Skip to content

build(deps): bump the minor-and-patch group with 8 updates#3

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/maven/minor-and-patch-b0cd11e704
Open

build(deps): bump the minor-and-patch group with 8 updates#3
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/maven/minor-and-patch-b0cd11e704

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 17, 2026

Copy link
Copy Markdown

Bumps the minor-and-patch group with 8 updates:

Package From To
com.hierynomus:sshj 0.39.0 0.40.0
com.fasterxml.jackson.core:jackson-databind 2.17.2 2.22.1
org.slf4j:slf4j-nop 2.0.13 2.0.18
org.apache.maven.plugins:maven-surefire-plugin 3.2.5 3.5.6
org.jacoco:jacoco-maven-plugin 0.8.12 0.8.15
org.apache.maven.plugins:maven-javadoc-plugin 3.6.3 3.12.0
org.apache.maven.plugins:maven-source-plugin 3.3.1 3.4.0
org.apache.maven.plugins:maven-gpg-plugin 3.2.4 3.2.8

Updates com.hierynomus:sshj from 0.39.0 to 0.40.0

Release notes

Sourced from com.hierynomus:sshj's releases.

SSHJ 0.40.0

See README for release notes.

Commits
  • 1398b19 Prepare release 0.39.0
  • acad163 Reduce code duplication
  • 8e9e644 Merge branch 'master' into pr/uttamgupta/976
  • 857d56a Replaced Grizzly HTTP Server with Java HTTP Server (#1010)
  • 0e4a8f6 Upgraded SSHD from 2.14.0 to 2.15.0 (#1009)
  • 95aab00 Upgrade dependencies (#1007)
  • e390394 Refactored PuTTY Secret Key Derivation (#1003)
  • 995de2d Make private fields final (#1005)
  • cea67fe Removed eddsa library in favor of standard Java Security classes (#993)
  • b4bc696 Refactored PKCS8 and PEM key parsing to reduce use of Bouncy Castle (#989)
  • Additional commits viewable in compare view

Updates com.fasterxml.jackson.core:jackson-databind from 2.17.2 to 2.22.1

Commits

Updates org.slf4j:slf4j-nop from 2.0.13 to 2.0.18

Updates org.apache.maven.plugins:maven-surefire-plugin from 3.2.5 to 3.5.6

Release notes

Sourced from org.apache.maven.plugins:maven-surefire-plugin's releases.

3.5.6

🚀 New features and improvements

  • Introduce reportTestTimestamp option and include timestamp for test sets and test cases (#3261) (#3302) @​olamy

🐛 Bug Fixes

👻 Maintenance

📦 Dependency updates

3.5.5

🚀 New features and improvements

🐛 Bug Fixes

  • Use PowerShell instead of WMIC for detecting zombie process on Windows (#3258) @​jbliznak. Please note if you are using Windows with Java 8 and not PowerShell (you have options to: use Java 9+, install PowerShell or stay on Surefire 3.5.4)
  • Properly work with test failures caused during beforeAll phase (#3194) @​Frawless

📝 Documentation updates

  • Clarify how late placeholder replacement (@{...}) deals with (#3208) @​kwin

👻 Maintenance

... (truncated)

Commits
  • 25ea054 [maven-release-plugin] prepare release surefire-3.5.6
  • e5f374c Bump org.fusesource.jansi:jansi from 2.4.2 to 2.4.3
  • dadd55b Issue #2613 Debugging failsafe tests: Message 'Listening for transport dt_soc...
  • 39dd250 Bump commons-io:commons-io from 2.21.0 to 2.22.0
  • 2774273 Ensure that the statistics filename is calculated only once. (#3326) (#3327)
  • 0d5df8a 3.5.x/bug/cherry pick embedded mode its (#3328)
  • 04ad9a2 Use surefire 3.5.5 by project itself for testing
  • 37e8f69 Add flakes attribute to use in testsuite report (#3306) (#3308)
  • a970fef Introduce reportTestTimestamp option and include timestamp for test sets and ...
  • e838393 deploy 3.5.x branch to nexus
  • Additional commits viewable in compare view

Updates org.jacoco:jacoco-maven-plugin from 0.8.12 to 0.8.15

Release notes

Sourced from org.jacoco:jacoco-maven-plugin's releases.

0.8.15

New Features

  • JaCoCo now officially supports Java 26 (GitHub #2076).
  • Experimental support for Java 27 class files (GitHub #2004).
  • Compatibility methods generated by Kotlin compiler for functions defined in interfaces are filtered out during generation of report (GitHub #1905).
  • Compatibility methods generated by Kotlin compiler for exposed boxed inline value classes (JvmExposeBoxed annotation) are filtered out during generation of report (GitHub #1944).
  • Methods generated by the Kotlin compiler for functions with JvmStatic annotation are filtered out during generation of report (GitHub #2097).
  • Improved filtering of bytecode generated by Kotlin compiler for when expressions and statements with kotlin.String subject where first branch condition contains string with largest hash (GitHub #2098).
  • Part of bytecode that javac versions from 24 to 26 generate for switch statements and expressions with selector expression of type java.lang.String inside lambdas is filtered out during generation of report (GitHub #2023).
  • Improved performance of Kotlin files analysis by parsing SMAPs only once per class (GitHub #2114).
  • For better performance agent output methods tcpclient and tcpserver use BufferedOutputStream to write execution data to socket. Maven plugin, Ant tasks, CLI, API usage examples, and ExecDumpClient API use BufferedInputStream to read execution data from socket. Third-party integrations should do the same to benefit from this change in agent (GitHub #2089).

Fixed bugs

  • Fixed processing of Kotlin SMAP in synthetic classes (GitHub #1985).
  • Multiple JaCoCo runtimes within one JVM writing to the same output file should not cause data corruption when running on JDK versions from 6 to 10 affected by JDK-8166253 (GitHub #2065, #2074).
  • For better performance agent writes to output file via BufferedOutputStream, this fixes regression introduced in version 0.6.2 (GitHub #2073).
  • Fixed NullPointerException when JaCoCo agent is loaded by non system class loader, for example when loaded by JBoss Modules (GitHub #1651).

Non-functional Changes

  • JaCoCo now depends on ASM 9.10.1 (GitHub #2134).

0.8.14

New Features

  • JaCoCo now officially supports Java 25 (GitHub #1950).
  • Experimental support for Java 26 class files (GitHub #1870).
  • Branches added by the Kotlin compiler for default argument number 33 or higher are filtered out during generation of report (GitHub #1655).
  • Part of bytecode generated by the Kotlin compiler for elvis operator that follows safe call operator is filtered out during generation of report (GitHub #1814, #1954).
  • Part of bytecode generated by the Kotlin compiler for more cases of chained safe call operators is filtered out during generation of report (GitHub #1956).
  • Part of bytecode generated by the Kotlin compiler for invocations of suspendCoroutineUninterceptedOrReturn intrinsic is filtered out during generation of report (GitHub #1929).
  • Part of bytecode generated by the Kotlin compiler for suspending lambdas with parameters is filtered out during generation of report (GitHub #1945).
  • Part of bytecode generated by the Kotlin compiler for suspending functions and lambdas with suspension points that return inline value class is filtered out during generation of report (GitHub #1871).
  • Part of bytecode generated by the Kotlin Compose compiler plugin for pausable composition is filtered out during generation of report (GitHub #1911).
  • Methods generated by the Kotlin serialization compiler plugin are filtered out (GitHub #1885, #1970, #1971).

Fixed bugs

  • Fixed handling of implicit else clause of when with String subject in Kotlin (GitHub #1813, #1940).
  • Fixed handling of implicit default clause of switch by String in Java when compiled by ECJ (GitHub #1813, #1940). Fixed handling of exceptions in chains of safe call operators in Kotlin (GitHub #1819).

Non-functional Changes

  • JaCoCo now depends on ASM 9.9 (GitHub #1965).

0.8.13

New Features

  • JaCoCo now officially supports Java 23 and Java 24 (GitHub #1757, #1631, #1867).
  • Experimental support for Java 25 class files (GitHub #1807).
  • Calculation of line coverage for Kotlin inline functions (GitHub #1670).
  • Calculation of line coverage for Kotlin inline functions with reified type parameter (GitHub #1670, #1700).
  • Calculation of coverage for Kotlin JvmSynthetic functions (GitHub #1700).
  • Part of bytecode generated by the Kotlin Compose compiler plugin is filtered out during generation of report (GitHub #1616).

... (truncated)

Commits
  • 6c5260a Prepare release v0.8.15
  • 5c05141 Transfer of execution data through socket should use buffered stream (#2089)
  • ab5efa9 Remove from Azure Pipelines all builds except with JDK 5 and JDK EA (#2148)
  • 5f6ea38 Use Windows 2025 image in GitHub Actions (#2130)
  • 35a8af2 Use Renovate instead of Dependabot for updates of ASM (#2137)
  • 85b8ddf Upgrade ASM to 9.10.1 (#2134)
  • 2988647 AgentModule should use ClassLoader of agent instead of SystemClassLoader (#1651)
  • 75a4e31 Add filter for Kotlin @JvmExposeBoxed (#1944)
  • 691fa1d Use Renovate instead of Dependabot for updates of GitHub Actions (#2132)
  • 3e18f17 Require at least JDK 21 for build (#2128)
  • Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-javadoc-plugin from 3.6.3 to 3.12.0

Release notes

Sourced from org.apache.maven.plugins:maven-javadoc-plugin's releases.

3.12.0

💥 Breaking changes

🐛 Bug Fixes

👻 Maintenance

📦 Dependency updates

3.11.3

🚨 Removed

🚀 New features and improvements

🐛 Bug Fixes

  • Make the legacyMode consistent (Filter out all of the module-info.java files in legacy mode, do not use --source-path in legacy mode) (#1217) @​fridrich
  • [MJAVADOC-826] - Don't try to modify project source roots (#358) @​oehme

📝 Documentation updates

👻 Maintenance

... (truncated)

Commits
  • 2a06bed [maven-release-plugin] prepare release maven-javadoc-plugin-3.12.0
  • a71ecf9 bump version 3.12.0-SNAPSHOT
  • 88f2b71 [maven-release-plugin] prepare for next development iteration
  • 7e18956 [maven-release-plugin] prepare release maven-javadoc-plugin-3.11.4
  • c11b76c In legacyMode, don't use -sourcepath, unless excludePackageNames is not empty...
  • bc9904b remove fix mojo (#1263)
  • f310135 Fix package {...} does not exist in legacyMode (#1243)
  • c8270f9 detectOfflineLinks is now false per default for all jar mojo issue #1258 ...
  • 953e609 Delete flaky test (#1260)
  • 2bba7a4 Bump org.codehaus.mojo:mrm-maven-plugin from 1.6.0 to 1.7.0
  • Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-source-plugin from 3.3.1 to 3.4.0

Release notes

Sourced from org.apache.maven.plugins:maven-source-plugin's releases.

3.4.0

🐛 Bug Fixes

👻 Maintenance

📦 Dependency updates

Commits
  • ecf937a [maven-release-plugin] prepare release maven-source-plugin-3.4.0
  • 95b3bf4 Revert "[maven-release-plugin] prepare for next development iteration"
  • 7a9a770 [maven-release-plugin] prepare for next development iteration
  • 292c1ce Use plexus-utils version from parent
  • bf79b71 Bump m-invoker-p to 3.9.1
  • 4f3fcb9 Bump commons-io:commons-io from 2.20.0 to 2.21.0
  • a867442 Bump org.codehaus.plexus:plexus-archiver from 4.10.3 to 4.10.4
  • 51c66ac Bump org.apache.maven:maven-archiver from 3.6.4 to 3.6.5
  • 267df46 Bump org.codehaus.plexus:plexus-archiver from 4.10.1 to 4.10.3
  • ef85324 Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness
  • Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-gpg-plugin from 3.2.4 to 3.2.8

Release notes

Sourced from org.apache.maven.plugins:maven-gpg-plugin's releases.

3.2.8

🐛 Bug Fixes

📝 Documentation updates

👻 Maintenance

📦 Dependency updates

3.2.7

Fixes a lingering issue affecting whole 3.2.x lineage, that resulted in "bad passphrase" on Windows OS with GPG signer (see MGPG-136 for details).

What's Changed

Full Changelog: apache/maven-gpg-plugin@maven-gpg-plugin-3.2.6...maven-gpg-plugin-3.2.7

3.2.6

Release Notes - Maven GPG Plugin - Version 3.2.6

... (truncated)

Commits
  • 8a46455 [maven-release-plugin] prepare release maven-gpg-plugin-3.2.8
  • 7012821 Fix issueManagement, ciManagement system and url
  • a9a8c84 Make empty classifier null (not empty string) (#287)
  • a8368b0 Add .mvn
  • f0e45e0 Update parent POM to 45 (#284)
  • cb1236c Bump bouncycastleVersion from 1.78.1 to 1.80 (#127)
  • 5377a10 Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#133)
  • 8b63932 Bump org.apache.maven.plugins:maven-invoker-plugin from 3.8.0 to 3.9.0 (#125)
  • 54ea518 Bump org.simplify4u.plugins:pgpverify-maven-plugin from 1.18.2 to 1.19.1
  • a6a412d Remove old JIRA issue link
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the minor-and-patch group with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [com.hierynomus:sshj](https://github.com/hierynomus/sshj) | `0.39.0` | `0.40.0` |
| [com.fasterxml.jackson.core:jackson-databind](https://github.com/FasterXML/jackson) | `2.17.2` | `2.22.1` |
| org.slf4j:slf4j-nop | `2.0.13` | `2.0.18` |
| [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.2.5` | `3.5.6` |
| [org.jacoco:jacoco-maven-plugin](https://github.com/jacoco/jacoco) | `0.8.12` | `0.8.15` |
| [org.apache.maven.plugins:maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) | `3.6.3` | `3.12.0` |
| [org.apache.maven.plugins:maven-source-plugin](https://github.com/apache/maven-source-plugin) | `3.3.1` | `3.4.0` |
| [org.apache.maven.plugins:maven-gpg-plugin](https://github.com/apache/maven-gpg-plugin) | `3.2.4` | `3.2.8` |


Updates `com.hierynomus:sshj` from 0.39.0 to 0.40.0
- [Release notes](https://github.com/hierynomus/sshj/releases)
- [Commits](hierynomus/sshj@v0.39.0...v0.40.0)

Updates `com.fasterxml.jackson.core:jackson-databind` from 2.17.2 to 2.22.1
- [Commits](https://github.com/FasterXML/jackson/commits)

Updates `org.slf4j:slf4j-nop` from 2.0.13 to 2.0.18

Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.2.5 to 3.5.6
- [Release notes](https://github.com/apache/maven-surefire/releases)
- [Commits](apache/maven-surefire@surefire-3.2.5...surefire-3.5.6)

Updates `org.jacoco:jacoco-maven-plugin` from 0.8.12 to 0.8.15
- [Release notes](https://github.com/jacoco/jacoco/releases)
- [Commits](jacoco/jacoco@v0.8.12...v0.8.15)

Updates `org.apache.maven.plugins:maven-javadoc-plugin` from 3.6.3 to 3.12.0
- [Release notes](https://github.com/apache/maven-javadoc-plugin/releases)
- [Commits](apache/maven-javadoc-plugin@maven-javadoc-plugin-3.6.3...maven-javadoc-plugin-3.12.0)

Updates `org.apache.maven.plugins:maven-source-plugin` from 3.3.1 to 3.4.0
- [Release notes](https://github.com/apache/maven-source-plugin/releases)
- [Commits](apache/maven-source-plugin@maven-source-plugin-3.3.1...maven-source-plugin-3.4.0)

Updates `org.apache.maven.plugins:maven-gpg-plugin` from 3.2.4 to 3.2.8
- [Release notes](https://github.com/apache/maven-gpg-plugin/releases)
- [Commits](apache/maven-gpg-plugin@maven-gpg-plugin-3.2.4...maven-gpg-plugin-3.2.8)

---
updated-dependencies:
- dependency-name: com.hierynomus:sshj
  dependency-version: 0.40.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: com.fasterxml.jackson.core:jackson-databind
  dependency-version: 2.22.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: org.slf4j:slf4j-nop
  dependency-version: 2.0.18
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: org.apache.maven.plugins:maven-surefire-plugin
  dependency-version: 3.5.6
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: org.jacoco:jacoco-maven-plugin
  dependency-version: 0.8.15
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
- dependency-name: org.apache.maven.plugins:maven-javadoc-plugin
  dependency-version: 3.12.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: org.apache.maven.plugins:maven-source-plugin
  dependency-version: 3.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: minor-and-patch
- dependency-name: org.apache.maven.plugins:maven-gpg-plugin
  dependency-version: 3.2.8
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: minor-and-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Jul 17, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants