)]}' { "log": [ { "commit": "cb24576e895c0bf8e1d062e2fc82f2b53bfa2eb8", "tree": "79fdcbbe403a3163b86375b22da34c62ecd11065", "parents": [ "e525fbfe7f94301ea6b9725472a91206be0c7bd2" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Thu Jun 11 10:07:43 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Jun 11 10:07:43 2026 +0200" }, "message": "MINOR: Bump io.netty:netty-bom from 4.2.14.Final to 4.2.15.Final (#1175)\n\nBumps [io.netty:netty-bom](https://github.com/netty/netty) from\n4.2.14.Final to 4.2.15.Final.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/netty/netty/releases\"\u003eio.netty:netty-bom\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003enetty-4.2.15.Final\u003c/h2\u003e\n\u003ch2\u003eSecurity fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-h2qv-fj59-j46j\"\u003eCVE-2026-48059\u003c/a\u003e:\nmemory exhaustion in \u003ccode\u003eio.netty:netty-codec-haproxy\u003c/code\u003e\n(high).\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-5pvg-856g-cp85\"\u003eCVE-2026-47691\u003c/a\u003e:\nDNS cache poisoning in \u003ccode\u003eio.netty:netty-resolver-dns\u003c/code\u003e\n(high).\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-563q-j3cm-6jxm\"\u003eCVE-2026-50560\u003c/a\u003e:\nDDoS in \u003ccode\u003eio.netty:netty-codec-http2\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-5w86-c3rq-vjj7\"\u003eCVE-2026-50011\u003c/a\u003e:\nmemory exhaustion in \u003ccode\u003eio.netty:netty-codec-redis\u003c/code\u003e\n(high).\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-3244-j874-rhc2\"\u003eCVE-2026-44250\u003c/a\u003e:\nmemory exhaustion in \u003ccode\u003eio.netty:netty-codec-redis\u003c/code\u003e\n(high).\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-6ghj-frrj-jjj3\"\u003eCVE-2026-44890\u003c/a\u003e:\nmemory exhaustion in \u003ccode\u003eio.netty:netty-codec-redis\u003c/code\u003e\n(high).\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-cq4q-cv5g-r8q5\"\u003eCVE-2026-50009\u003c/a\u003e:\ninformation disclosure and denial of service in\n\u003ccode\u003eio.netty:netty-codec-classes-quic\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-3qp7-7mw8-wx86\"\u003eCVE-2026-44249\u003c/a\u003e:\nIPv6 subnet filter bypass in \u003ccode\u003eio.netty:netty-handler\u003c/code\u003e\n(high).\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-hvcg-qmg6-jm4c\"\u003eCVE-2026-50020\u003c/a\u003e:\nrequest smuggling in \u003ccode\u003eio.netty:netty-codec-http\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-c2rx-5r8w-8xr2\"\u003eCVE-2026-44892\u003c/a\u003e:\nmemory exhaustion in \u003ccode\u003eio.netty:netty-codec-http3\u003c/code\u003e\n(high).\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-cc37-9q2j-3hfv\"\u003eCVE-2026-44893\u003c/a\u003e:\nmemory leak in \u003ccode\u003eio.netty:netty-codec-haproxy\u003c/code\u003e (high).\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-cmm3-54f8-px4j\"\u003eCVE-2026-44894\u003c/a\u003e:\ntraffic amplification in \u003ccode\u003eio.netty:netty-codec-classes-quic\u003c/code\u003e\n(high).\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-c653-97m9-rcg9\"\u003eCVE-2026-50010\u003c/a\u003e:\nTLS hostname verification accidentally disabled in\n\u003ccode\u003eio.netty:netty-handler\u003c/code\u003e (high).\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-xmv7-r254-6q78\"\u003eCVE-2026-45673\u003c/a\u003e:\nDNS cache poisoning in \u003ccode\u003eio.netty:netty-resolver-dns\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-x4gw-5cx5-pgmh\"\u003eCVE-2026-45416\u003c/a\u003e:\nexcessive memory usage from SNIHandler in\n\u003ccode\u003eio.netty:netty-handler\u003c/code\u003e (high).\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-w573-9ffj-6ff9\"\u003eCVE-2026-45536\u003c/a\u003e:\nfile descriptor leak in\n\u003ccode\u003eio.netty:netty-transport-native-epoll\u003c/code\u003e and\n\u003ccode\u003eio.netty:netty-transport-native-kqueue\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-676x-f7gg-47vc\"\u003eCVE-2026-45674\u003c/a\u003e:\nDNS cache poisoning in \u003ccode\u003eio.netty:netty-resolver-dns\u003c/code\u003e\n(high).\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-5xrh-qmmq-w6ch\"\u003eCVE-2026-46340\u003c/a\u003e:\nmemory exhaustion in \u003ccode\u003eio.netty:netty-transport-sctp\u003c/code\u003e\n(high).\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-5x3r-wrvg-rp6q\"\u003eCVE-2026-47244\u003c/a\u003e:\ndenial of service in \u003ccode\u003eio.netty:netty-codec-http2\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-6jv9-x5w9-2ccm\"\u003eCVE-2026-48006\u003c/a\u003e:\nmemory exhaustion in \u003ccode\u003eio.netty:netty-codec-redis\u003c/code\u003e\n(high).\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-4grm-h2qv-h6w6\"\u003eCVE-2026-48748\u003c/a\u003e:\nmemory exhaustion in \u003ccode\u003eio.netty:netty-codec-http3\u003c/code\u003e\n(high).\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-c2gf-v879-257j\"\u003eCVE-2026-48043\u003c/a\u003e:\nmemory exhaustion in \u003ccode\u003eio.netty:netty-codec-http2\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix race in io.netty.channel.uring.IoUringIoHandler.wakeup by \u003ca\nhref\u003d\"https://github.com/dreamlike-ocean\"\u003e\u003ccode\u003e@​dreamlike-ocean\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16836\"\u003enetty/netty#16836\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHTTP/2: Parse request-target path like Vert.x by \u003ca\nhref\u003d\"https://github.com/yawkat\"\u003e\u003ccode\u003e@​yawkat\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16810\"\u003enetty/netty#16810\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-port 4.2: ChannelInitializer: correct misleading comment on\nexceptionCaught route by \u003ca\nhref\u003d\"https://github.com/netty-project-bot\"\u003e\u003ccode\u003e@​netty-project-bot\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16853\"\u003enetty/netty#16853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFlowControlHandler: Suppress duplicate channelReadComplete after\ndraining queue (\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/15053\"\u003e#15053\u003c/a\u003e)\nby \u003ca href\u003d\"https://github.com/schiemon\"\u003e\u003ccode\u003e@​schiemon\u003c/code\u003e\u003c/a\u003e in\n\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16837\"\u003enetty/netty#16837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePass maxAllocation to Brotli and Zstd decoders by \u003ca\nhref\u003d\"https://github.com/fedinskiy\"\u003e\u003ccode\u003e@​fedinskiy\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16844\"\u003enetty/netty#16844\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix revapi warnings by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16885\"\u003enetty/netty#16885\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix SCTP and Redis tests by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16893\"\u003enetty/netty#16893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd maxWindowLog parameter to ZstdDecoder to bound memory allocation\nby \u003ca href\u003d\"https://github.com/skyguard1\"\u003e\u003ccode\u003e@​skyguard1\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16850\"\u003enetty/netty#16850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-port 4.2: MQTT: Reject malformed no-payload packets with\nnon-zero Remaining Length by \u003ca\nhref\u003d\"https://github.com/netty-project-bot\"\u003e\u003ccode\u003e@​netty-project-bot\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16890\"\u003enetty/netty#16890\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/schiemon\"\u003e\u003ccode\u003e@​schiemon\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16837\"\u003enetty/netty#16837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/fedinskiy\"\u003e\u003ccode\u003e@​fedinskiy\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16844\"\u003enetty/netty#16844\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/netty/netty/compare/netty-4.2.14.Final...netty-4.2.15.Final\"\u003ehttps://github.com/netty/netty/compare/netty-4.2.14.Final...netty-4.2.15.Final\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/a41f7b289ce1d697c50846f3ade3983e22b2ed40\"\u003e\u003ccode\u003ea41f7b2\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release netty-4.2.15.Final\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/2394530bdb6837d928c2ec0b4d8f598487059ef9\"\u003e\u003ccode\u003e2394530\u003c/code\u003e\u003c/a\u003e\nAuto-port 4.2: MQTT: Reject malformed no-payload packets with non-zero\nRemain...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/0bd1657a601da85c324d28562dc7d1ae220ad3a7\"\u003e\u003ccode\u003e0bd1657\u003c/code\u003e\u003c/a\u003e\nAdd maxWindowLog parameter to ZstdDecoder to bound memory allocation (\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16850\"\u003e#16850\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/76291f58a901e021289e5c30618b6e136d605163\"\u003e\u003ccode\u003e76291f5\u003c/code\u003e\u003c/a\u003e\nFix SCTP and Redis tests (\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16893\"\u003e#16893\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/e067b6e3376afee7629481d46333c3acf7f95943\"\u003e\u003ccode\u003ee067b6e\u003c/code\u003e\u003c/a\u003e\nFix revapi warnings (\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16885\"\u003e#16885\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/5a52600d96cc6f4d38098e0645be53ecbfc8a811\"\u003e\u003ccode\u003e5a52600\u003c/code\u003e\u003c/a\u003e\nPass maxAllocation to Brotli and Zstd decoders (\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16844\"\u003e#16844\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/541add0f7f5486ef15834da51d8dd983ec12e2b3\"\u003e\u003ccode\u003e541add0\u003c/code\u003e\u003c/a\u003e\nMerge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/270800e5d336913606493a562c8200ecf321a0c1\"\u003e\u003ccode\u003e270800e\u003c/code\u003e\u003c/a\u003e\nMerge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/3d45a1e4e8eb99144f716e54be5ac57e525fa7ca\"\u003e\u003ccode\u003e3d45a1e\u003c/code\u003e\u003c/a\u003e\nMerge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/75127cab731ee35068d1f0667bffa188bc332f5d\"\u003e\u003ccode\u003e75127ca\u003c/code\u003e\u003c/a\u003e\nMerge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/netty/netty/compare/netty-4.2.14.Final...netty-4.2.15.Final\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "e525fbfe7f94301ea6b9725472a91206be0c7bd2", "tree": "1475a07be068f7aae41136070b85ccd738c03bbb", "parents": [ "c836fad712c8a2ca14ac3a4b5f117a3e9fbefdc7" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed Jun 10 14:31:56 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Jun 10 14:31:56 2026 +0200" }, "message": "MINOR: Bump com.diffplug.spotless:spotless-maven-plugin from 3.4.0 to 3.6.0 (#1172)\n\nBumps\n[com.diffplug.spotless:spotless-maven-plugin](https://github.com/diffplug/spotless)\nfrom 3.4.0 to 3.6.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/diffplug/spotless/releases\"\u003ecom.diffplug.spotless:spotless-maven-plugin\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eMaven Plugin v3.6.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003e\u0026lt;cacheDirectory\u0026gt;\u003c/code\u003e to\n\u003ccode\u003e\u0026lt;eclipse\u0026gt;\u003c/code\u003e, \u003ccode\u003e\u0026lt;greclipse\u0026gt;\u003c/code\u003e, and\n\u003ccode\u003e\u0026lt;eclipseCdt\u0026gt;\u003c/code\u003e for the Equo/Solstice P2 cache. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2944\"\u003e#2944\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eEclipseJdtFormtterStep\u003c/code\u003e now can conditionally set\ncompiler source/compliance options. Allows for better parsing of AST\nNode for newer language features and more correct sorting; e.g. records\nor seal classes. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2942\"\u003e#2942\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e\u0026lt;versionCatalog\u0026gt;\u003c/code\u003e no longer splits long inline\ntables across multiple lines — Gradle\u0027s TOML 1.0 parser cannot read\nmulti-line inline tables. The \u003ccode\u003emaxLineLength\u003c/code\u003e option has been\nremoved. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/issues/2948\"\u003e#2948\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003espotless:apply\u003c/code\u003e no longer aborts on the first file with\nlints; it now formats all files and reports a single aggregated lint\nfailure across every file, matching the Gradle plugin\u0027s behavior. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2937\"\u003e#2937\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e\u0026lt;greclipse\u0026gt;\u003c/code\u003e and \u003ccode\u003e\u0026lt;eclipseCdt\u0026gt;\u003c/code\u003e\nnow default P2 data to the Maven local repository. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2944\"\u003e#2944\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eforbidWildcardImports\u003c/code\u003e and\n\u003ccode\u003eforbidModuleImports\u003c/code\u003e now detect imports that have leading\nwhitespace (indentation/tabs). (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2939\"\u003e#2939\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eImproved formatting performance by eliminating redundant per-step\nline-ending normalization in the core formatter loop. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2934\"\u003e#2934\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMaven Plugin v3.5.1\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e\u0026lt;licenseHeader\u0026gt;\u003c/code\u003e with\n\u003ccode\u003e\u0026lt;yearMode\u0026gt;SET_FROM_GIT\u0026lt;/yearMode\u0026gt;\u003c/code\u003e no longer\nruns \u003ccode\u003egit log\u003c/code\u003e through a shell, eliminating a shell-injection\nvector when formatting files whose names contain shell\nmetacharacters.\u003c/li\u003e\n\u003cli\u003eBump transitive \u003ccode\u003eplexus-utils\u003c/code\u003e \u003ccode\u003e4.0.2\u003c/code\u003e -\u0026gt;\n\u003ccode\u003e4.0.3\u003c/code\u003e to address \u003ca\nhref\u003d\"https://github.com/advisories/GHSA-6fmv-xxpf-w3cw\"\u003eCVE-2025-67030\u003c/a\u003e.\n(\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/issues/2919\"\u003e#2919\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMaven Plugin v3.5.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e\u0026lt;scalafmt\u0026gt;\u003c/code\u003e now reads the version from the\n\u003ccode\u003eversion\u003c/code\u003e field in the scalafmt config file when no\n\u003ccode\u003e\u0026lt;version\u0026gt;\u003c/code\u003e is explicitly set, falling back to the\nbuilt-in default only if neither is available. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2922\"\u003e#2922\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e\u0026lt;toml\u0026gt;\u003c/code\u003e format type with\n\u003ccode\u003e\u0026lt;versionCatalog\u0026gt;\u003c/code\u003e step for formatting and sorting\nGradle version catalog files. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/issues/2916\"\u003e#2916\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003e\u0026lt;javaparserVersion\u0026gt;\u003c/code\u003e option to\n\u003ccode\u003e\u0026lt;cleanthat\u0026gt;\u003c/code\u003e, allowing users to override the\nJavaParser version pulled in transitively by Cleanthat. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2903\"\u003e#2903\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd a \u003ccode\u003eexpandWildcardImports\u003c/code\u003e API for java (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2930\"\u003e#2829\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ePreserve case of JDBI named bind params that collide with SQL\nkeywords (e.g. \u003ccode\u003e:limit\u003c/code\u003e, \u003ccode\u003e:offset\u003c/code\u003e) in the DBeaver\nSQL formatter. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2899\"\u003e#2899\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003e-Dspotless.ratchetFrom\u003d...\u003c/code\u003e user property now takes\npriority over \u003ccode\u003e\u0026lt;ratchetFrom\u0026gt;\u003c/code\u003e configured in the plugin\nor in individual formatters, instead of being overridden by them. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2896\"\u003e#2896\u003c/a\u003e,\nfixes \u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/issues/2842\"\u003e#2842\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix non-idempotent formatting when \u003ccode\u003eimportOrder()\u003c/code\u003e is\ncombined with \u003ccode\u003egreclipse()\u003c/code\u003e: a single catch-all group no\nlonger strips blank lines that \u003ccode\u003egreclipse()\u003c/code\u003e independently\ninserted between import groups. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2914\"\u003e#2914\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003eexpandWildcardImports\u003c/code\u003e failing on JDK XML types such\nas \u003ccode\u003eorg.xml.sax.InputSource\u003c/code\u003e. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2921\"\u003e#2921\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse Eclipse JDT\u0027s collator-based comparison when sorting Java\nmembers to better match Eclipse save actions. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2920\"\u003e#2920\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump default \u003ccode\u003ecleanthat\u003c/code\u003e version \u003ccode\u003e2.24\u003c/code\u003e -\u0026gt;\n\u003ccode\u003e2.25\u003c/code\u003e. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2903\"\u003e#2903\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump default \u003ccode\u003eeclipse-jdt\u003c/code\u003e version from \u003ccode\u003e4.35\u003c/code\u003e\nto \u003ccode\u003e4.39\u003c/code\u003e. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2912\"\u003e#2912\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/diffplug/spotless/commit/71a433c5cd5e8a4983c6600a10032ce3415700ba\"\u003e\u003ccode\u003e71a433c\u003c/code\u003e\u003c/a\u003e\nPublished maven/3.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/diffplug/spotless/commit/3a0f1017dcdfd49042a638119c1b6d998b28c67f\"\u003e\u003ccode\u003e3a0f101\u003c/code\u003e\u003c/a\u003e\nPublished gradle/8.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/diffplug/spotless/commit/007e9d858177c93a3c7b6f9d1eb068937022613f\"\u003e\u003ccode\u003e007e9d8\u003c/code\u003e\u003c/a\u003e\nPublished lib/4.6.2\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/diffplug/spotless/commit/a074d53565e0f523c3bba7f5135ba0d8f959f98b\"\u003e\u003ccode\u003ea074d53\u003c/code\u003e\u003c/a\u003e\nAllow setting the local P2 cache dir in the Spotless Gradle plugin (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/issues/2944\"\u003e#2944\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/diffplug/spotless/commit/a266fc2b97098aed703300ecfb00a7fc6ab57467\"\u003e\u003ccode\u003ea266fc2\u003c/code\u003e\u003c/a\u003e\nMerge branch \u0027main\u0027 into add-cache-directory-dsl\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/diffplug/spotless/commit/e0d466e5c157d41208ba84f3b0c767a4ad3d4330\"\u003e\u003ccode\u003ee0d466e\u003c/code\u003e\u003c/a\u003e\nFix: sort members treats record declarations as types (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/issues/2942\"\u003e#2942\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/diffplug/spotless/commit/3936b6f2f9290bfe946a890c1efc791eb969c7db\"\u003e\u003ccode\u003e3936b6f\u003c/code\u003e\u003c/a\u003e\nMerge branch \u0027main\u0027 into main\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/diffplug/spotless/commit/278765fcbbdc91d9bbcd3bff41005a350746792c\"\u003e\u003ccode\u003e278765f\u003c/code\u003e\u003c/a\u003e\nfix: expandWildcardImports support pom type dependency, fix \u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/issues/2839\"\u003e#2839\u003c/a\u003e\n(\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/issues/2935\"\u003e#2935\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/diffplug/spotless/commit/a18ddec9bd578c77177c9478207892d63f942826\"\u003e\u003ccode\u003ea18ddec\u003c/code\u003e\u003c/a\u003e\nRemove maxLineLength from versionCatalog step (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/issues/2949\"\u003e#2949\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/diffplug/spotless/commit/b91ad871a69bb7c3722120c81f9dae3e1ee11836\"\u003e\u003ccode\u003eb91ad87\u003c/code\u003e\u003c/a\u003e\nAdd changelog entries for versionCatalog maxLineLength removal\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/diffplug/spotless/compare/maven/3.4.0...maven/3.6.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.diffplug.spotless:spotless-maven-plugin\u0026package-manager\u003dmaven\u0026previous-version\u003d3.4.0\u0026new-version\u003d3.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "c836fad712c8a2ca14ac3a4b5f117a3e9fbefdc7", "tree": "b9f3c508ad1969513dcc3cc80038386110f1a74f", "parents": [ "485f813d0cec4987f5b597f6cd448d40f074ccce" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed Jun 10 09:43:35 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Jun 10 09:43:35 2026 +0200" }, "message": "MINOR: Bump com.fasterxml.jackson:jackson-bom from 2.21.3 to 2.22.0 (#1173)\n\nBumps\n[com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom)\nfrom 2.21.3 to 2.22.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/112e8591b5e14dff30c278c142d8111231c3a48f\"\u003e\u003ccode\u003e112e859\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release jackson-bom-2.22.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/2cae2ce236587ee18c58e40e01d432a077b3e7ae\"\u003e\u003ccode\u003e2cae2ce\u003c/code\u003e\u003c/a\u003e\nPrep for 2.22.0 release\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/7955d2113f21d1027f0b643e5fbca4a1feae5964\"\u003e\u003ccode\u003e7955d21\u003c/code\u003e\u003c/a\u003e\nMerge branch \u00272.21\u0027 into 2.x\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/8922a05c6e46f790b67e64e15585eb070b6ebc6d\"\u003e\u003ccode\u003e8922a05\u003c/code\u003e\u003c/a\u003e\nPost-release dep version bump\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/1fa994366741173fb38bc7c194666819ade60f6d\"\u003e\u003ccode\u003e1fa9943\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/d1abd31e4fec3035965d57a05a6256171ea8d980\"\u003e\u003ccode\u003ed1abd31\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release jackson-bom-2.21.4\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/2aaea43db8480aa7d405ebc0de503cffc864f6f6\"\u003e\u003ccode\u003e2aaea43\u003c/code\u003e\u003c/a\u003e\nPrep for 2.21.4 release\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/902ec69efea40cdf1647c6fb49fb78734a88f3e6\"\u003e\u003ccode\u003e902ec69\u003c/code\u003e\u003c/a\u003e\nUpdate Woodstox/stax2-api (to 7.2.0/4.3.0)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/257064709f8ea9ca84ea5d569080f9daacc0e017\"\u003e\u003ccode\u003e2570647\u003c/code\u003e\u003c/a\u003e\nMerge branch \u00272.21\u0027 into 2.x\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/9d3a9d54e40312ef0ac9192d599b59b541f65fb8\"\u003e\u003ccode\u003e9d3a9d5\u003c/code\u003e\u003c/a\u003e\nPost-release dep version bump\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.21.3...jackson-bom-2.22.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "485f813d0cec4987f5b597f6cd448d40f074ccce", "tree": "9e5e4bf23503cbc89b4970fe011441ba2f45654f", "parents": [ "a993bf1727098cd21cd4973d6bcff2b20e5ebfd0" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue Jun 09 13:14:21 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Jun 09 13:14:21 2026 +0200" }, "message": "MINOR: Bump com.github.luben:zstd-jni from 1.5.7-8 to 1.5.7-10 (#1177)\n\nBumps [com.github.luben:zstd-jni](https://github.com/luben/zstd-jni)\nfrom 1.5.7-8 to 1.5.7-10.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/luben/zstd-jni/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.github.luben:zstd-jni\u0026package-manager\u003dmaven\u0026previous-version\u003d1.5.7-8\u0026new-version\u003d1.5.7-10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "a993bf1727098cd21cd4973d6bcff2b20e5ebfd0", "tree": "c5d9304dacf61be3c765272c2698dcd76994cf30", "parents": [ "035d96b256cc5eb687add6af2f5326ac5523f272" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue Jun 09 09:19:57 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Jun 09 09:19:57 2026 +0200" }, "message": "MINOR: Bump com.google.api.grpc:proto-google-common-protos from 2.71.0 to 2.72.0 (#1178)\n\nBumps\n[com.google.api.grpc:proto-google-common-protos](https://github.com/googleapis/sdk-platform-java)\nfrom 2.71.0 to 2.72.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/6e1c1796ed06d7215bb11784ad4ab2a380690b37\"\u003e\u003ccode\u003e6e1c179\u003c/code\u003e\u003c/a\u003e\nchore(main): release 2.64.0 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3954\"\u003e#3954\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/7a2f0b0d81d2b0b988e6e36d9d8b75f8f9a141ff\"\u003e\u003ccode\u003e7a2f0b0\u003c/code\u003e\u003c/a\u003e\nchore: update upper bound dependencies file (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3966\"\u003e#3966\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/1e4a7e5088c88e5752cc24cbe44b14b3ce409778\"\u003e\u003ccode\u003e1e4a7e5\u003c/code\u003e\u003c/a\u003e\nchore: update googleapis commit at Fri Oct 17 02:31:11 UTC 2025 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3951\"\u003e#3951\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/ffb557ce8f3460f722b27b30af5e470edd93431b\"\u003e\u003ccode\u003effb557c\u003c/code\u003e\u003c/a\u003e\ndeps: Bump grpc-java to v1.76.0 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3942\"\u003e#3942\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/9ad8a4dfb96a44c34acd10aacd2adc30ed240631\"\u003e\u003ccode\u003e9ad8a4d\u003c/code\u003e\u003c/a\u003e\nchore: remove internal/librariangen following migration to librarian\nrepo (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3\"\u003e#3\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/0a1bbea44d6a1b024c569db89fef8d08ad7bd2d2\"\u003e\u003ccode\u003e0a1bbea\u003c/code\u003e\u003c/a\u003e\nchore(librariangen): Generate to use languagecontainer.Run (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3968\"\u003e#3968\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/452d703b703ab3222fd1a7060ed5e1ac6363322b\"\u003e\u003ccode\u003e452d703\u003c/code\u003e\u003c/a\u003e\nfeat(librariangen): generate grpc stubs and resource helpers (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3967\"\u003e#3967\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/85057e8e2402fca7bcf4a153d4981fed2b6628de\"\u003e\u003ccode\u003e85057e8\u003c/code\u003e\u003c/a\u003e\nci: remove librarian skipping on matrix builds (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3969\"\u003e#3969\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/a26a6d937e0523b9a6c193504645f96649e48573\"\u003e\u003ccode\u003ea26a6d9\u003c/code\u003e\u003c/a\u003e\nchore(librariangen): languagecontainer package to parse release-init\nrequest ...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/c86b4eaabcd5ce6bf4939ada04b6f41a85b3385e\"\u003e\u003ccode\u003ec86b4ea\u003c/code\u003e\u003c/a\u003e\nci: exclude internal/librariangen/** using dorny/paths-filter (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3961\"\u003e#3961\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/compare/gax/v2.71.0...gax/v2.72.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.google.api.grpc:proto-google-common-protos\u0026package-manager\u003dmaven\u0026previous-version\u003d2.71.0\u0026new-version\u003d2.72.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "035d96b256cc5eb687add6af2f5326ac5523f272", "tree": "39ff87e64b5acb2d52b0594199f88d5b51f79d15", "parents": [ "da97828bfe2818e1233ef8c421e89e238fff8340" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Thu Jun 04 15:57:55 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Jun 04 15:57:55 2026 +0200" }, "message": "MINOR: Bump dep.junit.jupiter.version from 5.12.2 to 6.1.0 (#1162)\n\nBumps `dep.junit.jupiter.version` from 5.12.2 to 6.1.0.\nUpdates `org.junit.jupiter:junit-jupiter-engine` from 5.12.2 to 6.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/releases\"\u003eorg.junit.jupiter:junit-jupiter-engine\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eJUnit 6.1.0 \u003d Platform 6.1.0 + Jupiter 6.1.0 + Vintage 6.1.0\u003c/p\u003e\n\u003cp\u003eSee \u003ca href\u003d\"https://docs.junit.org/6.1.0/release-notes.html\"\u003eRelease\nNotes\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/JarvisCraft\"\u003e\u003ccode\u003e@​JarvisCraft\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5633\"\u003ejunit-team/junit-framework#5633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/Maran23\"\u003e\u003ccode\u003e@​Maran23\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5644\"\u003ejunit-team/junit-framework#5644\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/compare/r6.0.3...r6.1.0\"\u003ehttps://github.com/junit-team/junit-framework/compare/r6.0.3...r6.1.0\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eJUnit 6.1.0-RC1 \u003d Platform 6.1.0-RC1 + Jupiter 6.1.0-RC1 + Vintage\n6.1.0-RC1\u003c/p\u003e\n\u003cp\u003eSee \u003ca href\u003d\"https://docs.junit.org/6.1.0-RC1/release-notes/\"\u003eRelease\nNotes\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mariokhoury4\"\u003e\u003ccode\u003e@​mariokhoury4\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/4574\"\u003ejunit-team/junit-framework#4574\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/Ogu1208\"\u003e\u003ccode\u003e@​Ogu1208\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5145\"\u003ejunit-team/junit-framework#5145\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/HyungGeun94\"\u003e\u003ccode\u003e@​HyungGeun94\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5271\"\u003ejunit-team/junit-framework#5271\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/yalishevant\"\u003e\u003ccode\u003e@​yalishevant\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5316\"\u003ejunit-team/junit-framework#5316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/JINU-CHANG\"\u003e\u003ccode\u003e@​JINU-CHANG\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5290\"\u003ejunit-team/junit-framework#5290\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/jaschdoc\"\u003e\u003ccode\u003e@​jaschdoc\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5427\"\u003ejunit-team/junit-framework#5427\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/kawshikbuet17\"\u003e\u003ccode\u003e@​kawshikbuet17\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5561\"\u003ejunit-team/junit-framework#5561\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/msridhar\"\u003e\u003ccode\u003e@​msridhar\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5602\"\u003ejunit-team/junit-framework#5602\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/compare/r6.1.0-M1...r6.1.0-RC1\"\u003ehttps://github.com/junit-team/junit-framework/compare/r6.1.0-M1...r6.1.0-RC1\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eJUnit 6.1.0-M1 \u003d Platform 6.1.0-M1 + Jupiter 6.1.0-M1 + Vintage\n6.1.0-M1\u003c/p\u003e\n\u003cp\u003eSee \u003ca href\u003d\"https://docs.junit.org/6.1.0-M1/release-notes/\"\u003eRelease\nNotes\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/vy\"\u003e\u003ccode\u003e@​vy\u003c/code\u003e\u003c/a\u003e made their\nfirst contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5041\"\u003ejunit-team/junit-framework#5041\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/Pankraz76\"\u003e\u003ccode\u003e@​Pankraz76\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5006\"\u003ejunit-team/junit-framework#5006\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/arukiidou\"\u003e\u003ccode\u003e@​arukiidou\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5066\"\u003ejunit-team/junit-framework#5066\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/laeubi\"\u003e\u003ccode\u003e@​laeubi\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5092\"\u003ejunit-team/junit-framework#5092\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/jihun4452\"\u003e\u003ccode\u003e@​jihun4452\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5088\"\u003ejunit-team/junit-framework#5088\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/TWiStErRob\"\u003e\u003ccode\u003e@​TWiStErRob\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5133\"\u003ejunit-team/junit-framework#5133\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/compare/r6.0.0...r6.1.0-M1\"\u003ehttps://github.com/junit-team/junit-framework/compare/r6.0.0...r6.1.0-M1\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eJUnit 6.0.3 \u003d Platform 6.0.3 + Jupiter 6.0.3 + Vintage 6.0.3\u003c/p\u003e\n\u003cp\u003eSee \u003ca href\u003d\"https://docs.junit.org/6.0.3/release-notes.html\"\u003eRelease\nNotes\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/compare/r6.0.2...r6.0.3\"\u003ehttps://github.com/junit-team/junit-framework/compare/r6.0.2...r6.0.3\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eJUnit 6.0.2 \u003d Platform 6.0.2 + Jupiter 6.0.2 + Vintage 6.0.2\u003c/p\u003e\n\u003cp\u003eSee \u003ca href\u003d\"https://docs.junit.org/6.0.2/release-notes.html\"\u003eRelease\nNotes\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/0dc3af1cb1973d257b5bc75d81e02454d5e4e556\"\u003e\u003ccode\u003e0dc3af1\u003c/code\u003e\u003c/a\u003e\nRelease 6.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/1d130020c85170edcb46ce7ed1f7f78824e37c04\"\u003e\u003ccode\u003e1d13002\u003c/code\u003e\u003c/a\u003e\nPrepare 6.1.0 release notes\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/072b2175bbd7b0b3b26f5d928550ec7a21e68268\"\u003e\u003ccode\u003e072b217\u003c/code\u003e\u003c/a\u003e\nUpdate plugin spotless to v8.5.0 (\u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/issues/5668\"\u003e#5668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/3a53480218f4b752a9ca77506e10632cd483c0f8\"\u003e\u003ccode\u003e3a53480\u003c/code\u003e\u003c/a\u003e\nUpdate Gradle to v9.5.1 (\u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/issues/5666\"\u003e#5666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/0e18a20a9f98d063ae02b3ba19329143f5c7f034\"\u003e\u003ccode\u003e0e18a20\u003c/code\u003e\u003c/a\u003e\nUpdate zizmorcore/zizmor-action action to v0.5.4 (\u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/issues/5669\"\u003e#5669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/0a2634fb9cbbd057b02cf629d7d272c16d62be4b\"\u003e\u003ccode\u003e0a2634f\u003c/code\u003e\u003c/a\u003e\nUpdate github/codeql-action action to v4.35.5 (\u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/issues/5671\"\u003e#5671\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/4dbd5561b00ac761a62c516bfaec51c212a2d60c\"\u003e\u003ccode\u003e4dbd556\u003c/code\u003e\u003c/a\u003e\nRestructure workflows to have single \u0026quot;status\u0026quot; job (\u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/issues/5670\"\u003e#5670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/f2194cebe377512cb0ade388c62a881a0bcf5d3e\"\u003e\u003ccode\u003ef2194ce\u003c/code\u003e\u003c/a\u003e\nIncrease timeout to reduce flakiness\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/5c8fdd2df65b763151cccbe669ea9e1c3155efcd\"\u003e\u003ccode\u003e5c8fdd2\u003c/code\u003e\u003c/a\u003e\nUpdate dependency org.apache.groovy:groovy to v5.0.6 (\u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/issues/5659\"\u003e#5659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/43c6982324602582902c9bdb213fd5e007f9cf3d\"\u003e\u003ccode\u003e43c6982\u003c/code\u003e\u003c/a\u003e\nUpdate dependency org.slf4j:slf4j-jdk14 to v2.0.18 (\u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/issues/5667\"\u003e#5667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/compare/r5.12.2...r6.1.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.junit.jupiter:junit-jupiter-api` from 5.12.2 to 6.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/releases\"\u003eorg.junit.jupiter:junit-jupiter-api\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eJUnit 6.1.0 \u003d Platform 6.1.0 + Jupiter 6.1.0 + Vintage 6.1.0\u003c/p\u003e\n\u003cp\u003eSee \u003ca href\u003d\"https://docs.junit.org/6.1.0/release-notes.html\"\u003eRelease\nNotes\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/JarvisCraft\"\u003e\u003ccode\u003e@​JarvisCraft\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5633\"\u003ejunit-team/junit-framework#5633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/Maran23\"\u003e\u003ccode\u003e@​Maran23\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5644\"\u003ejunit-team/junit-framework#5644\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/compare/r6.0.3...r6.1.0\"\u003ehttps://github.com/junit-team/junit-framework/compare/r6.0.3...r6.1.0\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eJUnit 6.1.0-RC1 \u003d Platform 6.1.0-RC1 + Jupiter 6.1.0-RC1 + Vintage\n6.1.0-RC1\u003c/p\u003e\n\u003cp\u003eSee \u003ca href\u003d\"https://docs.junit.org/6.1.0-RC1/release-notes/\"\u003eRelease\nNotes\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mariokhoury4\"\u003e\u003ccode\u003e@​mariokhoury4\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/4574\"\u003ejunit-team/junit-framework#4574\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/Ogu1208\"\u003e\u003ccode\u003e@​Ogu1208\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5145\"\u003ejunit-team/junit-framework#5145\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/HyungGeun94\"\u003e\u003ccode\u003e@​HyungGeun94\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5271\"\u003ejunit-team/junit-framework#5271\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/yalishevant\"\u003e\u003ccode\u003e@​yalishevant\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5316\"\u003ejunit-team/junit-framework#5316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/JINU-CHANG\"\u003e\u003ccode\u003e@​JINU-CHANG\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5290\"\u003ejunit-team/junit-framework#5290\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/jaschdoc\"\u003e\u003ccode\u003e@​jaschdoc\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5427\"\u003ejunit-team/junit-framework#5427\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/kawshikbuet17\"\u003e\u003ccode\u003e@​kawshikbuet17\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5561\"\u003ejunit-team/junit-framework#5561\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/msridhar\"\u003e\u003ccode\u003e@​msridhar\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5602\"\u003ejunit-team/junit-framework#5602\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/compare/r6.1.0-M1...r6.1.0-RC1\"\u003ehttps://github.com/junit-team/junit-framework/compare/r6.1.0-M1...r6.1.0-RC1\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eJUnit 6.1.0-M1 \u003d Platform 6.1.0-M1 + Jupiter 6.1.0-M1 + Vintage\n6.1.0-M1\u003c/p\u003e\n\u003cp\u003eSee \u003ca href\u003d\"https://docs.junit.org/6.1.0-M1/release-notes/\"\u003eRelease\nNotes\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/vy\"\u003e\u003ccode\u003e@​vy\u003c/code\u003e\u003c/a\u003e made their\nfirst contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5041\"\u003ejunit-team/junit-framework#5041\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/Pankraz76\"\u003e\u003ccode\u003e@​Pankraz76\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5006\"\u003ejunit-team/junit-framework#5006\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/arukiidou\"\u003e\u003ccode\u003e@​arukiidou\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5066\"\u003ejunit-team/junit-framework#5066\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/laeubi\"\u003e\u003ccode\u003e@​laeubi\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5092\"\u003ejunit-team/junit-framework#5092\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/jihun4452\"\u003e\u003ccode\u003e@​jihun4452\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5088\"\u003ejunit-team/junit-framework#5088\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/TWiStErRob\"\u003e\u003ccode\u003e@​TWiStErRob\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5133\"\u003ejunit-team/junit-framework#5133\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/compare/r6.0.0...r6.1.0-M1\"\u003ehttps://github.com/junit-team/junit-framework/compare/r6.0.0...r6.1.0-M1\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eJUnit 6.0.3 \u003d Platform 6.0.3 + Jupiter 6.0.3 + Vintage 6.0.3\u003c/p\u003e\n\u003cp\u003eSee \u003ca href\u003d\"https://docs.junit.org/6.0.3/release-notes.html\"\u003eRelease\nNotes\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/compare/r6.0.2...r6.0.3\"\u003ehttps://github.com/junit-team/junit-framework/compare/r6.0.2...r6.0.3\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eJUnit 6.0.2 \u003d Platform 6.0.2 + Jupiter 6.0.2 + Vintage 6.0.2\u003c/p\u003e\n\u003cp\u003eSee \u003ca href\u003d\"https://docs.junit.org/6.0.2/release-notes.html\"\u003eRelease\nNotes\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/0dc3af1cb1973d257b5bc75d81e02454d5e4e556\"\u003e\u003ccode\u003e0dc3af1\u003c/code\u003e\u003c/a\u003e\nRelease 6.