chore(deps): bump the low-risk group across 1 directory with 24 updates by dependabot[bot] · Pull Request #805 · Ensono/stacks-java-cqrs

dependabot · 2025-12-22T22:03:09Z

Bumps the low-risk group with 24 updates in the /api-tests directory:

Package	From	To
ch.qos.logback:logback-classic	`1.5.18`	`1.5.23`
io.cucumber:cucumber-java	`7.27.0`	`7.33.0`
io.cucumber:cucumber-junit-platform-engine	`7.27.0`	`7.33.0`
org.assertj:assertj-core	`3.27.4`	`3.27.6`
net.bytebuddy:byte-buddy	`1.17.6`	`1.18.3`
com.fasterxml.jackson.core:jackson-databind	`2.19.2`	`2.20`
com.fasterxml.jackson.core:jackson-core	`2.19.2`	`2.20`
com.fasterxml.jackson.core:jackson-annotations	`2.19.2`	`2.20`
io.netty:netty-codec-http	`4.2.5.Final`	`4.2.9.Final`
io.netty:netty-codec-http2	`4.2.3.Final`	`4.2.9.Final`
io.netty:netty-transport-native-epoll	`4.2.3.Final`	`4.2.9.Final`
com.google.guava:guava	`33.4.8-jre`	`33.5.0-jre`
org.apache.httpcomponents.client5:httpclient5	`5.5`	`5.6`
org.projectlombok:lombok	`1.18.38`	`1.18.42`
commons-codec:commons-codec	`1.19.0`	`1.20.0`
com.github.spotbugs:spotbugs	`4.9.4`	`4.9.8`
org.owasp:dependency-check-maven	`12.1.8`	`12.1.9`
org.codehaus.mojo:exec-maven-plugin	`3.5.1`	`3.6.3`
org.apache.maven.plugins:maven-surefire-plugin	`3.5.3`	`3.5.4`
org.apache.maven.plugins:maven-failsafe-plugin	`3.5.3`	`3.5.4`
org.apache.maven.plugins:maven-compiler-plugin	`3.14.0`	`3.14.1`
au.com.dius.pact.provider:maven	`4.6.17`	`4.6.19`
org.apache.maven.plugins:maven-pmd-plugin	`3.27.0`	`3.28.0`
com.github.spotbugs:spotbugs-maven-plugin	`4.9.3.2`	`4.9.8.2`

Updates ch.qos.logback:logback-classic from 1.5.18 to 1.5.23

Release notes

Sourced from ch.qos.logback:logback-classic's releases.

Logback 1.5.23

2025-12-21 Release of logback version 1.5.23

• In response to issues/959 file name collisions are detected at configuration time by analyzing the configuration file and no longer at run time. This avoids the ConcurrentModificationException reported in the issue.

• ZIP and XZ compression now use a BufferedOutputStream when writing to the compressed file. This issue was reported in issues/988.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 0bcc3feb54a6d99caac70969ee5f8334aad1fbaf associated with the tag v_1.5.23. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.22

2025-12-11 Release of logback version 1.5.22

• In order to prevent involuntary information leakage, Logback will no longer output the value of a substituted variable, if the variable name contains any of the case-insensitive strings "password", "secret" or "confidential". This problem was reported by Chintan Rohila in issues/986.

• Logback now takes the overridden toString() method of Throwable subclasses into account when printing stack traces. This issue was reported in LOGBACK-543 by Alvin Chee, with a fix provided in PR 404 by Brett Kail.

• Instead of limit-counting guard, Logback now uses a tumbling-window guard to rate limit internal error messages.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 572379aabd2f672b49593e4020696c624541e5b0 associated with the tag v_1.5.22. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.21

2025-11-10 Release of logback version 1.5.21

• Invocations of turbo filters in isDebugEnabled, isInfoEnabled()... remain as they were, untouched. However, any installed instances of TurboFilter are now invoked also from within the log(LoggingEvent) method of Logger with the contents of the LoggingEvent, typically via the fluent API. This fixes issues/871.

• Removed reentry-guard in most subclasses of UnsynchronizedAppenderBase where it was not needed.

• Initialization procedure has been simplified by removing the step instantiating a SerializedModelConfigurator. However, it is still possible to set up SerializedModelConfigurator as a custom configurator.

• JsonEncoder is now friendlier to derivation by sub-classes as requested in issues/979.

• Fixed XMLLayout thread safety issue reported in LOGBACK-427.

• Removed superfluous buffering in Zip, GZ and XZ compression code.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit fed6f37ffe3449e40f6a9fffe050936a33116bd1 associated with the tag v_1.5.21. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.20

2025-10-19 Release of logback version 1.5.20

• Due to potential vulnerabilities associated with dynamic, i.e. runtime, java code compilation and execution (using Janino), the 'condition' attribute within the <if> element is deprecated and will be removed in 2027.

An online migration service is provided to help with the transition.

The <condition> element, new in this version, admits custom PropertyEvaluator as a recommended alternative. See also the updated documentation on conditional configuration.

• Initialization procedure was incorrectly reported as having been simplified in this version, i.e. version 1.5.20 by removing the step instantiating a SerializedModelConfigurator. The actual simplification was done in version 1.5.21

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 930fb15c993a4344bcecc6ba2225c12a2c38e676 associated with the tag v_1.5.20. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

... (truncated)

Commits

0bcc3fe prepare release 1.5.23
4627dbd better to use BufferedOutputStream during ZIP and XZ compression, especially ...
299f091 add collision test in presence of conditional processing
b446f3f In Context, remove collision map
a3eb14d in response to issues/959, collision detection is now done by FileCollisionAn...
681b2be remove unused method, minor comment edits
17a3edf start work on 1.5.23-SNAPSHOT
572379a prepare release 1.5.22
39d17ea fix status printing of variable substitution when the variable name contains ...
75509a9 fix PR 404, LOGBACK-543
Additional commits viewable in compare view

Updates io.cucumber:cucumber-java from 7.27.0 to 7.33.0

Release notes

Sourced from io.cucumber:cucumber-java's releases.

