Bump the dependencies group across 1 directory with 66 updates by dependabot[bot] · Pull Request #4138 · apache/logging-log4j2

dependabot · 2026-06-02T05:44:14Z

Bumps the dependencies group with 65 updates in the / directory:

Package	From	To
org.apache.logging.log4j:log4j-api	`2.24.3`	`2.26.0`
org.apache.logging.log4j:log4j-api-test	`2.24.3`	`2.26.0`
org.apache.logging.log4j:log4j-iostreams	`2.24.3`	`2.26.0`
org.apache.logging.log4j:log4j-jpl	`2.24.3`	`2.26.0`
org.apache.logging.log4j:log4j-slf4j2-impl	`2.24.3`	`2.26.0`
org.apache.logging.log4j:log4j-slf4j-impl	`2.24.3`	`2.26.0`
org.apache.logging.log4j:log4j-to-jul	`2.24.3`	`2.26.0`
org.apache.logging.log4j:log4j-to-slf4j	`2.24.3`	`2.26.0`
org.apache.commons:commons-csv	`1.14.0`	`1.14.1`
commons-logging:commons-logging	`1.3.5`	`1.3.6`
ch.qos.logback:logback-core	`1.5.18`	`1.5.34`
org.slf4j:slf4j-api	`2.0.17`	`2.0.18`
org.apache.groovy:groovy-bom	`4.0.27`	`5.0.6`
tools.jackson:jackson-bom	`3.0.0`	`3.1.4`
org.junit:junit-bom	`5.13.4`	`6.1.0`
org.junit.jupiter:junit-jupiter-engine	`5.13.4`	`6.1.0`
org.mockito:mockito-bom	`5.18.0`	`5.23.0`
org.assertj:assertj-core	`3.27.3`	`3.27.7`
net.bytebuddy:byte-buddy	`1.17.6`	`1.18.9`
commons-codec:commons-codec	`1.18.0`	`1.22.0`
org.apache.commons:commons-dbcp2	`2.13.0`	`2.14.0`
commons-io:commons-io	`2.20.0`	`2.22.0`
org.apache.commons:commons-lang3	`3.17.0`	`3.20.0`
org.apache.commons:commons-pool2	`2.12.1`	`2.13.1`
com.google.guava:guava	`33.4.8-jre`	`33.6.0-jre`
com.google.guava:guava-testlib	`33.4.8-jre`	`33.6.0-jre`
com.h2database:h2	`2.3.232`	`2.4.240`
com.google.code.java-allocation-instrumenter:java-allocation-instrumenter	`3.3.4`	`3.3.5`
org.jctools:jctools-core	`4.0.5`	`4.0.6`
org.jmdns:jmdns	`3.6.1`	`3.6.3`
net.java.dev.jna:jna	`5.17.0`	`5.18.1`
net.javacrumbs.json-unit:json-unit	`4.1.1`	`5.1.2`
com.vlkan.log4j2:log4j2-logstash-layout	`0.18`	`1.0.5`
org.apache.maven:maven-core	`3.9.10`	`3.9.16`
org.apache.maven:maven-model	`3.9.10`	`3.9.16`
org.openjdk.nashorn:nashorn-core	`15.6`	`15.7`
org.eclipse.platform:org.eclipse.osgi	`3.23.100`	`3.24.100`
org.codehaus.plexus:plexus-utils	`3.6.0`	`3.6.1`
org.xmlunit:xmlunit-core	`2.10.3`	`2.12.0`
org.xmlunit:xmlunit-matchers	`2.10.3`	`2.12.0`
biz.aQute.bnd:biz.aQute.bnd.annotation	`7.1.0`	`7.2.3`
com.github.spotbugs:spotbugs-annotations	`4.9.3`	`4.9.8`
io.fabric8:docker-maven-plugin	`0.46.0`	`0.48.1`
org.tukaani:xz	`1.10`	`1.12`
com.github.luben:zstd-jni	`1.5.7-4`	`1.5.7-9`
org.apache.commons:commons-compress	`1.27.1`	`1.28.0`
com.google.code.gson:gson	`2.13.1`	`2.14.0`
org.slf4j:slf4j-api	`2.0.17`	`2.0.18`
org.slf4j:slf4j-nop	`2.0.17`	`2.0.18`
org.wiremock:wiremock	`3.13.1`	`3.13.2`
com.fasterxml.jackson.core:jackson-databind	`2.20.0`	`2.22.0`
com.fasterxml.jackson.dataformat:jackson-dataformat-yaml	`2.20.0`	`2.22.0`
org.javassist:javassist	`3.30.2-GA`	`3.31.0-GA`
co.elastic.clients:elasticsearch-java	`9.2.0`	`9.4.2`
org.elasticsearch.client:elasticsearch-rest-client	`9.2.0`	`9.4.2`
co.elastic.logging:log4j2-ecs-layout	`1.7.0`	`1.8.0`
org.mongodb:bson	`5.5.1`	`5.8.0`
org.mongodb:mongodb-driver-core	`5.5.1`	`5.8.0`
org.mongodb:mongodb-driver-sync	`5.5.1`	`5.8.0`
ch.qos.logback:logback-classic	`1.5.18`	`1.5.34`
org.springframework:spring-framework-bom	`6.2.9`	`7.0.7`
org.springframework:spring-core	`6.2.9`	`7.0.7`
org.springframework.boot:spring-boot-autoconfigure	`3.5.3`	`4.0.6`
org.springframework.boot:spring-boot-starter-test	`3.5.3`	`4.0.6`
org.springframework.boot:spring-boot-starter-log4j2	`3.5.3`	`4.0.6`
org.springframework.cloud:spring-cloud-context	`4.3.0`	`5.0.1`

Updates org.apache.logging.log4j:log4j-api from 2.24.3 to 2.26.0

Updates org.apache.logging.log4j:log4j-api-test from 2.24.3 to 2.26.0

Updates org.apache.logging.log4j:log4j-iostreams from 2.24.3 to 2.26.0

Updates org.apache.logging.log4j:log4j-jpl from 2.24.3 to 2.26.0

Updates org.apache.logging.log4j:log4j-slf4j2-impl from 2.24.3 to 2.26.0

Updates org.apache.logging.log4j:log4j-slf4j-impl from 2.24.3 to 2.26.0

Updates org.apache.logging.log4j:log4j-to-jul from 2.24.3 to 2.26.0

Updates org.apache.logging.log4j:log4j-to-slf4j from 2.24.3 to 2.26.0

Updates org.apache.logging.log4j:log4j-api-test from 2.24.3 to 2.26.0

Updates org.apache.logging.log4j:log4j-iostreams from 2.24.3 to 2.26.0

Updates org.apache.logging.log4j:log4j-jpl from 2.24.3 to 2.26.0

Updates org.apache.logging.log4j:log4j-slf4j2-impl from 2.24.3 to 2.26.0

Updates org.apache.logging.log4j:log4j-slf4j-impl from 2.24.3 to 2.26.0

Updates org.apache.logging.log4j:log4j-to-jul from 2.24.3 to 2.26.0

Updates org.apache.logging.log4j:log4j-to-slf4j from 2.24.3 to 2.26.0

Updates org.apache.commons:commons-csv from 1.14.0 to 1.14.1

Changelog

Sourced from org.apache.commons:commons-csv's changelog.

Apache Commons CSV 1.14.1 Release Notes

The Apache Commons CSV team is pleased to announce the release of Apache Commons CSV 1.14.1.

This document contains the release notes for the 1.14.1 version of Apache Commons CSV. Commons CSV reads and writes files in Comma Separated Value (CSV) format variations.

Commons CSV requires at least Java 8.

The Apache Commons CSV library provides a simple interface for reading and writing CSV files of various types.

This is a feature and maintenance release. Java 8 or later is required.

Changes in this version include:

Fixed Bugs
CSV-318: CSVPrinter.printRecord(Stream) hangs if given a parallel stream. Thanks to Joseph Shraibman, Gary Gregory.