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/1d130020c85170edcb46ce7ed1f7f78824e37c04\"\u003e\u003ccode\u003e1d13002\u003c/code\u003e\u003c/a\u003e\nPrepare 6.1.0 release notes\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/072b2175bbd7b0b3b26f5d928550ec7a21e68268\"\u003e\u003ccode\u003e072b217\u003c/code\u003e\u003c/a\u003e\nUpdate plugin spotless to v8.5.0 (\u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/issues/5668\"\u003e#5668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/3a53480218f4b752a9ca77506e10632cd483c0f8\"\u003e\u003ccode\u003e3a53480\u003c/code\u003e\u003c/a\u003e\nUpdate Gradle to v9.5.1 (\u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/issues/5666\"\u003e#5666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/0e18a20a9f98d063ae02b3ba19329143f5c7f034\"\u003e\u003ccode\u003e0e18a20\u003c/code\u003e\u003c/a\u003e\nUpdate zizmorcore/zizmor-action action to v0.5.4 (\u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/issues/5669\"\u003e#5669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/0a2634fb9cbbd057b02cf629d7d272c16d62be4b\"\u003e\u003ccode\u003e0a2634f\u003c/code\u003e\u003c/a\u003e\nUpdate github/codeql-action action to v4.35.5 (\u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/issues/5671\"\u003e#5671\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/4dbd5561b00ac761a62c516bfaec51c212a2d60c\"\u003e\u003ccode\u003e4dbd556\u003c/code\u003e\u003c/a\u003e\nRestructure workflows to have single \u0026quot;status\u0026quot; job (\u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/issues/5670\"\u003e#5670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/f2194cebe377512cb0ade388c62a881a0bcf5d3e\"\u003e\u003ccode\u003ef2194ce\u003c/code\u003e\u003c/a\u003e\nIncrease timeout to reduce flakiness\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/5c8fdd2df65b763151cccbe669ea9e1c3155efcd\"\u003e\u003ccode\u003e5c8fdd2\u003c/code\u003e\u003c/a\u003e\nUpdate dependency org.apache.groovy:groovy to v5.0.6 (\u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/issues/5659\"\u003e#5659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/43c6982324602582902c9bdb213fd5e007f9cf3d\"\u003e\u003ccode\u003e43c6982\u003c/code\u003e\u003c/a\u003e\nUpdate dependency org.slf4j:slf4j-jdk14 to v2.0.18 (\u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/issues/5667\"\u003e#5667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/compare/r5.12.2...r6.1.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.junit.jupiter:junit-jupiter-params` from 5.12.2 to 6.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/releases\"\u003eorg.junit.jupiter:junit-jupiter-params\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eJUnit 6.1.0 \u003d Platform 6.1.0 + Jupiter 6.1.0 + Vintage 6.1.0\u003c/p\u003e\n\u003cp\u003eSee \u003ca href\u003d\"https://docs.junit.org/6.1.0/release-notes.html\"\u003eRelease\nNotes\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/JarvisCraft\"\u003e\u003ccode\u003e@​JarvisCraft\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5633\"\u003ejunit-team/junit-framework#5633\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/Maran23\"\u003e\u003ccode\u003e@​Maran23\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5644\"\u003ejunit-team/junit-framework#5644\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/compare/r6.0.3...r6.1.0\"\u003ehttps://github.com/junit-team/junit-framework/compare/r6.0.3...r6.1.0\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eJUnit 6.1.0-RC1 \u003d Platform 6.1.0-RC1 + Jupiter 6.1.0-RC1 + Vintage\n6.1.0-RC1\u003c/p\u003e\n\u003cp\u003eSee \u003ca href\u003d\"https://docs.junit.org/6.1.0-RC1/release-notes/\"\u003eRelease\nNotes\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mariokhoury4\"\u003e\u003ccode\u003e@​mariokhoury4\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/4574\"\u003ejunit-team/junit-framework#4574\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/Ogu1208\"\u003e\u003ccode\u003e@​Ogu1208\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5145\"\u003ejunit-team/junit-framework#5145\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/HyungGeun94\"\u003e\u003ccode\u003e@​HyungGeun94\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5271\"\u003ejunit-team/junit-framework#5271\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/yalishevant\"\u003e\u003ccode\u003e@​yalishevant\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5316\"\u003ejunit-team/junit-framework#5316\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/JINU-CHANG\"\u003e\u003ccode\u003e@​JINU-CHANG\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5290\"\u003ejunit-team/junit-framework#5290\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/jaschdoc\"\u003e\u003ccode\u003e@​jaschdoc\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5427\"\u003ejunit-team/junit-framework#5427\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/kawshikbuet17\"\u003e\u003ccode\u003e@​kawshikbuet17\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5561\"\u003ejunit-team/junit-framework#5561\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/msridhar\"\u003e\u003ccode\u003e@​msridhar\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5602\"\u003ejunit-team/junit-framework#5602\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/compare/r6.1.0-M1...r6.1.0-RC1\"\u003ehttps://github.com/junit-team/junit-framework/compare/r6.1.0-M1...r6.1.0-RC1\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eJUnit 6.1.0-M1 \u003d Platform 6.1.0-M1 + Jupiter 6.1.0-M1 + Vintage\n6.1.0-M1\u003c/p\u003e\n\u003cp\u003eSee \u003ca href\u003d\"https://docs.junit.org/6.1.0-M1/release-notes/\"\u003eRelease\nNotes\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/vy\"\u003e\u003ccode\u003e@​vy\u003c/code\u003e\u003c/a\u003e made their\nfirst contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5041\"\u003ejunit-team/junit-framework#5041\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/Pankraz76\"\u003e\u003ccode\u003e@​Pankraz76\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5006\"\u003ejunit-team/junit-framework#5006\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/arukiidou\"\u003e\u003ccode\u003e@​arukiidou\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5066\"\u003ejunit-team/junit-framework#5066\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/laeubi\"\u003e\u003ccode\u003e@​laeubi\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5092\"\u003ejunit-team/junit-framework#5092\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/jihun4452\"\u003e\u003ccode\u003e@​jihun4452\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5088\"\u003ejunit-team/junit-framework#5088\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/TWiStErRob\"\u003e\u003ccode\u003e@​TWiStErRob\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/pull/5133\"\u003ejunit-team/junit-framework#5133\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/compare/r6.0.0...r6.1.0-M1\"\u003ehttps://github.com/junit-team/junit-framework/compare/r6.0.0...r6.1.0-M1\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eJUnit 6.0.3 \u003d Platform 6.0.3 + Jupiter 6.0.3 + Vintage 6.0.3\u003c/p\u003e\n\u003cp\u003eSee \u003ca href\u003d\"https://docs.junit.org/6.0.3/release-notes.html\"\u003eRelease\nNotes\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/compare/r6.0.2...r6.0.3\"\u003ehttps://github.com/junit-team/junit-framework/compare/r6.0.2...r6.0.3\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eJUnit 6.0.2 \u003d Platform 6.0.2 + Jupiter 6.0.2 + Vintage 6.0.2\u003c/p\u003e\n\u003cp\u003eSee \u003ca href\u003d\"https://docs.junit.org/6.0.2/release-notes.html\"\u003eRelease\nNotes\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/0dc3af1cb1973d257b5bc75d81e02454d5e4e556\"\u003e\u003ccode\u003e0dc3af1\u003c/code\u003e\u003c/a\u003e\nRelease 6.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/1d130020c85170edcb46ce7ed1f7f78824e37c04\"\u003e\u003ccode\u003e1d13002\u003c/code\u003e\u003c/a\u003e\nPrepare 6.1.0 release notes\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/072b2175bbd7b0b3b26f5d928550ec7a21e68268\"\u003e\u003ccode\u003e072b217\u003c/code\u003e\u003c/a\u003e\nUpdate plugin spotless to v8.5.0 (\u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/issues/5668\"\u003e#5668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/3a53480218f4b752a9ca77506e10632cd483c0f8\"\u003e\u003ccode\u003e3a53480\u003c/code\u003e\u003c/a\u003e\nUpdate Gradle to v9.5.1 (\u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/issues/5666\"\u003e#5666\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/0e18a20a9f98d063ae02b3ba19329143f5c7f034\"\u003e\u003ccode\u003e0e18a20\u003c/code\u003e\u003c/a\u003e\nUpdate zizmorcore/zizmor-action action to v0.5.4 (\u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/issues/5669\"\u003e#5669\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/0a2634fb9cbbd057b02cf629d7d272c16d62be4b\"\u003e\u003ccode\u003e0a2634f\u003c/code\u003e\u003c/a\u003e\nUpdate github/codeql-action action to v4.35.5 (\u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/issues/5671\"\u003e#5671\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/4dbd5561b00ac761a62c516bfaec51c212a2d60c\"\u003e\u003ccode\u003e4dbd556\u003c/code\u003e\u003c/a\u003e\nRestructure workflows to have single \u0026quot;status\u0026quot; job (\u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/issues/5670\"\u003e#5670\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/f2194cebe377512cb0ade388c62a881a0bcf5d3e\"\u003e\u003ccode\u003ef2194ce\u003c/code\u003e\u003c/a\u003e\nIncrease timeout to reduce flakiness\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/5c8fdd2df65b763151cccbe669ea9e1c3155efcd\"\u003e\u003ccode\u003e5c8fdd2\u003c/code\u003e\u003c/a\u003e\nUpdate dependency org.apache.groovy:groovy to v5.0.6 (\u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/issues/5659\"\u003e#5659\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/commit/43c6982324602582902c9bdb213fd5e007f9cf3d\"\u003e\u003ccode\u003e43c6982\u003c/code\u003e\u003c/a\u003e\nUpdate dependency org.slf4j:slf4j-jdk14 to v2.0.18 (\u003ca\nhref\u003d\"https://redirect.github.com/junit-team/junit-framework/issues/5667\"\u003e#5667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/junit-team/junit-framework/compare/r5.12.2...r6.1.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "da97828bfe2818e1233ef8c421e89e238fff8340", "tree": "9107460693e0f6c250804e753abcdd2cc87a399e", "parents": [ "315fd710cdf2a418e21cb567bedc8d7473e17ec7" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Thu Jun 04 15:43:15 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Jun 04 15:43:15 2026 +0200" }, "message": "MINOR: Bump checker.framework.version from 4.1.0 to 4.2.0 (#1170)\n\nBumps `checker.framework.version` from 4.1.0 to 4.2.0.\nUpdates `org.checkerframework:checker-qual` from 4.1.0 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/releases\"\u003eorg.checkerframework:checker-qual\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eChecker Framework 4.2.0\u003c/h2\u003e\n\u003ch2\u003eVersion 4.2.0 (2026-06-01)\u003c/h2\u003e\n\u003ch3\u003eUser-visible changes\u003c/h3\u003e\n\u003cp\u003eRenamed error message key\n\u0026quot;createsmustcallfor.target.unparseable\u0026quot; to\n\u0026quot;createsmustcallfor.target.unparsable\u0026quot;.\u003c/p\u003e\n\u003ch3\u003eImplementation details\u003c/h3\u003e\n\u003cp\u003eIn \u003ccode\u003eAnnotatedTypeFactory\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003enew overload \u003ccode\u003ecanonicalAnnotation(AnnotationMirror,\nTypeMirror)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIn \u003ccode\u003eTypeHierarchy\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003enew methods \u003ccode\u003eequalsShallowEffective()\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eClosed issues\u003c/h3\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7676\"\u003e#7676\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7679\"\u003e#7679\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7680\"\u003e#7680\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7695\"\u003e#7695\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7697\"\u003e#7697\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7699\"\u003e#7699\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7700\"\u003e#7700\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7727\"\u003e#7727\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/blob/master/docs/CHANGELOG.md\"\u003eorg.checkerframework:checker-qual\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 4.2.0 (2026-06-01)\u003c/h2\u003e\n\u003ch3\u003eUser-visible changes\u003c/h3\u003e\n\u003cp\u003eRenamed error message key\n\u0026quot;createsmustcallfor.target.unparseable\u0026quot; to\n\u0026quot;createsmustcallfor.target.unparsable\u0026quot;.\u003c/p\u003e\n\u003ch3\u003eImplementation details\u003c/h3\u003e\n\u003cp\u003eIn \u003ccode\u003eAnnotatedTypeFactory\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003enew overload \u003ccode\u003ecanonicalAnnotation(AnnotationMirror,\nTypeMirror)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIn \u003ccode\u003eTypeHierarchy\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003enew methods \u003ccode\u003eequalsShallowEffective()\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eClosed issues\u003c/h3\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7676\"\u003e#7676\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7679\"\u003e#7679\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7680\"\u003e#7680\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7695\"\u003e#7695\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7697\"\u003e#7697\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7699\"\u003e#7699\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7700\"\u003e#7700\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7727\"\u003e#7727\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/231e85507cb0166a94145d2e35b8d3d355c3ced6\"\u003e\u003ccode\u003e231e855\u003c/code\u003e\u003c/a\u003e\nnew release 4.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/e59f66f668bfffbadbd3185c103a898ee69fa745\"\u003e\u003ccode\u003ee59f66f\u003c/code\u003e\u003c/a\u003e\nPrep for release.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/bcc021ff1928ddb3e2ca9afa876bb16a6e924396\"\u003e\u003ccode\u003ebcc021f\u003c/code\u003e\u003c/a\u003e\nFix problem with type var in a method reference (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7729\"\u003e#7729\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/91392e5f6a521ee48baa974f39038a3ff309c5e3\"\u003e\u003ccode\u003e91392e5\u003c/code\u003e\u003c/a\u003e\nUse gradle-git-properties version 4\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/cdae25801e483901ce5ebd814ad5286f5e332531\"\u003e\u003ccode\u003ecdae258\u003c/code\u003e\u003c/a\u003e\nIncrease constraint limit (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7752\"\u003e#7752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/dbb553d23011306ced4a7d49fac82aa2df850e9d\"\u003e\u003ccode\u003edbb553d\u003c/code\u003e\u003c/a\u003e\nFix check of receiver override (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7746\"\u003e#7746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/264c73dbc2cde531fe88f6546c76727de348d3af\"\u003e\u003ccode\u003e264c73d\u003c/code\u003e\u003c/a\u003e\nFix \u0026quot;unneeded.suppression\u0026quot; warning (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7747\"\u003e#7747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/d118b89190356b846201f2488b96710dfee11aef\"\u003e\u003ccode\u003ed118b89\u003c/code\u003e\u003c/a\u003e\nNew methods \u003ccode\u003eequalsShallowEffective()\u003c/code\u003e (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7745\"\u003e#7745\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/a916913c161d0cf6078c32e823d724a4c31890ae\"\u003e\u003ccode\u003ea916913\u003c/code\u003e\u003c/a\u003e\nSimplify logic (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7744\"\u003e#7744\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/227974fbf0e546621a53da5f2db0de83fee61c46\"\u003e\u003ccode\u003e227974f\u003c/code\u003e\u003c/a\u003e\nUpdate plugin com-gradleup-shadow to v9.4.2 (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7749\"\u003e#7749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/compare/checker-framework-4.1.0...checker-framework-4.2.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.checkerframework:checker` from 4.1.0 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/releases\"\u003eorg.checkerframework:checker\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eChecker Framework 4.2.0\u003c/h2\u003e\n\u003ch2\u003eVersion 4.2.0 (2026-06-01)\u003c/h2\u003e\n\u003ch3\u003eUser-visible changes\u003c/h3\u003e\n\u003cp\u003eRenamed error message key\n\u0026quot;createsmustcallfor.target.unparseable\u0026quot; to\n\u0026quot;createsmustcallfor.target.unparsable\u0026quot;.\u003c/p\u003e\n\u003ch3\u003eImplementation details\u003c/h3\u003e\n\u003cp\u003eIn \u003ccode\u003eAnnotatedTypeFactory\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003enew overload \u003ccode\u003ecanonicalAnnotation(AnnotationMirror,\nTypeMirror)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIn \u003ccode\u003eTypeHierarchy\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003enew methods \u003ccode\u003eequalsShallowEffective()\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eClosed issues\u003c/h3\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7676\"\u003e#7676\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7679\"\u003e#7679\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7680\"\u003e#7680\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7695\"\u003e#7695\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7697\"\u003e#7697\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7699\"\u003e#7699\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7700\"\u003e#7700\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7727\"\u003e#7727\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/blob/master/docs/CHANGELOG.md\"\u003eorg.checkerframework:checker\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 4.2.0 (2026-06-01)\u003c/h2\u003e\n\u003ch3\u003eUser-visible changes\u003c/h3\u003e\n\u003cp\u003eRenamed error message key\n\u0026quot;createsmustcallfor.target.unparseable\u0026quot; to\n\u0026quot;createsmustcallfor.target.unparsable\u0026quot;.