Bump the dependencies group across 1 directory with 19 updates

[dependabot]

Bumps the dependencies group with 19 updates in the / directory:

Package	From	To
de.fraunhofer.iosb.ilt:Configurable	0.35	0.37
de.fraunhofer.iosb.ilt:FROST-Client	0.44	0.45
org.slf4j:slf4j-api	2.0.13	2.0.17
ch.qos.logback:logback-classic	1.5.6	1.5.21
org.apache.commons:commons-collections4	4.4	4.5.0
org.apache.commons:commons-csv	1.11.0	1.14.1
commons-io:commons-io	2.16.1	2.21.0
org.quartz-scheduler:quartz	2.3.2	2.5.1
org.openjfx:javafx-fxml	22.0.1	23.0.2
org.openjfx:javafx-controls	22.0.1	23.0.2
org.geotools:gt-referencing	31.0	34.1
org.geotools:gt-epsg-hsql	31.0	34.1
org.codehaus.groovy:groovy	3.0.21	3.0.25
org.apache.maven.plugins:maven-compiler-plugin	3.13.0	3.14.1
org.apache.maven.plugins:maven-shade-plugin	3.5.3	3.6.1
io.github.git-commit-id:git-commit-id-maven-plugin	8.0.2	9.0.2
org.apache.maven.plugins:maven-javadoc-plugin	3.6.3	3.12.0
org.apache.maven.plugins:maven-gpg-plugin	3.2.4	3.2.8
org.sonatype.plugins:nexus-staging-maven-plugin	1.6.13	1.7.0

Updates de.fraunhofer.iosb.ilt:Configurable from 0.35 to 0.37

Changelog

Sourced from de.fraunhofer.iosb.ilt:Configurable's changelog.

Version 0.37

Updates

• EditorMap no longer initialises optional items that have not been selected but explicitly uses the set default value.

Version 0.36

Updates

• Items in List editors now have a button to move them up in the list.
• fixed NPE if EdOptsBool#dfltIsNull is used
• [FX] Moved list-add button to the left
• Updated dependencies.

Commits

• 720155c Release v0.37
• 05a262a Added default implementation for getDefaultValue
• acaffb0 Updated EditorMap to explicitly use default values for non-selected options
• 5b6e8ef Bumped dependency versions
• d8e7cc4 EditorMap no longer initialises optional items that have not been selected
• 4c1de94 [CI] Fixed path
• c821b7d Reformatted everything with spotless
• 1785c17 [CI] Updated publishing to maven central, added spotless
• 3e379ee [CI] Limit OpenJFX to 22, to stay OpenJDK 17 compatible
• c01f2a0 Prepare for next development iteration
• Additional commits viewable in compare view

Updates de.fraunhofer.iosb.ilt:FROST-Client from 0.44 to 0.45

Changelog

Sourced from de.fraunhofer.iosb.ilt:FROST-Client's changelog.

Release Version 0.45

Updates

• Bumped dependencies.
• Updated minimum required Java version to 11.
• Fixed #288: various issues with OIDC refresh tokens.

Commits

• 3ecfe83 Release v0.45
• f669e32 Bump the dependencies group across 1 directory with 16 updates (#290)
• 556e810 Bump the dependencies group with 1 update (#269)
• ebccbff Fix missing client id in token refresh (#288)
• eba8db7 Fix NPE in token refresh (#288)
• 693da44 Bump the dependencies group with 9 updates (#256)
• d142b72 [CI] Use new NIST NVD API key
• 6f49a94 Fixed JWTS API changes
• a1825c3 Bump the dependencies group with 11 updates
• be55c5d Bump the dependencies group with 1 update (#244)
• Additional commits viewable in compare view

Updates org.slf4j:slf4j-api from 2.0.13 to 2.0.17

Updates ch.qos.logback:logback-classic from 1.5.6 to 1.5.21

Release notes

Sourced from ch.qos.logback:logback-classic's releases.

Logback 1.5.21

2025-11-10 Release of logback version 1.5.21

• Invocations of turbo filters in isDebugEnabled, isInfoEnabled()... remain as they were, untouched. However, any installed instances of TurboFilter are now invoked also from within the log(LoggingEvent) method of Logger with the contents of the LoggingEvent, typically via the fluent API. This fixes issues/871.

• Removed reentry-guard in most subclasses of UnsynchronizedAppenderBase where it was not needed.

• Initialization procedure has been simplified by removing the step instantiating a SerializedModelConfigurator. However, it is still possible to set up SerializedModelConfigurator as a custom configurator.

• JsonEncoder is now friendlier to derivation by sub-classes as requested in issues/979.

• Fixed XMLLayout thread safety issue reported in LOGBACK-427.

• Removed superfluous buffering in Zip, GZ and XZ compression code.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit fed6f37ffe3449e40f6a9fffe050936a33116bd1 associated with the tag v_1.5.21. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.20

2025-10-19 Release of logback version 1.5.20

• Due to potential vulnerabilities associated with dynamic, i.e. runtime, java code compilation and execution (using Janino), the 'condition' attribute within the <if> element is deprecated and will be removed in 2027.

An online migration service is provided to help with the transition.

The <condition> element, new in this version, admits custom PropertyEvaluator as a recommended alternative. See also the updated documentation on conditional configuration.

• Initialization procedure was incorrectly reported as having been simplified in this version, i.e. version 1.5.20 by removing the step instantiating a SerializedModelConfigurator. The actual simplification was done in version 1.5.21

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 930fb15c993a4344bcecc6ba2225c12a2c38e676 associated with the tag v_1.5.20. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.19

2025-09-30 Release of logback version 1.5.19

• Disallow "new" operator in the condition attribute of <if> elements. This fixes an ACE vulnerability recorded as CVE-2025-11226.

• At initialization time, slightly better reporting about watched configuration files.

• Softer message regarding usage of ConsoleAppender and its potential impact on performance.

• In ViewStatusMessagesServlet, restrict processing of "Clear" button to POST method. This change was proposed by Ralf Wiebicke who also provided the relevant PR.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit e572d4f87f06674788eb3ca7148e8d1dffc615fa associated with the tag v_1.5.19. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.18

2025-03-18 Release of logback version 1.5.18

• Added support for XZ compression for archived log files. Note that XZ compression requires Tukaani project's XZ library for Java. In case XZ compression is requested but the XZ library is missing, then logback will substitute GZ compression as a fallback. This feature was requested in issues/755.

• Removed references to java.security.AccessController class. This class has been deprecated for some time and is slated for removal in future JDK versions.

... (truncated)

Commits

• fed6f37 prepare release 1.5.21
• b111e89 Initialization procedure has been simplified by removing the step
• 1cd2df4 fix issues/871
• dea5b95 minor - remove superflous call to Objects.requireNonNull
• 3cecf29 add comment for the TurboFilter list ACCEPT case
• 1497142 improve performance for 2 or more turbo filters
• 04a7ba5 most subclasses of UnsynchronizedAppenderBase do not need a reentry guard
• ab6a006 add maven cache to github CI, update .github/FUNDING.yml
• 2bf5557 fix failed LegacyPatternLayoutTest#subPattern test due to TZ discrepancies, u...
• 2ca8c52 update funding info
• Additional commits viewable in compare view

Updates org.apache.commons:commons-collections4 from 4.4 to 4.5.0

Updates org.apache.commons:commons-csv from 1.11.0 to 1.14.1

Changelog

Sourced from org.apache.commons:commons-csv's changelog.

Apache Commons CSV 1.14.1 Release Notes

The Apache Commons CSV team is pleased to announce the release of Apache Commons CSV 1.14.1.

This document contains the release notes for the 1.14.1 version of Apache Commons CSV. Commons CSV reads and writes files in Comma Separated Value (CSV) format variations.

Commons CSV requires at least Java 8.

The Apache Commons CSV library provides a simple interface for reading and writing CSV files of various types.

This is a feature and maintenance release. Java 8 or later is required.