CSV-318: CSVPrinter now uses an internal lock instead of synchronized methods. Thanks to Joseph Shraibman, Gary Gregory.
      org.apache.commons.csv.CSVPrinter.printRecords(ResultSet) now writes one record at a time using a lock. Thanks to Gary Gregory.
Changes
      Bump org.apache.commons:commons-parent from 81 to 85 [#542](https://github.com/apache/commons-csv/issues/542). Thanks to Gary Gregory, Dependabot.
      Bump commons-io:commons-io from 2.18.0 to 2.20.0. Thanks to Gary Gregory.
      Bump com.opencsv:opencsv from 5.10 to 5.11.2 [#545](https://github.com/apache/commons-csv/issues/545), [#551](https://github.com/apache/commons-csv/issues/551), [#553](https://github.com/apache/commons-csv/issues/553). Thanks to Gary Gregory, Dependabot.
      Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 [#556](https://github.com/apache/commons-csv/issues/556). Thanks to Gary Gregory, Dependabot.
      Bump commons-codec:commons-codec from 1.18.0 to 1.19.0. Thanks to Gary Gregory.
Historical list of changes: https://commons.apache.org/proper/commons-csv/changes.html

For complete information on Apache Commons CSV, including instructions on how to submit bug reports, patches, or suggestions for improvement, see the Apache Commons CSV website:

https://commons.apache.org/proper/commons-csv/

Download page: https://commons.apache.org/proper/commons-csv/download_csv.cgi

Have fun! -Apache Commons CSV team

Commits

e14ef86 Ignore macOS file
d8724bf Prepare for the release candidate 1.14.1 RC1
b76971c Prepare for the next release candidate
b66814e Merge pull request #557 from apache/dependabot/github_actions/github/codeql-a...
9c95e92 Bump github/codeql-action from 3.29.2 to 3.29.4
1fb3716 Bump commons-codec:commons-codec from 1.18.0 to 1.19.0
7b72c50 Merge some string literals
9658373 Update the GitHub pull request template for AI
67192a9 Bump commons-io:commons-io from 2.19.0 to 2.20.0
59164c8 Bump com.opencsv:opencsv from 5.11.1 to 5.11.2 #553
Additional commits viewable in compare view

Updates commons-logging:commons-logging from 1.3.5 to 1.3.6

Changelog

Sourced from commons-logging:commons-logging's changelog.

Apache Commons Logging 1.3.6 Release Notes

The Apache Commons Logging team is pleased to announce the release of Apache Commons Logging 1.3.6.

Apache Commons Logging is a thin adapter allowing configurable bridging to other, well-known logging systems.

This is a feature and maintenance release. Java 8 or later is required.

Changes in this version

Fixed Bugs

          Fix running spotbugs:check: Unable to parse configuration of mojo. Thanks to Gary Gregory.

          Update deprecated call in PathableClassLoader.addLogicalLib(String). Thanks to Gary Gregory.

          Fix malformed Javadoc comments. Thanks to Gary Gregory.

          Fix log level in Slf4jLogFactory.error(Object, Throwable) [#416](https://github.com/apache/commons-logging/issues/416). Thanks to Gary Gregory.

Changes

          Bump org.apache.commons:commons-parent from 81 to 97 [#361](https://github.com/apache/commons-logging/issues/361), [#367](https://github.com/apache/commons-logging/issues/367), [#388](https://github.com/apache/commons-logging/issues/388), [#409](https://github.com/apache/commons-logging/issues/409), [#410](https://github.com/apache/commons-logging/issues/410). Thanks to Gary Gregory, Dependabot.

          Bump org.slf4j:slf4j-api from 2.0.16 to 2.0.17 [#344](https://github.com/apache/commons-logging/issues/344). Thanks to Gary Gregory, Dependabot.

          Bump com.h3xstream.findsecbugs:findsecbugs-plugin from 1.13.0 to 1.14.0 [#360](https://github.com/apache/commons-logging/issues/360). Thanks to Gary Gregory, Dependabot.

          Bump log4j2.version from 2.24.3 to 2.25.3 [#371](https://github.com/apache/commons-logging/issues/371), [#412](https://github.com/apache/commons-logging/issues/412). Thanks to Gary Gregory, Dependabot.

          Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.20.0 [#373](https://github.com/apache/commons-logging/issues/373). Thanks to Gary Gregory, Dependabot.

          Bump ch.qos.logback:logback-core from 1.3.14 to 1.3.16 [#411](https://github.com/apache/commons-logging/issues/411).. Thanks to Gary Gregory, Dependabot.

Historical list of changes: https://commons.apache.org/proper/commons-logging/changes.html

Download it from https://commons.apache.org/proper/commons-logging/download_logging.cgi

For complete information on Apache Commons Logging, including instructions on how to submit bug reports, patches, or suggestions for improvement, see the Apache Commons Logging website:

https://commons.apache.org/proper/commons-logging/

Commits

141c9ea Prepare for the release candidate 1.3.6 RC1
05cbf46 Prepare for release
3ea5f4d Prepare for the next release candidate
d8e5e80 Simplify
694754e Simpler description.
97e7660 Fix log level in Slf4jLogFactory.error(Object, Throwable) #416
07452cc fix LogLevel (#416)
c8c20de Bump github/codeql-action from 4.32.4 to 4.32.5
b879d3e Bump org.apache.commons:commons-parent from 96 to 97.
5b2e759 Add security page.
Additional commits viewable in compare view

Updates ch.qos.logback:logback-core from 1.5.18 to 1.5.34

Release notes

Sourced from ch.qos.logback:logback-core's releases.

Logback 1.5.33

2026-05-27 Release of logback version 1.5.33

• PropertiesConfiguratorModelHandler now registers properties file URLs to the ConfigurationWatchList when scan is enabled (via local scan="true" attribute or top-level configuration scan), ensuring changes are detected and reconfiguration occurs. This problem was reported in issues/1034.

• When processing <conversionRule> elements and both class and converterClass attributes are specified, silently use the class attribute without issuing a warning. However, if the attribute values differ, a warning will be issued. This change was requested in issues/1031.

• HardenedModelInputStream will no longer accept to deserialize all classes located under the "java.lang" and "java.util" packages but a limited number of explicitly authorized classes in those packages. This potential deserialization whitelist bypass vulnerability was reported by York Shen and registered as CVE-2026-9828.

• SSL parameters for SSLSocketAppender now enable hostname verification by default. Moreover, the default protocol is now "TLSv1.2". This potential vulnerability was reported by York Shen.

• When printing the status message field, ViewStatusMessagesServletBase now escapes special characters such as "&" as character entities. This potential vulnerability was reported by York Shen.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 124e8b49b55ac34d08743a0646bd463410192647 associated with the tag v_1.5.33. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.32

2026-02-16 Release of logback version 1.5.32

• In DefaultProcessor, fixed incorrect check for dependencies contained within a parent model. Previous only the direct children were scanned. This fixes logback-access/issues/34.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit e807335a67535b4eacce94e942c0bcb649665d93 associated with the tag v_1.5.32. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.31

2026-02-14 Release of logback version 1.5.31

• Fixed missing META-INF/services directory in logback-classic.jar. This issue rendered logback-classic version 1.5.30 unusable with SLF4J.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 168e42f9f9a18a3ffdf31eb2bfe80a71e33ecd8b associated with the tag v_1.5.31. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.30

2026-02-14 Release of logback version 1.5.30

• In this version, logback-classic.jar was missing the META-INF/services directory, making it unusable with SLF4J. Version 1.5.31 (released later on the same day) fixes this issue.

• Fix scanning issue when an included file becomes available at a later time. This problem was reported in issues/1021 by Sergey Nazarov.

• Standardized code for version checking across modules.

• A bit-wise identical binary of this version can be reproduced by building from source code at commit 44164f10ca3fb44ce0e68519f13564b87e3aca61 associated with the tag v_1.5.30. Release built using Java "21" 2023-10-17 LTS build 21.0.1.+12-LTS-29 under Linux Debian 11.6.

Logback 1.5.29

2026-02-09 Release of logback version 1.5.29

• In response to issues/1017, appender names and appender references are once again subject to variable substitution, reverting the change introduced in version 1.5.28.

Logback 1.5.28

2026-02-06 Release of logback version 1.5.28

• Appender names or appender references are no longer subject to variable substitution.