v7.33.0

Added

[Java] Add Scenario.getLanguage() to return the current language (#3124 Stefan Gasterstädt)

Changed

[Core] Upload Cucumber Reports with Gzip encoding (#3115)

[Core] Render the empty tag expression as an empty string (#222)

[Core] Update dependency io.cucumber:html-formatter to v22.2.0

[Core] Update dependency io.cucumber:tag-expressions to v8.1.0

[Core] Update dependency io.cucumber:cucumber-json-formatter to v0.3.2

Fixed

[Core] Improve error message for missing operands in tag expressions (#221)

[Core] Include empty scenarios and backgrounds in json report (#34)

v7.32.0

Changed

[Core] Update dependency io.cucumber:gherkin to v36.1.0

[Core] Update dependency io.cucumber:html-formatter to v22.1.0

[Core] Update dependency io.cucumber:junit-xml-formatter to v0.11.0

[Core] Update dependency io.cucumber:pretty-formatter to v2.4.1

Fixed

[Core] Add OS version to Meta message (#3108)

[Core] Fix interpolated data tables and doc string arguments in Json report (#29)

v7.31.0

Added

[Core] Add a UsageJsonFormatter, use with --plugin usage-json (#3086 M.P. Korstanje)

Changed

[Core] Update dependency io.cucumber:ci-environment to v12.0.0

[Core] Update dependency io.cucumber:cucumber-json-formatter to v0.3.0

[Core] Update dependency io.cucumber:gherkin to v36.0.0

[Core] Update dependency io.cucumber:html-formatter to v22.0.0

[Core] Update dependency io.cucumber:junit-xml-formatter to v0.10.0

[Core] Update dependency io.cucumber:messages to v30.1.0

[Core] Update dependency io.cucumber:pretty-formatter to v2.4.0

[Core] Update dependency io.cucumber:query to v14.6.0

[Core] Update dependency io.cucumber:tag-expressions to v8.0.0

[Core] Update dependency io.cucumber:teamcity-formatter to v0.2.0

[Core] Update dependency io.cucumber:testng-xml-formatter to v0.7.0

[Core] Use a message based TimeLineFormatter (#3095 M.P. Korstanje)

[Core] Use a message based UsageFormatter (#3086 M.P. Korstanje)

[Core] Use a message based UnusedFormatter (#3086 M.P. Korstanje)

Fixed

[Core] Prefer URIs with authority (#3098 M.P. Korstanje)

[Core] Reduce classpath scanner logging (#3099 M.P. Korstanje)

... (truncated)

Changelog

Sourced from io.cucumber:cucumber-java's changelog.

[7.33.0] - 2025-12-09

Added

[Java] Add Scenario.getLanguage() to return the current language (#3124 Stefan Gasterstädt)

Changed

[Core] Upload Cucumber Reports with Gzip encoding (#3115)

[Core] Render the empty tag expression as an empty string (#222)

[Core] Update dependency io.cucumber:html-formatter to v22.2.0

[Core] Update dependency io.cucumber:tag-expressions to v8.1.0

[Core] Update dependency io.cucumber:cucumber-json-formatter to v0.3.2

Fixed

[Core] Improve error message for missing operands in tag expressions (#221)

[Core] Include empty scenarios and backgrounds in json report (#34)

[7.32.0] - 2025-11-21

Changed

[Core] Update dependency io.cucumber:gherkin to v36.1.0

[Core] Update dependency io.cucumber:html-formatter to v22.1.0

[Core] Update dependency io.cucumber:junit-xml-formatter to v0.11.0

[Core] Update dependency io.cucumber:pretty-formatter to v2.4.1

Fixed

[Core] Add OS version to Meta message (#3108)

[Core] Fix interpolated data tables and doc string arguments in Json report (#29)

[7.31.0] - 2025-10-27

Added

[Core] Add a UsageJsonFormatter, use with --plugin usage-json (#3086 M.P. Korstanje)

Changed

[Core] Update dependency io.cucumber:ci-environment to v12.0.0

[Core] Update dependency io.cucumber:cucumber-json-formatter to v0.3.0

[Core] Update dependency io.cucumber:gherkin to v36.0.0

[Core] Update dependency io.cucumber:html-formatter to v22.0.0

[Core] Update dependency io.cucumber:junit-xml-formatter to v0.10.0

[Core] Update dependency io.cucumber:messages to v30.1.0

[Core] Update dependency io.cucumber:pretty-formatter to v2.4.0

[Core] Update dependency io.cucumber:query to v14.6.0

[Core] Update dependency io.cucumber:tag-expressions to v8.0.0

[Core] Update dependency io.cucumber:teamcity-formatter to v0.2.0

[Core] Update dependency io.cucumber:testng-xml-formatter to v0.7.0

[Core] Use a message based TimeLineFormatter (#3095 M.P. Korstanje)

[Core] Use a message based UsageFormatter (#3086 M.P. Korstanje)

[Core] Use a message based UnusedFormatter (#3086 M.P. Korstanje)

Fixed

[Core] Prefer URIs with authority (#3098 M.P. Korstanje)

[Core] Reduce classpath scanner logging (#3099 M.P. Korstanje)

... (truncated)

Commits

4224e67 Prepare release v7.33.0
c2037cb Update CHANGELOG
eda8a9b fix(deps): update dependency io.cucumber:cucumber-json-formatter to v0.3.2
8282a7c Link to Maven and Gradle starters and example projects
b5c47fc Apply spotless
b9c6865 Add documentation about localized transformers (#3125)
00e1ff0 Add default implementation to TestCaseState.getLanguage
33f6196 Apply spotless
94c99d2 Add default implementation to TestCase.getLanguage
5a7a317 Fix/naming within junit test (#3126)
Additional commits viewable in compare view

Updates io.cucumber:cucumber-junit-platform-engine from 7.27.0 to 7.33.0

Release notes

Sourced from io.cucumber:cucumber-junit-platform-engine's releases.

v7.33.0

Added

[Java] Add Scenario.getLanguage() to return the current language (#3124 Stefan Gasterstädt)