\u003c/p\u003e\n\u003ch3\u003eImplementation details\u003c/h3\u003e\n\u003cp\u003eIn \u003ccode\u003eAnnotatedTypeFactory\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003enew overload \u003ccode\u003ecanonicalAnnotation(AnnotationMirror,\nTypeMirror)\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIn \u003ccode\u003eTypeHierarchy\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003enew methods \u003ccode\u003eequalsShallowEffective()\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eClosed issues\u003c/h3\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7676\"\u003e#7676\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7679\"\u003e#7679\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7680\"\u003e#7680\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7695\"\u003e#7695\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7697\"\u003e#7697\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7699\"\u003e#7699\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7700\"\u003e#7700\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7727\"\u003e#7727\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/231e85507cb0166a94145d2e35b8d3d355c3ced6\"\u003e\u003ccode\u003e231e855\u003c/code\u003e\u003c/a\u003e\nnew release 4.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/e59f66f668bfffbadbd3185c103a898ee69fa745\"\u003e\u003ccode\u003ee59f66f\u003c/code\u003e\u003c/a\u003e\nPrep for release.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/bcc021ff1928ddb3e2ca9afa876bb16a6e924396\"\u003e\u003ccode\u003ebcc021f\u003c/code\u003e\u003c/a\u003e\nFix problem with type var in a method reference (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7729\"\u003e#7729\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/91392e5f6a521ee48baa974f39038a3ff309c5e3\"\u003e\u003ccode\u003e91392e5\u003c/code\u003e\u003c/a\u003e\nUse gradle-git-properties version 4\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/cdae25801e483901ce5ebd814ad5286f5e332531\"\u003e\u003ccode\u003ecdae258\u003c/code\u003e\u003c/a\u003e\nIncrease constraint limit (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7752\"\u003e#7752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/dbb553d23011306ced4a7d49fac82aa2df850e9d\"\u003e\u003ccode\u003edbb553d\u003c/code\u003e\u003c/a\u003e\nFix check of receiver override (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7746\"\u003e#7746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/264c73dbc2cde531fe88f6546c76727de348d3af\"\u003e\u003ccode\u003e264c73d\u003c/code\u003e\u003c/a\u003e\nFix \u0026quot;unneeded.suppression\u0026quot; warning (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7747\"\u003e#7747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/d118b89190356b846201f2488b96710dfee11aef\"\u003e\u003ccode\u003ed118b89\u003c/code\u003e\u003c/a\u003e\nNew methods \u003ccode\u003eequalsShallowEffective()\u003c/code\u003e (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7745\"\u003e#7745\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/a916913c161d0cf6078c32e823d724a4c31890ae\"\u003e\u003ccode\u003ea916913\u003c/code\u003e\u003c/a\u003e\nSimplify logic (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7744\"\u003e#7744\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/227974fbf0e546621a53da5f2db0de83fee61c46\"\u003e\u003ccode\u003e227974f\u003c/code\u003e\u003c/a\u003e\nUpdate plugin com-gradleup-shadow to v9.4.2 (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7749\"\u003e#7749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/compare/checker-framework-4.1.0...checker-framework-4.2.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "315fd710cdf2a418e21cb567bedc8d7473e17ec7", "tree": "5f60e2f7f019a1404e1421575fa0235e6713aaff", "parents": [ "6a6b8c1c8f3364da125df743c4b00a212d91c449" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Thu May 28 11:20:28 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu May 28 11:20:28 2026 +0200" }, "message": "MINOR: [CI] Bump docker/login-action from 4.1.0 to 4.2.0 (#1160)\n\nBumps [docker/login-action](https://github.com/docker/login-action) from\n4.1.0 to 4.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/docker/login-action/releases\"\u003edocker/login-action\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/976\"\u003edocker/login-action#976\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-ecr\u003c/code\u003e and\n\u003ccode\u003e@​aws-sdk/client-ecr-public\u003c/code\u003e to 3.1050.0 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/960\"\u003edocker/login-action#960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.86.0 to 0.90.0 in\n\u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/970\"\u003edocker/login-action#970\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump brace-expansion from 2.0.1 to 5.0.6 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/993\"\u003edocker/login-action#993\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump fast-xml-builder from 1.1.4 to 1.2.0 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/985\"\u003edocker/login-action#985\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump fast-xml-parser from 5.3.6 to 5.8.0 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/963\"\u003edocker/login-action#963\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump http-proxy-agent and https-proxy-agent to 9.0.0 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/961\"\u003edocker/login-action#961\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump postcss from 8.5.6 to 8.5.10 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/979\"\u003edocker/login-action#979\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump tar from 6.2.1 to 7.5.15 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/991\"\u003edocker/login-action#991\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump vite from 7.3.1 to 7.3.3 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/986\"\u003edocker/login-action#986\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/docker/login-action/compare/v4.1.0...v4.2.0\"\u003ehttps://github.com/docker/login-action/compare/v4.1.0...v4.2.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/650006c6eb7dba73a995cc03b0b2d7f5ca915bee\"\u003e\u003ccode\u003e650006c\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/issues/960\"\u003e#960\u003c/a\u003e\nfrom docker/dependabot/npm_and_yarn/aws-sdk-dependenc...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/99df1a3f6d65e48177ea57671a50e2242eae4b63\"\u003e\u003ccode\u003e99df1a3\u003c/code\u003e\u003c/a\u003e\nchore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/3ab375f324f46da5f6901efeda4be4e2566ebaa2\"\u003e\u003ccode\u003e3ab375f\u003c/code\u003e\u003c/a\u003e\nbuild(deps): bump the aws-sdk-dependencies group across 1 directory with\n2 up...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/39d85804ae465a1816c68ff58158ec66883981b4\"\u003e\u003ccode\u003e39d8580\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/issues/970\"\u003e#970\u003c/a\u003e\nfrom docker/dependabot/npm_and_yarn/docker/actions-to...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/4eefcd33ca7213989697445a78b6730274bfaba6\"\u003e\u003ccode\u003e4eefcd3\u003c/code\u003e\u003c/a\u003e\nchore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/56d092c8b3f04006c22f4fc20a2b3d2442caed56\"\u003e\u003ccode\u003e56d092c\u003c/code\u003e\u003c/a\u003e\nbuild(deps): bump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.86.0 to\n0.90.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/e2e31ca87063ae00fd41ad3b9c548dd8ec24c5ff\"\u003e\u003ccode\u003ee2e31ca\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/issues/976\"\u003e#976\u003c/a\u003e\nfrom docker/dependabot/npm_and_yarn/actions/core-3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/0bced941e843afc786fbfd58b1c6c13ca11e09c9\"\u003e\u003ccode\u003e0bced94\u003c/code\u003e\u003c/a\u003e\nchore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/3e75a0f266b07e09777a621d0ca5f4432ef9f10c\"\u003e\u003ccode\u003e3e75a0f\u003c/code\u003e\u003c/a\u003e\nbuild(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/365bebd9d646160567ebad47824f026e09ee6970\"\u003e\u003ccode\u003e365bebd\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/issues/984\"\u003e#984\u003c/a\u003e\nfrom docker/dependabot/github_actions/aws-actions/con...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/docker/login-action/compare/4907a6ddec9925e35a0a9e82d7399ccc52663121...650006c6eb7dba73a995cc03b0b2d7f5ca915bee\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003ddocker/login-action\u0026package-manager\u003dgithub_actions\u0026previous-version\u003d4.1.0\u0026new-version\u003d4.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "6a6b8c1c8f3364da125df743c4b00a212d91c449", "tree": "80140a318b2a4538cdb02bd67e0d4c111087c832", "parents": [ "96339f6c2f35c3e6676e62fded200c0934f9d8d3" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed May 27 13:15:12 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed May 27 13:15:12 2026 +0200" }, "message": "MINOR: Bump com.gradle:develocity-maven-extension from 2.4.0 to 2.4.1 (#1161)\n\nBumps com.gradle:develocity-maven-extension from 2.4.0 to 2.4.1.\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.gradle:develocity-maven-extension\u0026package-manager\u003dmaven\u0026previous-version\u003d2.4.0\u0026new-version\u003d2.4.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "96339f6c2f35c3e6676e62fded200c0934f9d8d3", "tree": "79e8623be8ae5d95557141b42ffa21bb3fc1c789", "parents": [ "7fc14a532492f00e0744d8316fa8fb2f6970d31e" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed May 27 11:22:01 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed May 27 11:22:01 2026 +0200" }, "message": "MINOR: Bump com.nimbusds:oauth2-oidc-sdk from 11.37.1 to 11.37.2 (#1164)\n\nBumps\n[com.nimbusds:oauth2-oidc-sdk](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions)\nfrom 11.37.1 to 11.37.2.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/src/master/CHANGELOG.txt\"\u003ecom.nimbusds:oauth2-oidc-sdk\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eversion 1.0 (2012-05-29)\n* First official release with authorisation endpoint, token endpoint,\ncheck\nID endpoint and UserInfo endpoint support.\n* JSON Web Tokens (JWTs) support through the Nimbus-JWT library.\n* Language Tags (RFC 5646) support through the Nimbus-LangTag library.\n* JSON support through the JSON Smart library.\u003c/p\u003e\n\u003cp\u003eversion 2.0 (2013-05-13)\n* Intermediary development release with Maven build, published to\nMaven Central.\u003c/p\u003e\n\u003cp\u003eversion 2.1 (2013-06-06)\n* Updates the APIs to OpenID Connect Messages draft 20, OpenID Connect\nStandard draft 21, OpenID Connect Discovery draft 17 and OpenID\nConnect Registration draft 19.\n* Major refactoring of the APIs for greater simplicity.\n* Adds JUnit tests.\u003c/p\u003e\n\u003cp\u003eversion 2.2 (2013-06-18)\n* Refactors dynamic OpenID Connect client registration.\n* Adds partial support of the OAuth 2.0 Dynamic Client Registration\nProtocol (draft-ietf-oauth-dyn-reg-12).\n* Optimises parsing of request parameters consisting of one or more\ntokens (scope, response type, etc).\u003c/p\u003e\n\u003cp\u003eversion 2.3 (2013-06-19)\n* Renames OAuth 2.0 dynamic client registration package.\n* Adds ClientInformation.getClientMetadata() method.\n* Adds OIDCClientInformation class.\u003c/p\u003e\n\u003cp\u003eversion 2.4 (2013-06-20)\n* Adds static OIDCClientInformation.parse(JSONObject) method.\u003c/p\u003e\n\u003cp\u003eversion 2.5 (2013-06-22)\n* Adds support OAuth 2.0 dynamic client update.\n* Adds OpenID Connect dynamic client registration classes.\u003c/p\u003e\n\u003cp\u003eversion 2.6 (2013-06-25)\n* Enforces order of preference of ACR values in OpenID Connect client\nmetadata, as required by the specification.\n* Documentation and performance improvements.\u003c/p\u003e\n\u003cp\u003eversion 2.7 (2013-06-26)\n* Switches Identifier generation to java.security.SecureRandom.\u003c/p\u003e\n\u003cp\u003eversion 2.8 (2013-06-30)\n* Fixes serialisation and assignment bugs in ClientMetadata.\n* Switches Secret generation to java.security.SecureRandom.\u003c/p\u003e\n\u003cp\u003eversion 2.9 (2013-09-17)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/fedf633e67229b69f5f5ca378a588eca8ce7d117\"\u003e\u003ccode\u003efedf633\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/29b77a0d34b72768194e8e2a53c0f56916bbee86\"\u003e\u003ccode\u003e29b77a0\u003c/code\u003e\u003c/a\u003e\nUpdates to JSON Smart 2.6.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/6e53206950bcbf0c8e5f9ad7b6fe6f3081803f86\"\u003e\u003ccode\u003e6e53206\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release 11.37.2\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/branches/compare/11.37.2..11.37.1\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.nimbusds:oauth2-oidc-sdk\u0026package-manager\u003dmaven\u0026previous-version\u003d11.37.1\u0026new-version\u003d11.37.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "7fc14a532492f00e0744d8316fa8fb2f6970d31e", "tree": "ead124e2698023aec80f941ee3feaedf9e39af1b", "parents": [ "b58ce11516afd0aa2959673dac74ca0258ca2166" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed May 27 11:15:13 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed May 27 11:15:13 2026 +0200" }, "message": "MINOR: Bump io.netty:netty-bom from 4.2.13.Final to 4.2.14.Final (#1166)\n\nBumps [io.netty:netty-bom](https://github.com/netty/netty) from\n4.2.13.Final to 4.2.14.Final.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/netty/netty/releases\"\u003eio.netty:netty-bom\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003enetty-4.2.14.Final\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eHTTP: Fix revapi failure introduced by\n84530fa81e12dcd1d42310bb20c1385cb44128d8 by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16748\"\u003enetty/netty#16748\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHTTP: Re-add constructor to HttpProxyHandler that was removed by\nmistake by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16747\"\u003enetty/netty#16747\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMarshalling: Explicit document security requirements by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16752\"\u003enetty/netty#16752\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix io_uring op completion TRACE logging by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16755\"\u003enetty/netty#16755\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eQuic: Ensure writes are done before notify close promise of\nQuicheQui… by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16758\"\u003enetty/netty#16758\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid re-parsing openssl key material with non-cached provider by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16759\"\u003enetty/netty#16759\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin HTTP/RTSP version + method normalization to Locale.US by \u003ca\nhref\u003d\"https://github.com/daguimu\"\u003e\u003ccode\u003e@​daguimu\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16765\"\u003enetty/netty#16765\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFill MsgHdrMemoryArray#hdrs with null entry on release by \u003ca\nhref\u003d\"https://github.com/tsegismont\"\u003e\u003ccode\u003e@​tsegismont\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16764\"\u003enetty/netty#16764\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevapi: Use default \u0026quot;oldVersion\u0026quot; by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16774\"\u003enetty/netty#16774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdaptive: Fix concurrency issue in adaptive allocator by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16767\"\u003enetty/netty#16767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-port 4.2: Make bulk byte moving in ByteBuf faster by \u003ca\nhref\u003d\"https://github.com/netty-project-bot\"\u003e\u003ccode\u003e@​netty-project-bot\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16781\"\u003enetty/netty#16781\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin multipart Content-Type / Content-Transfer-Encoding case folding\nto Locale.US by \u003ca\nhref\u003d\"https://github.com/daguimu\"\u003e\u003ccode\u003e@​daguimu\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16768\"\u003enetty/netty#16768\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove dead native declarations by \u003ca\nhref\u003d\"https://github.com/pandareen\"\u003e\u003ccode\u003e@​pandareen\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16783\"\u003enetty/netty#16783\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIsolate tests that modify available Security providers by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16793\"\u003enetty/netty#16793\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove test annotations from a method that isn\u0027t a test by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16792\"\u003enetty/netty#16792\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnable OpenSslCachingKeyMaterialProvider to evict stale entries\nafter cert rotation by \u003ca\nhref\u003d\"https://github.com/zhangweikop\"\u003e\u003ccode\u003e@​zhangweikop\u003c/code\u003e\u003c/a\u003e in\n\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16523\"\u003enetty/netty#16523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIoUring: extend user data from short to long by \u003ca\nhref\u003d\"https://github.com/dreamlike-ocean\"\u003e\u003ccode\u003e@​dreamlike-ocean\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16682\"\u003enetty/netty#16682\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert CompositeByteBuf component search fast path by \u003ca\nhref\u003d\"https://github.com/yawkat\"\u003e\u003ccode\u003e@​yawkat\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16811\"\u003enetty/netty#16811\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHTTP2: Use 100 as default max concurrent streams setting by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16804\"\u003enetty/netty#16804\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix ResumptionController wrapping by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16815\"\u003enetty/netty#16815\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eResolve all localhost addresses without querying DNS servers by \u003ca\nhref\u003d\"https://github.com/JulianVennen\"\u003e\u003ccode\u003e@​JulianVennen\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16749\"\u003enetty/netty#16749\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIpFilter: Fix ClassCastException caused by IpSubnetFilter if only\nipv6 rules are configured but remote peer is using ipv4 by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16803\"\u003enetty/netty#16803\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix memoryAddress() for direct ByteBuffers wrapped by Unpooled\nwithout Unsafe by \u003ca\nhref\u003d\"https://github.com/dreamlike-ocean\"\u003e\u003ccode\u003e@​dreamlike-ocean\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16788\"\u003enetty/netty#16788\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRoute synchronous onLookupComplete exceptions via\nfireExceptionCaught by \u003ca\nhref\u003d\"https://github.com/kwondh5217\"\u003e\u003ccode\u003e@​kwondh5217\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16794\"\u003enetty/netty#16794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIoUring: Stop generic FileRegion drain loop when transferred()\nreaches count() by \u003ca\nhref\u003d\"https://github.com/LuciferYang\"\u003e\u003ccode\u003e@​LuciferYang\u003c/code\u003e\u003c/a\u003e in\n\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16826\"\u003enetty/netty#16826\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMQTT: Allow MQTT 5 CONNECT with password only by \u003ca\nhref\u003d\"https://github.com/shblue21\"\u003e\u003ccode\u003e@​shblue21\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16833\"\u003enetty/netty#16833\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix MQTT decoder size check after variable header replay by \u003ca\nhref\u003d\"https://github.com/daguimu\"\u003e\u003ccode\u003e@​daguimu\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16787\"\u003enetty/netty#16787\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/pandareen\"\u003e\u003ccode\u003e@​pandareen\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16783\"\u003enetty/netty#16783\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/zhangweikop\"\u003e\u003ccode\u003e@​zhangweikop\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16523\"\u003enetty/netty#16523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/JulianVennen\"\u003e\u003ccode\u003e@​JulianVennen\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16749\"\u003enetty/netty#16749\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/kwondh5217\"\u003e\u003ccode\u003e@​kwondh5217\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16794\"\u003enetty/netty#16794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/shblue21\"\u003e\u003ccode\u003e@​shblue21\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16833\"\u003enetty/netty#16833\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/netty/netty/compare/netty-4.2.13.Final...netty-4.2.14.Final\"\u003ehttps://github.com/netty/netty/compare/netty-4.2.13.Final...netty-4.2.14.Final\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/0a60b753d5b0de9f58e245538d61c11dc6cfc4b2\"\u003e\u003ccode\u003e0a60b75\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release netty-4.2.14.Final\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/72df658e5fdd1cc6d65bce1e0917ec31a9560269\"\u003e\u003ccode\u003e72df658\u003c/code\u003e\u003c/a\u003e\nFix MQTT decoder size check after variable header replay (\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16787\"\u003e#16787\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/7125dba6b20822aa72dd8359b350c2f3b9a545d9\"\u003e\u003ccode\u003e7125dba\u003c/code\u003e\u003c/a\u003e\nMQTT: Allow MQTT 5 CONNECT with password only (\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16833\"\u003e#16833\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/9e19320a5855746970d05a5cd785d73a17cc694d\"\u003e\u003ccode\u003e9e19320\u003c/code\u003e\u003c/a\u003e\nIoUring: Stop generic FileRegion drain loop when transferred() reaches\ncount(...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/4ce9f17f05c67b72c87bc83951800bad245fe162\"\u003e\u003ccode\u003e4ce9f17\u003c/code\u003e\u003c/a\u003e\nRoute synchronous onLookupComplete exceptions via fireExceptionCaught\n(\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16794\"\u003e#16794\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/f7b1b7de625031cc60e6eaecb889c97303588759\"\u003e\u003ccode\u003ef7b1b7d\u003c/code\u003e\u003c/a\u003e\nFix memoryAddress() for direct ByteBuffers wrapped by Unpooled without\nUnsafe...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/0ccb265cadf91b2e09c2f479c9194d193d7a5dbc\"\u003e\u003ccode\u003e0ccb265\u003c/code\u003e\u003c/a\u003e\nIpFilter: Fix ClassCastException caused by IpSubnetFilter if only ipv6\nrules ...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/a6aeb6deffda3e45904edd05abc5cdddcd438794\"\u003e\u003ccode\u003ea6aeb6d\u003c/code\u003e\u003c/a\u003e\nResolve all localhost addresses without querying DNS servers (\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16749\"\u003e#16749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/c328ba2ab89d2c90c80be1d2de1cfbb8f94c438b\"\u003e\u003ccode\u003ec328ba2\u003c/code\u003e\u003c/a\u003e\nFix ResumptionController wrapping (\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16815\"\u003e#16815\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/bc5862ba488c569c888d3b82048083041f66e880\"\u003e\u003ccode\u003ebc5862b\u003c/code\u003e\u003c/a\u003e\nHTTP2: Use 100 as default max concurrent streams setting (\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16804\"\u003e#16804\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/netty/netty/compare/netty-4.2.13.Final...netty-4.2.14.Final\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dio.netty:netty-bom\u0026package-manager\u003dmaven\u0026previous-version\u003d4.2.13.Final\u0026new-version\u003d4.2.14.Final)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "b58ce11516afd0aa2959673dac74ca0258ca2166", "tree": "d2e22d42dfa902d212cfab250b5835be5afaf759", "parents": [ "755ce550c4dfc1771c2b350a0159b5e7f903debb" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed May 27 10:54:46 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed May 27 10:54:46 2026 +0200" }, "message": "MINOR: Bump com.google.protobuf:protobuf-bom from 4.34.1 to 4.35.0 (#1167)\n\nBumps\n[com.google.protobuf:protobuf-bom](https://github.com/protocolbuffers/protobuf)\nfrom 4.34.1 to 4.35.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/protocolbuffers/protobuf/commits\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.google.protobuf:protobuf-bom\u0026package-manager\u003dmaven\u0026previous-version\u003d4.34.1\u0026new-version\u003d4.35.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "755ce550c4dfc1771c2b350a0159b5e7f903debb", "tree": "83ee02976965b2a0771b018f7deccacb45d696b5", "parents": [ "4ecc92f817fc71fcf94e0df87d2c6c1bc9877847" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed May 27 10:32:04 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed May 27 10:32:04 2026 +0200" }, "message": "MINOR: Bump org.immutables:value from 2.12.1 to 2.12.2 (#1168)\n\nBumps [org.immutables:value](https://github.com/immutables/immutables)\nfrom 2.12.1 to 2.12.2.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/immutables/immutables/releases\"\u003eorg.immutables:value\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.12.2\u003c/h2\u003e\n\u003ch2\u003eMaintenance release\u003c/h2\u003e\n\u003ch3\u003eWhat\u0027s Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/issues/1642\"\u003e#1642\u003c/a\u003e\nFix to find nested elements on plain element with nested elements with\nmongo backend by \u003ca\nhref\u003d\"https://github.com/rgatbert\"\u003e\u003ccode\u003e@​rgatbert\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/pull/1643\"\u003eimmutables/immutables#1643\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/issues/1642\"\u003e#1642\u003c/a\u003e\nFix for further problems to find nested elements on plain element with\nnested elements with mongo backend by \u003ca\nhref\u003d\"https://github.com/rgatbert\"\u003e\u003ccode\u003e@​rgatbert\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/pull/1644\"\u003eimmutables/immutables#1644\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/issues/1645\"\u003e#1645\u003c/a\u003e\nenhance docs about records for implementationNestedInBuilder by \u003ca\nhref\u003d\"https://github.com/bmarwell\"\u003e\u003ccode\u003e@​bmarwell\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/pull/1646\"\u003eimmutables/immutables#1646\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/issues/1655\"\u003e#1655\u003c/a\u003e\nFix TYPE_USE \u003ccode\u003e@Nullable\u003c/code\u003e on concrete array types by \u003ca\nhref\u003d\"https://github.com/viditochani\"\u003e\u003ccode\u003e@​viditochani\u003c/code\u003e\u003c/a\u003e in\n\u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/pull/1658\"\u003eimmutables/immutables#1658\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/rgatbert\"\u003e\u003ccode\u003e@​rgatbert\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/pull/1643\"\u003eimmutables/immutables#1643\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/bmarwell\"\u003e\u003ccode\u003e@​bmarwell\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/pull/1646\"\u003eimmutables/immutables#1646\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/viditochani\"\u003e\u003ccode\u003e@​viditochani\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/pull/1658\"\u003eimmutables/immutables#1658\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/immutables/immutables/compare/2.12.1...2.12.2\"\u003ehttps://github.com/immutables/immutables/compare/2.12.1...2.12.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/immutables/immutables/commit/6f1918f2ed84bf110fcb9f3dcd5fcf630bcad6d7\"\u003e\u003ccode\u003e6f1918f\u003c/code\u003e\u003c/a\u003e\nv2.12.2\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/immutables/immutables/commit/71d350b769c0b391c38b3fe35564ced71caff065\"\u003e\u003ccode\u003e71d350b\u003c/code\u003e\u003c/a\u003e\nnode24 v5 github actions\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/immutables/immutables/commit/bb26b408e435b7c7c39ce72c945b5e5b2b34e9b6\"\u003e\u003ccode\u003ebb26b40\u003c/code\u003e\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/issues/1655\"\u003e#1655\u003c/a\u003e\nadditional ECJ workaround\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/immutables/immutables/commit/da6acc841b58abdbf8ad76f96aefa94f17f6fa15\"\u003e\u003ccode\u003eda6acc8\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/issues/1658\"\u003e#1658\u003c/a\u003e\nfrom viditochani/fix-concrete-array-nullable\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/immutables/immutables/commit/ccd68963ab2a234b7b7f60006938cd4d727b89b5\"\u003e\u003ccode\u003eccd6896\u003c/code\u003e\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/issues/1655\"\u003e#1655\u003c/a\u003e\nFix TYPE_USE \u003ca\nhref\u003d\"https://github.com/Nullable\"\u003e\u003ccode\u003e@​Nullable\u003c/code\u003e\u003c/a\u003e on\nconcrete array types\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/immutables/immutables/commit/78f43d47541af1f535a6ed48578651a609481c87\"\u003e\u003ccode\u003e78f43d4\u003c/code\u003e\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/issues/1649\"\u003e#1649\u003c/a\u003e\nJackson3 meta-annotated package\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/immutables/immutables/commit/f3fe649b15d96500f8d1c93ad02cace88747cf13\"\u003e\u003ccode\u003ef3fe649\u003c/code\u003e\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/issues/1640\"\u003e#1640\u003c/a\u003e\nWhere.WITH_COPY for copy methods\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/immutables/immutables/commit/83cdfdb423100ed823f965130cd9153aa3a56b2a\"\u003e\u003ccode\u003e83cdfdb\u003c/code\u003e\u003c/a\u003e\nChange JUnit5 dependency to use BOM\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/immutables/immutables/commit/cf04f2c106e35edf1a313900a61c80e7f0913637\"\u003e\u003ccode\u003ecf04f2c\u003c/code\u003e\u003c/a\u003e\nUpgrade jackson3: 3.0.1 -\u0026gt; 3.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/immutables/immutables/commit/31308e78e1cd39eba120b7e615723de24b3c1507\"\u003e\u003ccode\u003e31308e7\u003c/code\u003e\u003c/a\u003e\nUpgrade jackson: 2.19.2 -\u0026gt; 2.21.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/immutables/immutables/compare/2.12.1...2.12.2\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dorg.immutables:value\u0026package-manager\u003dmaven\u0026previous-version\u003d2.12.1\u0026new-version\u003d2.12.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "4ecc92f817fc71fcf94e0df87d2c6c1bc9877847", "tree": "0163a8a1d8a2de0461c0277f34c30038a5e8aad5", "parents": [ "ef359de2cf33f3020eb7c41cd4a5eee564b99bf6" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed May 20 11:32:03 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed May 20 11:32:03 2026 +0200" }, "message": "MINOR: Bump org.apache.parquet:parquet-variant from 1.17.0 to 1.17.1 (#1150)\n\nBumps\n[org.apache.parquet:parquet-variant](https://github.com/apache/parquet-mr)\nfrom 1.17.0 to 1.17.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/apache/parquet-mr/releases\"\u003eorg.apache.parquet:parquet-variant\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eApache Parquet Java 1.17.1\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix reading of proto Uint32Value by \u003ca\nhref\u003d\"https://github.com/0x26res\"\u003e\u003ccode\u003e@​0x26res\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-java/pull/3113\"\u003eapache/parquet-java#3113\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump jackson dependencies from 2.19.2 to 2.21.2 by \u003ca\nhref\u003d\"https://github.com/manuzhang\"\u003e\u003ccode\u003e@​manuzhang\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-java/pull/3460\"\u003eapache/parquet-java#3460\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump jackson.version from 2.21.2 to 2.21.3 by \u003ca\nhref\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot]\nin \u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-java/pull/3538\"\u003eapache/parquet-java#3538\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/apache/parquet-java/compare/apache-parquet-1.17.0...apache-parquet-1.17.1\"\u003ehttps://github.com/apache/parquet-java/compare/apache-parquet-1.17.0...apache-parquet-1.17.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eApache Parquet Java 1.17.1 RC0\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix reading of proto Uint32Value by \u003ca\nhref\u003d\"https://github.com/0x26res\"\u003e\u003ccode\u003e@​0x26res\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-java/pull/3113\"\u003eapache/parquet-java#3113\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump jackson dependencies from 2.19.2 to 2.21.2 by \u003ca\nhref\u003d\"https://github.com/manuzhang\"\u003e\u003ccode\u003e@​manuzhang\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-java/pull/3460\"\u003eapache/parquet-java#3460\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump jackson.version from 2.21.2 to 2.21.3 by \u003ca\nhref\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot]\nin \u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-java/pull/3538\"\u003eapache/parquet-java#3538\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/apache/parquet-java/compare/apache-parquet-1.17.0...apache-parquet-1.17.1-rc0\"\u003ehttps://github.com/apache/parquet-java/compare/apache-parquet-1.17.0...apache-parquet-1.17.1-rc0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/parquet-java/commit/78a8d3230eb4769db93de5f2f2e18363c04cae81\"\u003e\u003ccode\u003e78a8d32\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release apache-parquet-1.17.1-rc0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/parquet-java/commit/b4351b2bbb08b30a1e5dafed0b7d995179c8208f\"\u003e\u003ccode\u003eb4351b2\u003c/code\u003e\u003c/a\u003e\nBump version to 1.17.1-SNAPSHOT (\u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-mr/issues/3544\"\u003e#3544\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/parquet-java/commit/aa65eb460b204622f20848787b329d395b727756\"\u003e\u003ccode\u003eaa65eb4\u003c/code\u003e\u003c/a\u003e\nBump jackson.version from 2.21.2 to 2.21.3 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-mr/issues/3538\"\u003e#3538\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/parquet-java/commit/ef00c4634233c714b3fd8d82a09a6c7e58c4e8a3\"\u003e\u003ccode\u003eef00c46\u003c/code\u003e\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-mr/issues/3112\"\u003eGH-3112\u003c/a\u003e:\nFix reading of proto Uint32Value (\u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-mr/issues/3113\"\u003e#3113\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/parquet-java/commit/0f91a199853bfcb48aff9af919ae4967f305ef7e\"\u003e\u003ccode\u003e0f91a19\u003c/code\u003e\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-mr/issues/3410\"\u003eGH-3410\u003c/a\u003e:\nBump jackson dependencies from 2.19.2 to 2.21.2 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-mr/issues/3460\"\u003e#3460\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/apache/parquet-mr/compare/apache-parquet-1.17.0...apache-parquet-1.17.1\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dorg.apache.parquet:parquet-variant\u0026package-manager\u003dmaven\u0026previous-version\u003d1.17.0\u0026new-version\u003d1.17.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "ef359de2cf33f3020eb7c41cd4a5eee564b99bf6", "tree": "b93e8ac822eeafe70a0d95b4146b6d8f2b037a17", "parents": [ "4899492a26f941d955f5567797aa697262e747dd" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed May 20 08:27:25 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed May 20 08:27:25 2026 +0200" }, "message": "MINOR: Bump dep.slf4j.version from 2.0.17 to 2.0.18 (#1151)\n\nBumps `dep.slf4j.version` from 2.0.17 to 2.0.18.\nUpdates `org.slf4j:slf4j-api` from 2.0.17 to 2.0.18\n\nUpdates `org.slf4j:slf4j-jdk14` from 2.0.17 to 2.0.18\n\nUpdates `org.slf4j:jul-to-slf4j` from 2.0.17 to 2.0.18\n\nUpdates `org.slf4j:jcl-over-slf4j` from 2.0.17 to 2.0.18\n\nUpdates `org.slf4j:log4j-over-slf4j` from 2.0.17 to 2.0.18\n\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "4899492a26f941d955f5567797aa697262e747dd", "tree": "9b5974f20a7cc2e9887e137bb91d8bdb862e03fe", "parents": [ "28367478a6ae695e409368b6f68b9ea22730fd9c" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue May 19 15:48:10 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue May 19 15:48:10 2026 +0200" }, "message": "MINOR: Bump parquet.version from 1.17.0 to 1.17.1 (#1152)\n\nBumps `parquet.version` from 1.17.0 to 1.17.1.\nUpdates `org.apache.parquet:parquet-avro` from 1.17.0 to 1.17.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/apache/parquet-mr/releases\"\u003eorg.apache.parquet:parquet-avro\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eApache Parquet Java 1.17.1\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix reading of proto Uint32Value by \u003ca\nhref\u003d\"https://github.com/0x26res\"\u003e\u003ccode\u003e@​0x26res\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-java/pull/3113\"\u003eapache/parquet-java#3113\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump jackson dependencies from 2.19.2 to 2.21.2 by \u003ca\nhref\u003d\"https://github.com/manuzhang\"\u003e\u003ccode\u003e@​manuzhang\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-java/pull/3460\"\u003eapache/parquet-java#3460\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump jackson.version from 2.21.2 to 2.21.3 by \u003ca\nhref\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot]\nin \u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-java/pull/3538\"\u003eapache/parquet-java#3538\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/apache/parquet-java/compare/apache-parquet-1.17.0...apache-parquet-1.17.1\"\u003ehttps://github.com/apache/parquet-java/compare/apache-parquet-1.17.0...apache-parquet-1.17.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eApache Parquet Java 1.17.1 RC0\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix reading of proto Uint32Value by \u003ca\nhref\u003d\"https://github.com/0x26res\"\u003e\u003ccode\u003e@​0x26res\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-java/pull/3113\"\u003eapache/parquet-java#3113\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump jackson dependencies from 2.19.2 to 2.21.2 by \u003ca\nhref\u003d\"https://github.com/manuzhang\"\u003e\u003ccode\u003e@​manuzhang\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-java/pull/3460\"\u003eapache/parquet-java#3460\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump jackson.version from 2.21.2 to 2.21.3 by \u003ca\nhref\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot]\nin \u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-java/pull/3538\"\u003eapache/parquet-java#3538\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/apache/parquet-java/compare/apache-parquet-1.17.0...apache-parquet-1.17.1-rc0\"\u003ehttps://github.com/apache/parquet-java/compare/apache-parquet-1.17.0...apache-parquet-1.17.1-rc0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/parquet-java/commit/78a8d3230eb4769db93de5f2f2e18363c04cae81\"\u003e\u003ccode\u003e78a8d32\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release apache-parquet-1.17.1-rc0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/parquet-java/commit/b4351b2bbb08b30a1e5dafed0b7d995179c8208f\"\u003e\u003ccode\u003eb4351b2\u003c/code\u003e\u003c/a\u003e\nBump version to 1.17.1-SNAPSHOT (\u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-mr/issues/3544\"\u003e#3544\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/parquet-java/commit/aa65eb460b204622f20848787b329d395b727756\"\u003e\u003ccode\u003eaa65eb4\u003c/code\u003e\u003c/a\u003e\nBump jackson.version from 2.21.2 to 2.21.3 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-mr/issues/3538\"\u003e#3538\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/parquet-java/commit/ef00c4634233c714b3fd8d82a09a6c7e58c4e8a3\"\u003e\u003ccode\u003eef00c46\u003c/code\u003e\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-mr/issues/3112\"\u003eGH-3112\u003c/a\u003e:\nFix reading of proto Uint32Value (\u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-mr/issues/3113\"\u003e#3113\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/parquet-java/commit/0f91a199853bfcb48aff9af919ae4967f305ef7e\"\u003e\u003ccode\u003e0f91a19\u003c/code\u003e\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-mr/issues/3410\"\u003eGH-3410\u003c/a\u003e:\nBump jackson dependencies from 2.19.2 to 2.21.2 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-mr/issues/3460\"\u003e#3460\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/apache/parquet-mr/compare/apache-parquet-1.17.0...apache-parquet-1.17.1\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.parquet:parquet-hadoop` from 1.17.0 to 1.17.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/apache/parquet-mr/releases\"\u003eorg.apache.parquet:parquet-hadoop\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eApache Parquet Java 1.17.1\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix reading of proto Uint32Value by \u003ca\nhref\u003d\"https://github.com/0x26res\"\u003e\u003ccode\u003e@​0x26res\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-java/pull/3113\"\u003eapache/parquet-java#3113\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump jackson dependencies from 2.19.2 to 2.21.2 by \u003ca\nhref\u003d\"https://github.com/manuzhang\"\u003e\u003ccode\u003e@​manuzhang\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-java/pull/3460\"\u003eapache/parquet-java#3460\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump jackson.version from 2.21.2 to 2.21.3 by \u003ca\nhref\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot]\nin \u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-java/pull/3538\"\u003eapache/parquet-java#3538\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/apache/parquet-java/compare/apache-parquet-1.17.0...apache-parquet-1.17.1\"\u003ehttps://github.com/apache/parquet-java/compare/apache-parquet-1.17.0...apache-parquet-1.17.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eApache Parquet Java 1.17.1 RC0\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix reading of proto Uint32Value by \u003ca\nhref\u003d\"https://github.com/0x26res\"\u003e\u003ccode\u003e@​0x26res\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-java/pull/3113\"\u003eapache/parquet-java#3113\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump jackson dependencies from 2.19.2 to 2.21.2 by \u003ca\nhref\u003d\"https://github.com/manuzhang\"\u003e\u003ccode\u003e@​manuzhang\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-java/pull/3460\"\u003eapache/parquet-java#3460\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump jackson.version from 2.21.2 to 2.21.3 by \u003ca\nhref\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot]\nin \u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-java/pull/3538\"\u003eapache/parquet-java#3538\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/apache/parquet-java/compare/apache-parquet-1.17.0...apache-parquet-1.17.1-rc0\"\u003ehttps://github.com/apache/parquet-java/compare/apache-parquet-1.17.0...apache-parquet-1.17.1-rc0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/parquet-java/commit/78a8d3230eb4769db93de5f2f2e18363c04cae81\"\u003e\u003ccode\u003e78a8d32\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release apache-parquet-1.17.1-rc0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/parquet-java/commit/b4351b2bbb08b30a1e5dafed0b7d995179c8208f\"\u003e\u003ccode\u003eb4351b2\u003c/code\u003e\u003c/a\u003e\nBump version to 1.17.1-SNAPSHOT (\u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-mr/issues/3544\"\u003e#3544\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/parquet-java/commit/aa65eb460b204622f20848787b329d395b727756\"\u003e\u003ccode\u003eaa65eb4\u003c/code\u003e\u003c/a\u003e\nBump jackson.version from 2.21.2 to 2.21.3 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-mr/issues/3538\"\u003e#3538\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/parquet-java/commit/ef00c4634233c714b3fd8d82a09a6c7e58c4e8a3\"\u003e\u003ccode\u003eef00c46\u003c/code\u003e\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-mr/issues/3112\"\u003eGH-3112\u003c/a\u003e:\nFix reading of proto Uint32Value (\u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-mr/issues/3113\"\u003e#3113\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/parquet-java/commit/0f91a199853bfcb48aff9af919ae4967f305ef7e\"\u003e\u003ccode\u003e0f91a19\u003c/code\u003e\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-mr/issues/3410\"\u003eGH-3410\u003c/a\u003e:\nBump jackson dependencies from 2.19.2 to 2.21.2 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/parquet-mr/issues/3460\"\u003e#3460\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/apache/parquet-mr/compare/apache-parquet-1.17.0...apache-parquet-1.17.1\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "28367478a6ae695e409368b6f68b9ea22730fd9c", "tree": "28642c546706c64bcad3ea177c9d3fa18b479235", "parents": [ "d88adb33b00e8a7c3b743312b11c05ed36d2bd37" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue May 19 15:47:49 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue May 19 15:47:49 2026 +0200" }, "message": "MINOR: Bump io.grpc:grpc-bom from 1.80.0 to 1.81.0 (#1154)\n\nBumps [io.grpc:grpc-bom](https://github.com/grpc/grpc-java) from 1.80.0\nto 1.81.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/releases\"\u003eio.grpc:grpc-bom\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eV1.81.0\u003c/h2\u003e\n\u003cp\u003eIn this release we drop support for Android API level 22 or lower\n(Lollipop or earlier), following Google Play Service’s \u003ca\nhref\u003d\"https://developers.google.com/android/guides/setup\"\u003ediscontinued\nupdates for Lollipop (API levels 21 \u0026amp; 22)\u003c/a\u003e and now requires a\nminimum of API level 23 (Android 6.0 Marshmallow).\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eAPI Changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eapi: Deprecate LoadBalancer.handleResolvedAddresses(). Developers\nmaintaining custom LoadBalancer implementations should transition to\nusing LoadBalancer.acceptResolvedAddresses(). Unlike the deprecated\nmethod, acceptResolvedAddresses() returns a Status object, allowing the\nload balancer to explicitly report success or reject the update if the\nprovided addresses or configuration are invalid. (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/11623\"\u003e#11623\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBehavior Changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ecore: Enable dns \u0026quot;caching\u0026quot; on Android for 30 seconds to\nreduce CPU impact of a refresh loop with an LB policy (0675f70af).\nDnsNameResolver ignores re-resolution requests on OpenJDK-like platforms\nif it has been too soon since the last DNS query because\nInetAddress.getAllByName() has a cache with a fixed entry lifetime, but\nthis logic was disabled for Android which does not have that style of\ncache. Android’s cache uses the result TTL, which will rarely be less\nthan 30 seconds. This change would probably be most noticeable when 1)\nchanging to a different network (e.g., from wifi to mobile), 2) the\nserver has different addresses for different networks, and 3) the app is\nnot using AndroidChannelBuilder with an\n\u003ccode\u003eandroid.context.Context\u003c/code\u003e. For reference, it seems Chrome\ncaches for 1 minute\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBug Fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eopentelemetry: Fix baggage propagation, the baggage propagation for\nopentelemetry introduced in \u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/pull/12389\"\u003e#12389\u003c/a\u003e\nwas broken. The context is decided once and used for all recording for\nthe call, thus guaranteeing all record()s have consistent\ninformation.\u003c/li\u003e\n\u003cli\u003ecore: Address a race condition where\n\u003ccode\u003eManagedChannelOrphanWrapper\u003c/code\u003e could incorrectly log a\n\u0026quot;not shutdown properly\u0026quot; warning during garbage collection when\nusing directExecutor(). (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12705\"\u003e#12705\u003c/a\u003e)\n(d459338d9)\u003c/li\u003e\n\u003cli\u003exds: Fix xDS HTTP CONNECT\u0027s transport socket name bug which is now\ncorrected to use \u003ccode\u003etypeUrl\u003c/code\u003e. (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12740\"\u003e#12740\u003c/a\u003e)\n(eac9fe961)\u003c/li\u003e\n\u003cli\u003exds: Fix an issue where subchannel metrics were dropping their\nassociation with the \u003ccode\u003ebackend_service\u003c/code\u003e. This ensures xDS load\nbalancing metrics are reported accurately. (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNew Features\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003enetty: Add tcp metrics, by implementing a few of the metrics defined\nin \u003ca\nhref\u003d\"https://redirect.github.com/grpc/proposal/pull/519\"\u003eA80\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eapi: Add a CallOption for a custom label on per-RPC metrics\n(0e39b2967). This CallOption is copied by grpc-opentelemetry to the\n\u003ccode\u003egrpc.client.call.custom\u003c/code\u003e label as defined by \u003ca\nhref\u003d\"https://github.com/grpc/proposal/blob/master/A108-otel-custom-per-call-label.md\"\u003egRFC\nA108\u003c/a\u003e. See also the \u003ca\nhref\u003d\"https://grpc.io/docs/guides/opentelemetry-metrics/\"\u003egRPC\nOpenTelemetry Metrics guide\u003c/a\u003e (update \u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc.io/pull/1505\"\u003ein-progress\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003exds: Add support for Weighted Round Robin (WRR) load balancing\ndriven by custom backend metrics, implementing the behavior defined in\ngRFC A114. (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eutils: Update \u003ccode\u003eAdvancedTlsX509KeyManager\u003c/code\u003e so that\ndevelopers can now preserve and use key aliases when dynamically\nreloading TLS certificates. (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12686\"\u003e#12686\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDocumentation\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate the \u0026quot;Outgoing Flow Control\u0026quot; section in the Manual\nFlow Control example to say onNext() does not block, but rather queues\nthe messages in memory and advises developers to use\nCallStreamObserver.isReady() to prevent this memory exhaustion (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12700\"\u003e#12700\u003c/a\u003e)\n(a3a9ffcbe) (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12726\"\u003e#12726\u003c/a\u003e)\n(65ae2efda)\u003c/li\u003e\n\u003cli\u003eexamples: Clean up Health example, and document need for\ngrpc-services (3ed732fc0)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDependencies\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade Dependencies (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12719\"\u003e#12719\u003c/a\u003e)\n(16e17abba). Google-auth-library: 1.42.1, animal-sniffer: 1.27,\nassertj-core:3.27.7, error_prone_annotations:2.48.0,\nproto-google-common-protos:2.64.1, google-cloud-logging:3.23.10,\njetty-http2-server:12.1.7, jetty-ee10-servlet:12.1.7, lincheck:3.4,\nopentelemetry-api:1.60.1,\nopentelemetry-exporter-prometheus:1.60.1-alpha,\nopentelemetry-gcp-resources:1.54.0-alpha,\nopentelemetry-sdk-extension-autoconfigure:1.60.1,\nopentelemetry-sdk-testing:1.60.1, robolectric:4.16.1,\ntomcat-embed-core:10.1.52, tomcat-embed-core9: 9.0.115,\u003c/li\u003e\n\u003cli\u003eUpgrade Netty to 4.1.132 and netty-tcnative to 2.0.75\n(1528f809c)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eThanks to\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/becomeStar\"\u003e\u003ccode\u003e@​becomeStar\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/benjaminp\"\u003e\u003ccode\u003e@​benjaminp\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/JoeCqupt\"\u003e\u003ccode\u003e@​JoeCqupt\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/Kainsin\"\u003e\u003ccode\u003e@​Kainsin\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/merlimat\"\u003e\u003ccode\u003e@​merlimat\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/SreeramdasLavanya\"\u003e\u003ccode\u003e@​SreeramdasLavanya\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/themechbro\"\u003e\u003ccode\u003e@​themechbro\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/zhangweikop\"\u003e\u003ccode\u003e@​zhangweikop\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/6951542f66c59f63cbf5348b38a2306a3964adda\"\u003e\u003ccode\u003e6951542\u003c/code\u003e\u003c/a\u003e\nBump version to 1.81.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/e94188e81298c36ac9654dc76025940171abc0a4\"\u003e\u003ccode\u003ee94188e\u003c/code\u003e\u003c/a\u003e\nUpdate README etc to reference 1.81.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/4813c6d06089d49a479f7f1786297dc3d8c0e549\"\u003e\u003ccode\u003e4813c6d\u003c/code\u003e\u003c/a\u003e\ncore,xds: Fix backend_service plumbing for subchannel metrics (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12735\"\u003e#12735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/6737eb583a273dd13bf9e7b82cc1d9df75e551bd\"\u003e\u003ccode\u003e6737eb5\u003c/code\u003e\u003c/a\u003e\nRevert \u0026quot;Replace javax ThreadSafe annotation with errorprone\nThreadSafe (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/1274\"\u003e#1274\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/ef3531325ba98fa043f6f7f16fa0715e9296d7a3\"\u003e\u003ccode\u003eef35313\u003c/code\u003e\u003c/a\u003e\nReplace javax ThreadSafe annotation with errorprone ThreadSafe (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12742\"\u003e#12742\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/3ed732fc09c41b185cd03fdd6864c4ebb82f3a80\"\u003e\u003ccode\u003e3ed732f\u003c/code\u003e\u003c/a\u003e\nexamples: Clean up Health, and document need for grpc-services\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/eac9fe9612881d54d51ddc5496599ba9a8201021\"\u003e\u003ccode\u003eeac9fe9\u003c/code\u003e\u003c/a\u003e\nxds: fix xDS HTTP CONNECT\u0027s transport socket name bug (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12740\"\u003e#12740\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/1528f809c9e506cf2e7052e3f41fd8b75636d3d3\"\u003e\u003ccode\u003e1528f80\u003c/code\u003e\u003c/a\u003e\nUpgrade Netty to 4.1.132 and netty-tcnative to 2.0.75\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/d057a7ebee2945fc0a9ca58b36afdb5b37a99680\"\u003e\u003ccode\u003ed057a7e\u003c/code\u003e\u003c/a\u003e\n[xds] Implement A114: WRR support for custom backend metrics (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12645\"\u003e#12645\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/842636f88452c30769a5561f7659db6e4f9fc2a0\"\u003e\u003ccode\u003e842636f\u003c/code\u003e\u003c/a\u003e\nxds: Add configuration objects for ExtAuthz, GrpcService and Bootstrap\nchange...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/compare/v1.80.0...v1.81.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dio.grpc:grpc-bom\u0026package-manager\u003dmaven\u0026previous-version\u003d1.80.0\u0026new-version\u003d1.81.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e\nCo-authored-by: JB Onofré \u003cjbonofre@apache.org\u003e" }, { "commit": "d88adb33b00e8a7c3b743312b11c05ed36d2bd37", "tree": "d30c40d2aef5c85f6dae9fc8a6503e21d9b19946", "parents": [ "c49d97625524a9ba3cb72380f88a2ee12f435695" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon May 18 18:42:53 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon May 18 18:42:53 2026 +0200" }, "message": "MINOR: Bump io.netty:netty-bom from 4.2.12.Final to 4.2.13.Final (#1155)\n\nBumps [io.netty:netty-bom](https://github.com/netty/netty) from\n4.2.12.Final to 4.2.13.Final.