... (truncated)

Commits

e62272a prepare release 1.5.34
1e9e926 add resolveProxyClassRejectsDynamicProxies unit test
2de5cbe added StackTraceElementProxyTest, minor edits to AGENTS.md
0e9b927 in case StackTraceElement is null use a substitute, fixing issues/1040
f7a0654 prevent resolveProxyClass bypass
249b81f docs are no longer distributed
1c3b26a start work on 1.5.34-SNAPSHOT
124e8b4 prepare release 1.5.33
d8fd6f2 escapeTags in message field when printing status messages
95edbeb hostnameVerification default to true in SSLParametersConfiguration, SSL.DEFAU...
Additional commits viewable in compare view

Updates org.slf4j:slf4j-api from 2.0.17 to 2.0.18

Updates org.apache.groovy:groovy-bom from 4.0.27 to 5.0.6

Commits

See full diff in compare view

Updates tools.jackson:jackson-bom from 3.0.0 to 3.1.4

Commits

4085e4d [maven-release-plugin] prepare release jackson-bom-3.1.4
f8e1a4e Prep for 3.1.4 release
47eb6ea Merge branch '2.x' into 3.1
902ec69 Update Woodstox/stax2-api (to 7.2.0/4.3.0)
d5df403 Post-release dep version bump
7ed6798 [maven-release-plugin] prepare for next development iteration
c2ea79e [maven-release-plugin] prepare release jackson-bom-3.1.3
3906b27 Prep for 3.1.3 release
2570647 Merge branch '2.21' into 2.x
9d3a9d5 Post-release dep version bump
Additional commits viewable in compare view

Updates org.junit:junit-bom from 5.13.4 to 6.1.0

Release notes

Sourced from org.junit:junit-bom's releases.

JUnit 6.1.0 = Platform 6.1.0 + Jupiter 6.1.0 + Vintage 6.1.0

See Release Notes.

New Contributors

@JarvisCraft made their first contribution in junit-team/junit-framework#5633

@Maran23 made their first contribution in junit-team/junit-framework#5644

Full Changelog: junit-team/junit-framework@r6.0.3...r6.1.0

JUnit 6.1.0-RC1 = Platform 6.1.0-RC1 + Jupiter 6.1.0-RC1 + Vintage 6.1.0-RC1

See Release Notes.

New Contributors

@mariokhoury4 made their first contribution in junit-team/junit-framework#4574

@Ogu1208 made their first contribution in junit-team/junit-framework#5145

@HyungGeun94 made their first contribution in junit-team/junit-framework#5271

@yalishevant made their first contribution in junit-team/junit-framework#5316

@JINU-CHANG made their first contribution in junit-team/junit-framework#5290

@jaschdoc made their first contribution in junit-team/junit-framework#5427

@kawshikbuet17 made their first contribution in junit-team/junit-framework#5561

@msridhar made their first contribution in junit-team/junit-framework#5602

Full Changelog: junit-team/junit-framework@r6.1.0-M1...r6.1.0-RC1

JUnit 6.1.0-M1 = Platform 6.1.0-M1 + Jupiter 6.1.0-M1 + Vintage 6.1.0-M1

See Release Notes.

New Contributors

@vy made their first contribution in junit-team/junit-framework#5041

@Pankraz76 made their first contribution in junit-team/junit-framework#5006

@arukiidou made their first contribution in junit-team/junit-framework#5066

@laeubi made their first contribution in junit-team/junit-framework#5092

@jihun4452 made their first contribution in junit-team/junit-framework#5088

@TWiStErRob made their first contribution in junit-team/junit-framework#5133

Full Changelog: junit-team/junit-framework@r6.0.0...r6.1.0-M1

JUnit 6.0.3 = Platform 6.0.3 + Jupiter 6.0.3 + Vintage 6.0.3

See Release Notes.

Full Changelog: junit-team/junit-framework@r6.0.2...r6.0.3

JUnit 6.0.2 = Platform 6.0.2 + Jupiter 6.0.2 + Vintage 6.0.2

See Release Notes.

... (truncated)

Commits

0dc3af1 Release 6.1.0
1d13002 Prepare 6.1.0 release notes
072b217 Update plugin spotless to v8.5.0 (#5668)
3a53480 Update Gradle to v9.5.1 (#5666)
0e18a20 Update zizmorcore/zizmor-action action to v0.5.4 (#5669)
0a2634f Update github/codeql-action action to v4.35.5 (#5671)
4dbd556 Restructure workflows to have single "status" job (#5670)
f2194ce Increase timeout to reduce flakiness
5c8fdd2 Update dependency org.apache.groovy:groovy to v5.0.6 (#5659)
43c6982 Update dependency org.slf4j:slf4j-jdk14 to v2.0.18 (#5667)
Additional commits viewable in compare view

Updates org.junit.jupiter:junit-jupiter-engine from 5.13.4 to 6.1.0

Release notes

Sourced from org.junit.jupiter:junit-jupiter-engine's releases.

JUnit 6.1.0 = Platform 6.1.0 + Jupiter 6.1.0 + Vintage 6.1.0

See Release Notes.

New Contributors

@JarvisCraft made their first contribution in junit-team/junit-framework#5633

@Maran23 made their first contribution in junit-team/junit-framework#5644

Full Changelog: junit-team/junit-framework@r6.0.3...r6.1.0

JUnit 6.1.0-RC1 = Platform 6.1.0-RC1 + Jupiter 6.1.0-RC1 + Vintage 6.1.0-RC1

See Release Notes.

New Contributors

@mariokhoury4 made their first contribution in junit-team/junit-framework#4574

@Ogu1208 made their first contribution in junit-team/junit-framework#5145

@HyungGeun94 made their first contribution in junit-team/junit-framework#5271

@yalishevant made their first contribution in junit-team/junit-framework#5316

@JINU-CHANG made their first contribution in junit-team/junit-framework#5290

@jaschdoc made their first contribution in junit-team/junit-framework#5427

@kawshikbuet17 made their first contribution in junit-team/junit-framework#5561

@msridhar made their first contribution in junit-team/junit-framework#5602

Full Changelog: junit-team/junit-framework@r6.1.0-M1...r6.1.0-RC1

JUnit 6.1.0-M1 = Platform 6.1.0-M1 + Jupiter 6.1.0-M1 + Vintage 6.1.0-M1

See Release Notes.

New Contributors

@vy made their first contribution in junit-team/junit-framework#5041

@Pankraz76 made their first contribution in junit-team/junit-framework#5006

@arukiidou made their first contribution in junit-team/junit-framework#5066

@laeubi made their first contribution in junit-team/junit-framework#5092

@jihun4452 made their first contribution in junit-team/junit-framework#5088

@TWiStErRob made their first contribution in junit-team/junit-framework#5133

Full Changelog: junit-team/junit-framework@r6.0.0...r6.1.0-M1

JUnit 6.0.3 = Platform 6.0.3 + Jupiter 6.0.3 + Vintage 6.0.3

See Release Notes.

Full Changelog: junit-team/junit-framework@r6.0.2...r6.0.3

JUnit 6.0.2 = Platform 6.0.2 + Jupiter 6.0.2 + Vintage 6.0.2

See Release Notes.

... (truncated)

Commits

0dc3af1 Release 6.1.0
1d13002 Prepare 6.1.0 release notes
072b217 Update plugin spotless to v8.5.0 (#5668)
3a53480 Update Gradle to v9.5.1 (#5666)
0e18a20 Update zizmorcore/zizmor-action action to v0.5.4 (#5669)
0a2634f Update github/codeql-action action to v4.35.5 (#5671)
4dbd556 Restructure workflows to have single "status" job (#5670)
f2194ce Increase timeout to reduce flakiness
5c8fdd2 Update dependency org.apache.groovy:groovy to v5.0.6 (#5659)
43c6982 Update dependency org.slf4j:slf4j-jdk14 to v2.0.18 (#5667)
Additional commits viewable in compare view

Updates org.mockito:mockito-bom from 5.18.0 to 5.23.0

Release notes

Sourced from org.mockito:mockito-bom's releases.

v5.23.0

NOTE: Breaking change for Android

The mockito-android artifact has a breaking change: tests now require a device or emulator based on API 28+ (Android P). This is to enable new support for mocking Kotlin classes. See #3788 for more details.

Changelog generated by Shipkit Changelog Gradle Plugin

5.23.0

2026-03-11 - 6 commit(s) by Brice Dutheil, Joshua Selbo, Philippe Kernevez

Replace mockito-android mock maker implementation with dexmaker-mockito-inline [(#3792)](mockito/mockito#3792)

Fix StackOverflowError with AbstractList after using mockSingleton [(#3790)](mockito/mockito#3790)

Mark parameters of Mockito.when @Nullable [(#3503)](mockito/mockito#3503)

v5.22.0

Changelog generated by Shipkit Changelog Gradle Plugin

5.22.0

2026-02-27 - 6 commit(s) by Joshua Selbo, NiMv1, Rafael Winterhalter, dependabot[bot], eunbin son

Avoid mocking of internal static utilities [(#3785)](mockito/mockito#3785)

Bump graalvm/setup-graalvm from 1.4.4 to 1.4.5 [(#3780)](mockito/mockito#3780)

Static mocking of UUID.class corrupted under JDK 25 [(#3778)](mockito/mockito#3778)

Bump actions/upload-artifact from 5 to 6 [(#3774)](mockito/mockito#3774)

docs: clarify RETURNS_MOCKS behavior with sealed abstract enums (Java 15+) [(#3773)](mockito/mockito#3773)

Add tests for Sets utility class [(#3771)](mockito/mockito#3771)

Add core API to enable Kotlin singleton mocking [(#3762)](mockito/mockito#3762)

Stubbing Kotlin object singletons [(#3652)](mockito/mockito#3652)

Incorrect documentation for RETURNS_MOCKS [(#3285)](mockito/mockito#3285)

v5.21.0

Changelog generated by Shipkit Changelog Gradle Plugin

5.21.0

2025-12-09 - 17 commit(s) by Giulio Longfils, Joshua Selbo, Woongi9, Zylox, dependabot[bot]

Bump graalvm/setup-graalvm from 1.4.3 to 1.4.4 [(#3768)](mockito/mockito#3768)

Bump graalvm/setup-graalvm from 1.4.2 to 1.4.3 [(#3767)](mockito/mockito#3767)

Bump actions/checkout from 5 to 6 [(#3765)](mockito/mockito#3765)

Adds output of matchers to potential mismatch; Fixes #2468 [(#3760)](mockito/mockito#3760)

Forbid mocking WeakReference with inline mock maker [(#3759)](mockito/mockito#3759)

StackOverflowError when mocking WeakReference [(#3758)](mockito/mockito#3758)

Bump actions/upload-artifact from 4 to 5 [(#3756)](mockito/mockito#3756)

Bump graalvm/setup-graalvm from 1.4.1 to 1.4.2 [(#3755)](mockito/mockito#3755)

Support primitives in GenericArrayReturnType. [(#3753)](mockito/mockito#3753)

ClassNotFoundException when stubbing array of primitive type on Android [(#3752)](mockito/mockito#3752)

Bump graalvm/setup-graalvm from 1.4.0 to 1.4.1 [(#3744)](mockito/mockito#3744)

Bump gradle/actions from 4 to 5 [(#3743)](mockito/mockito#3743)

Bump org.graalvm.buildtools.native from 0.11.0 to 0.11.1 [(#3738)](mockito/mockito#3738)

Bump com.diffplug.spotless:spotless-plugin-gradle from 7.2.1 to 8.0.0 [(#3735)](mockito/mockito#3735)

Bump graalvm/setup-graalvm from 1.3.7 to 1.4.0 [(#3734)](mockito/mockito#3734)

Bump org.assertj:assertj-core from 3.27.5 to 3.27.6 [(#3733)](mockito/mockito#3733)

... (truncated)

Commits

a231205 Fix StackOverflowError with AbstractList after using mockSingleton (#3790)
f6a91a6 Replace mockito-android mock maker implementation with dexmaker-mockito-inlin...
aa2298a fix: make spotless happy
a6729d6 chore: update BDDMockito with jspecify annotation
bb83c92 chore: move jspecify as a compile only dependency
47a4695 chore: add jspecify with minimal change. Fixes #3503
25f1395 Add core API to enable Kotlin singleton mocking (#3762)
ef9ee55 Avoids mocking private static methods, as well as package-private static meth...
d16fcfc Bump graalvm/setup-graalvm from 1.4.4 to 1.4.5 (#3780)
27eb8a3 Clarify RETURNS_MOCKS behavior with sealed abstract enums (Java 15+) (#3773)
Additional commits viewable in compare view

Updates org.assertj:assertj-core from 3.27.3 to 3.27.7

Release notes

Sourced from org.assertj:assertj-core's releases.

v3.27.7

🔒 Security

Core

Fix XXE vulnerability in isXmlEqualTo assertion (CVE-2026-24400)

See GHSA-rqfh-9r24-8c9r for details; many thanks to @wxt201 and @Song-Li for responsibly reporting it!

🚫 Deprecated

Core

Deprecate XmlStringPrettyFormatter with no replacement

🐛 Bug Fixes

Guava

Navigation to assertj-core or guava types from assertj-guava Javadoc site has unnecessary header #3478

🔨 Dependency Upgrades

Core

Upgrade to Byte Buddy 1.18.3

Upgrade to JUnit BOM 5.14.1

Guava

Upgrade to Guava 33.5.0-jre

v3.27.6

🐛 Bug Fixes

Core

Add missing export for org.assertj.core.annotation #3951

❤️ Contributors

Thanks to all the contributors who worked on this release:

@duponter

v3.27.5

⚡ Improvements

Core

ByteBuddy in AssertJ 3.27.4 not compatible with Java 25 #3946

... (truncated)

Commits

e840716 [maven-release-plugin] prepare release assertj-build-3.27.7
85ca7eb Deprecate XmlStringPrettyFormatter
77081dc Merge commit from fork
b68fc24 Bump github/codeql-action from 4.31.9 to 4.31.10 in the github-actions group ...
0cf5bb6 Bump kotlin.version from 2.1.0 to 2.2.21
d393ef1 Abort tests when symbolic links cannot be created (#3788)
2212433 Add IntelliJ custom inspection for test class names
5717d02 Update JetBrains icon
a8ec20b Add icon for JetBrains products
c05fb3d Bump Maven to 3.9.12 and Wrapper to 3.3.4
Additional commits viewable in compare view

Updates net.bytebuddy:byte-buddy from 1.17.6 to 1.18.9

Release notes

Sourced from net.bytebuddy:byte-buddy's releases.

Byte Buddy 1.18.9

Disable use of Unsafe by default when Java 25or newer is discovered.

Check for escape when creating folders in Plugin.Engine.

Improve OpenJ9 attachment.

Avoid null pointer on missing annotation types.

Improve diagnostics for external agent attachment.

Improve on Gradle context discovery.

Support Android libraries on AGP9 or newer.

Update ASM.

Byte Buddy 1.18.8

Improve support for repeatable builds.

Fix reordering of exception table in type initializers when instrumenting.

Byte Buddy 1.18.7

Introduce new versioning concept with -jdk5 suffix for backwards-compatible jar and Java 8 baseline for regular jar.

Byte Buddy 1.18.5

Eagerly resolve of canonical files during attach emulation to avoid failure when process ends before file can be deleted.

Add super classes to hash code / equals computation in Advice that were missing.

Byte Buddy 1.18.4

Add support for new build description in Android 9.

Byte Buddy 1.18.3

Avoid using Class File API when Byte Buddy is loaded on the boot loader where multi-release jars are not available.

Add additional safety when processing class files with illegally formed parameters.

Update to latest ASM.

Byte Buddy 1.18.2

Support modifiers for value classes in Valhalla builds.

Improve use of build cache in Gradle.

Byte Buddy 1.18.1

Fix generated module-info to include new package.

Byte Buddy 1.18.0

Add support for module-info class files and ModuleDescriptions.

Allow for manipulating module information using the ByteBuddy API.

Byte Buddy 1.17.8

Avoid use of types that are deprecated as of Java 26.

Include ASM 9.9 that offers ASM support for Java 26.

Make sure that generated code internal to Byte Buddy supports CDS if available.

Update version of ASM to JDK Class File API bridge to fix some minor bugs related to type annotations.

Byte Buddy 1.17.7

Specify correct JVM environment for Android builds when using the Gradle plugin.

Avoid recomputing the size of a parameter list for performance reasons after measuring the significant impact.

Correct validation of JVM names to avoid breaking when Java names are not allowed while JVM names are, with Kotlin and others.

Changelog

Sourced from net.bytebuddy:byte-buddy's changelog.

1. June 2026: version 1.18.9

Disable use of Unsafe by default when Java 25or newer is discovered.

Check for escape when creating folders in Plugin.Engine.

Improve OpenJ9 attachment.

Avoid null pointer on missing annotation types.

Improve diagnostics for external agent attachment.

Improve on Gradle context discovery.

Support Android libraries on AGP9 or newer.

Update ASM.

1. April 2026: version 1.18.8

Improve support for repeatable builds.

Fix reordering of exception table in type initializers when instrumenting.

1. March 2026: version 1.18.7

Introduce new versioning concept with -jdk5 suffix for backwards-compatible jar and Java 8 baseline for regular jar.