Changed

[Core] Upload Cucumber Reports with Gzip encoding (#3115)

[Core] Render the empty tag expression as an empty string (#222)

[Core] Update dependency io.cucumber:html-formatter to v22.2.0

[Core] Update dependency io.cucumber:tag-expressions to v8.1.0

[Core] Update dependency io.cucumber:cucumber-json-formatter to v0.3.2

Fixed

[Core] Improve error message for missing operands in tag expressions (#221)

[Core] Include empty scenarios and backgrounds in json report (#34)

v7.32.0

Changed

[Core] Update dependency io.cucumber:gherkin to v36.1.0

[Core] Update dependency io.cucumber:html-formatter to v22.1.0

[Core] Update dependency io.cucumber:junit-xml-formatter to v0.11.0

[Core] Update dependency io.cucumber:pretty-formatter to v2.4.1

Fixed

[Core] Add OS version to Meta message (#3108)

[Core] Fix interpolated data tables and doc string arguments in Json report (#29)

v7.31.0

Added

[Core] Add a UsageJsonFormatter, use with --plugin usage-json (#3086 M.P. Korstanje)

Changed

[Core] Update dependency io.cucumber:ci-environment to v12.0.0

[Core] Update dependency io.cucumber:cucumber-json-formatter to v0.3.0

[Core] Update dependency io.cucumber:gherkin to v36.0.0

[Core] Update dependency io.cucumber:html-formatter to v22.0.0

[Core] Update dependency io.cucumber:junit-xml-formatter to v0.10.0

[Core] Update dependency io.cucumber:messages to v30.1.0

[Core] Update dependency io.cucumber:pretty-formatter to v2.4.0

[Core] Update dependency io.cucumber:query to v14.6.0

[Core] Update dependency io.cucumber:tag-expressions to v8.0.0

[Core] Update dependency io.cucumber:teamcity-formatter to v0.2.0

[Core] Update dependency io.cucumber:testng-xml-formatter to v0.7.0

[Core] Use a message based TimeLineFormatter (#3095 M.P. Korstanje)

[Core] Use a message based UsageFormatter (#3086 M.P. Korstanje)

[Core] Use a message based UnusedFormatter (#3086 M.P. Korstanje)

Fixed

[Core] Prefer URIs with authority (#3098 M.P. Korstanje)

[Core] Reduce classpath scanner logging (#3099 M.P. Korstanje)

... (truncated)

Changelog

Sourced from io.cucumber:cucumber-junit-platform-engine's changelog.

[7.33.0] - 2025-12-09

Added

[Java] Add Scenario.getLanguage() to return the current language (#3124 Stefan Gasterstädt)

Changed

[Core] Upload Cucumber Reports with Gzip encoding (#3115)

[Core] Render the empty tag expression as an empty string (#222)

[Core] Update dependency io.cucumber:html-formatter to v22.2.0

[Core] Update dependency io.cucumber:tag-expressions to v8.1.0

[Core] Update dependency io.cucumber:cucumber-json-formatter to v0.3.2

Fixed

[Core] Improve error message for missing operands in tag expressions (#221)

[Core] Include empty scenarios and backgrounds in json report (#34)

[7.32.0] - 2025-11-21

Changed

[Core] Update dependency io.cucumber:gherkin to v36.1.0

[Core] Update dependency io.cucumber:html-formatter to v22.1.0

[Core] Update dependency io.cucumber:junit-xml-formatter to v0.11.0

[Core] Update dependency io.cucumber:pretty-formatter to v2.4.1

Fixed

[Core] Add OS version to Meta message (#3108)

[Core] Fix interpolated data tables and doc string arguments in Json report (#29)

[7.31.0] - 2025-10-27

Added

[Core] Add a UsageJsonFormatter, use with --plugin usage-json (#3086 M.P. Korstanje)

Changed

[Core] Update dependency io.cucumber:ci-environment to v12.0.0

[Core] Update dependency io.cucumber:cucumber-json-formatter to v0.3.0

[Core] Update dependency io.cucumber:gherkin to v36.0.0

[Core] Update dependency io.cucumber:html-formatter to v22.0.0

[Core] Update dependency io.cucumber:junit-xml-formatter to v0.10.0

[Core] Update dependency io.cucumber:messages to v30.1.0

[Core] Update dependency io.cucumber:pretty-formatter to v2.4.0

[Core] Update dependency io.cucumber:query to v14.6.0

[Core] Update dependency io.cucumber:tag-expressions to v8.0.0

[Core] Update dependency io.cucumber:teamcity-formatter to v0.2.0

[Core] Update dependency io.cucumber:testng-xml-formatter to v0.7.0

[Core] Use a message based TimeLineFormatter (#3095 M.P. Korstanje)

[Core] Use a message based UsageFormatter (#3086 M.P. Korstanje)

[Core] Use a message based UnusedFormatter (#3086 M.P. Korstanje)

Fixed

[Core] Prefer URIs with authority (#3098 M.P. Korstanje)

[Core] Reduce classpath scanner logging (#3099 M.P. Korstanje)

... (truncated)

Commits

4224e67 Prepare release v7.33.0
c2037cb Update CHANGELOG
eda8a9b fix(deps): update dependency io.cucumber:cucumber-json-formatter to v0.3.2
8282a7c Link to Maven and Gradle starters and example projects
b5c47fc Apply spotless
b9c6865 Add documentation about localized transformers (#3125)
00e1ff0 Add default implementation to TestCaseState.getLanguage
33f6196 Apply spotless
94c99d2 Add default implementation to TestCase.getLanguage
5a7a317 Fix/naming within junit test (#3126)
Additional commits viewable in compare view

Updates io.cucumber:cucumber-junit-platform-engine from 7.27.0 to 7.33.0

Release notes

Sourced from io.cucumber:cucumber-junit-platform-engine's releases.

v7.33.0

Added

[Java] Add Scenario.getLanguage() to return the current language (#3124 Stefan Gasterstädt)

Changed

[Core] Upload Cucumber Reports with Gzip encoding (#3115)

[Core] Render the empty tag expression as an empty string (#222)

[Core] Update dependency io.cucumber:html-formatter to v22.2.0

[Core] Update dependency io.cucumber:tag-expressions to v8.1.0

[Core] Update dependency io.cucumber:cucumber-json-formatter to v0.3.2

Fixed

[Core] Improve error message for missing operands in tag expressions (#221)

[Core] Include empty scenarios and backgrounds in json report (#34)

v7.32.0

Changed

[Core] Update dependency io.cucumber:gherkin to v36.1.0

[Core] Update dependency io.cucumber:html-formatter to v22.1.0

[Core] Update dependency io.cucumber:junit-xml-formatter to v0.11.0

[Core] Update dependency io.cucumber:pretty-formatter to v2.4.1

Fixed

[Core] Add OS version to Meta message (#3108)

[Core] Fix interpolated data tables and doc string arguments in Json report (#29)

v7.31.0

Added

[Core] Add a UsageJsonFormatter, use with --plugin usage-json (#3086 M.P. Korstanje)

Changed

[Core] Update dependency io.cucumber:ci-environment to v12.0.0

[Core] Update dependency io.cucumber:cucumber-json-formatter to v0.3.0

[Core] Update dependency io.cucumber:gherkin to v36.0.0

[Core] Update dependency io.cucumber:html-formatter to v22.0.0

[Core] Update dependency io.cucumber:junit-xml-formatter to v0.10.0

[Core] Update dependency io.cucumber:messages to v30.1.0

[Core] Update dependency io.cucumber:pretty-formatter to v2.4.0

[Core] Update dependency io.cucumber:query to v14.6.0

[Core] Update dependency io.cucumber:tag-expressions to v8.0.0

[Core] Update dependency io.cucumber:teamcity-formatter to v0.2.0

[Core] Update dependency io.cucumber:testng-xml-formatter to v0.7.0

[Core] Use a message based TimeLineFormatter (#3095 M.P. Korstanje)

[Core] Use a message based UsageFormatter (#3086 M.P. Korstanje)

[Core] Use a message based UnusedFormatter (#3086 M.P. Korstanje)

Fixed

[Core] Prefer URIs with authority (#3098 M.P. Korstanje)

[Core] Reduce classpath scanner logging (#3099 M.P. Korstanje)

... (truncated)

Changelog

Sourced from io.cucumber:cucumber-junit-platform-engine's changelog.

[7.33.0] - 2025-12-09

Added

[Java] Add Scenario.getLanguage() to return the current language (#3124 Stefan Gasterstädt)

Changed

[Core] Upload Cucumber Reports with Gzip encoding (#3115)

[Core] Render the empty tag expression as an empty string (#222)

[Core] Update dependency io.cucumber:html-formatter to v22.2.0

[Core] Update dependency io.cucumber:tag-expressions to v8.1.0

[Core] Update dependency io.cucumber:cucumber-json-formatter to v0.3.2

Fixed

[Core] Improve error message for missing operands in tag expressions (#221)

[Core] Include empty scenarios and backgrounds in json report (#34)

[7.32.0] - 2025-11-21

Changed

[Core] Update dependency io.cucumber:gherkin to v36.1.0

[Core] Update dependency io.cucumber:html-formatter to v22.1.0

[Core] Update dependency io.cucumber:junit-xml-formatter to v0.11.0

[Core] Update dependency io.cucumber:pretty-formatter to v2.4.1

Fixed

[Core] Add OS version to Meta message (#3108)

[Core] Fix interpolated data tables and doc string arguments in Json report (#29)

[7.31.0] - 2025-10-27

Added

[Core] Add a UsageJsonFormatter, use with --plugin usage-json (#3086 M.P. Korstanje)

Changed

[Core] Update dependency io.cucumber:ci-environment to v12.0.0

[Core] Update dependency io.cucumber:cucumber-json-formatter to v0.3.0

[Core] Update dependency io.cucumber:gherkin to v36.0.0

[Core] Update dependency io.cucumber:html-formatter to v22.0.0

[Core] Update dependency io.cucumber:junit-xml-formatter to v0.10.0

[Core] Update dependency io.cucumber:messages to v30.1.0

[Core] Update dependency io.cucumber:pretty-formatter to v2.4.0

[Core] Update dependency io.cucumber:query to v14.6.0

[Core] Update dependency io.cucumber:tag-expressions to v8.0.0

[Core] Update dependency io.cucumber:teamcity-formatter to v0.2.0

[Core] Update dependency io.cucumber:testng-xml-formatter to v0.7.0

[Core] Use a message based TimeLineFormatter (#3095 M.P. Korstanje)

[Core] Use a message based UsageFormatter (#3086 M.P. Korstanje)

[Core] Use a message based UnusedFormatter (#3086 M.P. Korstanje)

Fixed

[Core] Prefer URIs with authority (#3098 M.P. Korstanje)

[Core] Reduce classpath scanner logging (#3099 M.P. Korstanje)

... (truncated)

Commits

4224e67 Prepare release v7.33.0
c2037cb Update CHANGELOG
eda8a9b fix(deps): update dependency io.cucumber:cucumber-json-formatter to v0.3.2
8282a7c Link to Maven and Gradle starters and example projects
b5c47fc Apply spotless
b9c6865 Add documentation about localized transformers (#3125)
00e1ff0 Add default implementation to TestCaseState.getLanguage
33f6196 Apply spotless
94c99d2 Add default implementation to TestCase.getLanguage
5a7a317 Fix/naming within junit test (#3126)
Additional commits viewable in compare view

Updates org.assertj:assertj-core from 3.27.4 to 3.27.6

Release notes

Sourced from org.assertj:assertj-core's releases.

v3.27.6

🐛 Bug Fixes

Core

Add missing export for org.assertj.core.annotation #3951

❤️ Contributors

Thanks to all the contributors who worked on this release:

