)

perf: improve performance of PreparedStatement.setBlob, BlobInputStream, and BlobOutputStream with dynamic buffer sizing @vlsi (#3044)

fix: avoid timezone conversions when sending LocalDateTime to the database @vlsi (#2852)

fix: support waffle-jna 2.x and 3.x by using reflective approach for ManagedSecBufferDesc @chrullrich (#2720)

🧰 Maintenance

chore: bump Gradle to 8.5 @vlsi (#3045)

chore: use Java 17 for building pgjdbc, and use --release 8 to target Java 8, add tests with Java 21 and 22 @vlsi (#3026)

fedora/rpm: move source build to java-17-openjdk-devel @praiskup (#3036)

Update site 42 7 0 @davecramer (#3004)

prepared for release 42.7.1 update changelogs @davecramer (#3037)

⬆️ Dependencies

fix(deps): update dependency org.checkerframework:org.checkerframework.gradle.plugin to v0.6.36 @renovate-bot (#3060)

chore(deps): update plugin biz.aqute.bnd.builder to v7 @renovate-bot (#3034)

fix(deps): update dependency com.github.spotbugs:com.github.spotbugs.gradle.plugin to v6 @renovate-bot (#3056)

fix(deps): update dependency com.github.spotbugs:com.github.spotbugs.gradle.plugin to v5.2.5 @renovate-bot (#3032)

chore(deps): update codecov/codecov-action digest to b0466b4 @renovate-bot (#3059)

fix(deps): update checkerframework to v3.41.0 @renovate-bot (#3058)

fix(deps): update logback to v1.2.13 @renovate-bot (#3053)

chore(deps): update codecov/codecov-action digest to 438fa9e @renovate-bot (#3051)

fix(deps): update dependency spotbugs to v4.8.2 @renovate-bot (#3052)

chore: bump Gradle to 8.5 @vlsi (#3045)

fix(deps): update dependency org.ops4j.pax.url:pax-url-aether to v2.6.14 @renovate-bot (#3030)

chore(deps): update plugin org.nosphere.gradle.github.actions to v1.4.0 @renovate-bot (#3031)

chore(deps): update dependency ubuntu to v22 @renovate-bot (#3033)

fix(deps): update checkerframework @renovate-bot (#3027)

fix(deps): update dependency spotbugs to v4.8.1 @renovate-bot (#3023)

fix(deps): update dependency uk.org.webcompere:system-stubs-jupiter to v2.1.5 @renovate-bot (#3024)

fix(deps): update jmh to v1.37 @renovate-bot (#3025)

fix(deps): update dependency com.google.errorprone:error_prone_core to v2.23.0 @renovate-bot (#3022)

fix(deps): update junit5 monorepo to v5.10.1 @... Description has been truncated

Bumps the dependencies group with 35 updates: | Package | From | To | | --- | --- | --- | | [org.junit:junit-bom](https://github.com/junit-team/junit5) | `5.10.0` | `5.10.2` | | [org.owasp:dependency-check-maven](https://github.com/jeremylong/DependencyCheck) | `8.4.0` | `9.0.9` | | [org.jacoco:jacoco-maven-plugin](https://github.com/jacoco/jacoco) | `0.8.10` | `0.8.11` | | [org.apache.maven.plugins:maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) | `3.5.0` | `3.6.3` | | [org.apache.maven.plugins:maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) | `3.11.0` | `3.12.1` | | [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.1.2` | `3.2.5` | | [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) | `1.4.11` | `1.4.14` | | org.slf4j:jul-to-slf4j | `2.0.7` | `2.0.12` | | org.slf4j:slf4j-api | `2.0.7` | `2.0.12` | | [org.apache.maven.plugins:maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin) | `3.6.0` | `3.6.1` | | org.slf4j:slf4j-api | `2.0.7` | `2.0.12` | | [org.postgresql:postgresql](https://github.com/pgjdbc/pgjdbc) | `42.6.0` | `42.7.1` | | [net.postgis:postgis-jdbc](https://github.com/postgis/postgis-java) | `2021.1.0` | `2023.1.0` | | [com.fasterxml.jackson.core:jackson-annotations](https://github.com/FasterXML/jackson) | `2.15.2` | `2.16.1` | | [com.fasterxml.jackson.core:jackson-core](https://github.com/FasterXML/jackson-core) | `2.15.2` | `2.16.1` | | [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) | `2.15.2` | `2.16.1` | | [com.fasterxml.jackson.core:jackson-core](https://github.com/FasterXML/jackson-core) | `2.15.2` | `2.16.1` | | org.apache.commons:commons-text | `1.10.0` | `1.11.0` | | [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) | `2.15.2` | `2.16.1` | | org.apache.commons:commons-lang3 | `3.13.0` | `3.14.0` | | [net.java.dev.javacc:javacc](https://github.com/javacc/javacc) | `7.0.12` | `7.0.13` | | [io.github.git-commit-id:git-commit-id-maven-plugin](https://github.com/git-commit-id/git-commit-id-maven-plugin) | `6.0.0` | `7.0.0` | | org.apache.commons:commons-dbcp2 | `2.9.0` | `2.11.0` | | [net.time4j:time4j-sqlxml](https://github.com/MenoData/Time4J) | `5.9.3` | `5.9.4` | | [net.time4j:time4j-base](https://github.com/MenoData/Time4J) | `5.9.3` | `5.9.4` | | org.jooq:jooq | `3.16.21` | `3.19.3` | | org.jooq:jooq-meta | `3.16.21` | `3.19.3` | | org.jooq:jooq-codegen | `3.16.21` | `3.19.3` | | org.jooq:jooq-meta | `3.16.21` | `3.19.3` | | org.jooq:jooq-codegen | `3.16.21` | `3.19.3` | | [org.liquibase:liquibase-core](https://github.com/liquibase/liquibase) | `4.12.0` | `4.26.0` | | org.keycloak:keycloak-servlet-filter-adapter | `22.0.1` | `23.0.6` | | commons-io:commons-io | `2.13.0` | `2.15.1` | | [net.time4j:time4j-base](https://github.com/MenoData/Time4J) | `5.9.3` | `5.9.4` | | org.openjfx:javafx-fxml | `19.0.2.1` | `21.0.2` | | org.openjfx:javafx-controls | `19.0.2.1` | `21.0.2` | | org.openjfx:javafx-controls | `19.0.2.1` | `21.0.2` | | [org.apache.maven.plugins:maven-shade-plugin](https://github.com/apache/maven-shade-plugin) | `3.5.0` | `3.5.1` | | [org.testcontainers:junit-jupiter](https://github.com/testcontainers/testcontainers-java) | `1.19.1` | `1.19.5` | | [com.google.guava:guava](https://github.com/google/guava) | `32.1.2-jre` | `33.0.0-jre` | | org.eclipse.jetty:jetty-servlet | `10.0.15` | `10.0.20` | | [org.json:json](https://github.com/douglascrockford/JSON-java) | `20230618` | `20240205` | Updates `org.junit:junit-bom` from 5.10.0 to 5.10.2 - [Release notes](https://github.com/junit-team/junit5/releases) - [Commits](junit-team/junit5@r5.10.0...r5.10.2) Updates `org.owasp:dependency-check-maven` from 8.4.0 to 9.0.9 - [Release notes](https://github.com/jeremylong/DependencyCheck/releases) - [Changelog](https://github.com/jeremylong/DependencyCheck/blob/main/CHANGELOG.md) - [Commits](jeremylong/DependencyCheck@v8.4.0...v9.0.9) Updates `org.jacoco:jacoco-maven-plugin` from 0.8.10 to 0.8.11 - [Release notes](https://github.com/jacoco/jacoco/releases) - [Commits](jacoco/jacoco@v0.8.10...v0.8.11) Updates `org.apache.maven.plugins:maven-javadoc-plugin` from 3.5.0 to 3.6.3 - [Release notes](https://github.com/apache/maven-javadoc-plugin/releases) - [Commits](apache/maven-javadoc-plugin@maven-javadoc-plugin-3.5.0...maven-javadoc-plugin-3.6.3) Updates `org.apache.maven.plugins:maven-compiler-plugin` from 3.11.0 to 3.12.1 - [Release notes](https://github.com/apache/maven-compiler-plugin/releases) - [Commits](apache/maven-compiler-plugin@maven-compiler-plugin-3.11.0...maven-compiler-plugin-3.12.1) Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.1.2 to 3.2.5 - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](apache/maven-surefire@surefire-3.1.2...surefire-3.2.5) Updates `ch.qos.logback:logback-classic` from 1.4.11 to 1.4.14 - [Commits](qos-ch/logback@v_1.4.11...v_1.4.14) Updates `org.slf4j:jul-to-slf4j` from 2.0.7 to 2.0.12 Updates `org.slf4j:slf4j-api` from 2.0.7 to 2.0.12 Updates `org.apache.maven.plugins:maven-dependency-plugin` from 3.6.0 to 3.6.1 - [Commits](apache/maven-dependency-plugin@maven-dependency-plugin-3.6.0...maven-dependency-plugin-3.6.1) Updates `org.slf4j:slf4j-api` from 2.0.7 to 2.0.12 Updates `org.postgresql:postgresql` from 42.6.0 to 42.7.1 - [Release notes](https://github.com/pgjdbc/pgjdbc/releases) - [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md) - [Commits](pgjdbc/pgjdbc@REL42.6.0...REL42.7.1) Updates `net.postgis:postgis-jdbc` from 2021.1.0 to 2023.1.0 - [Release notes](https://github.com/postgis/postgis-java/releases) - [Commits](postgis/postgis-java@v2021.1.0...postgis-java-aggregator-2023.1.0) Updates `com.fasterxml.jackson.core:jackson-annotations` from 2.15.2 to 2.16.1 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `com.fasterxml.jackson.core:jackson-core` from 2.15.2 to 2.16.1 - [Commits](FasterXML/jackson-core@jackson-core-2.15.2...jackson-core-2.16.1) Updates `com.fasterxml.jackson.core:jackson-databind` from 2.15.2 to 2.16.1 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `com.fasterxml.jackson.core:jackson-core` from 2.15.2 to 2.16.1 - [Commits](FasterXML/jackson-core@jackson-core-2.15.2...jackson-core-2.16.1) Updates `org.apache.commons:commons-text` from 1.10.0 to 1.11.0 Updates `com.fasterxml.jackson.core:jackson-databind` from 2.15.2 to 2.16.1 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `org.apache.commons:commons-lang3` from 3.13.0 to 3.14.0 Updates `net.java.dev.javacc:javacc` from 7.0.12 to 7.0.13 - [Release notes](https://github.com/javacc/javacc/releases) - [Changelog](https://github.com/javacc/javacc/blob/master/docs/release-notes.md) - [Commits](javacc/javacc@javacc-7.0.12...javacc-7.0.13) Updates `io.github.git-commit-id:git-commit-id-maven-plugin` from 6.0.0 to 7.0.0 - [Release notes](https://github.com/git-commit-id/git-commit-id-maven-plugin/releases) - [Commits](git-commit-id/git-commit-id-maven-plugin@v6.0.0...v7.0.0) Updates `org.apache.commons:commons-dbcp2` from 2.9.0 to 2.11.0 Updates `net.time4j:time4j-sqlxml` from 5.9.3 to 5.9.4 - [Release notes](https://github.com/MenoData/Time4J/releases) - [Changelog](https://github.com/MenoData/Time4J/blob/master/CHANGELOG.md) - [Commits](MenoData/Time4J@v5.9.3...v5.9.4) Updates `net.time4j:time4j-base` from 5.9.3 to 5.9.4 - [Release notes](https://github.com/MenoData/Time4J/releases) - [Changelog](https://github.com/MenoData/Time4J/blob/master/CHANGELOG.md) - [Commits](MenoData/Time4J@v5.9.3...v5.9.4) Updates `org.jooq:jooq` from 3.16.21 to 3.19.3 Updates `org.jooq:jooq-meta` from 3.16.21 to 3.19.3 Updates `org.jooq:jooq-codegen` from 3.16.21 to 3.19.3 Updates `org.jooq:jooq-meta` from 3.16.21 to 3.19.3 Updates `org.jooq:jooq-codegen` from 3.16.21 to 3.19.3 Updates `org.liquibase:liquibase-core` from 4.12.0 to 4.26.0 - [Release notes](https://github.com/liquibase/liquibase/releases) - [Changelog](https://github.com/liquibase/liquibase/blob/v4.26.0/changelog.txt) - [Commits](liquibase/liquibase@v4.12.0...v4.26.0) Updates `org.keycloak:keycloak-servlet-filter-adapter` from 22.0.1 to 23.0.6 Updates `commons-io:commons-io` from 2.13.0 to 2.15.1 Updates `net.time4j:time4j-base` from 5.9.3 to 5.9.4 - [Release notes](https://github.com/MenoData/Time4J/releases) - [Changelog](https://github.com/MenoData/Time4J/blob/master/CHANGELOG.md) - [Commits](MenoData/Time4J@v5.9.3...v5.9.4) Updates `org.openjfx:javafx-fxml` from 19.0.2.1 to 21.0.2 Updates `org.openjfx:javafx-controls` from 19.0.2.1 to 21.0.2 Updates `org.openjfx:javafx-controls` from 19.0.2.1 to 21.0.2 Updates `org.apache.maven.plugins:maven-shade-plugin` from 3.5.0 to 3.5.1 - [Release notes](https://github.com/apache/maven-shade-plugin/releases) - [Commits](apache/maven-shade-plugin@maven-shade-plugin-3.5.0...maven-shade-plugin-3.5.1) Updates `org.testcontainers:junit-jupiter` from 1.19.1 to 1.19.5 - [Release notes](https://github.com/testcontainers/testcontainers-java/releases) - [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md) - [Commits](testcontainers/testcontainers-java@1.19.1...1.19.5) Updates `com.google.guava:guava` from 32.1.2-jre to 33.0.0-jre - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) Updates `org.eclipse.jetty:jetty-servlet` from 10.0.15 to 10.0.20 Updates `org.json:json` from 20230618 to 20240205 - [Release notes](https://github.com/douglascrockford/JSON-java/releases) - [Changelog](https://github.com/stleary/JSON-java/blob/master/docs/RELEASES.md) - [Commits](https://github.com/douglascrockford/JSON-java/commits) --- updated-dependencies: - dependency-name: org.junit:junit-bom dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.owasp:dependency-check-maven dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: org.jacoco:jacoco-maven-plugin dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.apache.maven.plugins:maven-javadoc-plugin dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.apache.maven.plugins:maven-compiler-plugin dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: ch.qos.logback:logback-classic dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.slf4j:jul-to-slf4j dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.slf4j:slf4j-api dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.apache.maven.plugins:maven-dependency-plugin dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.slf4j:slf4j-api dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.postgresql:postgresql dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: net.postgis:postgis-jdbc dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: com.fasterxml.jackson.core:jackson-annotations dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: com.fasterxml.jackson.core:jackson-core dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: com.fasterxml.jackson.core:jackson-databind dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: com.fasterxml.jackson.core:jackson-core dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.apache.commons:commons-text dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: com.fasterxml.jackson.core:jackson-databind dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.apache.commons:commons-lang3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: net.java.dev.javacc:javacc dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: io.github.git-commit-id:git-commit-id-maven-plugin dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: org.apache.commons:commons-dbcp2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: net.time4j:time4j-sqlxml dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: net.time4j:time4j-base dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.jooq:jooq dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.jooq:jooq-meta dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.jooq:jooq-codegen dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.jooq:jooq-meta dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.jooq:jooq-codegen dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.liquibase:liquibase-core dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.keycloak:keycloak-servlet-filter-adapter dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: commons-io:commons-io dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: net.time4j:time4j-base dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.openjfx:javafx-fxml dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: org.openjfx:javafx-controls dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: org.openjfx:javafx-controls dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: org.apache.maven.plugins:maven-shade-plugin dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.testcontainers:junit-jupiter dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: com.google.guava:guava dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: org.eclipse.jetty:jetty-servlet dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.json:json dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2024-02-19T06:50:49Z

Superseded by #1881.

dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Feb 12, 2024

dependabot bot closed this Feb 19, 2024

dependabot bot deleted the dependabot/maven/v2.0.x/dependencies-428b03cefd branch February 19, 2024 06:50

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the dependencies group with 35 updates #1876

Bump the dependencies group with 35 updates #1876

dependabot bot commented on behalf of github Feb 12, 2024 •

edited

Loading

dependabot bot commented on behalf of github Feb 19, 2024

Bump the dependencies group with 35 updates #1876

Bump the dependencies group with 35 updates #1876

Conversation

dependabot bot commented on behalf of github Feb 12, 2024 • edited Loading

Version 9.0.9

Version 9.0.8

Version 9.0.7

Version 9.0.6

Version 9.0.5

Version 9.0.4

Version 9.0.3

v9.0.2

Version 9.0.9 (2024-01-17)

Version 9.0.8 (2024-01-06)

Version 9.0.7 (2023-12-18)

Version 9.0.6 (2023-12-15)

Version 9.0.5 (2023-12-13)

0.8.11

New Features

Fixed bugs

Non-functional Changes

3.6.2

🐛 Bug Fixes

📦 Dependency updates

3.6.0

🚀 New features and improvements

🐛 Bug Fixes

📦 Dependency updates

3.12.1

🐛 Bug Fixes

📦 Dependency updates

3.12.0

🚀 New features and improvements

🐛 Bug Fixes

📦 Dependency updates

👻 Maintenance

3.2.5

Release Notes - Maven Surefire - Version 3.2.5

What's Changed

v42.7.1

Fixed regressions since 42.7.0

Changes

🧰 Maintenance

⬆️ Dependencies

dependabot bot commented on behalf of github Feb 19, 2024

dependabot bot commented on behalf of github Feb 12, 2024 •

edited

Loading