27. February 2026: version 1.18.6

Accidental release during rework of release pipeline. Functional, but with incorrect suffices.

15. February 2026: version 1.18.5

Eagerly resolve of canonical files during attach emulation to avoid failure when process ends before file can be deleted.

Add super classes to hash code / equals computation in Advice that were missing.

16. January 2026: version 1.18.4

Add support for new build description in Android 9.

26. November 2025: version 1.18.3

Avoid using Class File API when Byte Buddy is loaded on the boot loader where multi-release jars are not available.

Add additional safety when processing class files with illegally formed parameters.

Update to latest ASM.

26. November 2025: version 1.18.2

Support modifiers for value classes in Valhalla builds.

Improve use of build cache in Gradle.

12. November 2025: version 1.18.1

Fix generated module-info to include new package.

11. November 2025: version 1.18.0

... (truncated)

Commits

3d8e72d [publish] Releasing Byte Buddy 1.18.9
3525602 [release] Release new version
619cb82 Update Gradle.
dc5fba6 Update versions and build
0c4582f Fix Gradle test on legacy versions.
3dedb98 Make test fail after optimization prevented this.
455dbce Support library modules with AGP9 new DSL (#1905)
473ce81 Add short cut methods for descriptors.
567b161 Make build robust for profile-independant running.
93c2b67 Add pseudo annotation for Gradle Classpath for legacy compilation.
Additional commits viewable in