@duponter

v3.27.5

⚡ Improvements

Core

ByteBuddy in AssertJ 3.27.4 not compatible with Java 25 #3946

🔨 Dependency Upgrades

Core

Upgrade to Byte Buddy 1.17.7 #3947

Upgrade to JUnit BOM 5.13.4 #3947

Guava

Upgrade to Guava 33.4.8-jre #3947

Commits

716b1e0 [maven-release-plugin] prepare release assertj-build-3.27.6
e189652 Add missing export for org.assertj.core.annotation (#3951)
0cb489e Update Maven Central URL
7286309 [maven-release-plugin] prepare for next development iteration
dd4cc1d [maven-release-plugin] prepare release assertj-build-3.27.5
1d0defc Add missing permission to release workflow
844d5d0 Add missing GitHub Actions pinning to CodeQL workflow
bdd7106 Add CodeQL custom workflow
a93d7e6 Remove EOL Java 24
26ea866 Update production dependencies (#3947)
Additional commits viewable in compare view

Updates net.bytebuddy:byte-buddy from 1.17.6 to 1.18.3

Release notes

Sourced from net.bytebuddy:byte-buddy's releases.

Byte Buddy 1.18.3

Avoid using Class File API when Byte Buddy is loaded on the boot loader where multi-release jars are not available.

Add additional safety when processing class files with illegally formed parameters.

Update to latest ASM.

Byte Buddy 1.18.2

Support modifiers for value classes in Valhalla builds.

Improve use of build cache in Gradle.

Byte Buddy 1.18.1

Fix generated module-info to include new package.

Byte Buddy 1.18.0

Add support for module-info class files and ModuleDescriptions.

Allow for manipulating module information using the ByteBuddy API.

Byte Buddy 1.17.8

Avoid use of types that are deprecated as of Java 26.

Include ASM 9.9 that offers ASM support for Java 26.

Make sure that generated code internal to Byte Buddy supports CDS if available.

Update version of ASM to JDK Class File API bridge to fix some minor bugs related to type annotations.

Byte Buddy 1.17.7

Specify correct JVM environment for Android builds when using the Gradle plugin.

Avoid recomputing the size of a parameter list for performance reasons after measuring the significant impact.

Correct validation of JVM names to avoid breaking when Java names are not allowed while JVM names are, with Kotlin and others.

Changelog

Sourced from net.bytebuddy:byte-buddy's changelog.

26. November 2025: version 1.18.3

Avoid using Class File API when Byte Buddy is loaded on the boot loader where multi-release jars are not available.

Add additional safety when processing class files with illegally formed parameters.

Update to latest ASM.

26. November 2025: version 1.18.2

Support modifiers for value classes in Valhalla builds.

Improve use of build cache in Gradle.

12. November 2025: version 1.18.1

Fix generated module-info to include new package.

11. November 2025: version 1.18.0

Add support for module-info class files and ModuleDescriptions.

Allow for manipulating module information using the ByteBuddy API.

8. October 2025: version 1.17.8

Avoid use of types that are deprecated as of Java 26.

Include ASM 9.9 that offers ASM support for Java 26.

Make sure that generated code internal to Byte Buddy supports CDS if available.

Update version of ASM to JDK Class File API bridge to fix some minor bugs related to type annotations.

17. August 2025: version 1.17.7

Specify correct JVM environment for Android builds when using the Gradle plugin.

Avoid recomputing the size of a parameter list for performance reasons after measuring the significant impact.

Correct validation of JVM names to avoid breaking when Java names are not allowed while JVM names are, with Kotlin and others.

Commits

6f358c8 [maven-release-plugin] prepare release byte-buddy-1.18.3
57df2c7 [release] Release new version.
1111a18 [release] Release new version.
6698c45 [release] Release new version
04a89c6 Avoid using class file API when loaded on the boot path as multi release jar ...
ba05f0d Remove unused import.
ec50316 Adds safety for illegally compiled parameters.
e720b5e Update README.md
a966b04 Update README.md
dfa50ad Update release notes and internal Byte Buddy.
Additional commits viewable in compare view

Updates com.fasterxml.jackson.core:jackson-databind from 2.19.2 to 2.20

Updates com.fasterxml.jackson.core:jackson-core from 2.19.2 to 2.20

Updates com.fasterxml.jackson.core:jackson-annotations from 2.19.2 to 2.20

Commits

See full diff in compare view

Updates io.netty:netty-codec-http from 4.2.5.Final to 4.2.9.Final

Commits

a853a39 [maven-release-plugin] prepare release netty-4.2.9.Final
6d29a4f Add missing publishing config for the bom module
ea911de Optimize HTTP startline validation (#16030)
d7108a3 LocalChannel: Reduce GC by re-using same Runnable (#16014)
207afcb Fix MpscIntQueue bug (#16023)
27bfd56 Fix HTTP startline validation (#16022)
40ab418 [maven-release-plugin] prepare for next development iteration
e2d9d11 [maven-release-plugin] prepare release netty-4.2.8.Final
2f2e437 Merge commit from fork
d011634 Build fixes to allow using the epoll native transport on Android (#16016)
Additional commits viewable in compare view

Updates io.netty:netty-codec-http2 from 4.2.3.Final to 4.2.9.Final

Commits

a853a39 [maven-release-plugin] prepare release netty-4.2.9.Final
6d29a4f Add missing publishing config for the bom module
ea911de Optimize HTTP startline validation (#16030)
d7108a3 LocalChannel: Reduce GC by re-using same Runnable (#16014)
207afcb Fix MpscIntQueue bug (#16023)
27bfd56 Fix HTTP startline validation (#16022)
40ab418 [maven-release-plugin] prepare for next development iteration
e2d9d11 [maven-release-plugin] prepare release netty-4.2.8.Final
2f2e437 Merge commit from fork
d011634 Build fixes to allow using the epoll native transport on Android (#16016)
Additional commits viewable in compare view

Updates io.netty:netty-transport-native-epoll from 4.2.3.Final to 4.2.9.Final

Commits

a853a39 [maven-release-plugin] prepare release netty-4.2.9.Final
6d29a4f Add missing publishing config for the bom module
ea911de Optimize HTTP startline validation (#16030)
d7108a3 LocalChannel: Reduce GC by re-using same Runnable (#16014)
207afcb Fix MpscIntQueue bug (#16023)
27bfd56 Fix HTTP startline validation (#16022)
40ab418 [maven-release-plugin] prepare for next development iteration
e2d9d11 [maven-release-plugin] prepare release netty-4.2.8.Final
2f2e437 Merge commit from fork
d011634 Build fixes to allow using the epoll native transport on Android (#16016)
Additional commits viewable in compare view

Updates com.google.guava:guava from 33.4.8-jre to 33.5.0-jre

Release notes

Sourced from com.google.guava:guava's releases.

33.5.0

Maven
<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.5.0-jre</version>
  
  <version>33.5.0-android</version>
</dependency>
Jar files

33.5.0-jre.jar

33.5.0-android.jar

Guava requires one runtime dependency, which you can download here:

failureaccess-1.0.3.jar

Javadoc

33.5.0-jre

33.5.0-android

JDiff

33.5.0-jre vs. 33.4.8-jre

33.5.0-android vs. 33.4.8-android

33.5.0-android vs. 33.5.0-jre

Changelog

Restored the Automatic-Module-Name to guava-android. (It, unlike, guava-jre, is not a proper module.) (7a04a8a955)

For users of guava-gwt: Google has moved off GWT internally. We plan to continue to release guava-gwt for users of GWT and J2CL, but the artifact is no longer tested for GWT-specific issues, and we have limited resources to fix any unexpected issues that might arise. While we do not anticipate any specific problems, we can't guarantee how long support will continue.

Increased our Android minSdkVersion to 23 (Marshmallow). This follows the minimum of Google's foundational Android libraries, and we expect it to have no practical impact on users. (5c23347cc1)

Listed the JSpecify annotations as an optional dependency in our OSGi metadata. (2dfd572981)

cache: Improved the handling of exceptions from compute functions in Cache.asMap(). (We do still recommend using Caffeine rather than com.google.common.cache.) (087f2c4a80)

collect: Improved Iterators.mergeSorted() to preserve stability for equal elements. (4dc93be9a8)

math: Added saturatedAbs methods to IntMath and LongMath. (ed0e518f20)

net: Added image/avif to MediaType. (53344caba6)

testing: Made CollectorTester available to Android users. (294c251079)

util.concurrent: Added Striped.custom. (1586eb271d)

Commits

See full diff in compare view

Updates org.apache.httpcomponents.client5:httpclient5 from 5.5 to 5.6

Changelog

Sourced from org.apache.httpcomponents.client5:httpclient5's changelog.

Release 5.6 ALPHA1

This is the first ALPHA release in the 5.6 release series. It adds several features such as transport content decompression and content compression for the async transport, support for Unix sockets, experimental support for SCRAM-SHA-256 authentication scheme, and Micrometer/OTel observations & metrics.

Commons Compress, Brotli codec, and ZStd codec are optional dependencies and get wired into the execution pipeline only if present on the classpath.

Notable changes and features included in the 5.6 series:

Unix domain socket support.

Support for pluggable content codecs via Commons-Compress in the classic transport. (optional).

Support for transparent content decompression and content compression with deflate, gzip, zstd (optional), and brotli (optional) codecs in the async transport.

Micrometer/OTel observations & metrics (optinal).

Off-lock connection disposal by the classic pooling connection manager. Experimental.

SCRAM-SHA-256 authentication scheme (RFC 7804). Experimental.

Request Priority support (RFC 9218). Experimental.

Compatibility notes:

As of this version, HttpClient uses BUILTIN HostnameVerificationPolicy by default, delegating host verification to JSSE security manager. One must explicitly configure the TLS strategy to continue using the hostname verifier shipped with HttpClient.

Five-second TCP keep-alive is now enabled by default.

Change Log

RequestConfig: Un-deprecate #setProxy. Contributed by Ryan Schmitt

Stale connection check support in PoolingAsyncClientConnectionManager. Contributed by Ryan Schmitt

ConnectionConfig: #idleTimeout support. Contributed by Ryan Schmitt

... (truncated)

Commits

decd193 HttpClient 5.6 release
11ea8e5 Updated release notes for HttpClient 5.6 release
77fa61a Limit the length of content codec list that can be processed automatically
81b7971 Upgraded HttpCore to version 5.4
2c7fe0f Add OFFLOCK pool concurrency policy backed by RouteSegmentedConnPool (#765)
1f4dea7 Fixed Micrometer and OpenTelemetry dependency declaration
d2fadd2 Tag TLS handshake timeout tests with slow
e52e466 TestTlsHandshakeTimeout: Disable assertions on Java 8
77f52f0 Upgraded HttpClient version to 5.6-alpha2-SNAPSHOT
48e0f25 HttpClient 5.6-alpha1 release
Additional commits viewable in compare view

Updates org.projectlombok:lombok from 1.18.38 to 1.18.42

Changelog

Sourced from org.projectlombok:lombok's changelog.

v1.18.42 (September 18th, 2025)

FEATURE: All the various @Log annotations now allow you to change their access level (they still default to private). Description has been truncated

Bumps the low-risk group with 24 updates in the /api-tests directory: | Package | From | To | | --- | --- | --- | | [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) | `1.5.18` | `1.5.23` | | [io.cucumber:cucumber-java](https://github.com/cucumber/cucumber-jvm) | `7.27.0` | `7.33.0` | | [io.cucumber:cucumber-junit-platform-engine](https://github.com/cucumber/cucumber-jvm) | `7.27.0` | `7.33.0` | | [org.assertj:assertj-core](https://github.com/assertj/assertj) | `3.27.4` | `3.27.6` | | [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy) | `1.17.6` | `1.18.3` | | com.fasterxml.jackson.core:jackson-databind | `2.19.2` | `2.20` | | com.fasterxml.jackson.core:jackson-core | `2.19.2` | `2.20` | | [com.fasterxml.jackson.core:jackson-annotations](https://github.com/FasterXML/jackson) | `2.19.2` | `2.20` | | [io.netty:netty-codec-http](https://github.com/netty/netty) | `4.2.5.Final` | `4.2.9.Final` | | [io.netty:netty-codec-http2](https://github.com/netty/netty) | `4.2.3.Final` | `4.2.9.Final` | | [io.netty:netty-transport-native-epoll](https://github.com/netty/netty) | `4.2.3.Final` | `4.2.9.Final` | | [com.google.guava:guava](https://github.com/google/guava) | `33.4.8-jre` | `33.5.0-jre` | | [org.apache.httpcomponents.client5:httpclient5](https://github.com/apache/httpcomponents-client) | `5.5` | `5.6` | | [org.projectlombok:lombok](https://github.com/projectlombok/lombok) | `1.18.38` | `1.18.42` | | [commons-codec:commons-codec](https://github.com/apache/commons-codec) | `1.19.0` | `1.20.0` | | [com.github.spotbugs:spotbugs](https://github.com/spotbugs/spotbugs) | `4.9.4` | `4.9.8` | | [org.owasp:dependency-check-maven](https://github.com/dependency-check/DependencyCheck) | `12.1.8` | `12.1.9` | | [org.codehaus.mojo:exec-maven-plugin](https://github.com/mojohaus/exec-maven-plugin) | `3.5.1` | `3.6.3` | | [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.5.3` | `3.5.4` | | [org.apache.maven.plugins:maven-failsafe-plugin](https://github.com/apache/maven-surefire) | `3.5.3` | `3.5.4` | | [org.apache.maven.plugins:maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) | `3.14.0` | `3.14.1` | | [au.com.dius.pact.provider:maven](https://github.com/pact-foundation/pact-jvm) | `4.6.17` | `4.6.19` | | [org.apache.maven.plugins:maven-pmd-plugin](https://github.com/apache/maven-pmd-plugin) | `3.27.0` | `3.28.0` | | [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) | `4.9.3.2` | `4.9.8.2` | Updates `ch.qos.logback:logback-classic` from 1.5.18 to 1.5.23 - [Release notes](https://github.com/qos-ch/logback/releases) - [Commits](qos-ch/logback@v_1.5.18...v_1.5.23) Updates `io.cucumber:cucumber-java` from 7.27.0 to 7.33.0 - [Release notes](https://github.com/cucumber/cucumber-jvm/releases) - [Changelog](https://github.com/cucumber/cucumber-jvm/blob/main/CHANGELOG.md) - [Commits](cucumber/cucumber-jvm@v7.27.0...v7.33.0) Updates `io.cucumber:cucumber-junit-platform-engine` from 7.27.0 to 7.33.0 - [Release notes](https://github.com/cucumber/cucumber-jvm/releases) - [Changelog](https://github.com/cucumber/cucumber-jvm/blob/main/CHANGELOG.md) - [Commits](cucumber/cucumber-jvm@v7.27.0...v7.33.0) Updates `io.cucumber:cucumber-junit-platform-engine` from 7.27.0 to 7.33.0 - [Release notes](https://github.com/cucumber/cucumber-jvm/releases) - [Changelog](https://github.com/cucumber/cucumber-jvm/blob/main/CHANGELOG.md) - [Commits](cucumber/cucumber-jvm@v7.27.0...v7.33.0) Updates `org.assertj:assertj-core` from 3.27.4 to 3.27.6 - [Release notes](https://github.com/assertj/assertj/releases) - [Commits](assertj/assertj@assertj-build-3.27.4...assertj-build-3.27.6) Updates `net.bytebuddy:byte-buddy` from 1.17.6 to 1.18.3 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](raphw/byte-buddy@byte-buddy-1.17.6...byte-buddy-1.18.3) Updates `com.fasterxml.jackson.core:jackson-databind` from 2.19.2 to 2.20 Updates `com.fasterxml.jackson.core:jackson-core` from 2.19.2 to 2.20 Updates `com.fasterxml.jackson.core:jackson-annotations` from 2.19.2 to 2.20 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `io.netty:netty-codec-http` from 4.2.5.Final to 4.2.9.Final - [Commits](netty/netty@netty-4.2.5.Final...netty-4.2.9.Final) Updates `io.netty:netty-codec-http2` from 4.2.3.Final to 4.2.9.Final - [Commits](netty/netty@netty-4.2.3.Final...netty-4.2.9.Final) Updates `io.netty:netty-transport-native-epoll` from 4.2.3.Final to 4.2.9.Final - [Commits](netty/netty@netty-4.2.3.Final...netty-4.2.9.Final) Updates `com.google.guava:guava` from 33.4.8-jre to 33.5.0-jre - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) Updates `org.apache.httpcomponents.client5:httpclient5` from 5.5 to 5.6 - [Changelog](https://github.com/apache/httpcomponents-client/blob/master/RELEASE_NOTES.txt) - [Commits](apache/httpcomponents-client@rel/v5.5...rel/v5.6) Updates `org.projectlombok:lombok` from 1.18.38 to 1.18.42 - [Changelog](https://github.com/projectlombok/lombok/blob/master/doc/changelog.markdown) - [Commits](projectlombok/lombok@v1.18.38...v1.18.42) Updates `commons-codec:commons-codec` from 1.19.0 to 1.20.0 - [Changelog](https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt) - [Commits](apache/commons-codec@rel/commons-codec-1.19.0...rel/commons-codec-1.20.0) Updates `com.github.spotbugs:spotbugs` from 4.9.4 to 4.9.8 - [Release notes](https://github.com/spotbugs/spotbugs/releases) - [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md) - [Commits](spotbugs/spotbugs@4.9.4...4.9.8) Updates `org.owasp:dependency-check-maven` from 12.1.8 to 12.1.9 - [Release notes](https://github.com/dependency-check/DependencyCheck/releases) - [Changelog](https://github.com/dependency-check/DependencyCheck/blob/main/CHANGELOG.md) - [Commits](dependency-check/DependencyCheck@v12.1.8...v12.1.9) Updates `org.codehaus.mojo:exec-maven-plugin` from 3.5.1 to 3.6.3 - [Release notes](https://github.com/mojohaus/exec-maven-plugin/releases) - [Commits](mojohaus/exec-maven-plugin@3.5.1...3.6.3) Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.5.3 to 3.5.4 - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](apache/maven-surefire@surefire-3.5.3...surefire-3.5.4) Updates `org.apache.maven.plugins:maven-failsafe-plugin` from 3.5.3 to 3.5.4 - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](apache/maven-surefire@surefire-3.5.3...surefire-3.5.4) Updates `org.apache.maven.plugins:maven-compiler-plugin` from 3.14.0 to 3.14.1 - [Release notes](https://github.com/apache/maven-compiler-plugin/releases) - [Commits](apache/maven-compiler-plugin@maven-compiler-plugin-3.14.0...maven-compiler-plugin-3.14.1) Updates `au.com.dius.pact.provider:maven` from 4.6.17 to 4.6.19 - [Release notes](https://github.com/pact-foundation/pact-jvm/releases) - [Changelog](https://github.com/pact-foundation/pact-jvm/blob/master/CHANGELOG.md) - [Commits](https://github.com/pact-foundation/pact-jvm/commits) Updates `org.apache.maven.plugins:maven-pmd-plugin` from 3.27.0 to 3.28.0 - [Release notes](https://github.com/apache/maven-pmd-plugin/releases) - [Commits](apache/maven-pmd-plugin@maven-pmd-plugin-3.27.0...maven-pmd-plugin-3.28.0) Updates `com.github.spotbugs:spotbugs-maven-plugin` from 4.9.3.2 to 4.9.8.2 - [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases) - [Commits](spotbugs/spotbugs-maven-plugin@spotbugs-maven-plugin-4.9.3.2...spotbugs-maven-plugin-4.9.8.2) --- updated-dependencies: - dependency-name: ch.qos.logback:logback-classic dependency-version: 1.5.23 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: io.cucumber:cucumber-java dependency-version: 7.33.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: io.cucumber:cucumber-junit-platform-engine dependency-version: 7.33.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: io.cucumber:cucumber-junit-platform-engine dependency-version: 7.33.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: org.assertj:assertj-core dependency-version: 3.27.6 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: net.bytebuddy:byte-buddy dependency-version: 1.18.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: com.fasterxml.jackson.core:jackson-databind dependency-version: '2.20' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: com.fasterxml.jackson.core:jackson-core dependency-version: '2.20' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: com.fasterxml.jackson.core:jackson-annotations dependency-version: '2.20' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: io.netty:netty-codec-http dependency-version: 4.2.9.Final dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: io.netty:netty-codec-http2 dependency-version: 4.2.9.Final dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: io.netty:netty-transport-native-epoll dependency-version: 4.2.9.Final dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: com.google.guava:guava dependency-version: 33.5.0-jre dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: org.apache.httpcomponents.client5:httpclient5 dependency-version: '5.6' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: org.projectlombok:lombok dependency-version: 1.18.42 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: commons-codec:commons-codec dependency-version: 1.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: com.github.spotbugs:spotbugs dependency-version: 4.9.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: org.owasp:dependency-check-maven dependency-version: 12.1.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: org.codehaus.mojo:exec-maven-plugin dependency-version: 3.6.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-version: 3.5.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: org.apache.maven.plugins:maven-failsafe-plugin dependency-version: 3.5.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: org.apache.maven.plugins:maven-compiler-plugin dependency-version: 3.14.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: au.com.dius.pact.provider:maven dependency-version: 4.6.19 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk - dependency-name: org.apache.maven.plugins:maven-pmd-plugin dependency-version: 3.28.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: low-risk - dependency-name: com.github.spotbugs:spotbugs-maven-plugin dependency-version: 4.9.8.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: low-risk ... Signed-off-by: dependabot[bot] <support@github.com>

ensonostacks · 2026-01-19T11:51:00Z

@dependabot rebase

dependabot · 2026-01-19T11:53:45Z

Superseded by #807.

dependabot bot assigned VitalinaVZdrobau Dec 22, 2025

dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Dec 22, 2025

dependabot bot closed this Jan 19, 2026

dependabot bot deleted the dependabot/maven/api-tests/low-risk-d407990e8c branch January 19, 2026 11:53

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the low-risk group across 1 directory with 24 updates#805

chore(deps): bump the low-risk group across 1 directory with 24 updates#805
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/maven/api-tests/low-risk-d407990e8c

dependabot bot commented on behalf of github Dec 22, 2025 •

edited

Loading

Uh oh!

ensonostacks commented Jan 19, 2026

Uh oh!

dependabot bot commented on behalf of github Jan 19, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Conversation

dependabot bot commented on behalf of github Dec 22, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Logback 1.5.23

Logback 1.5.22

Logback 1.5.21

Logback 1.5.20

v7.33.0

Added

Changed

Fixed

v7.32.0

Changed

Fixed

v7.31.0

Added

Changed

Fixed

[7.33.0] - 2025-12-09

Added

Changed

Fixed

[7.32.0] - 2025-11-21

Changed

Fixed

[7.31.0] - 2025-10-27

Added

Changed

Fixed

v7.33.0

Added

Changed

Fixed

v7.32.0

Changed

Fixed

v7.31.0

Added

Changed

Fixed

[7.33.0] - 2025-12-09

Added

Changed

Fixed

[7.32.0] - 2025-11-21

Changed

Fixed

[7.31.0] - 2025-10-27

Added

Changed

Fixed

v7.33.0

Added

Changed

Fixed

v7.32.0

Changed

Fixed

v7.31.0

Added

Changed

Fixed

[7.33.0] - 2025-12-09

Added

Changed

Fixed

[7.32.0] - 2025-11-21

Changed

Fixed

[7.31.0] - 2025-10-27

Added

Changed

Fixed

v3.27.6

🐛 Bug Fixes

Core

❤️ Contributors

v3.27.5

⚡ Improvements

Core

dependabot bot commented on behalf of github Dec 22, 2025 •

edited

Loading