chore(deps): bump the maven-minor-patch group with 32 updates

[dependabot]

Bumps the maven-minor-patch group with 32 updates:

Package	From	To
org.mockito:mockito-core	5.15.2	5.23.0
org.mockito:mockito-junit-jupiter	5.15.2	5.23.0
net.bytebuddy:byte-buddy	1.18.4	1.18.10
net.bytebuddy:byte-buddy-agent	1.18.4	1.18.10
net.sourceforge.pmd:pmd-core	7.22.0	7.25.0
net.sourceforge.pmd:pmd-java	7.22.0	7.25.0
org.pitest:pitest-junit5-plugin	1.2.1	1.2.3
org.apache.maven.plugins:maven-enforcer-plugin	3.4.1	3.6.3
org.apache.maven.plugins:maven-compiler-plugin	3.11.0	3.15.0
org.apache.maven.plugins:maven-surefire-plugin	3.1.2	3.5.6
org.apache.maven.plugins:maven-failsafe-plugin	3.1.2	3.5.6
org.apache.maven.plugins:maven-jar-plugin	3.3.0	3.5.0
org.apache.maven.plugins:maven-source-plugin	3.3.0	3.4.0
org.apache.maven.plugins:maven-javadoc-plugin	3.6.0	3.12.0
org.apache.maven.plugins:maven-resources-plugin	3.3.1	3.5.0
org.apache.maven.plugins:maven-clean-plugin	3.3.1	3.5.0
org.apache.maven.plugins:maven-install-plugin	3.1.1	3.1.4
org.apache.maven.plugins:maven-deploy-plugin	3.1.1	3.1.4
org.apache.maven.plugins:maven-checkstyle-plugin	3.3.0	3.6.0
org.jacoco:jacoco-maven-plugin	0.8.14	0.8.15
org.pitest:pitest-maven	1.22.0	1.25.3
org.codehaus.mojo:exec-maven-plugin	3.1.0	3.6.3
org.codehaus.mojo:flatten-maven-plugin	1.6.0	1.7.3
org.apache.maven.plugins:maven-gpg-plugin	3.1.0	3.2.8
org.sonatype.central:central-publishing-maven-plugin	0.7.0	0.10.0
com.googlecode.maven-download-plugin:download-maven-plugin	1.7.1	1.13.0
org.apache.maven.plugins:maven-antrun-plugin	3.1.0	3.2.0
com.fasterxml.jackson.core:jackson-databind	2.21.2	2.22.0
com.fasterxml.jackson.datatype:jackson-datatype-jsr310	2.21.2	2.22.0
com.code-intelligence:jazzer-api	0.22.1	0.30.0
com.code-intelligence:jazzer-junit	0.22.1	0.30.0
org.apache.maven.plugins:maven-shade-plugin	3.5.1	3.6.2

Updates org.mockito:mockito-core from 5.15.2 to 5.23.0

Release notes

Sourced from org.mockito:mockito-core's releases.

v5.23.0

NOTE: Breaking change for Android

The mockito-android artifact has a breaking change: tests now require a device or emulator based on API 28+ (Android P). This is to enable new support for mocking Kotlin classes. See #3788 for more details.

---

Changelog generated by Shipkit Changelog Gradle Plugin

5.23.0

• 2026-03-11 - 6 commit(s) by Brice Dutheil, Joshua Selbo, Philippe Kernevez
• Replace mockito-android mock maker implementation with dexmaker-mockito-inline [(#3792)](mockito/mockito#3792)
• Fix StackOverflowError with AbstractList after using mockSingleton [(#3790)](mockito/mockito#3790)
• Mark parameters of Mockito.when @Nullable [(#3503)](mockito/mockito#3503)