Changes in this version include:

Fixed Bugs

• CSV-318: CSVPrinter.printRecord(Stream) hangs if given a parallel stream. Thanks to Joseph Shraibman, Gary Gregory.
• CSV-318: CSVPrinter now uses an internal lock instead of synchronized methods. Thanks to Joseph Shraibman, Gary Gregory.

•       org.apache.commons.csv.CSVPrinter.printRecords(ResultSet) now writes one record at a time using a lock. Thanks to Gary Gregory.
  

Changes

•       Bump org.apache.commons:commons-parent from 81 to 85 [#542](https://github.com/apache/commons-csv/issues/542). Thanks to Gary Gregory, Dependabot.
  

•       Bump commons-io:commons-io from 2.18.0 to 2.20.0. Thanks to Gary Gregory.
  

•       Bump com.opencsv:opencsv from 5.10 to 5.11.2 [#545](https://github.com/apache/commons-csv/issues/545), [#551](https://github.com/apache/commons-csv/issues/551), [#553](https://github.com/apache/commons-csv/issues/553). Thanks to Gary Gregory, Dependabot.
  

•       Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 [#556](https://github.com/apache/commons-csv/issues/556). Thanks to Gary Gregory, Dependabot.
  

•       Bump commons-codec:commons-codec from 1.18.0 to 1.19.0. Thanks to Gary Gregory.
  

Historical list of changes: https://commons.apache.org/proper/commons-csv/changes.html

For complete information on Apache Commons CSV, including instructions on how to submit bug reports, patches, or suggestions for improvement, see the Apache Commons CSV website:

https://commons.apache.org/proper/commons-csv/

Download page: https://commons.apache.org/proper/commons-csv/download_csv.cgi

Have fun! -Apache Commons CSV team

---

Apache Commons CSV 1.14.0 Release Notes

... (truncated)

Commits

• e14ef86 Ignore macOS file
• d8724bf Prepare for the release candidate 1.14.1 RC1
• b76971c Prepare for the next release candidate
• b66814e Merge pull request #557 from apache/dependabot/github_actions/github/codeql-a...
• 9c95e92 Bump github/codeql-action from 3.29.2 to 3.29.4
• 1fb3716 Bump commons-codec:commons-codec from 1.18.0 to 1.19.0
• 7b72c50 Merge some string literals
• 9658373 Update the GitHub pull request template for AI
• 67192a9 Bump commons-io:commons-io from 2.19.0 to 2.20.0
• 59164c8 Bump com.opencsv:opencsv from 5.11.1 to 5.11.2 #553
• Additional commits viewable in compare view

Updates commons-io:commons-io from 2.16.1 to 2.21.0

Changelog

Sourced from commons-io:commons-io's changelog.

Apache Commons IO 2.21.0 Release Notes

The Apache Commons IO team is pleased to announce the release of Apache Commons IO 2.21.0.

Introduction

The Apache Commons IO library contains utility classes, stream implementations, file filters, file comparators, endian transformation classes, and much more.

Version 2.21.0: Java 8 or later is required.

New features

o FileUtils#byteCountToDisplaySize() supports Zettabyte, Yottabyte, Ronnabyte and Quettabyte #763. Thanks to strangelookingnerd, Gary Gregory. o Add org.apache.commons.io.FileUtils.ONE_RB #763. Thanks to strangelookingnerd, Gary Gregory. o Add org.apache.commons.io.FileUtils.ONE_QB #763. Thanks to strangelookingnerd, Gary Gregory. o Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(byte[], int, int, long). Thanks to Gary Gregory. o Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(byte[], long). Thanks to Gary Gregory. o Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(int, long). Thanks to Gary Gregory. o Add length unit support in FileSystem limits. Thanks to Piotr P. Karwasz. o Add IOUtils.toByteArray(InputStream, int, int) for safer chunked reading with size validation. Thanks to Piotr P. Karwasz. o Add org.apache.commons.io.file.PathUtils.getPath(String, String). Thanks to Gary Gregory. o Add org.apache.commons.io.channels.ByteArraySeekableByteChannel. Thanks to Gary Gregory. o Add IOIterable.asIterable(). Thanks to Gary Gregory. o Add NIO channel support to AbstractStreamBuilder. Thanks to Piotr P. Karwasz. o Add CloseShieldChannel to close-shielded NIO Channels #786. Thanks to Piotr P. Karwasz. o Added IOUtils.checkFromIndexSize as a Java 8 backport of Objects.checkFromIndexSize #790. Thanks to Piotr P. Karwasz.

Fixed Bugs

o When testing on Java 21 and up, enable -XX:+EnableDynamicAgentLoading. Thanks to Gary Gregory. o When testing on Java 24 and up, don't fail FileUtilsListFilesTest for a different behavior in the JRE. Thanks to Gary Gregory. o ValidatingObjectInputStream does not validate dynamic proxy interfaces. Thanks to Stanislav Fort, Gary Gregory. o BoundedInputStream.getRemaining() now reports Long.MAX_VALUE instead of 0 when no limit is set. Thanks to Piotr P. Karwasz. o BoundedInputStream.available() correctly accounts for the maximum read limit. Thanks to Piotr P. Karwasz. o Deprecate IOUtils.readFully(InputStream, int) in favor of toByteArray(InputStream, int). Thanks to Gary Gregory, Piotr P. Karwasz. o IOUtils.toByteArray(InputStream) now throws IOException on byte array overflow. Thanks to Piotr P. Karwasz. o Javadoc general improvements. Thanks to Gary Gregory, Piotr P. Karwasz. o IOUtils.toByteArray() now throws EOFException when not enough data is available #796. Thanks to Piotr P. Karwasz. o Fix IOUtils.skip() usage in concurrent scenarios. Thanks to Piotr P. Karwasz. o [javadoc] Fix XmlStreamReader Javadoc to indicate the correct class that is built #806. Thanks to J Hawkins.

Changes

o Bump org.apache.commons:commons-parent from 85 to 91 #774, #783, #808. Thanks to Gary Gregory, Dependabot.

... (truncated)

Commits

• 54073d3 Prepare for the release candidate 2.21.0 RC1
• f141f09 Prepare for the next release candidate
• adcf135 Add license header
• 0f499d0 Use new oak logo
• 34a961c Use HTTPS in URL
• 9e51118 Use HTTPS in URL
• d715865 Add dependabot email [skip ci]
• 3d6a7e1 Javadoc
• ad875d5 Bump actions/upload-artifact from 4.6.2 to 5.0.0 (#810)
• bc01dee Bump github/codeql-action from 4.30.9 to 4.31.2 (#811)
• Additional commits viewable in compare view

Updates org.quartz-scheduler:quartz from 2.3.2 to 2.5.1

Release notes

Sourced from org.quartz-scheduler:quartz's releases.

Quartz 2.5.1

This is a bug-fix and dependency upgrade release of the 2.5.x line.

All changes/updates:

Completed Issues

Jars can be found on Maven Central:
quartz.jar quartz-jobs.jar

Quartz 2.5.0

Most Significant Changes This Release (over 2.4.0):

[!IMPORTANT]
BREAKING CHANGE: Move to Jakarta namespace

[!IMPORTANT]
BREAKING CHANGE: Move to JDK 11

All changes/updates:

Open Issues

Completed Issues

Quartz 2.4.1

This is a bug-fix and dependency upgrade release of the 2.4.x line.

All changes/updates:

Completed Issues

Jars can be found on Maven Central:
quartz.jar quartz-jobs.jar

Quartz 2.4.0

Most Significant Changes This Release:

• Quartz 2.4.0 now requires minimum Java version of Java 8
• Quartz build system moved to Gradle
• 3rd party libraries (slf4j, log4j, Hikari, etc.) upgraded to more recent versions
• Maven POMs generated from gradle declare 3rd party dependencies as "provided" scope
• Removal of old TerracottaJobStore
• "NativeJob" class removed from "quartz-jobs" artifact. This resolves security concerns related to code execution. While it is possible to safely use this Job class, it is a risk for users that don’t engage some thought. If you wish to still use this job or something like it, the source code for it can now be found as "example15".
• Example programs can now simply be executed via gradle. See the "examples_guide.txt" file in the examples folder of the quartz repository for full description and info.