Bumps the dependencies group with 65 updates in the / directory: | Package | From | To | | --- | --- | --- | | org.apache.logging.log4j:log4j-api | `2.24.3` | `2.26.0` | | org.apache.logging.log4j:log4j-api-test | `2.24.3` | `2.26.0` | | org.apache.logging.log4j:log4j-iostreams | `2.24.3` | `2.26.0` | | org.apache.logging.log4j:log4j-jpl | `2.24.3` | `2.26.0` | | org.apache.logging.log4j:log4j-slf4j2-impl | `2.24.3` | `2.26.0` | | org.apache.logging.log4j:log4j-slf4j-impl | `2.24.3` | `2.26.0` | | org.apache.logging.log4j:log4j-to-jul | `2.24.3` | `2.26.0` | | org.apache.logging.log4j:log4j-to-slf4j | `2.24.3` | `2.26.0` | | [org.apache.commons:commons-csv](https://github.com/apache/commons-csv) | `1.14.0` | `1.14.1` | | [commons-logging:commons-logging](https://github.com/apache/commons-logging) | `1.3.5` | `1.3.6` | | [ch.qos.logback:logback-core](https://github.com/qos-ch/logback) | `1.5.18` | `1.5.34` | | org.slf4j:slf4j-api | `2.0.17` | `2.0.18` | | [org.apache.groovy:groovy-bom](https://github.com/apache/groovy) | `4.0.27` | `5.0.6` | | [tools.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom) | `3.0.0` | `3.1.4` | | [org.junit:junit-bom](https://github.com/junit-team/junit-framework) | `5.13.4` | `6.1.0` | | [org.junit.jupiter:junit-jupiter-engine](https://github.com/junit-team/junit-framework) | `5.13.4` | `6.1.0` | | [org.mockito:mockito-bom](https://github.com/mockito/mockito) | `5.18.0` | `5.23.0` | | [org.assertj:assertj-core](https://github.com/assertj/assertj) | `3.27.3` | `3.27.7` | | [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy) | `1.17.6` | `1.18.9` | | [commons-codec:commons-codec](https://github.com/apache/commons-codec) | `1.18.0` | `1.22.0` | | org.apache.commons:commons-dbcp2 | `2.13.0` | `2.14.0` | | commons-io:commons-io | `2.20.0` | `2.22.0` | | org.apache.commons:commons-lang3 | `3.17.0` | `3.20.0` | | org.apache.commons:commons-pool2 | `2.12.1` | `2.13.1` | | [com.google.guava:guava](https://github.com/google/guava) | `33.4.8-jre` | `33.6.0-jre` | | [com.google.guava:guava-testlib](https://github.com/google/guava) | `33.4.8-jre` | `33.6.0-jre` | | [com.h2database:h2](https://github.com/h2database/h2database) | `2.3.232` | `2.4.240` | | [com.google.code.java-allocation-instrumenter:java-allocation-instrumenter](https://github.com/google/allocation-instrumenter) | `3.3.4` | `3.3.5` | | [org.jctools:jctools-core](https://github.com/JCTools/JCTools) | `4.0.5` | `4.0.6` | | [org.jmdns:jmdns](https://github.com/jmdns/jmdns) | `3.6.1` | `3.6.3` | | [net.java.dev.jna:jna](https://github.com/java-native-access/jna) | `5.17.0` | `5.18.1` | | [net.javacrumbs.json-unit:json-unit](https://github.com/lukas-krecan/JsonUnit) | `4.1.1` | `5.1.2` | | [com.vlkan.log4j2:log4j2-logstash-layout](https://github.com/vy/log4j2-logstash-layout) | `0.18` | `1.0.5` | | org.apache.maven:maven-core | `3.9.10` | `3.9.16` | | org.apache.maven:maven-model | `3.9.10` | `3.9.16` | | [org.openjdk.nashorn:nashorn-core](https://github.com/openjdk/nashorn) | `15.6` | `15.7` | | [org.eclipse.platform:org.eclipse.osgi](https://github.com/eclipse-equinox/equinox) | `3.23.100` | `3.24.100` | | [org.codehaus.plexus:plexus-utils](https://github.com/codehaus-plexus/plexus-utils) | `3.6.0` | `3.6.1` | | [org.xmlunit:xmlunit-core](https://github.com/xmlunit/xmlunit) | `2.10.3` | `2.12.0` | | [org.xmlunit:xmlunit-matchers](https://github.com/xmlunit/xmlunit) | `2.10.3` | `2.12.0` | | [biz.aQute.bnd:biz.aQute.bnd.annotation](https://github.com/bndtools/bnd) | `7.1.0` | `7.2.3` | | [com.github.spotbugs:spotbugs-annotations](https://github.com/spotbugs/spotbugs) | `4.9.3` | `4.9.8` | | [io.fabric8:docker-maven-plugin](https://github.com/fabric8io/docker-maven-plugin) | `0.46.0` | `0.48.1` | | [org.tukaani:xz](https://github.com/tukaani-project/xz-java) | `1.10` | `1.12` | | [com.github.luben:zstd-jni](https://github.com/luben/zstd-jni) | `1.5.7-4` | `1.5.7-9` | | [org.apache.commons:commons-compress](https://github.com/apache/commons-compress) | `1.27.1` | `1.28.0` | | [com.google.code.gson:gson](https://github.com/google/gson) | `2.13.1` | `2.14.0` | | org.slf4j:slf4j-api | `2.0.17` | `2.0.18` | | org.slf4j:slf4j-nop | `2.0.17` | `2.0.18` | | [org.wiremock:wiremock](https://github.com/wiremock/wiremock) | `3.13.1` | `3.13.2` | | [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) | `2.20.0` | `2.22.0` | | [com.fasterxml.jackson.dataformat:jackson-dataformat-yaml](https://github.com/FasterXML/jackson-dataformats-text) | `2.20.0` | `2.22.0` | | [org.javassist:javassist](https://github.com/jboss-javassist/javassist) | `3.30.2-GA` | `3.31.0-GA` | | [co.elastic.clients:elasticsearch-java](https://github.com/elastic/elasticsearch-java) | `9.2.0` | `9.4.2` | | [org.elasticsearch.client:elasticsearch-rest-client](https://github.com/elastic/elasticsearch) | `9.2.0` | `9.4.2` | | [co.elastic.logging:log4j2-ecs-layout](https://github.com/elastic/ecs-logging-java) | `1.7.0` | `1.8.0` | | [org.mongodb:bson](https://github.com/mongodb/mongo-java-driver) | `5.5.1` | `5.8.0` | | [org.mongodb:mongodb-driver-core](https://github.com/mongodb/mongo-java-driver) | `5.5.1` | `5.8.0` | | [org.mongodb:mongodb-driver-sync](https://github.com/mongodb/mongo-java-driver) | `5.5.1` | `5.8.0` | | [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) | `1.5.18` | `1.5.34` | | [org.springframework:spring-framework-bom](https://github.com/spring-projects/spring-framework) | `6.2.9` | `7.0.7` | | [org.springframework:spring-core](https://github.com/spring-projects/spring-framework) | `6.2.9` | `7.0.7` | | [org.springframework.boot:spring-boot-autoconfigure](https://github.com/spring-projects/spring-boot) | `3.5.3` | `4.0.6` | | [org.springframework.boot:spring-boot-starter-test](https://github.com/spring-projects/spring-boot) | `3.5.3` | `4.0.6` | | [org.springframework.boot:spring-boot-starter-log4j2](https://github.com/spring-projects/spring-boot) | `3.5.3` | `4.0.6` | | [org.springframework.cloud:spring-cloud-context](https://github.com/spring-cloud/spring-cloud-commons) | `4.3.0` | `5.0.1` | Updates `org.apache.logging.log4j:log4j-api` from 2.24.3 to 2.26.0 Updates `org.apache.logging.log4j:log4j-api-test` from 2.24.3 to 2.26.0 Updates `org.apache.logging.log4j:log4j-iostreams` from 2.24.3 to 2.26.0 Updates `org.apache.logging.log4j:log4j-jpl` from 2.24.3 to 2.26.0 Updates `org.apache.logging.log4j:log4j-slf4j2-impl` from 2.24.3 to 2.26.0 Updates `org.apache.logging.log4j:log4j-slf4j-impl` from 2.24.3 to 2.26.0 Updates `org.apache.logging.log4j:log4j-to-jul` from 2.24.3 to 2.26.0 Updates `org.apache.logging.log4j:log4j-to-slf4j` from 2.24.3 to 2.26.0 Updates `org.apache.logging.log4j:log4j-api-test` from 2.24.3 to 2.26.0 Updates `org.apache.logging.log4j:log4j-iostreams` from 2.24.3 to 2.26.0 Updates `org.apache.logging.log4j:log4j-jpl` from 2.24.3 to 2.26.0 Updates `org.apache.logging.log4j:log4j-slf4j2-impl` from 2.24.3 to 2.26.0 Updates `org.apache.logging.log4j:log4j-slf4j-impl` from 2.24.3 to 2.26.0 Updates `org.apache.logging.log4j:log4j-to-jul` from 2.24.3 to 2.26.0 Updates `org.apache.logging.log4j:log4j-to-slf4j` from 2.24.3 to 2.26.0 Updates `org.apache.commons:commons-csv` from 1.14.0 to 1.14.1 - [Changelog](https://github.com/apache/commons-csv/blob/master/RELEASE-NOTES.txt) - [Commits](apache/commons-csv@rel/commons-csv-1.14.0...rel/commons-csv-1.14.1) Updates `commons-logging:commons-logging` from 1.3.5 to 1.3.6 - [Changelog](https://github.com/apache/commons-logging/blob/master/RELEASE-NOTES.txt) - [Commits](apache/commons-logging@rel/commons-logging-1.3.5...rel/commons-logging-1.3.6) Updates `ch.qos.logback:logback-core` from 1.5.18 to 1.5.34 - [Release notes](https://github.com/qos-ch/logback/releases) - [Commits](qos-ch/logback@v_1.5.18...v_1.5.34) Updates `org.slf4j:slf4j-api` from 2.0.17 to 2.0.18 Updates `org.apache.groovy:groovy-bom` from 4.0.27 to 5.0.6 - [Commits](https://github.com/apache/groovy/commits) Updates `tools.jackson:jackson-bom` from 3.0.0 to 3.1.4 - [Commits](FasterXML/jackson-bom@jackson-bom-3.0.0...jackson-bom-3.1.4) Updates `org.junit:junit-bom` from 5.13.4 to 6.1.0 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r5.13.4...r6.1.0) Updates `org.junit.jupiter:junit-jupiter-engine` from 5.13.4 to 6.1.0 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r5.13.4...r6.1.0) Updates `org.mockito:mockito-bom` from 5.18.0 to 5.23.0 - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](mockito/mockito@v5.18.0...v5.23.0) Updates `org.assertj:assertj-core` from 3.27.3 to 3.27.7 - [Release notes](https://github.com/assertj/assertj/releases) - [Commits](assertj/assertj@assertj-build-3.27.3...assertj-build-3.27.7) Updates `net.bytebuddy:byte-buddy` from 1.17.6 to 1.18.9 - [Release notes](https://github.com/raphw/byte-buddy/releases) - [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md) - [Commits](raphw/byte-buddy@byte-buddy-1.17.6...byte-buddy-1.18.9) Updates `commons-codec:commons-codec` from 1.18.0 to 1.22.0 - [Changelog](https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt) - [Commits](apache/commons-codec@rel/commons-codec-1.18.0...rel/commons-codec-1.22.0) Updates `org.apache.commons:commons-dbcp2` from 2.13.0 to 2.14.0 Updates `commons-io:commons-io` from 2.20.0 to 2.22.0 Updates `org.apache.commons:commons-lang3` from 3.17.0 to 3.20.0 Updates `org.apache.commons:commons-pool2` from 2.12.1 to 2.13.1 Updates `com.google.guava:guava` from 33.4.8-jre to 33.6.0-jre - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) Updates `com.google.guava:guava-testlib` from 33.4.8-jre to 33.6.0-jre - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) Updates `com.google.guava:guava-testlib` from 33.4.8-jre to 33.6.0-jre - [Release notes](https://github.com/google/guava/releases) - [Commits](https://github.com/google/guava/commits) Updates `com.h2database:h2` from 2.3.232 to 2.4.240 - [Release notes](https://github.com/h2database/h2database/releases) - [Commits](h2database/h2database@version-2.3.232...version-2.4.240) Updates `com.google.code.java-allocation-instrumenter:java-allocation-instrumenter` from 3.3.4 to 3.3.5 - [Release notes](https://github.com/google/allocation-instrumenter/releases) - [Commits](google/allocation-instrumenter@java-allocation-instrumenter-3.3.4...java-allocation-instrumenter-3.3.5) Updates `org.jctools:jctools-core` from 4.0.5 to 4.0.6 - [Release notes](https://github.com/JCTools/JCTools/releases) - [Changelog](https://github.com/JCTools/JCTools/blob/master/RELEASE-NOTES.md) - [Commits](JCTools/JCTools@v4.0.5...v4.0.6) Updates `org.jmdns:jmdns` from 3.6.1 to 3.6.3 - [Release notes](https://github.com/jmdns/jmdns/releases) - [Changelog](https://github.com/jmdns/jmdns/blob/main/CHANGELOG.txt) - [Commits](jmdns/jmdns@3.6.1...v3.6.3) Updates `net.java.dev.jna:jna` from 5.17.0 to 5.18.1 - [Changelog](https://github.com/java-native-access/jna/blob/master/CHANGES.md) - [Commits](java-native-access/jna@5.17.0...5.18.1) Updates `net.javacrumbs.json-unit:json-unit` from 4.1.1 to 5.1.2 - [Changelog](https://github.com/lukas-krecan/JsonUnit/blob/master/RELEASES.md) - [Commits](lukas-krecan/JsonUnit@json-unit-parent-4.1.1...json-unit-parent-5.1.2) Updates `com.vlkan.log4j2:log4j2-logstash-layout` from 0.18 to 1.0.5 - [Changelog](https://github.com/vy/log4j2-logstash-layout/blob/master/CHANGELOG.md) - [Commits](vy/log4j2-logstash-layout@v0.18...v1.0.5) Updates `org.apache.maven:maven-core` from 3.9.10 to 3.9.16 Updates `org.apache.maven:maven-model` from 3.9.10 to 3.9.16 Updates `org.apache.maven:maven-model` from 3.9.10 to 3.9.16 Updates `org.openjdk.nashorn:nashorn-core` from 15.6 to 15.7 - [Changelog](https://github.com/openjdk/nashorn/blob/main/CHANGELOG.md) - [Commits](openjdk/nashorn@release-15.6...release-15.7) Updates `org.eclipse.platform:org.eclipse.osgi` from 3.23.100 to 3.24.100 - [Commits](https://github.com/eclipse-equinox/equinox/commits) Updates `org.codehaus.plexus:plexus-utils` from 3.6.0 to 3.6.1 - [Release notes](https://github.com/codehaus-plexus/plexus-utils/releases) - [Commits](codehaus-plexus/plexus-utils@plexus-utils-3.6.0...plexus-utils-3.6.1) Updates `org.xmlunit:xmlunit-core` from 2.10.3 to 2.12.0 - [Release notes](https://github.com/xmlunit/xmlunit/releases) - [Changelog](https://github.com/xmlunit/xmlunit/blob/main/RELEASE_NOTES.md) - [Commits](xmlunit/xmlunit@v2.10.3...v2.12.0) Updates `org.xmlunit:xmlunit-matchers` from 2.10.3 to 2.12.0 - [Release notes](https://github.com/xmlunit/xmlunit/releases) - [Changelog](https://github.com/xmlunit/xmlunit/blob/main/RELEASE_NOTES.md) - [Commits](xmlunit/xmlunit@v2.10.3...v2.12.0) Updates `org.xmlunit:xmlunit-matchers` from 2.10.3 to 2.12.0 - [Release notes](https://github.com/xmlunit/xmlunit/releases) - [Changelog](https://github.com/xmlunit/xmlunit/blob/main/RELEASE_NOTES.md) - [Commits](xmlunit/xmlunit@v2.10.3...v2.12.0) Updates `biz.aQute.bnd:biz.aQute.bnd.annotation` from 7.1.0 to 7.2.3 - [Release notes](https://github.com/bndtools/bnd/releases) - [Commits](bndtools/bnd@7.1.0...7.2.3) Updates `com.github.spotbugs:spotbugs-annotations` from 4.9.3 to 4.9.8 - [Release notes](https://github.com/spotbugs/spotbugs/releases) - [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md) - [Commits](spotbugs/spotbugs@4.9.3...4.9.8) Updates `io.fabric8:docker-maven-plugin` from 0.46.0 to 0.48.1 - [Release notes](https://github.com/fabric8io/docker-maven-plugin/releases) - [Changelog](https://github.com/fabric8io/docker-maven-plugin/blob/master/doc/changelog.md) - [Commits](fabric8io/docker-maven-plugin@v0.46.0...v0.48.1) Updates `org.tukaani:xz` from 1.10 to 1.12 - [Release notes](https://github.com/tukaani-project/xz-java/releases) - [Changelog](https://github.com/tukaani-project/xz-java/blob/master/NEWS.md) - [Commits](tukaani-project/xz-java@v1.10...v1.12) Updates `com.github.luben:zstd-jni` from 1.5.7-4 to 1.5.7-9 - [Commits](luben/zstd-jni@v1.5.7-4...v1.5.7-9) Updates `org.apache.commons:commons-compress` from 1.27.1 to 1.28.0 - [Changelog](https://github.com/apache/commons-compress/blob/master/RELEASE-NOTES.txt) - [Commits](apache/commons-compress@rel/commons-compress-1.27.1...rel/commons-compress-1.28.0) Updates `com.google.code.gson:gson` from 2.13.1 to 2.14.0 - [Release notes](https://github.com/google/gson/releases) - [Changelog](https://github.com/google/gson/blob/main/CHANGELOG.md) - [Commits](google/gson@gson-parent-2.13.1...gson-parent-2.14.0) Updates `org.junit.jupiter:junit-jupiter-engine` from 5.13.4 to 6.1.0 - [Release