v5.22.0

Changelog generated by Shipkit Changelog Gradle Plugin

5.22.0

• 2026-02-27 - 6 commit(s) by Joshua Selbo, NiMv1, Rafael Winterhalter, dependabot[bot], eunbin son
• Avoid mocking of internal static utilities [(#3785)](mockito/mockito#3785)
• Bump graalvm/setup-graalvm from 1.4.4 to 1.4.5 [(#3780)](mockito/mockito#3780)
• Static mocking of UUID.class corrupted under JDK 25 [(#3778)](mockito/mockito#3778)
• Bump actions/upload-artifact from 5 to 6 [(#3774)](mockito/mockito#3774)
• docs: clarify RETURNS_MOCKS behavior with sealed abstract enums (Java 15+) [(#3773)](mockito/mockito#3773)
• Add tests for Sets utility class [(#3771)](mockito/mockito#3771)
• Add core API to enable Kotlin singleton mocking [(#3762)](mockito/mockito#3762)
• Stubbing Kotlin object singletons [(#3652)](mockito/mockito#3652)
• Incorrect documentation for RETURNS_MOCKS [(#3285)](mockito/mockito#3285)

v5.21.0

Changelog generated by Shipkit Changelog Gradle Plugin

5.21.0

• 2025-12-09 - 17 commit(s) by Giulio Longfils, Joshua Selbo, Woongi9, Zylox, dependabot[bot]
• Bump graalvm/setup-graalvm from 1.4.3 to 1.4.4 [(#3768)](mockito/mockito#3768)
• Bump graalvm/setup-graalvm from 1.4.2 to 1.4.3 [(#3767)](mockito/mockito#3767)
• Bump actions/checkout from 5 to 6 [(#3765)](mockito/mockito#3765)
• Adds output of matchers to potential mismatch; Fixes #2468 [(#3760)](mockito/mockito#3760)
• Forbid mocking WeakReference with inline mock maker [(#3759)](mockito/mockito#3759)
• StackOverflowError when mocking WeakReference [(#3758)](mockito/mockito#3758)
• Bump actions/upload-artifact from 4 to 5 [(#3756)](mockito/mockito#3756)
• Bump graalvm/setup-graalvm from 1.4.1 to 1.4.2 [(#3755)](mockito/mockito#3755)
• Support primitives in GenericArrayReturnType. [(#3753)](mockito/mockito#3753)
• ClassNotFoundException when stubbing array of primitive type on Android [(#3752)](mockito/mockito#3752)
• Bump graalvm/setup-graalvm from 1.4.0 to 1.4.1 [(#3744)](mockito/mockito#3744)
• Bump gradle/actions from 4 to 5 [(#3743)](mockito/mockito#3743)
• Bump org.graalvm.buildtools.native from 0.11.0 to 0.11.1 [(#3738)](mockito/mockito#3738)
• Bump com.diffplug.spotless:spotless-plugin-gradle from 7.2.1 to 8.0.0 [(#3735)](mockito/mockito#3735)
• Bump graalvm/setup-graalvm from 1.3.7 to 1.4.0 [(#3734)](mockito/mockito#3734)
• Bump org.assertj:assertj-core from 3.27.5 to 3.27.6 [(#3733)](mockito/mockito#3733)

... (truncated)

Commits

• a231205 Fix StackOverflowError with AbstractList after using mockSingleton (#3790)
• f6a91a6 Replace mockito-android mock maker implementation with dexmaker-mockito-inlin...
• aa2298a fix: make spotless happy
• a6729d6 chore: update BDDMockito with jspecify annotation
• bb83c92 chore: move jspecify as a compile only dependency
• 47a4695 chore: add jspecify with minimal change. Fixes #3503
• 25f1395 Add core API to enable Kotlin singleton mocking (#3762)
• ef9ee55 Avoids mocking private static methods, as well as package-private static meth...
• d16fcfc Bump graalvm/setup-graalvm from 1.4.4 to 1.4.5 (#3780)
• 27eb8a3 Clarify RETURNS_MOCKS behavior with sealed abstract enums (Java 15+) (#3773)
• Additional commits viewable in compare view

Updates org.mockito:mockito-junit-jupiter from 5.15.2 to 5.23.0

Release notes

Sourced from org.mockito:mockito-junit-jupiter's releases.

v5.23.0

NOTE: Breaking change for Android

The mockito-android artifact has a breaking change: tests now require a device or emulator based on API 28+ (Android P). This is to enable new support for mocking Kotlin classes. See #3788 for more details.

---

Changelog generated by Shipkit Changelog Gradle Plugin

5.23.0

• 2026-03-11 - 6 commit(s) by Brice Dutheil, Joshua Selbo, Philippe Kernevez
• Replace mockito-android mock maker implementation with dexmaker-mockito-inline [(#3792)](mockito/mockito#3792)
• Fix StackOverflowError with AbstractList after using mockSingleton [(#3790)](mockito/mockito#3790)
• Mark parameters of Mockito.when @Nullable [(#3503)](mockito/mockito#3503)

v5.22.0

Changelog generated by Shipkit Changelog Gradle Plugin

5.22.0

• 2026-02-27 - 6 commit(s) by Joshua Selbo, NiMv1, Rafael Winterhalter, dependabot[bot], eunbin son
• Avoid mocking of internal static utilities [(#3785)](mockito/mockito#3785)
• Bump graalvm/setup-graalvm from 1.4.4 to 1.4.5 [(#3780)](mockito/mockito#3780)
• Static mocking of UUID.class corrupted under JDK 25 [(#3778)](mockito/mockito#3778)
• Bump actions/upload-artifact from 5 to 6 [(#3774)](mockito/mockito#3774)
• docs: clarify RETURNS_MOCKS behavior with sealed abstract enums (Java 15+) [(#3773)](mockito/mockito#3773)
• Add tests for Sets utility class [(#3771)](mockito/mockito#3771)
• Add core API to enable Kotlin singleton mocking [(#3762)](mockito/mockito#3762)
• Stubbing Kotlin object singletons [(#3652)](mockito/mockito#3652)
• Incorrect documentation for RETURNS_MOCKS [(#3285)](mockito/mockito#3285)

v5.21.0

Changelog generated by Shipkit Changelog Gradle Plugin

5.21.0

• 2025-12-09 - 17 commit(s) by Giulio Longfils, Joshua Selbo, Woongi9, Zylox, dependabot[bot]
• Bump graalvm/setup-graalvm from 1.4.3 to 1.4.4 [(#3768)](mockito/mockito#3768)
• Bump graalvm/setup-graalvm from 1.4.2 to 1.4.3 [(#3767)](mockito/mockito#3767)
• Bump actions/checkout from 5 to 6 [(#3765)](mockito/mockito#3765)
• Adds output of matchers to potential mismatch; Fixes #2468 [(#3760)](mockito/mockito#3760)
• Forbid mocking WeakReference with inline mock maker [(#3759)](mockito/mockito#3759)
• StackOverflowError when mocking WeakReference [(#3758)](mockito/mockito#3758)
• Bump actions/upload-artifact from 4 to 5 [(#3756)](mockito/mockito#3756)
• Bump graalvm/setup-graalvm from 1.4.1 to 1.4.2 [(#3755)](mockito/mockito#3755)
• Support primitives in GenericArrayReturnType. [(#3753)](mockito/mockito#3753)
• ClassNotFoundException when stubbing array of primitive type on Android [(#3752)](mockito/mockito#3752)
• Bump graalvm/setup-graalvm from 1.4.0 to 1.4.1 [(#3744)](mockito/mockito#3744)
• Bump gradle/actions from 4 to 5 [(#3743)](mockito/mockito#3743)
• Bump org.graalvm.buildtools.native from 0.11.0 to 0.11.1 [(#3738)](mockito/mockito#3738)
• Bump com.diffplug.spotless:spotless-plugin-gradle from 7.2.1 to 8.0.0 [(#3735)](mockito/mockito#3735)
• Bump graalvm/setup-graalvm from 1.3.7 to 1.4.0 [(#3734)](mockito/mockito#3734)
• Bump org.assertj:assertj-core from 3.27.5 to 3.27.6 [(#3733)](mockito/mockito#3733)

... (truncated)