All changes/updates:

... (truncated)

Commits

• 5c6447e Set quartzVersion to 2.5.1
• 2a97f39 Merge pull request #1405 from akomakom/ci-sonatype-url
• c339ed9 Sonatype URL changes for central
• 21e87cf Merge pull request #1403 from jhouserizer/remove_ref_docs
• aa5c6b8 remove redundant copies of docs from this repo, reference in site repo
• 1cade27 Merge pull request #1344 from vibbix/feature/bulk-loaders
• bb88264 - more formatting fixes
• 7fee004 - more formatting fixes
• 7236820 - more formatting fixes
• 5c073df - rebased PR
• Additional commits viewable in compare view

Updates org.openjfx:javafx-fxml from 22.0.1 to 23.0.2

Updates org.openjfx:javafx-controls from 22.0.1 to 23.0.2

Updates org.openjfx:javafx-controls from 22.0.1 to 23.0.2

Updates org.geotools:gt-referencing from 31.0 to 34.1

Updates org.geotools:gt-epsg-hsql from 31.0 to 34.1

Updates org.geotools:gt-epsg-hsql from 31.0 to 34.1

Updates org.codehaus.groovy:groovy from 3.0.21 to 3.0.25

Commits

• See full diff in compare view

Updates org.apache.maven.plugins:maven-compiler-plugin from 3.13.0 to 3.14.1

Release notes

Sourced from org.apache.maven.plugins:maven-compiler-plugin's releases.

3.14.1

🚀 New features and improvements

• Improve DeltaList behavior for large projects (#335) @​gsmet
• Allow to not use --module-version for the Java compiler (#331) @​pzygielo

🐛 Bug Fixes

• Add generatedSourcesPath back to the maven project (#312) @​mensinda
• [MCOMPILER-538] - Do not add target/generated-sources/annotations to the source roots (#191) @​mensinda

📦 Dependency updates

• Enforce asm version used here, to not depend on brittle transitive (#964) @​olamy
• Bump mavenVersion from 3.9.10 to 3.9.11 (#952) @dependabot[bot]
• Bump org.apache.maven.plugins:maven-plugins from 44 to 45 (#935) @dependabot[bot]
• Bump mavenVersion from 3.9.9 to 3.9.10 (#336) @dependabot[bot]
• Bump org.codehaus.plexus:plexus-java from 1.4.0 to 1.5.0 (#324) @dependabot[bot]
• Bump org.apache.maven.plugins:maven-plugins from 43 to 44 (#316) @dependabot[bot]

3.14.0

🚀 New features and improvements

• Enable GitHub Issues (#305) @​slawekjaranowski
• [MCOMPILER-579] - allow module-version configuration (#273) @​mguillem
• Bump org.codehaus.plexus:plexus-java from 1.2.0 to 1.4.0 - JDK 24 support (#293) @dependabot[bot]
• Update release-drafter configuration, PR automation (#281) @​slawekjaranowski
• [MCOMPILER-588] - JUnit4 test framework to JUnit5 migration (#236) @​MidNight-er

🐛 Bug Fixes

• Fix release-drafter config (#292) @​slawekjaranowski
• [MCOMPILER-591] - testCompile - fix detections of target less than 1.9 (#240) @​slawekjaranowski

📦 Dependency updates

• Bump org.codehaus.plexus:plexus-java from 1.2.0 to 1.4.0 - JDK 24 support (#293) @dependabot[bot]
• Bump mavenVersion from 3.6.3 to 3.9.9 (#283) @dependabot[bot]
• Bump org.mockito:mockito-core from 4.8.0 to 4.11.0 (#288) @dependabot[bot]
• Bump org.apache.maven.plugins:maven-plugins from 42 to 43 (#285) @dependabot[bot]
• [MCOMPILER-590] - Bump org.apache.maven.plugins:maven-plugins from 41 to 42 (#235) @dependabot[bot]

👻 Maintenance

• Update scm tag according to branch (#303) @​slawekjaranowski
• [MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#300) @​Bukama
• Use JUnit version from parent (#299) @​slawekjaranowski
• [MCOMPILER-529] - Update docs about version schema (Maven 3) (#295) @​Bukama

... (truncated)

Commits

• 0df6940 [maven-release-plugin] prepare release maven-compiler-plugin-3.14.1
• 1bf9e5a Enforce asm version used here, to not depend on brittle transitive (#964)
• f5161c4 Bump mavenVersion from 3.9.10 to 3.9.11 (#952)
• 63846f1 Improve DeltaList behavior for large projects (#335)
• ab3f845 Bump org.apache.maven.plugins:maven-plugins from 44 to 45
• 164bad4 Allow to not use --module-version for the Java compiler
• 0b76ccd Bump mavenVersion from 3.9.9 to 3.9.10
• 5dbc9c3 Bump org.codehaus.plexus:plexus-java from 1.4.0 to 1.5.0
• 17949d1 Bump org.apache.maven.plugins:maven-plugins from 43 to 44 (#316)
• d44d1be Add generatedSourcesPath back to the maven project
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-shade-plugin from 3.5.3 to 3.6.1

Release notes

Sourced from org.apache.maven.plugins:maven-shade-plugin's releases.

3.6.1

📝 Documentation updates

• [MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#250) @​Bukama

👻 Maintenance

• Enable prevent branch protection rules (#746) @​sparsick
• Enable GH issues (#253) @​Bukama
• Add missing @​Override annotations (#246) @​elharo
• Merge ApacheLicenseResourceTransformer tests (#245) @​Goooler
• Add test cases for .md supports in the Apache License and Notice transformers (#243) @​Goooler
• [MSHADE-479] - Make the mojo much less noisy (#233) @​elharo

📦 Dependency updates

• Bump org.codehaus.mojo:mrm-maven-plugin from 1.6.0 to 1.7.0 (#748) @dependabot[bot]
• Bump org.hamcrest:hamcrest-core from 2.2 to 3.0 (#235) @dependabot[bot]
• Bump org.apache.maven.plugins:maven-plugins from 42 to 45 (#738) @dependabot[bot]
• Bump org.apache.commons:commons-compress from 1.26.2 to 1.28.0 (#743) @dependabot[bot]
• Bump org.xmlunit:xmlunit-legacy from 2.10.0 to 2.10.3 (#745) @dependabot[bot]
• Bump ASM 9.8 to support JDK 25 bytecode (#744) @​pan3793
• Bump commons-io:commons-io from 2.13.0 to 2.14.0 in /src/it/projects/MSHADE-105/shaded-jar (#241) @dependabot[bot]

3.6.0

What's Changed

• Drop the cruft by @​cstamas in apache/maven-shade-plugin#225
• [MSHADE-478] Extra JARs feature by @​cstamas in apache/maven-shade-plugin#228
• [MSHADE-428] Prevent null value in array of transformers by @​cstamas in apache/maven-shade-plugin#229

Full Changelog: apache/maven-shade-plugin@maven-shade-plugin-3.5.3...maven-shade-plugin-3.6.0

Commits

• 06902bd [maven-release-plugin] prepare release maven-shade-plugin-3.6.1
• 29e9a9d add .git
• 844e61a use github
• 43101f9 [maven-release-plugin] prepare release maven-shade-plugin-3.6.1
• 2ffb28d use release drafter v4 and dependabot to updade gha as well (#750)
• f5b590e Bump org.codehaus.mojo:mrm-maven-plugin from 1.6.0 to 1.7.0
• eee0319 Bump org.hamcrest:hamcrest-core from 2.2 to 3.0
• 0d5a7a4 fix upgrade, remove those useless final
• 6e5f0f3 Bump org.apache.maven.plugins:maven-plugins from 42 to 45
• 35febed Bump org.apache.commons:commons-compress from 1.26.2 to 1.28.0
• Additional commits viewable in compare view

Updates io.github.git-commit-id:git-commit-id-maven-plugin from 8.0.2 to 9.0.2

Release notes

Sourced from io.github.git-commit-id:git-commit-id-maven-plugin's releases.

Version 9.0.2 is finally there and includes various bug-fixes and improvements :-)

New Features / Bug-Fixes:

The main key-aspects that have been improved or being worked on are the following:

• general changes
  • #833: Update docs
• bump several plugins
  • bump io.github.git-commit-id:git-commit-id-plugin-core from 6.0.0-rc.8 to 6.0.0
    • Includes #847: Add support for Github Actions build number
    • Refer to https://github.com/git-commit-id/git-commit-id-plugin-core/releases/tag/v6.0.0 for a full-changelog
  • bump org.junit.jupiter:* from 5.10.2 to 5.12.2 (scope test)
  • bump org.mockito:mockito-core from 5.12.0 to 5.18.0 (scope test)
  • bump org.assertj:assertj-core from 3.26.0 to 3.27.3 (scope test)
  • bump commons-io:commons-io from 2.16.1 to 2.19.0 (scope test)
  • bump org.slf4j:slf4j-simple from 2.0.13 to 2.0.17 (scope test)
• bump several maven plugins
  • bump org.apache.maven.plugins:maven-plugin-plugin from 3.13.1 to 3.15.1
  • bump org.apache.maven.plugins:maven-dependency-plugin from 3.7.1 to 3.8.1
  • bump org.apache.maven.plugins:maven-release-plugin from 3.1.0 to 3.1.1
  • bump org.apache.maven.plugins:maven-compiler-plugin from 3.13.0 to 3.14.0
  • bump org.apache.maven.plugins:maven-gpg-plugin from 3.2.4 to 3.2.7
  • bump org.apache.maven.plugins:maven-clean-plugin from 3.4.0 to 3.4.1
  • bump org.apache.maven.plugins:maven-jar-plugin from 3.4.1 to 3.4.2
  • bump org.apache.maven.plugins:maven-surefire-plugin from 3.3.0 to 3.5.3
  • bump org.apache.maven.plugins:maven-install-plugin from 3.1.2 to 3.1.4
  • bump org.apache.maven.plugins:maven-deploy-plugin from 3.1.2 to 3.1.4
  • bump org.apache.maven.plugins:maven-site-plugin from 3.12.1 to 3.21.0
  • bump org.apache.maven.plugins:maven-javadoc-plugin from 3.7.0 to 3.11.2
  • bump org.apache.maven.plugins:maven-release-plugin from 3.1.0 to 3.1.1

Getting the latest release

The plugin is available from Maven Central (see here), so you don't have to configure any additional repositories to use this plugin. All you need to do is to configure it inside your project as dependency:

<dependency>
    <groupId>io.github.git-commit-id</groupId>
    <artifactId>git-commit-id-maven-plugin</artifactId>
    <version>9.0.2</version>
</dependency>

Getting the latest snapshot (build automatically)

If you can't wait for the next release, you can also get the latest snapshot version from sonatype, that is being deployed automatically by github actions:

<pluginRepositories>
    <pluginRepository>
        <id>sonatype-snapshots</id>
        <name>Sonatype Snapshots</name>
         <url>https://s01.oss.sonatype.org/content/repositories/snapshots/</url>
</tr></table> 

... (truncated)

Commits

• 124c9dd [maven-release-plugin] prepare release v9.0.2
• 6498afc try to make tests pass locally and on github
• 2b4bda3 Merge pull request #850 from git-commit-id/dependabot/maven/io.github.git-com...
• a39bbe4 make tests pass with io.github.git-commit-id:git-commit-id-plugin-core:6.0.0
• dc10ead Merge pull request #851 from git-commit-id/dependabot/maven/org.mockito-mocki...
• ceb9ab8 build(deps-dev): bump org.mockito:mockito-core from 5.17.0 to 5.18.0
• 7235678 build(deps): bump io.github.git-commit-id:git-commit-id-plugin-core
• d06a70b Merge pull request #845 from git-commit-id/dependabot/maven/commons-io-common...
• 76f6226 build(deps-dev): bump commons-io:commons-io from 2.18.0 to 2.19.0
• 3390d21 Merge pull request #837 from git-commit-id/dependabot/maven/junit.version-5.12.1
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-javadoc-plugin from 3.6.3 to 3.12.0

Release notes

Sourced from org.apache.maven.plugins:maven-javadoc-plugin's releases.

3.12.0

💥 Breaking changes

• remove fix mojo (#1263) @​elharo
• detectOfflineLinks is now false per default for all jar mojo issue #1258 (#1259) @​olamy

🐛 Bug Fixes

• Fix legacyMode (#1265) @​fridrich
• Fix package {...} does not exist in legacyMode (#1243) @​JackPGreen
• Ensure UTF-8 charset is used to avoid IllegalArgumentException: Null charset name (#1245) @​elharo
• Remove Javadoc 1.4+ / -1.1 switch related warning (#1240) @​perceptron8

👻 Maintenance

• protect 3.8.x branch (#1238) @​hboutemy
• feat: enable prevent branch protection rules (#1228) @​sparsick

📦 Dependency updates

• Bump org.codehaus.mojo:mrm-maven-plugin from 1.6.0 to 1.7.0 (#1257) @dependabot[bot]

3.11.3

🚨 Removed

• Remove workaround for long patched CVE in javadoc (#388) @​elharo

🚀 New features and improvements

• Issue #369 Support --no-fonts option per default for jdk 23+ (#375) @​olamy

🐛 Bug Fixes

• Make the legacyMode consistent (Filter out all of the module-info.java files in legacy mode, do not use --source-path in legacy mode) (#1217) @​fridrich
• [MJAVADOC-826] - Don't try to modify project source roots (#358) @​oehme

📝 Documentation updates

• Correct javadoc-no-fork description on index-page (#368) @​Bukama
• [MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#360) @​Bukama
• (doc) Close links tag in links parameter javadoc example (#355) @​sixcorners

👻 Maintenance

• Be consistent about data encoding when copying files (#1215) @​fridrich
• Clean up JavadocUtilTest (#1210) @​elharo
• Use Java 7 relativization instead of hand-rolled code (#385) @​elharo
• Rephrase source code fix interactive messages for clarity (#390) @​elharo

... (truncated)

Commits

• 2a06bed [maven-release-plugin] prepare release maven-javadoc-plugin-3.12.0
• a71ecf9 bump version 3.12.0-SNAPSHOT
• 88f2b71 [maven-release-plugin] prepare for next development iteration
• 7e18956 [maven-release-plugin] prepare release maven-javadoc-plugin-3.11.4
• c11b76c In legacyMode, don't use -sourcepath, unless excludePackageNames is not empty...
• bc9904b remove fix mojo (#1263)
• f310135 Fix package {...} does not exist in legacyMode (#1243)
• c8270f9 detectOfflineLinks is now false per default for all jar mojo issue #1258 ...
• 953e609 Delete flaky test (#1260)
• 2bba7a4 Bump org.codehaus.mojo:mrm-maven-plugin from 1.6.0 to 1.7.0
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-gpg-plugin from 3.2.4 to 3.2.8

Release notes

Sourced from org.apache.maven.plugins:maven-gpg-plugin's releases.

3.2.8

🐛 Bug Fixes

• Make empty classifier null (not empty string) (#287) @​cstamas

📝 Documentation updates

• [MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#129) @​Bukama
• Describe how to prime a specific GPG key (#128) @​kwin

👻 Maintenance

• Enable GitHub issues (#134) @​Bukama
• Prefer Guice constructor injection (#126) @​elharo

📦 Dependency updates

• Update parent POM to 45 (#284) @​cstamas
• Bump bouncycastleVersion from 1.78.1 to 1.80 (