notes](https://github.com/junit-team/junit-framework/releases) - [Commits](junit-team/junit-framework@r5.13.4...r6.1.0) Updates `org.slf4j:slf4j-api` from 2.0.17 to 2.0.18 Updates `org.slf4j:slf4j-nop` from 2.0.17 to 2.0.18 Updates `org.wiremock:wiremock` from 3.13.1 to 3.13.2 - [Release notes](https://github.com/wiremock/wiremock/releases) - [Commits](wiremock/wiremock@3.13.1...3.13.2) Updates `com.fasterxml.jackson.core:jackson-databind` from 2.20.0 to 2.22.0 - [Commits](https://github.com/FasterXML/jackson/commits) Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-yaml` from 2.20.0 to 2.22.0 - [Commits](FasterXML/jackson-dataformats-text@jackson-dataformats-text-2.20.0...jackson-dataformats-text-2.22.0) Updates `org.javassist:javassist` from 3.30.2-GA to 3.31.0-GA - [Release notes](https://github.com/jboss-javassist/javassist/releases) - [Changelog](https://github.com/jboss-javassist/javassist/blob/master/Changes.md) - [Commits](https://github.com/jboss-javassist/javassist/commits) Updates `co.elastic.clients:elasticsearch-java` from 9.2.0 to 9.4.2 - [Release notes](https://github.com/elastic/elasticsearch-java/releases) - [Changelog](https://github.com/elastic/elasticsearch-java/blob/main/CHANGELOG.md) - [Commits](elastic/elasticsearch-java@v9.2.0...v9.4.2) Updates `org.elasticsearch.client:elasticsearch-rest-client` from 9.2.0 to 9.4.2 - [Release notes](https://github.com/elastic/elasticsearch/releases) - [Changelog](https://github.com/elastic/elasticsearch/blob/main/docs/changelog.yml) - [Commits](elastic/elasticsearch@v9.2.0...v9.4.2) Updates `org.elasticsearch.client:elasticsearch-rest-client` from 9.2.0 to 9.4.2 - [Release notes](https://github.com/elastic/elasticsearch/releases) - [Changelog](https://github.com/elastic/elasticsearch/blob/main/docs/changelog.yml) - [Commits](elastic/elasticsearch@v9.2.0...v9.4.2) Updates `com.fasterxml.jackson.dataformat:jackson-dataformat-yaml` from 2.20.0 to 2.22.0 - [Commits](FasterXML/jackson-dataformats-text@jackson-dataformats-text-2.20.0...jackson-dataformats-text-2.22.0) Updates `co.elastic.logging:log4j2-ecs-layout` from 1.7.0 to 1.8.0 - [Release notes](https://github.com/elastic/ecs-logging-java/releases) - [Commits](elastic/ecs-logging-java@v1.7.0...v1.8.0) Updates `org.mongodb:bson` from 5.5.1 to 5.8.0 - [Release notes](https://github.com/mongodb/mongo-java-driver/releases) - [Commits](mongodb/mongo-java-driver@r5.5.1...r5.8.0) Updates `org.mongodb:mongodb-driver-core` from 5.5.1 to 5.8.0 - [Release notes](https://github.com/mongodb/mongo-java-driver/releases) - [Commits](mongodb/mongo-java-driver@r5.5.1...r5.8.0) Updates `org.mongodb:mongodb-driver-sync` from 5.5.1 to 5.8.0 - [Release notes](https://github.com/mongodb/mongo-java-driver/releases) - [Commits](mongodb/mongo-java-driver@r5.5.1...r5.8.0) Updates `org.mongodb:mongodb-driver-core` from 5.5.1 to 5.8.0 - [Release notes](https://github.com/mongodb/mongo-java-driver/releases) - [Commits](mongodb/mongo-java-driver@r5.5.1...r5.8.0) Updates `org.mongodb:mongodb-driver-sync` from 5.5.1 to 5.8.0 - [Release notes](https://github.com/mongodb/mongo-java-driver/releases) - [Commits](mongodb/mongo-java-driver@r5.5.1...r5.8.0) Updates `org.slf4j:slf4j-simple` from 2.0.17 to 2.0.18 Updates `ch.qos.logback:logback-classic` from 1.5.18 to 1.5.34 - [Release notes](https://github.com/qos-ch/logback/releases) - [Commits](qos-ch/logback@v_1.5.18...v_1.5.34) Updates `org.springframework:spring-framework-bom` from 6.2.9 to 7.0.7 - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v6.2.9...v7.0.7) Updates `org.springframework:spring-core` from 6.2.9 to 7.0.7 - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v6.2.9...v7.0.7) Updates `org.springframework:spring-core` from 6.2.9 to 7.0.7 - [Release notes](https://github.com/spring-projects/spring-framework/releases) - [Commits](spring-projects/spring-framework@v6.2.9...v7.0.7) Updates `org.springframework.boot:spring-boot-autoconfigure` from 3.5.3 to 4.0.6 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.5.3...v4.0.6) Updates `org.springframework.boot:spring-boot-starter-test` from 3.5.3 to 4.0.6 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.5.3...v4.0.6) Updates `org.springframework.boot:spring-boot-starter-log4j2` from 3.5.3 to 4.0.6 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.5.3...v4.0.6) Updates `org.springframework.cloud:spring-cloud-context` from 4.3.0 to 5.0.1 - [Release notes](https://github.com/spring-cloud/spring-cloud-commons/releases) - [Commits](spring-cloud/spring-cloud-commons@v4.3.0...v5.0.1) Updates `org.springframework.boot:spring-boot-starter-test` from 3.5.3 to 4.0.6 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.5.3...v4.0.6) Updates `org.springframework.boot:spring-boot-starter-log4j2` from 3.5.3 to 4.0.6 - [Release notes](https://github.com/spring-projects/spring-boot/releases) - [Commits](spring-projects/spring-boot@v3.5.3...v4.0.6) --- updated-dependencies: - dependency-name: org.apache.logging.log4j:log4j-api dependency-version: 2.26.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.apache.logging.log4j:log4j-api-test dependency-version: 2.26.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.apache.logging.log4j:log4j-iostreams dependency-version: 2.26.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.apache.logging.log4j:log4j-jpl dependency-version: 2.26.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.apache.logging.log4j:log4j-slf4j2-impl dependency-version: 2.26.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.apache.logging.log4j:log4j-slf4j-impl dependency-version: 2.26.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.apache.logging.log4j:log4j-to-jul dependency-version: 2.26.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.apache.logging.log4j:log4j-to-slf4j dependency-version: 2.26.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.apache.logging.log4j:log4j-api-test dependency-version: 2.26.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.apache.logging.log4j:log4j-iostreams dependency-version: 2.26.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.apache.logging.log4j:log4j-jpl dependency-version: 2.26.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.apache.logging.log4j:log4j-slf4j2-impl dependency-version: 2.26.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.apache.logging.log4j:log4j-slf4j-impl dependency-version: 2.26.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.apache.logging.log4j:log4j-to-jul dependency-version: 2.26.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.apache.logging.log4j:log4j-to-slf4j dependency-version: 2.26.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.apache.commons:commons-csv dependency-version: 1.14.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: commons-logging:commons-logging dependency-version: 1.3.6 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: ch.qos.logback:logback-core dependency-version: 1.5.34 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.slf4j:slf4j-api dependency-version: 2.0.18 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.apache.groovy:groovy-bom dependency-version: 5.0.6 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: tools.jackson:jackson-bom dependency-version: 3.1.4 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.junit:junit-bom dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: org.junit.jupiter:junit-jupiter-engine dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: org.mockito:mockito-bom dependency-version: 5.23.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.assertj:assertj-core dependency-version: 3.27.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: net.bytebuddy:byte-buddy dependency-version: 1.18.9 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: commons-codec:commons-codec dependency-version: 1.22.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.apache.commons:commons-dbcp2 dependency-version: 2.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: commons-io:commons-io dependency-version: 2.22.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.apache.commons:commons-lang3 dependency-version: 3.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.apache.commons:commons-pool2 dependency-version: 2.13.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: com.google.guava:guava dependency-version: 33.6.0-jre dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: com.google.guava:guava-testlib dependency-version: 33.6.0-jre dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: com.google.guava:guava-testlib dependency-version: 33.6.0-jre dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: com.h2database:h2 dependency-version: 2.4.240 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: com.google.code.java-allocation-instrumenter:java-allocation-instrumenter dependency-version: 3.3.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.jctools:jctools-core dependency-version: 4.0.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.jmdns:jmdns dependency-version: 3.6.3 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: net.java.dev.jna:jna dependency-version: 5.18.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: net.javacrumbs.json-unit:json-unit dependency-version: 5.1.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: com.vlkan.log4j2:log4j2-logstash-layout dependency-version: 1.0.5 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: org.apache.maven:maven-core dependency-version: 3.9.16 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.apache.maven:maven-model dependency-version: 3.9.16 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.apache.maven:maven-model dependency-version: 3.9.16 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.openjdk.nashorn:nashorn-core dependency-version: '15.7' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.eclipse.platform:org.eclipse.osgi dependency-version: 3.24.100 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.codehaus.plexus:plexus-utils dependency-version: 3.6.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.xmlunit:xmlunit-core dependency-version: 2.12.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.xmlunit:xmlunit-matchers dependency-version: 2.12.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.xmlunit:xmlunit-matchers dependency-version: 2.12.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: biz.aQute.bnd:biz.aQute.bnd.annotation dependency-version: 7.2.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: com.github.spotbugs:spotbugs-annotations dependency-version: 4.9.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: io.fabric8:docker-maven-plugin dependency-version: 0.48.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.tukaani:xz dependency-version: '1.12' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: com.github.luben:zstd-jni dependency-version: 1.5.7-9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.apache.commons:commons-compress dependency-version: 1.28.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: com.google.code.gson:gson dependency-version: 2.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.junit.jupiter:junit-jupiter-engine dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: org.slf4j:slf4j-api dependency-version: 2.0.18 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.slf4j:slf4j-nop dependency-version: 2.0.18 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.wiremock:wiremock dependency-version: 3.13.2 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: com.fasterxml.jackson.core:jackson-databind dependency-version: 2.22.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-yaml dependency-version: 2.22.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.javassist:javassist dependency-version: 3.31.0-GA dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: co.elastic.clients:elasticsearch-java dependency-version: 9.4.2 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.elasticsearch.client:elasticsearch-rest-client dependency-version: 9.4.2 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.elasticsearch.client:elasticsearch-rest-client dependency-version: 9.4.2 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: com.fasterxml.jackson.dataformat:jackson-dataformat-yaml dependency-version: 2.22.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: co.elastic.logging:log4j2-ecs-layout dependency-version: 1.8.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.mongodb:bson dependency-version: 5.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.mongodb:mongodb-driver-core dependency-version: 5.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.mongodb:mongodb-driver-sync dependency-version: 5.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.mongodb:mongodb-driver-core dependency-version: 5.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.mongodb:mongodb-driver-sync dependency-version: 5.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: org.slf4j:slf4j-simple dependency-version: 2.0.18 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: ch.qos.logback:logback-classic dependency-version: 1.5.34 dependency-type: direct:development update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: org.springframework:spring-framework-bom dependency-version: 7.0.7 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: org.springframework:spring-core dependency-version: 7.0.7 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: org.springframework:spring-core dependency-version: 7.0.7 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: org.springframework.boot:spring-boot-autoconfigure dependency-version: 4.0.6 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: org.springframework.boot:spring-boot-starter-test dependency-version: 4.0.6 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: org.springframework.boot:spring-boot-starter-log4j2 dependency-version: 4.0.6 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: org.springframework.cloud:spring-cloud-context dependency-version: 5.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: org.springframework.boot:spring-boot-starter-test dependency-version: 4.0.6 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies - dependency-name: org.springframework.boot:spring-boot-starter-log4j2 dependency-version: 4.0.6 dependency-type: direct:development update-type: version-update:semver-major dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Related to third party dependency updates or migrations java Pull requests that update Java code labels Jun 2, 2026

github-project-automation Bot added this to Log4j pull request tracker Jun 2, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the dependencies group across 1 directory with 66 updates#4138

Bump the dependencies group across 1 directory with 66 updates#4138
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/maven/main/dependencies-eefa46d709

dependabot Bot commented on behalf of github Jun 2, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Uh oh!

Conversation

dependabot Bot commented on behalf of github Jun 2, 2026

Apache Commons CSV 1.14.1 Release Notes

Fixed Bugs

Changes

Apache Commons Logging 1.3.6 Release Notes

Changes in this version

Fixed Bugs

Changes

Logback 1.5.33

Logback 1.5.32

Logback 1.5.31

Logback 1.5.30

Logback 1.5.29

Logback 1.5.28

New Contributors

New Contributors

New Contributors

New Contributors

New Contributors

New Contributors

v5.23.0

NOTE: Breaking change for Android

5.23.0

v5.22.0

5.22.0

v5.21.0

5.21.0

v3.27.7

🔒 Security

Core

🚫 Deprecated

Core

🐛 Bug Fixes

Guava

🔨 Dependency Upgrades

Core

Guava

v3.27.6

🐛 Bug Fixes

Core

❤️ Contributors

v3.27.5

⚡ Improvements

Core

Byte Buddy 1.18.9

Byte Buddy 1.18.8

Byte Buddy 1.18.7

Byte Buddy 1.18.5

Byte Buddy 1.18.4

Byte Buddy 1.18.3

Byte Buddy 1.18.2

Byte Buddy 1.18.1

Byte Buddy 1.18.0

Byte Buddy 1.17.8

Byte Buddy 1.17.7

1. June 2026: version 1.18.9

1. April 2026: version 1.18.8

1. March 2026: version 1.18.7

27. February 2026: version 1.18.6

15. February 2026: version 1.18.5

16. January 2026: version 1.18.4

26. November 2025: version 1.18.3

26. November 2025: version 1.18.2

12. November 2025: version 1.18.1

11. November 2025: version 1.18.0

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants