Bump the maven group with 8 updates

[dependabot]

Bumps the maven group with 8 updates:

Package	From	To
org.apache.maven.plugins:maven-javadoc-plugin	3.11.1	3.11.2
com.google.guava:guava-testlib	33.3.1-jre	33.4.0-jre
com.google.guava:guava	33.3.1-jre	33.4.0-jre
com.guardsquare:proguard-base	7.6.0	7.6.1
com.guardsquare:proguard-core	9.1.6	9.1.7
org.junit.jupiter:junit-jupiter	5.11.3	5.11.4
org.graalvm.buildtools:native-maven-plugin	0.10.3	0.10.4
com.google.protobuf:protobuf-java	4.29.0	4.29.2

Updates org.apache.maven.plugins:maven-javadoc-plugin from 3.11.1 to 3.11.2

Release notes

Sourced from org.apache.maven.plugins:maven-javadoc-plugin's releases.

3.11.2

🚀 New features and improvements

• [MJAVADOC-823] - legacyMode keeps using module-info.java (-sourcedirectory still use as well as java files input) (#343) @​olamy
• [MJAVADOC-814] - handle parameters such packages with multi lines (#337) @​olamy
• [MJAVADOC-822] - skippedModules should be more scalable and support regex (#336) @​olamy

📦 Dependency updates

• Bump com.thoughtworks.qdox:qdox from 2.1.0 to 2.2.0 (#344) @​dependabot
• Bump commons-io:commons-io from 2.17.0 to 2.18.0 (#342) @​dependabot
• Bump org.codehaus.mojo:l10n-maven-plugin from 1.0.0 to 1.1.0 (#335) @​dependabot

👻 Maintenance

• refactor: Replace Plexus AbstractLogEnabled with SLF4J (#338) @​timtebeek

Commits

• 44cbab7 [maven-release-plugin] prepare release maven-javadoc-plugin-3.11.2
• 3de45d8 use github for scm
• 45ccf06 Bump com.thoughtworks.qdox:qdox from 2.1.0 to 2.2.0
• 530fa01 [MJAVADOC-823] legacyMode keeps using module-info.java (-sourcedirectory stil...
• 3a16d92 Bump commons-io:commons-io from 2.17.0 to 2.18.0
• 69c1ba7 Migrate from Plexus to Sisu Guice (#341)
• 39857ea Remove usages of deprecated ReaderFactory class (#339)
• 314203a [MJAVADOC-814] handle parameters such packages with multi lines (#337)
• 3bb982d refactor: Replace Plexus AbstractLogEnabled with SLF4J (#338)
• 76826c8 [MJAVADOC-822] skippedModules should be more scalable and support regex (#336)
• Additional commits viewable in compare view

Updates com.google.guava:guava-testlib from 33.3.1-jre to 33.4.0-jre

Release notes

Sourced from com.google.guava:guava-testlib's releases.

33.4.0

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.4.0-jre</version>
  <!-- or, for Android: -->
  <version>33.4.0-android</version>
</dependency>

Jar files

• 33.4.0-jre.jar
• 33.4.0-android.jar

Guava requires one runtime dependency, which you can download here:

• failureaccess-1.0.1.jar

Javadoc

• 33.4.0-jre
• 33.4.0-android

JDiff

• 33.4.0-jre vs. 33.3.1-jre
• 33.4.0-android vs. 33.3.1-android
• 33.4.0-android vs. 33.4.0-jre

Changelog

• Exposed additional Java 8 APIs to Android users. (6082782134, 9b0109c662, 6ace8bc8ea, b650b9fe77, c6c268006c, 984f713d76, f9f3fffb87, cdc225474e)
• base: Deprecated Charsets constants in favor of StandardCharsets. We will not remove the constants, but we recommend using StandardCharsets for consistency. (45e6be2688)
• base: Added ToStringHelper.omitEmptyValues(). (f5ec2ab85c)
• collect: Added an optimized copyOf method to TreeRangeMap. (a46565dd1c)
• collect.testing: Fixed @Require annotations so that features implied by absent features are not also required to be absent. (81be061f85)
• io: Changed ByteSink and CharSink to no longer call flush() in some cases before close(). This is a no-op for well-behaved streams, which internally flush their data as part of closing. However, we have discovered some stream implementations that have overridden close() to do nothing, including not to flush some buffered data. If this change causes problems, the simplest fix is usually to change the close() override to at least call flush(). (6ace8bc8ea)
• net: Added HttpHeaders.ALT_SVC and MediaType.CBOR. (503ba429f9, 7c0bf0892d)

Commits

• See full diff in compare view

Updates com.google.guava:guava from 33.3.1-jre to 33.4.0-jre

Release notes

Sourced from com.google.guava:guava's releases.

33.4.0

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.4.0-jre</version>
  <!-- or, for Android: -->
  <version>33.4.0-android</version>
</dependency>

Jar files

• 33.4.0-jre.jar
• 33.4.0-android.jar

Guava requires one runtime dependency, which you can download here:

• failureaccess-1.0.1.jar

Javadoc

• 33.4.0-jre
• 33.4.0-android

JDiff

• 33.4.0-jre vs. 33.3.1-jre
• 33.4.0-android vs. 33.3.1-android
• 33.4.0-android vs. 33.4.0-jre

Changelog

• Exposed additional Java 8 APIs to Android users. (6082782134, 9b0109c662, 6ace8bc8ea, b650b9fe77, c6c268006c, 984f713d76, f9f3fffb87, cdc225474e)
• base: Deprecated Charsets constants in favor of StandardCharsets. We will not remove the constants, but we recommend using StandardCharsets for consistency. (45e6be2688)
• base: Added ToStringHelper.omitEmptyValues(). (f5ec2ab85c)
• collect: Added an optimized copyOf method to TreeRangeMap. (a46565dd1c)
• collect.testing: Fixed @Require annotations so that features implied by absent features are not also required to be absent. (81be061f85)
• io: Changed ByteSink and CharSink to no longer call flush() in some cases before close(). This is a no-op for well-behaved streams, which internally flush their data as part of closing. However, we have discovered some stream implementations that have overridden close() to do nothing, including not to flush some buffered data. If this change causes problems, the simplest fix is usually to change the close() override to at least call flush(). (6ace8bc8ea)
• net: Added HttpHeaders.ALT_SVC and MediaType.CBOR. (503ba429f9, 7c0bf0892d)

Commits

• See full diff in compare view

Updates com.guardsquare:proguard-base from 7.6.0 to 7.6.1

Release notes

Sourced from com.guardsquare:proguard-base's releases.

7.6.1

Bugfixes

• Fix backporting default interface method parameter annotations. (#451)
• Prevent Value in slot <n> is empty exception during processing time by no longer applying lower slot replacement by default. It can be enabled again with the optimization.enable.slot.replacement system property.

Commits

• 08adfa5 Bump version to 7.6.1 in the manual
• 89b1e55 Add release notes for version 7.6.1, bump ProGuardCORE version
• f4c4a13 Remove Guardsquare community link.
• c1eafc7 Log ACD rules for parameterless constructors
• 73860de Discard empty Kotlin metadata
• ff66baa Remove references to encryption
• 174d3f4 Upgrade Gradle, upgrade dependencies, bump version to 7.6.1
• f5352fe Clean up Kotlin verification in ProGuard.java
• 844f3d7 Remove variable push replacements optimization
• 7b6712e Replace all PartialEvaluator constructor calls with builder calls
• See full diff in compare view

Updates com.guardsquare:proguard-core from 9.1.6 to 9.1.7

Release notes

Sourced from com.guardsquare:proguard-core's releases.

9.1.7

Bugfixes

• Make sure injected initialization methods in interfaces have the correct access flags.

Improved

• InstructionSequenceMatcher now supports matching of primitive array constants.
• Support propagation of extra specified taints in JvmTaintTransferRelation.
• Introduce ReflectiveModel and ReflectiveModelExecutor to simplify the creation and analysis of Models.

API improvements

• Rename CallVisitor to CallHandler and add extra parameters to handle calls accounting for more data.
• Add ClassUtil.isClassInitializer(String) and ClassUtil.isInstanceInitializer(String).
• Extend MemberCollectionFilter to accept a Set of any subtype of Member.

API changes

• Move classes related to Model to the proguard.evaluation.value.object.model package.
• StringSharer now uses a string pool to share strings, instead of traversing references.

API changes for the dataflow analysis code

There are several changes to the dataflow analysis code with the objective of eliminating unnecessary abstraction and make its usage easier. This includes:

• Remove MemoryLocation, use JvmMemoryLocation instead.
• Make JvmMemoryLocation independent of the type of value contained in the analysis' state. The type of the value now needs only to be provided when calling extractValueOrDefault.
• Remove all code related to the tree heap model for taint analysis.

Commits

• 54cfe07 Remove code for heap tree model
• c728473 Cleanup memory location states
• 13ccade Use a string pool for members in the StringSharer
• 09675a6 Revert Kotlin version bump temporarily
• 0b2ef5b Add ReflectiveModelExecutor and ReflectiveModel to simplify the design of mod...
• bd36314 fix: Fix attribute adder for parameter annotations (#130)
• 9ab932c Test updating to Kotlin 2.1.0
• 54f4766 Use Java 11 for documentation workflow
• f7b0101 Upgrade Gradle, upgrade dependencies
• 85e16ba Ensure Kotlin module integrity when the referenced facade class is null
• Additional commits viewable in compare view

Updates org.junit.jupiter:junit-jupiter from 5.11.3 to 5.11.4

Release notes

Sourced from org.junit.jupiter:junit-jupiter's releases.

JUnit 5.11.4 = Platform 1.11.4 + Jupiter 5.11.4 + Vintage 5.11.4

See Release Notes.

Full Changelog: junit-team/junit5@r5.11.3...r5.11.4

Commits

• 6430ba4 Release 5.11.4
• d093121 Finalize 5.11.4 release notes
• 0444353 Fix Maven integration tests on JDK 24
• b5c7f4e Move #4153 to 5.11.4 release notes
• b20c4e2 Ensure the XMLStreamWriter is closed after use
• 6376f0a Configure Git username and email
• 2b485c4 Set reference repo URI
• 500b5a0 Inject username and password via new DSL
• d671961 Update plugin gitPublish to v5
• 3d11279 Add JAVA_25 to JRE enum
• Additional commits viewable in compare view

Updates org.graalvm.buildtools:native-maven-plugin from 0.10.3 to 0.10.4

Release notes

Sourced from org.graalvm.buildtools:native-maven-plugin's releases.

0.10.4

What's Changed

• Improve Native Image SBOM Generation by @​rudsberg in graalvm/native-build-tools#623
• Fix links to Reachability Metadata documentation. by @​olyagpl in graalvm/native-build-tools#627
• Fix links to the resources file in Maven/Gradle quickstart guides #296 by @​olyagpl in graalvm/native-build-tools#632
• Bump io.netty:netty-codec-http from 4.1.80.Final to 4.1.108.Final in /samples/metadata-repo-integration by @​dependabot in graalvm/native-build-tools#588
• Fix the resources file link in the Maven quickstart guide #632 by @​olyagpl in graalvm/native-build-tools#637
• Make accessFilter file registration thread safe by @​dnestoro in graalvm/native-build-tools#635
• Update metadata repository version by @​dnestoro in graalvm/native-build-tools#640

New Contributors

• @​rudsberg made their first contribution in graalvm/native-build-tools#623

Full Changelog: graalvm/native-build-tools@0.10.3...0.10.4

Commits

• 25a4ca9 release 0.10.4
• 6a489a8 Update metadata repository version
• 47bda78 Improve error messages
• 0613de2 Make accessFilter file registration thread safe
• 26f16f7 Merge pull request #637 from graalvm/og/issue-296
• cf4599b Merge branch 'master' into og/issue-296
• 88c19c3 Bump io.netty:netty-codec-http in /samples/metadata-repo-integration
• acef1a7 Merge branch 'master' into og/issue-296
• efd8705 Fix links to the resources file in Maven quickstart guide
• 979e9ec Merge pull request #632 from graalvm/og/issue-296
• Additional commits viewable in compare view

Updates com.google.protobuf:protobuf-java from 4.29.0 to 4.29.2

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[Marcono1234]

Build failure for this pull request here is fixed by #2786.
Please merge that pull request first into this dependabot/... branch here, and afterwards you can merge this pull request (assuming you are fine with the version upgrades done by Dependabot).