Commits

• a231205 Fix StackOverflowError with AbstractList after using mockSingleton (#3790)
• f6a91a6 Replace mockito-android mock maker implementation with dexmaker-mockito-inlin...
• aa2298a fix: make spotless happy
• a6729d6 chore: update BDDMockito with jspecify annotation
• bb83c92 chore: move jspecify as a compile only dependency
• 47a4695 chore: add jspecify with minimal change. Fixes #3503
• 25f1395 Add core API to enable Kotlin singleton mocking (#3762)
• ef9ee55 Avoids mocking private static methods, as well as package-private static meth...
• d16fcfc Bump graalvm/setup-graalvm from 1.4.4 to 1.4.5 (#3780)
• 27eb8a3 Clarify RETURNS_MOCKS behavior with sealed abstract enums (Java 15+) (#3773)
• Additional commits viewable in compare view

Updates org.mockito:mockito-junit-jupiter from 5.15.2 to 5.23.0

Release notes

Sourced from org.mockito:mockito-junit-jupiter's releases.

v5.23.0

NOTE: Breaking change for Android

The mockito-android artifact has a breaking change: tests now require a device or emulator based on API 28+ (Android P). This is to enable new support for mocking Kotlin classes. See #3788 for more details.

---

Changelog generated by Shipkit Changelog Gradle Plugin

5.23.0

• 2026-03-11 - 6 commit(s) by Brice Dutheil, Joshua Selbo, Philippe Kernevez
• Replace mockito-android mock maker implementation with dexmaker-mockito-inline [(#3792)](mockito/mockito#3792)
• Fix StackOverflowError with AbstractList after using mockSingleton [(#3790)](mockito/mockito#3790)
• Mark parameters of Mockito.when @Nullable [(#3503)](mockito/mockito#3503)

v5.22.0

Changelog generated by Shipkit Changelog Gradle Plugin

5.22.0

• 2026-02-27 - 6 commit(s) by Joshua Selbo, NiMv1, Rafael Winterhalter, dependabot[bot], eunbin son
• Avoid mocking of internal static utilities [(#3785)](mockito/mockito#3785)
• Bump graalvm/setup-graalvm from 1.4.4 to 1.4.5 [(#3780)](mockito/mockito#3780)
• Static mocking of UUID.class corrupted under JDK 25 [(#3778)](mockito/mockito#3778)
• Bump actions/upload-artifact from 5 to 6 [(#3774)](mockito/mockito#3774)
• docs: clarify RETURNS_MOCKS behavior with sealed abstract enums (Java 15+) [(#3773)](mockito/mockito#3773)
• Add tests for Sets utility class [(#3771)](mockito/mockito#3771)
• Add core API to enable Kotlin singleton mocking [(#3762)](mockito/mockito#3762)
• Stubbing Kotlin object singletons [(#3652)](mockito/mockito#3652)
• Incorrect documentation for RETURNS_MOCKS [(#3285)](mockito/mockito#3285)

v5.21.0

Changelog generated by Shipkit Changelog Gradle Plugin

5.21.0

• 2025-12-09 - 17 commit(s) by Giulio Longfils, Joshua Selbo, Woongi9, Zylox, dependabot[bot]
• Bump graalvm/setup-graalvm from 1.4.3 to 1.4.4 [(#3768)](mockito/mockito#3768)
• Bump graalvm/setup-graalvm from 1.4.2 to 1.4.3 [(#3767)](mockito/mockito#3767)
• Bump actions/checkout from 5 to 6 [(#3765)](mockito/mockito#3765)
• Adds output of matchers to potential mismatch; Fixes #2468 [(#3760)](mockito/mockito#3760)
• Forbid mocking WeakReference with inline mock maker [(#3759)](mockito/mockito#3759)
• StackOverflowError when mocking WeakReference [(#3758)](mockito/mockito#3758)
• Bump actions/upload-artifact from 4 to 5 [(#3756)](mockito/mockito#3756)
• Bump graalvm/setup-graalvm from 1.4.1 to 1.4.2 [(#3755)](mockito/mockito#3755)
• Support primitives in GenericArrayReturnType. [(#3753)](mockito/mockito#3753)
• ClassNotFoundException when stubbing array of primitive type on Android [(#3752)](mockito/mockito#3752)
• Bump graalvm/setup-graalvm from 1.4.0 to 1.4.1 [(#3744)](mockito/mockito#3744)
• Bump gradle/actions from 4 to 5 [(#3743)](mockito/mockito#3743)
• Bump org.graalvm.buildtools.native from 0.11.0 to 0.11.1 [(#3738)](mockito/mockito#3738)
• Bump com.diffplug.spotless:spotless-plugin-gradle from 7.2.1 to 8.0.0 [(#3735)](mockito/mockito#3735)
• Bump graalvm/setup-graalvm from 1.3.7 to 1.4.0 [(#3734)](mockito/mockito#3734)
• Bump org.assertj:assertj-core from 3.27.5 to 3.27.6 [(#3733)](mockito/mockito#3733)

... (truncated)

Commits

• a231205 Fix StackOverflowError with AbstractList after using mockSingleton (#3790)
• f6a91a6 Replace mockito-android mock maker implementation with dexmaker-mockito-inlin...
• aa2298a fix: make spotless happy
• a6729d6 chore: update BDDMockito with jspecify annotation
• bb83c92 chore: move jspecify as a compile only dependency
• 47a4695 chore: add jspecify with minimal change. Fixes #3503
• 25f1395 Add core API to enable Kotlin singleton mocking (#3762)
• ef9ee55 Avoids mocking private static methods, as well as package-private static meth...
• d16fcfc Bump graalvm/setup-graalvm from 1.4.4 to 1.4.5 (#3780)
• 27eb8a3 Clarify RETURNS_MOCKS behavior with sealed abstract enums (Java 15+) (#3773)
• Additional commits viewable in compare view

Updates net.bytebuddy:byte-buddy from 1.18.4 to 1.18.10

Release notes

Sourced from net.bytebuddy:byte-buddy's releases.

Byte Buddy 1.18.9

• Disable use of Unsafe by default when Java 25or newer is discovered.
• Check for escape when creating folders in Plugin.Engine.
• Improve OpenJ9 attachment.
• Avoid null pointer on missing annotation types.
• Improve diagnostics for external agent attachment.
• Improve on Gradle context discovery.
• Support Android libraries on AGP9 or newer.
• Update ASM.

Byte Buddy 1.18.8

• Improve support for repeatable builds.
• Fix reordering of exception table in type initializers when instrumenting.

Byte Buddy 1.18.7

• Introduce new versioning concept with -jdk5 suffix for backwards-compatible jar and Java 8 baseline for regular jar.

Byte Buddy 1.18.5

• Eagerly resolve of canonical files during attach emulation to avoid failure when process ends before file can be deleted.
• Add super classes to hash code / equals computation in Advice that were missing.

Changelog

Sourced from net.bytebuddy:byte-buddy's changelog.

3. June 2026: version 1.18.10

• Delay change of default for unsage use to Java 26 and improve error message.

1. June 2026: version 1.18.9

• Disable use of Unsafe by default when Java 25or newer is discovered.
• Check for escape when creating folders in Plugin.Engine.
• Improve OpenJ9 attachment.
• Avoid null pointer on missing annotation types.
• Improve diagnostics for external agent attachment.
• Improve on Gradle context discovery.
• Support Android libraries on AGP9 or newer.
• Update ASM.

1. April 2026: version 1.18.8

• Improve support for repeatable builds.
• Fix reordering of exception table in type initializers when instrumenting.

1. March 2026: version 1.18.7

• Introduce new versioning concept with -jdk5 suffix for backwards-compatible jar and Java 8 baseline for regular jar.

27. February 2026: version 1.18.6

Accidental release during rework of release pipeline. Functional, but with incorrect suffices.

15. February 2026: version 1.18.5

• Eagerly resolve of canonical files during attach emulation to avoid failure when process ends before file can be deleted.
• Add super classes to hash code / equals computation in Advice that were missing.

Commits

• e85623d [publish] Releasing Byte Buddy 1.18.10
• e3bfa68 [release] Release new version
• 5821ccc Delay disabling of unsafe by default to Java 26 and improve on error message.
• 9d7d4fa Add fuzzing module.
• 5d5dc06 Fix checksum
• d6371aa Add missing checksums.
• 7e47481 Update release notes and checksums.
• cb36b3f [publish] Start next development iteration 1.18.10-SNAPSHOT
• 3d8e72d [publish] Releasing Byte Buddy 1.18.9
• 3525602 [release] Release new version
• Additional commits viewable in compare view

Updates net.bytebuddy:byte-buddy-agent from 1.18.4 to 1.18.10

Release notes

Sourced from net.bytebuddy:byte-buddy-agent's releases.

Byte Buddy 1.18.9

• Disable use of Unsafe by default when Java 25or newer is discovered.
• Check for escape when creating folders in Plugin.Engine.
• Improve OpenJ9 attachment.
• Avoid null pointer on missing annotation types.
• Improve diagnostics for external agent attachment.
• Improve on Gradle context discovery.
• Support Android libraries on AGP9 or newer.
• Update ASM.

Byte Buddy 1.18.8

• Improve support for repeatable builds.
• Fix reordering of exception table in type initializers when instrumenting.

Byte Buddy 1.18.7

• Introduce new versioning concept with -jdk5 suffix for backwards-compatible jar and Java 8 baseline for regular jar.

Byte Buddy 1.18.5

• Eagerly resolve of canonical files during attach emulation to avoid failure when process ends before file can be deleted.
• Add super classes to hash code / equals computation in Advice that were missing.

Changelog

Sourced from net.bytebuddy:byte-buddy-agent's changelog.

3. June 2026: version 1.18.10

• Delay change of default for unsage use to Java 26 and improve error message.

1. June 2026: version 1.18.9

• Disable use of Unsafe by default when Java 25or newer is discovered.
• Check for escape when creating folders in Plugin.Engine.
• Improve OpenJ9 attachment.
• Avoid null pointer on missing annotation types.
• Improve diagnostics for external agent attachment.
• Improve on Gradle context discovery.
• Support Android libraries on AGP9 or newer.
• Update ASM.

1. April 2026: version 1.18.8

• Improve support for repeatable builds.
• Fix reordering of exception table in type initializers when instrumenting.

1. March 2026: version 1.18.7

• Introduce new versioning concept with -jdk5 suffix for backwards-compatible jar and Java 8 baseline for regular jar.

27. February 2026: version 1.18.6

Accidental release during rework of release pipeline. Functional, but with incorrect suffices.

15. February 2026: version 1.18.5

• Eagerly resolve of canonical files during attach emulation to avoid failure when process ends before file can be deleted.
• Add super classes to hash code / equals computation in Advice that were missing.

Commits

• e85623d [publish] Releasing Byte Buddy 1.18.10
• e3bfa68 [release] Release new version
• 5821ccc Delay disabling of unsafe by default to Java 26 and improve on error message.
• 9d7d4fa Add fuzzing module.
• 5d5dc06 Fix checksum
• d6371aa Add missing checksums.
• 7e47481 Update release notes and checksums.
• cb36b3f [publish] Start next development iteration 1.18.10-SNAPSHOT
• 3d8e72d [publish] Releasing Byte Buddy 1.18.9
• 3525602 [release] Release new version
• Additional commits viewable in compare view

Updates net.bytebuddy:byte-buddy-agent from 1.18.4 to 1.18.10

Release notes

Sourced from net.bytebuddy:byte-buddy-agent's releases.

Byte Buddy 1.18.9

• Disable use of Unsafe by default when Java 25or newer is discovered.
• Check for escape when creating folders in Plugin.Engine.
• Improve OpenJ9 attachment.
• Avoid null pointer on missing annotation types.
• Improve diagnostics for external agent attachment.
• Improve on Gradle context discovery.
• Support Android libraries on AGP9 or newer.
• Update ASM.

Byte Buddy 1.18.8

• Improve support for repeatable builds.
• Fix reordering of exception table in type initializers when instrumenting.

Byte Buddy 1.18.7

• Introduce new versioning concept with -jdk5 suffix for backwards-compatible jar and Java 8 baseline for regular jar.

Byte Buddy 1.18.5

• Eagerly resolve of canonical files during attach emulation to avoid failure when process ends before file can be deleted.
• Add super classes to hash code / equals computation in Advice that were missing.

Changelog

Sourced from net.bytebuddy:byte-buddy-agent's changelog.

3. June 2026: version 1.18.10

• Delay change of default for unsage use to Java 26 and improve error message.

1. June 2026: version 1.18.9

• Disable use of Unsafe by default when Java 25or newer is discovered.
• Check for escape when creating folders in Plugin.Engine.
• Improve OpenJ9 attachment.
• Avoid null pointer on missing annotation types.
• Improve diagnostics for external agent attachment.
• Improve on Gradle context discovery.
• Support Android libraries on AGP9 or newer.
• Update ASM.

1. April 2026: version 1.18.8

• Improve support for repeatable builds.
• Fix reordering of exception table in type initializers when instrumenting.

1. March 2026: version 1.18.7

• Introduce new versioning concept with -jdk5 suffix for backwards-compatible jar and Java 8 baseline for regular jar.

27. February 2026: version 1.18.6

Accidental release during rework of release pipeline. Functional, but with incorrect suffices.

15. February 2026: version 1.18.5

• Eagerly resolve of canonical files during attach emulation to avoid failure when process ends before file can be deleted.
• Add super classes to hash code / equals computation in Advice that were missing.

Commits

• e85623d [publish] Releasing Byte Buddy 1.18.10
• e3bfa68 [release] Release new version
• 5821ccc Delay disabling of unsafe by default to Java 26 and improve on error message.
• 9d7d4fa Add fuzzing module.
• 5d5dc06 Fix checksum
• d6371aa Add missing checksums.
• 7e47481 Update release notes and checksums.
• cb36b3f [publish] Start next development iteration 1.18.10-SNAPSHOT
• 3d8e72d [publish] Releasing Byte Buddy 1.18.9
• 3525602 [release] Release new version
• Additional commits viewable in compare view

Updates net.sourceforge.pmd:pmd-core from 7.22.0 to 7.25.0

Release notes

Sourced from net.sourceforge.pmd:pmd-core's releases.

PMD 7.25.0 (29-May-2026)

29-May-2026 - 7.25.0

The PMD team is pleased to announce PMD 7.25.0.

This is a minor release.

Table Of Contents

• 🚀️ New and noteworthy
  • Updated ANTLR library to 4.13.2
• 🌟️ New and Changed Rules
  • New Rules
  • Changed Rules
  • Renamed rules and properties
• 🐛️ Fixed Issues
• 🚨️ API Changes
  • Deprecations
  • Experimental API
• ✨️ Merged pull requests
• 📦️ Dependency updates
• 📈️ Stats

🚀️ New and noteworthy

Updated ANTLR library to 4.13.2

We have updated the ANTLR library (parser generator) from 4.9.3 to the latest version 4.13.2, in order to be able to use the latest version of Apex parser library.

This is an incompatible update: In case you use custom language modules based on ANTLR, you need to make sure to regenerate all of your lexers and parsers with the new ANTLR version.

For the ANTLR based language modules, that PMD ships (kotlin and swift and various CPD modules), this is already done.

🌟️ New and Changed Rules

New Rules

• The new Java rule JUnitJupiterTestNoPrivateModifier find JUnit test classes and methods that are private. Test classes, test methods, and lifecycle methods are not required to be public, but they must not be private. Otherwise, they won’t be found by the test framework.
• The new Java rule UnnecessaryBlock reports blocks that are unnecessary as they don't introduce a new scope. This rule helps simplify code structure by identifying and flagging redundant blocks that can make code harder to read and may be misleading.
• The new Java rule VariableDeclarationUsageDistance flags local variables that are declared far from their usage, which can make code harder to read. The rule has a property maxDistance that allows to configure the maximum allowed distance between declaration and usage.
• The new Java rule AssertStatementInTest detects usages of assert statement in tests. These should be replaced by framework assertion methods such as assertEquals.

... (truncated)

Commits

• 418f8b7 [release] prepare release pmd_releases/7.25.0
• ba31ce2 Prepare pmd release 7.25.0
• ced4fdc Update contributors for 7.25.0
• 3c65361 chore(deps-dev): bump build-tools from 37 to 38 (#6729)
• f60c490 chore(deps-dev): bump build-tools from 37 to 38
• 6736c60 [java] UnnecessaryBooleanAssertion: Use InvocationMatcher to find assertions ...
• 3f1de35 [doc] Update release notes (#6712)
• 25f30fe [java] Fix #4350: Fix ClassNamingConventions by teaching TestFrameworkUtil ab...
• f306438 [java] Part of #4841: Deprecate unnecessary public methods in FieldDeclaratio...
• ca5bfe4 [java] Fix #6719: UseStandardCharsets UTF-32 on Java >= 22 (#6726)
• Additional commits viewable in compare view

Updates net.sourceforge.pmd:pmd-java from 7.22.0 to 7.25.0

Release notes

Sourced from net.sourceforge.pmd:pmd-java's releases.

PMD 7.25.0 (29-May-2026)

29-May-2026 - 7.25.0

The PMD team is pleased to announce PMD 7.25.0.

This is a minor release.

Table Of Contents

• 🚀️ New and noteworthy
  • Updated ANTLR library to 4.13.2
• 🌟️ New and Changed Rules
  • New Rules
  • Changed Rules
  • Renamed rules and properties
• 🐛️ Fixed Issues
• 🚨️ API Changes
  • Deprecations
  • Experimental API
• ✨️ Merged pull requests
• 📦️ Dependency updates
• 📈️ Stats

🚀️ New and noteworthy

Updated ANTLR library to 4.13.2

We have updated the ANTLR library (parser generator) from 4.9.3 to the latest version 4.13.2, in order to be able to use the latest version of Apex parser library.

This is an incompatible update: In case you use custom language modules based on ANTLR, you need to make sure to regenerate all of your lexers and parsers with the new ANTLR version.

For the ANTLR based language modules, that PMD ships (kotlin and swift and various CPD modules), this is already done.

🌟️ New and Changed Rules

New Rules

• The new Java rule JUnitJupiterTestNoPrivateModifier find JUnit test classes and methods that are private. Test classes, test methods, and lifecycle methods are not required to be public, but they must not be private. Otherwise, they won’t be found by the test framework.
• The new Java rule UnnecessaryBlock reports blocks that are unnecessary as they don't introduce a new scope. This rule helps simplify code structure by identifying and flagging redundant blocks that can make code harder to read and may be misleading.
• The new Java rule VariableDeclarationUsageDistance flags local variables that are declared far from their usage, which can make code harder to read. The rule has a property maxDistance that allows to configure the maximum allowed distance between declaration and usage.
• The new Java rule AssertStatementInTest detects usages of assert statement in tests. These should be replaced by framework assertion methods such as assertEquals.

... (truncated)

Commits

• 418f8b7 [release] prepare release pmd_releases/7.25.0
• ba31ce2 Prepare pmd release 7.25.0
• ced4fdc Update contributors for 7.25.0
• 3c65361 chore(deps-dev): bump build-tools from 37 to 38 (#6729)
• f60c490 chore(deps-dev): bump build-tools from 37 to 38
• 6736c60 [java] UnnecessaryBooleanAssertion: Use InvocationMatcher to find assertions ...
• 3f1de35 [doc] Update release notes (#6712)
• 25f30fe [java] Fix #4350: Fix ClassNamingConventions by teaching TestFrameworkUtil ab...
• f306438 [java] Part of #4841: Deprecate unnecessary public methods in FieldDeclaratio...
• ca5bfe4 [java] Fix #6719: UseStandardCharsets UTF-32 on Java >= 22 (#6726)
• Additional commits viewable in compare view

Updates net.sourceforge.pmd:pmd-java from 7.22.0 to 7.25.0

Release notes

Sourced from net.sourceforge.pmd:pmd-java's releases.

PMD 7.25.0 (29-May-2026)

29-May-2026 - 7.25.0

The PMD team is pleased to announce PMD 7.25.0.

This is a minor release.

Table Of Contents

• 🚀️ New and noteworthy
  • Updated ANTLR library to 4.13.2
• 🌟️ New and Changed Rules
  • New Rules
  • Changed Rules
  • Renamed rules and properties
• 🐛️ Fixed Issues
• 🚨️ API Changes
  • Deprecations
  • Experimental API
• ✨️ Merged pull requests
• 📦️ Dependency updates
• 📈️ Stats

🚀️ New and noteworthy

Updated ...

Description has been truncated