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/netty/netty/releases\"\u003eio.netty:netty-bom\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003enetty-4.2.13.Final\u003c/h2\u003e\n\u003ch2\u003eCVEs Fixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-rgrr-p7gp-5xj7\"\u003eCVE-2026-42586\u003c/a\u003e\n(netty-codec-redis)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-45q3-82m4-75jr\"\u003eCVE-2026-42578\u003c/a\u003e\n(netty-handler-proxy)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-rwm7-x88c-3g2p\"\u003eCVE-2026-42577\u003c/a\u003e\n(netty-transport-native-epoll)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-f6hv-jmp6-3vwv\"\u003eCVE-2026-42587\u003c/a\u003e\n(netty-codec-http, netty-codec-http2)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-v8h7-rr48-vmmv\"\u003eCVE-2026-41417\u003c/a\u003e\n(netty-codec-http)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-xxqh-mfjm-7mv9\"\u003eCVE-2026-42581\u003c/a\u003e\n(netty-codec-http)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-m4cv-j2px-7723\"\u003eCVE-2026-42580\u003c/a\u003e\n(netty-codec-http)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-38f8-5428-x5cv\"\u003eCVE-2026-42585\u003c/a\u003e\n(netty-codec-http)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-cm33-6792-r9fm\"\u003eCVE-2026-42579\u003c/a\u003e\n(netty-codec-dns)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-2c5c-chwr-9hqw\"\u003eCVE-2026-42582\u003c/a\u003e\n(netty-codec-http3)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-mj4r-2hfc-f8p6\"\u003eCVE-2026-42583\u003c/a\u003e\n(netty-codec, netty-codec-compression)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-57rv-r2g8-2cj3\"\u003eCVE-2026-42584\u003c/a\u003e\n(netty-codec-http)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-jfg9-48mv-9qgx\"\u003eCVE-2026-44248\u003c/a\u003e\n(netty-codec-mqtt)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eKqueue: sendfile EINTR doesn\u0027t advance offset — data duplication by\n\u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16544\"\u003enetty/netty#16544\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace usage of strerror with thread-safe alternative by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16547\"\u003enetty/netty#16547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix implementation of strerror_r_xsi for GNU by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16546\"\u003enetty/netty#16546\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLazy init ArrayList in DefaultHeaders.getAll by \u003ca\nhref\u003d\"https://github.com/doom369\"\u003e\u003ccode\u003e@​doom369\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16526\"\u003enetty/netty#16526\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLess logging in AWS-LC build by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16565\"\u003enetty/netty#16565\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnsure the CRYPTO_BUFFER_POOL is also freed when we fail creating\nthe SSLContext by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16545\"\u003enetty/netty#16545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-port 4.2: Fix IndexOutOfBoundsException in StompSubframeDecoder\non heartbeat by \u003ca\nhref\u003d\"https://github.com/netty-project-bot\"\u003e\u003ccode\u003e@​netty-project-bot\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16543\"\u003enetty/netty#16543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid leak in PemReader on OutOfDirectMemoryError by \u003ca\nhref\u003d\"https://github.com/raipc\"\u003e\u003ccode\u003e@​raipc\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16551\"\u003enetty/netty#16551\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIoUring: Disable test while we debug to unblock other builds by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16581\"\u003enetty/netty#16581\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInclude user properties and subscription IDs in\nMqttProperties#isEmpty by \u003ca\nhref\u003d\"https://github.com/ShadowySpirits\"\u003e\u003ccode\u003e@​ShadowySpirits\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16575\"\u003enetty/netty#16575\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNative DNS resolver: Guard against malloc failures by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16559\"\u003enetty/netty#16559\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-port 4.2: Increase timeouts for QuicChannelConnectTest by \u003ca\nhref\u003d\"https://github.com/netty-project-bot\"\u003e\u003ccode\u003e@​netty-project-bot\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16578\"\u003enetty/netty#16578\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix parsing HTTP chunks with multiple extensions by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16579\"\u003enetty/netty#16579\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.plexus:plexus-utils from 3.4.2 to 4.0.3 in\n/codec-native-quic by \u003ca\nhref\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot]\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16572\"\u003enetty/netty#16572\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert to PR build to Ubuntu 22.04 by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16595\"\u003enetty/netty#16595\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eNative transports: Correctly create pipe when pipe2 is not supported\nby \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16592\"\u003enetty/netty#16592\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEpoll: Cleanup code to always return negative value on failure by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16591\"\u003enetty/netty#16591\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix component search fast path by \u003ca\nhref\u003d\"https://github.com/yawkat\"\u003e\u003ccode\u003e@​yawkat\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16548\"\u003enetty/netty#16548\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStabilize read-only toStringMultipleThreads1 by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16608\"\u003enetty/netty#16608\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStabilize more AbstractByteBufTests by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16611\"\u003enetty/netty#16611\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove note about needing 256-bit for PQC by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16605\"\u003enetty/netty#16605\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eStabilize testSessionInvalidate for Conscrypt by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16615\"\u003enetty/netty#16615\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eQuic: Correctly handle SSL_CTX_new failures by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16622\"\u003enetty/netty#16622\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake LocalIoHandle public by \u003ca\nhref\u003d\"https://github.com/rdicroce\"\u003e\u003ccode\u003e@​rdicroce\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16621\"\u003enetty/netty#16621\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eQuic: Fix shadowing of variable which leads to incorrectly handling\nerrors by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16623\"\u003enetty/netty#16623\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAuto-port 4.2: Use stream error for maxContentLength exceeded in\nInboundHttp2ToHttpAdapter by \u003ca\nhref\u003d\"https://github.com/netty-project-bot\"\u003e\u003ccode\u003e@​netty-project-bot\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16629\"\u003enetty/netty#16629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eshutdownInput\u003c/code\u003e bug in kqueue for empty recv buffer\nby \u003ca href\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16630\"\u003enetty/netty#16630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix FFM address semantics in directBufferAddress by \u003ca\nhref\u003d\"https://github.com/dreamlike-ocean\"\u003e\u003ccode\u003e@​dreamlike-ocean\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16603\"\u003enetty/netty#16603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHTTP2: Ensure HTTP2 preface is always send as first message by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16636\"\u003enetty/netty#16636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMove Http2FrameCodecSubClassTest to correct package by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16640\"\u003enetty/netty#16640\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eKqueue: Fix usage of LOCAL_PEERPID by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16637\"\u003enetty/netty#16637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid ArrayQueue allocation in HttpServerCodec by \u003ca\nhref\u003d\"https://github.com/doom369\"\u003e\u003ccode\u003e@​doom369\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16596\"\u003enetty/netty#16596\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix file descriptor reuse bug in kqueue by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16650\"\u003enetty/netty#16650\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/b3844c8108b42f68d56144b36d4d1ed96078a688\"\u003e\u003ccode\u003eb3844c8\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release netty-4.2.13.Final\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/82f47fa53571d04d8add02e3a01762cebd139a00\"\u003e\u003ccode\u003e82f47fa\u003c/code\u003e\u003c/a\u003e\nMerge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/ada0999ae6a011c787203108c8d987e0bc25b82d\"\u003e\u003ccode\u003eada0999\u003c/code\u003e\u003c/a\u003e\nMerge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/b4051e230e2fd349892f3739d6770b006c1d7528\"\u003e\u003ccode\u003eb4051e2\u003c/code\u003e\u003c/a\u003e\nFix BrotliDecoder not forwarding all decompressed chunks\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/67207c19218d7962f772af234f89de4424c7cf07\"\u003e\u003ccode\u003e67207c1\u003c/code\u003e\u003c/a\u003e\nMerge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/541ca7c645b8bd04901b54136b745622be289d19\"\u003e\u003ccode\u003e541ca7c\u003c/code\u003e\u003c/a\u003e\nMerge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/943edb361423eee5574b636a8c2bf6baf5cb2464\"\u003e\u003ccode\u003e943edb3\u003c/code\u003e\u003c/a\u003e\nFix codec-dns tests\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/6459a284e6653c90fe4b15c0e8516d8302b1cd0e\"\u003e\u003ccode\u003e6459a28\u003c/code\u003e\u003c/a\u003e\nMerge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/b4ba61bd9059156cc9dcece7a81ea389efe571c2\"\u003e\u003ccode\u003eb4ba61b\u003c/code\u003e\u003c/a\u003e\nFix checkstyle in HttpObjectDecoder\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/977661f71f7511ad68ca17cabd7b5185efb978f4\"\u003e\u003ccode\u003e977661f\u003c/code\u003e\u003c/a\u003e\nMerge commit from fork\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/netty/netty/compare/netty-4.2.12.Final...netty-4.2.13.Final\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dio.netty:netty-bom\u0026package-manager\u003dmaven\u0026previous-version\u003d4.2.12.Final\u0026new-version\u003d4.2.13.Final)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "c49d97625524a9ba3cb72380f88a2ee12f435695", "tree": "05520d46388f92948acdca42a22c33653f3c03dc", "parents": [ "8c36d02205974c0cb912b11383e26f141ee2971e" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon May 18 17:45:26 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon May 18 17:45:26 2026 +0200" }, "message": "MINOR: Bump org.immutables:value-annotations from 2.12.1 to 2.12.2 (#1157)\n\nBumps\n[org.immutables:value-annotations](https://github.com/immutables/immutables)\nfrom 2.12.1 to 2.12.2.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/immutables/immutables/releases\"\u003eorg.immutables:value-annotations\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.12.2\u003c/h2\u003e\n\u003ch2\u003eMaintenance release\u003c/h2\u003e\n\u003ch3\u003eWhat\u0027s Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/issues/1642\"\u003e#1642\u003c/a\u003e\nFix to find nested elements on plain element with nested elements with\nmongo backend by \u003ca\nhref\u003d\"https://github.com/rgatbert\"\u003e\u003ccode\u003e@​rgatbert\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/pull/1643\"\u003eimmutables/immutables#1643\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/issues/1642\"\u003e#1642\u003c/a\u003e\nFix for further problems to find nested elements on plain element with\nnested elements with mongo backend by \u003ca\nhref\u003d\"https://github.com/rgatbert\"\u003e\u003ccode\u003e@​rgatbert\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/pull/1644\"\u003eimmutables/immutables#1644\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/issues/1645\"\u003e#1645\u003c/a\u003e\nenhance docs about records for implementationNestedInBuilder by \u003ca\nhref\u003d\"https://github.com/bmarwell\"\u003e\u003ccode\u003e@​bmarwell\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/pull/1646\"\u003eimmutables/immutables#1646\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/issues/1655\"\u003e#1655\u003c/a\u003e\nFix TYPE_USE \u003ccode\u003e@Nullable\u003c/code\u003e on concrete array types by \u003ca\nhref\u003d\"https://github.com/viditochani\"\u003e\u003ccode\u003e@​viditochani\u003c/code\u003e\u003c/a\u003e in\n\u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/pull/1658\"\u003eimmutables/immutables#1658\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/rgatbert\"\u003e\u003ccode\u003e@​rgatbert\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/pull/1643\"\u003eimmutables/immutables#1643\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/bmarwell\"\u003e\u003ccode\u003e@​bmarwell\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/pull/1646\"\u003eimmutables/immutables#1646\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/viditochani\"\u003e\u003ccode\u003e@​viditochani\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/pull/1658\"\u003eimmutables/immutables#1658\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/immutables/immutables/compare/2.12.1...2.12.2\"\u003ehttps://github.com/immutables/immutables/compare/2.12.1...2.12.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/immutables/immutables/commit/6f1918f2ed84bf110fcb9f3dcd5fcf630bcad6d7\"\u003e\u003ccode\u003e6f1918f\u003c/code\u003e\u003c/a\u003e\nv2.12.2\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/immutables/immutables/commit/71d350b769c0b391c38b3fe35564ced71caff065\"\u003e\u003ccode\u003e71d350b\u003c/code\u003e\u003c/a\u003e\nnode24 v5 github actions\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/immutables/immutables/commit/bb26b408e435b7c7c39ce72c945b5e5b2b34e9b6\"\u003e\u003ccode\u003ebb26b40\u003c/code\u003e\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/issues/1655\"\u003e#1655\u003c/a\u003e\nadditional ECJ workaround\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/immutables/immutables/commit/da6acc841b58abdbf8ad76f96aefa94f17f6fa15\"\u003e\u003ccode\u003eda6acc8\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/issues/1658\"\u003e#1658\u003c/a\u003e\nfrom viditochani/fix-concrete-array-nullable\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/immutables/immutables/commit/ccd68963ab2a234b7b7f60006938cd4d727b89b5\"\u003e\u003ccode\u003eccd6896\u003c/code\u003e\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/issues/1655\"\u003e#1655\u003c/a\u003e\nFix TYPE_USE \u003ca\nhref\u003d\"https://github.com/Nullable\"\u003e\u003ccode\u003e@​Nullable\u003c/code\u003e\u003c/a\u003e on\nconcrete array types\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/immutables/immutables/commit/78f43d47541af1f535a6ed48578651a609481c87\"\u003e\u003ccode\u003e78f43d4\u003c/code\u003e\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/issues/1649\"\u003e#1649\u003c/a\u003e\nJackson3 meta-annotated package\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/immutables/immutables/commit/f3fe649b15d96500f8d1c93ad02cace88747cf13\"\u003e\u003ccode\u003ef3fe649\u003c/code\u003e\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/immutables/immutables/issues/1640\"\u003e#1640\u003c/a\u003e\nWhere.WITH_COPY for copy methods\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/immutables/immutables/commit/83cdfdb423100ed823f965130cd9153aa3a56b2a\"\u003e\u003ccode\u003e83cdfdb\u003c/code\u003e\u003c/a\u003e\nChange JUnit5 dependency to use BOM\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/immutables/immutables/commit/cf04f2c106e35edf1a313900a61c80e7f0913637\"\u003e\u003ccode\u003ecf04f2c\u003c/code\u003e\u003c/a\u003e\nUpgrade jackson3: 3.0.1 -\u0026gt; 3.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/immutables/immutables/commit/31308e78e1cd39eba120b7e615723de24b3c1507\"\u003e\u003ccode\u003e31308e7\u003c/code\u003e\u003c/a\u003e\nUpgrade jackson: 2.19.2 -\u0026gt; 2.21.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/immutables/immutables/compare/2.12.1...2.12.2\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dorg.immutables:value-annotations\u0026package-manager\u003dmaven\u0026previous-version\u003d2.12.1\u0026new-version\u003d2.12.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "8c36d02205974c0cb912b11383e26f141ee2971e", "tree": "f01ed42704c21cd619b6dbacf2b159580da75029", "parents": [ "af86cd3a7c17237368ea8411ed32e21b262c5b7b" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon May 18 17:45:09 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon May 18 17:45:09 2026 +0200" }, "message": "MINOR: Bump org.apache:apache from 37 to 38 (#1156)\n\nBumps [org.apache:apache](https://github.com/apache/maven-apache-parent)\nfrom 37 to 38.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/apache/maven-apache-parent/releases\"\u003eorg.apache:apache\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eApache Parent POM version 38\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e👻 Maintenance\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate banner links (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/576\"\u003e#576\u003c/a\u003e)\n\u003ca\nhref\u003d\"https://github.com/slawekjaranowski\"\u003e\u003ccode\u003e@​slawekjaranowski\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e📦 Dependency updates\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump org.apache.maven.plugins:maven-invoker-plugin from 3.10.0 to\n3.10.1 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/578\"\u003e#578\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven.plugins:maven-invoker-plugin from 3.9.1 to\n3.10.0 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/575\"\u003e#575\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven.plugins:maven-resources-plugin from 3.4.0 to\n3.5.0 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/572\"\u003e#572\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven.plugins:maven-shade-plugin from 3.6.1 to 3.6.2\n(\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/573\"\u003e#573\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump\norg.apache.apache.resources:apache-source-release-assembly-descriptor\nfrom 1.7 to 1.8 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/571\"\u003e#571\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump version.maven-surefire from 3.5.4 to 3.5.5 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/570\"\u003e#570\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven.plugins:maven-dependency-plugin from 3.9.0 to\n3.10.0 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/568\"\u003e#568\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven.plugins:maven-compiler-plugin from 3.14.1 to\n3.15.0 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/567\"\u003e#567\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/apache/maven-apache-parent/commits\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dorg.apache:apache\u0026package-manager\u003dmaven\u0026previous-version\u003d37\u0026new-version\u003d38)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "af86cd3a7c17237368ea8411ed32e21b262c5b7b", "tree": "fd7c868050f916458c429f4f4ec9b4816845bb76", "parents": [ "3bc34b041761081ac32a7cd3b167f9ab8b628677" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon May 18 15:22:37 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon May 18 15:22:37 2026 +0200" }, "message": "MINOR: Bump org.apache.calcite.avatica:avatica from 1.26.0 to 1.27.0 (#986)\n\nBumps\n[org.apache.calcite.avatica:avatica](https://github.com/apache/calcite-avatica)\nfrom 1.26.0 to 1.27.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/calcite-avatica/commit/7754d942f858e5521966c1771cf2e111e8a7ef87\"\u003e\u003ccode\u003e7754d94\u003c/code\u003e\u003c/a\u003e\n[CALCITE-7200] Release Avatica 1.27.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/calcite-avatica/commit/1e05be2bbe3e63eafe7b157beb8cbe00abaa15f2\"\u003e\u003ccode\u003e1e05be2\u003c/code\u003e\u003c/a\u003e\n[CALCITE-7171] Update Jackson from 2.15.4 to 2.18.4.1 and switch to\nusing jac...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/calcite-avatica/commit/9698a96a36275736f48afc0a0b0a81dfaadc77a6\"\u003e\u003ccode\u003e9698a96\u003c/code\u003e\u003c/a\u003e\n[CALCITE-7177] Update Guava from 33.4.0-jre to 33.4.8-jre in\nAvatica\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/calcite-avatica/commit/0aec6258a2cdae73463c69810dbfce3c26792088\"\u003e\u003ccode\u003e0aec625\u003c/code\u003e\u003c/a\u003e\nBump rexml from 3.4.1 to 3.4.2 in /site\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/calcite-avatica/commit/5954d1ae00a4be4947c1040f8e6b0b4372c628c1\"\u003e\u003ccode\u003e5954d1a\u003c/code\u003e\u003c/a\u003e\n[CALCITE-7165] Update OWASP plugin version to 12.1.3 for JDKs \u0026gt;\u003d\n11\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/calcite-avatica/commit/7b6f14c9a79ad18820482f43442e14f72566afb4\"\u003e\u003ccode\u003e7b6f14c\u003c/code\u003e\u003c/a\u003e\n[CALCITE-7172] Update chekstyle version from 10.19.0 to 10.26.1 in\nAvatica\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/calcite-avatica/commit/3ee1fd772c91a6eeaf0dbabcb27a6f6240ac7970\"\u003e\u003ccode\u003e3ee1fd7\u003c/code\u003e\u003c/a\u003e\n[CALCITE-7169] Update protobuf from 3.25.5 to 3.25.8 in Avatica\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/calcite-avatica/commit/927dc10699d257457a234078f75e2fafe671be64\"\u003e\u003ccode\u003e927dc10\u003c/code\u003e\u003c/a\u003e\n[CALCITE-7168] Update httpcore5 from 5.3.1 to 5.3.5 in Avatica\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/calcite-avatica/commit/458189ff52e2c2624b3d3d1096cfe1fc29f47af8\"\u003e\u003ccode\u003e458189f\u003c/code\u003e\u003c/a\u003e\n[CALCITE-7167] Upgrade Jetty from 9.4.56.v20240826 to 9.4.58.v20250814\nin Ava...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/calcite-avatica/commit/592a39e43b5dd59b3eaf9f9266cb02a9c4ce4065\"\u003e\u003ccode\u003e592a39e\u003c/code\u003e\u003c/a\u003e\n[CALCITE-7166] Update Gradle from 8.7 to 8.14.3 in Avatica\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/apache/calcite-avatica/compare/rel/avatica-1.26.0...rel/avatica-1.27.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n\u003e **Note**\n\u003e Automatic rebases have been disabled on this pull request as it has\nbeen open for over 30 days.\n\n---------\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e\nCo-authored-by: JB Onofré \u003cjbonofre@apache.org\u003e" }, { "commit": "3bc34b041761081ac32a7cd3b167f9ab8b628677", "tree": "177bf6972fa3a38fc2c723cb7d5e9956252f7aee", "parents": [ "0f7665f2b78a5f6bcfb37924fbee05a45adfb5f8" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed May 13 13:51:48 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed May 13 13:51:48 2026 +0200" }, "message": "MINOR: Bump commons-io:commons-io from 2.21.0 to 2.22.0 (#1126)\n\nBumps commons-io:commons-io from 2.21.0 to 2.22.0.\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcommons-io:commons-io\u0026package-manager\u003dmaven\u0026previous-version\u003d2.21.0\u0026new-version\u003d2.22.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "0f7665f2b78a5f6bcfb37924fbee05a45adfb5f8", "tree": "503764e2fa49bcf6152f2d9f6d4541fe2f054134", "parents": [ "331e9ee0968ab92499ed362ed276fa85e60b870d" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue May 12 09:31:15 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue May 12 09:31:15 2026 +0200" }, "message": "MINOR: Bump com.nimbusds:oauth2-oidc-sdk from 11.37 to 11.37.1 (#1143)\n\nBumps\n[com.nimbusds:oauth2-oidc-sdk](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions)\nfrom 11.37 to 11.37.1.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/src/master/CHANGELOG.txt\"\u003ecom.nimbusds:oauth2-oidc-sdk\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eversion 1.0 (2012-05-29)\n* First official release with authorisation endpoint, token endpoint,\ncheck\nID endpoint and UserInfo endpoint support.\n* JSON Web Tokens (JWTs) support through the Nimbus-JWT library.\n* Language Tags (RFC 5646) support through the Nimbus-LangTag library.\n* JSON support through the JSON Smart library.\u003c/p\u003e\n\u003cp\u003eversion 2.0 (2013-05-13)\n* Intermediary development release with Maven build, published to\nMaven Central.\u003c/p\u003e\n\u003cp\u003eversion 2.1 (2013-06-06)\n* Updates the APIs to OpenID Connect Messages draft 20, OpenID Connect\nStandard draft 21, OpenID Connect Discovery draft 17 and OpenID\nConnect Registration draft 19.\n* Major refactoring of the APIs for greater simplicity.\n* Adds JUnit tests.\u003c/p\u003e\n\u003cp\u003eversion 2.2 (2013-06-18)\n* Refactors dynamic OpenID Connect client registration.\n* Adds partial support of the OAuth 2.0 Dynamic Client Registration\nProtocol (draft-ietf-oauth-dyn-reg-12).\n* Optimises parsing of request parameters consisting of one or more\ntokens (scope, response type, etc).\u003c/p\u003e\n\u003cp\u003eversion 2.3 (2013-06-19)\n* Renames OAuth 2.0 dynamic client registration package.\n* Adds ClientInformation.getClientMetadata() method.\n* Adds OIDCClientInformation class.\u003c/p\u003e\n\u003cp\u003eversion 2.4 (2013-06-20)\n* Adds static OIDCClientInformation.parse(JSONObject) method.\u003c/p\u003e\n\u003cp\u003eversion 2.5 (2013-06-22)\n* Adds support OAuth 2.0 dynamic client update.\n* Adds OpenID Connect dynamic client registration classes.\u003c/p\u003e\n\u003cp\u003eversion 2.6 (2013-06-25)\n* Enforces order of preference of ACR values in OpenID Connect client\nmetadata, as required by the specification.\n* Documentation and performance improvements.\u003c/p\u003e\n\u003cp\u003eversion 2.7 (2013-06-26)\n* Switches Identifier generation to java.security.SecureRandom.\u003c/p\u003e\n\u003cp\u003eversion 2.8 (2013-06-30)\n* Fixes serialisation and assignment bugs in ClientMetadata.\n* Switches Secret generation to java.security.SecureRandom.\u003c/p\u003e\n\u003cp\u003eversion 2.9 (2013-09-17)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/2a0f2715d0943405b445f2ccf001a072044ef685\"\u003e\u003ccode\u003e2a0f271\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/fac7277ad412ee74e2e46eb89f6f75de6228a4e4\"\u003e\u003ccode\u003efac7277\u003c/code\u003e\u003c/a\u003e\nBumps Nimbus JOSE+JWT, BouncyCastle\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/517deb7444d54ee9c11c2bab42715fbc87871714\"\u003e\u003ccode\u003e517deb7\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release 11.37.1\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/branches/compare/11.37.1..11.37\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.nimbusds:oauth2-oidc-sdk\u0026package-manager\u003dmaven\u0026previous-version\u003d11.37\u0026new-version\u003d11.37.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "331e9ee0968ab92499ed362ed276fa85e60b870d", "tree": "746718a1ad3d2b6de0100b52024b05643b6dff90", "parents": [ "e6d9248447ef90d2d9a1412bfdee7019377e0603" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon May 11 15:53:29 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon May 11 15:53:29 2026 +0200" }, "message": "MINOR: Bump commons-codec:commons-codec from 1.21.0 to 1.22.0 (#1127)\n\nBumps\n[commons-codec:commons-codec](https://github.com/apache/commons-codec)\nfrom 1.21.0 to 1.22.0.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt\"\u003ecommons-codec:commons-codec\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eApache Commons Codec 1.22.0 Release Notes\u003c/h2\u003e\n\u003cp\u003eThe Apache Commons Codec team is pleased to announce the release of\nApache Commons Codec 1.22.0.\u003c/p\u003e\n\u003cp\u003eThe Apache Commons Codec component contains encoders and decoders for\nformats such as Base16, Base32, Base64, digest, and Hexadecimal. In\naddition to these\nwidely used encoders and decoders, the codec package also maintains a\ncollection of phonetic encoding utilities.\u003c/p\u003e\n\u003cp\u003eThis is a feature and maintenance release. Java 8 or later is\nrequired.\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCODEC-326: Add Base58 support. Thanks to Inkeet, Gary Gregory, Wolff\nBock von Wuelfingen.\u003c/li\u003e\n\u003cli\u003e\n\u003cpre\u003e\u003ccode\u003e Add\nBaseNCodecInputStream.AbstracBuilder.setByteArray(byte[]). Thanks to\nGary Gregory.\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003eCODEC-335: Add GitIdentifiers to compute Git blob and tree object\nidentifiers. Thanks to Piotr P. Karwasz, Gary Gregory.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFixed Bugs\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCODEC-249: Fix Incorrect transform of CH digraph according Metaphone\nbasic rules \u003ca\nhref\u003d\"https://redirect.github.com/apache/commons-codec/issues/423\"\u003e#423\u003c/a\u003e.\nThanks to Shalu Jha, Andrey, Gary Gregory.\u003c/li\u003e\n\u003cli\u003eCODEC-317: ColognePhonetic can create duplicate consecutive codes in\nsome cases. Thanks to DRUser123, Shalu Jha, Gary Gregory.\u003c/li\u003e\n\u003cli\u003e\n\u003cpre\u003e\u003ccode\u003e Add boundary tests for BinaryCodec.fromAscii partial-bit\ninputs [#425](https://github.com/apache/commons-codec/issues/425).\nThanks to fancying, Gary Gregory.\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003eCODEC-336: Base64.Builder.setUrlSafe(boolean) Javadoc incorrectly\nstates null is accepted for primitive boolean parameter. Thanks to\nPartha Paul, Gary Gregory.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cpre\u003e\u003ccode\u003e Bump org.apache.commons:commons-parent from 96 to 98. Thanks\nto Gary Gregory.\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFor complete information on Apache Commons Codec, including\ninstructions on how to submit bug reports,\npatches, or suggestions for improvement, see the Apache Commons Codec\nwebsite:\u003c/p\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://commons.apache.org/proper/commons-codec/\"\u003ehttps://commons.apache.org/proper/commons-codec/\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eDownload page: \u003ca\nhref\u003d\"https://commons.apache.org/proper/commons-codec/download_codec.cgi\"\u003ehttps://commons.apache.org/proper/commons-codec/download_codec.cgi\u003c/a\u003e\u003c/p\u003e\n\u003chr /\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-codec/commit/81a6295f071df5819893422a397d94bc396f2edd\"\u003e\u003ccode\u003e81a6295\u003c/code\u003e\u003c/a\u003e\nPrepare for the release candidate 1.22.0 RC1\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-codec/commit/73104b011a9758896904831f9b1bd29aad077f11\"\u003e\u003ccode\u003e73104b0\u003c/code\u003e\u003c/a\u003e\nPrepare for the next release candidate\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-codec/commit/8e36214fa2760d37e4e9c83336ed5bb324c23482\"\u003e\u003ccode\u003e8e36214\u003c/code\u003e\u003c/a\u003e\nIn-line single use test local variables\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-codec/commit/9bd67e787d88705baa26e85f3a9609dec015ba5b\"\u003e\u003ccode\u003e9bd67e7\u003c/code\u003e\u003c/a\u003e\nUse vararg syntax\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-codec/commit/25e52b06a3c24dc06216e7d29321a2f01c60ec6f\"\u003e\u003ccode\u003e25e52b0\u003c/code\u003e\u003c/a\u003e\nUse vararg syntax\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-codec/commit/e2ebaca8b30d1d04d0eb6a4e811a6d26631f4d31\"\u003e\u003ccode\u003ee2ebaca\u003c/code\u003e\u003c/a\u003e\nBump github/codeql-action from 4.35.1 to 4.35.2\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-codec/commit/33998a05a8adc84ca944bad2e5c7215309d1477b\"\u003e\u003ccode\u003e33998a0\u003c/code\u003e\u003c/a\u003e\nBump actions/upload-artifact from 7.0.0 to 7.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-codec/commit/50c6583280cb3ed67407dcaeb31df4f8fa8ede20\"\u003e\u003ccode\u003e50c6583\u003c/code\u003e\u003c/a\u003e\nBump actions/cache from 5.0.4 to 5.0.5\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-codec/commit/b2be3a82b2d0902e89718a56c6afb5850d020668\"\u003e\u003ccode\u003eb2be3a8\u003c/code\u003e\u003c/a\u003e\nAdd \u003ca\nhref\u003d\"https://github.com/Override\"\u003e\u003ccode\u003e@​Override\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-codec/commit/20f09bfcfdce88760ec9be095b848e85d9084acf\"\u003e\u003ccode\u003e20f09bf\u003c/code\u003e\u003c/a\u003e\nUse final.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/apache/commons-codec/compare/rel/commons-codec-1.21.0...rel/commons-codec-1.22.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "e6d9248447ef90d2d9a1412bfdee7019377e0603", "tree": "edc6377fa4c8965aa33cb704cb0f35fe08d066a8", "parents": [ "b068e28343d54604b1966e916a376ea4c1491f48" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon May 11 15:53:10 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon May 11 15:53:10 2026 +0200" }, "message": "MINOR: Bump com.gradle:common-custom-user-data-maven-extension from 2.1.0 to 2.2.0 (#1128)\n\nBumps\n[com.gradle:common-custom-user-data-maven-extension](https://github.com/gradle/common-custom-user-data-maven-extension)\nfrom 2.1.0 to 2.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/releases\"\u003ecom.gradle:common-custom-user-data-maven-extension\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[NEW] Add AI tag to the Build Scan when invoked by an AI Agent\u003c/li\u003e\n\u003cli\u003e[NEW] Add custom value to the Build Scan indicating which AI Agent\ninvoked the build\u003c/li\u003e\n\u003cli\u003e[NEW] Add link in Build Scan to GitHub PR\u003c/li\u003e\n\u003cli\u003e[NEW] For GitHub PRs, capture \u003ccode\u003eGITHUB_BASE_REF\u003c/code\u003e as the\nvalue \u003ccode\u003ePR base branch\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/commit/d594c600651c22fb242ae7989704dedd55354941\"\u003e\u003ccode\u003ed594c60\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release v2.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/commit/0a48e7af84f66dbcab13a1ed922b37ae20036cea\"\u003e\u003ccode\u003e0a48e7a\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/gradle/common-custom-user-data-maven-extension/issues/375\"\u003e#375\u003c/a\u003e\nfrom gradle/cj/github-pr-base-branch\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/commit/02f60010470630dc040841fb3103b16307b1c22f\"\u003e\u003ccode\u003e02f6001\u003c/code\u003e\u003c/a\u003e\nCapture GITHUB_BASE_REF as \u0027PR base branch\u0027 for GitHub PR builds\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/commit/fc03fa942b75a6e85d20055d193874f134d3953f\"\u003e\u003ccode\u003efc03fa9\u003c/code\u003e\u003c/a\u003e\nAdd recent feature additions to changes.md\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/commit/15015551ae69bc5cc65d5c00e1e38f84868beb44\"\u003e\u003ccode\u003e1501555\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/gradle/common-custom-user-data-maven-extension/issues/370\"\u003e#370\u003c/a\u003e\nfrom gradle/add-ai-agent-metadata\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/commit/de773aef7d7ee25182e8233dff2624c45bb2f1bf\"\u003e\u003ccode\u003ede773ae\u003c/code\u003e\u003c/a\u003e\n[Renovate Bot] Update dependency org.apache.maven:maven-core to v3.9.15\n(\u003ca\nhref\u003d\"https://redirect.github.com/gradle/common-custom-user-data-maven-extension/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/commit/074832a77b9f4695f05d9b7e58955a787451c674\"\u003e\u003ccode\u003e074832a\u003c/code\u003e\u003c/a\u003e\n[Renovate Bot] Update dependency maven to v3.9.15 (\u003ca\nhref\u003d\"https://redirect.github.com/gradle/common-custom-user-data-maven-extension/issues/373\"\u003e#373\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/commit/9de6cf166eab1220a012322d51ce9628820e08b4\"\u003e\u003ccode\u003e9de6cf1\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/gradle/common-custom-user-data-maven-extension/issues/372\"\u003e#372\u003c/a\u003e\nfrom gradle/renovate/github-actions\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/commit/ea1e3fcf40fdf65864361024935fee8f6032b6f8\"\u003e\u003ccode\u003eea1e3fc\u003c/code\u003e\u003c/a\u003e\n[Renovate Bot] Update actions/upload-artifact digest to 043fb46\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/commit/438484954c53f3c0aff0c913de0cc4b0d7ddcaf6\"\u003e\u003ccode\u003e4384849\u003c/code\u003e\u003c/a\u003e\nMatch AI tags/values to CCUD Gradle\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/compare/v2.1.0...v2.2.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "b068e28343d54604b1966e916a376ea4c1491f48", "tree": "22c3ba408cb17b36631d4f847d32470d39e6c641", "parents": [ "30d528fa9992c9ed16a01853a2ed285f0efcbd21" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon May 11 15:52:55 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon May 11 15:52:55 2026 +0200" }, "message": "MINOR: Bump com.github.ben-manes.caffeine:caffeine from 3.2.3 to 3.2.4 (#1130)\n\nBumps\n[com.github.ben-manes.caffeine:caffeine](https://github.com/ben-manes/caffeine)\nfrom 3.2.3 to 3.2.4.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/ben-manes/caffeine/releases\"\u003ecom.github.ben-manes.caffeine:caffeine\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.2.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImproved access expiration\u0027s read performance by avoiding false\nsharing effects caused by the timestamp update\u003c/li\u003e\n\u003cli\u003eFixed head-of-line blocking of expiration queues caused by in-flight\nasync entries (\u003ca\nhref\u003d\"https://redirect.github.com/ben-manes/caffeine/issues/1954\"\u003e#1954\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFixed various minor issues found using AI audits\u003c/li\u003e\n\u003cli\u003eAdded \u003ca\nhref\u003d\"https://docs.oracle.com/en/java/javase/25/docs/api//java.base/java/io/ObjectInputFilter.html\"\u003eObjectInputFilter\u003c/a\u003e\nsupport to JCache\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/ben-manes/caffeine/commit/836b65c0a83e5d1641ded9c6de578654bc04b2e9\"\u003e\u003ccode\u003e836b65c\u003c/code\u003e\u003c/a\u003e\nuse a consistent expiration tolerance calculation\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/ben-manes/caffeine/commit/0dc7daf962730048fe46ae4626827afbb97ddf92\"\u003e\u003ccode\u003e0dc7daf\u003c/code\u003e\u003c/a\u003e\nresurrect in-flight async entries on expiration\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/ben-manes/caffeine/commit/0bac8b54fd634ffe95d35ccd1d94daba95e7b369\"\u003e\u003ccode\u003e0bac8b5\u003c/code\u003e\u003c/a\u003e\nhandle head-of-line blocking of expiration queues (fixes \u003ca\nhref\u003d\"https://redirect.github.com/ben-manes/caffeine/issues/1954\"\u003e#1954\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/ben-manes/caffeine/commit/ff258366de0a89129152ead72524ce88f8fca67b\"\u003e\u003ccode\u003eff25836\u003c/code\u003e\u003c/a\u003e\ntest polish\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/ben-manes/caffeine/commit/f3a6176e2e3a7fe085214472858c6029c108fc3f\"\u003e\u003ccode\u003ef3a6176\u003c/code\u003e\u003c/a\u003e\nFix JCache close/createCache races and recursive teardown\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/ben-manes/caffeine/commit/622fbe7dbf7606f114b956205706935be2fcf3c8\"\u003e\u003ccode\u003e622fbe7\u003c/code\u003e\u003c/a\u003e\nFix removal in identity views and widen hill-climber counters\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/ben-manes/caffeine/commit/8da5a7a05d8b725c9dbd577be8ffaf2372aa7e23\"\u003e\u003ccode\u003e8da5a7a\u003c/code\u003e\u003c/a\u003e\ndefer weighing the entry until after the putIfAbsent hit fast-path\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/ben-manes/caffeine/commit/94ad0ff8556c9923a8d9746ab85af9ee830dd051\"\u003e\u003ccode\u003e94ad0ff\u003c/code\u003e\u003c/a\u003e\nRecord eviction stats before notifying the removal listener\nconsistently\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/ben-manes/caffeine/commit/f94c0113d0c98dc0afaadf1f6748ea280aa4dff7\"\u003e\u003ccode\u003ef94c011\u003c/code\u003e\u003c/a\u003e\nAuto-assert eviction stats alongside\nnotifications.withCause.exclusively\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/ben-manes/caffeine/commit/2e945e090fbff4f96251dfe1bacba3780a5bdb0c\"\u003e\u003ccode\u003e2e945e0\u003c/code\u003e\u003c/a\u003e\nSkip timestamp writes within tolerance on the read path.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/ben-manes/caffeine/compare/v3.2.3...v3.2.4\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "30d528fa9992c9ed16a01853a2ed285f0efcbd21", "tree": "357e5061f575a8f812a82c13ea9f6505fa91f134", "parents": [ "5e2fb636514c708cf27bd367c8f452d72ab5fdef" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon May 11 15:52:35 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon May 11 15:52:35 2026 +0200" }, "message": "MINOR: Bump checker.framework.version from 4.0.0 to 4.1.0 (#1131)\n\nBumps `checker.framework.version` from 4.0.0 to 4.1.0.\nUpdates `org.checkerframework:checker-qual` from 4.0.0 to 4.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/releases\"\u003eorg.checkerframework:checker-qual\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eChecker Framework 4.1.0\u003c/h2\u003e\n\u003ch2\u003eVersion 4.1.0 (2026-05-01)\u003c/h2\u003e\n\u003ch3\u003eUser-visible changes\u003c/h3\u003e\n\u003cp\u003eRemoved deprecated script \u003ccode\u003echecker/bin-devel/build.sh\u003c/code\u003e;\nuse \u003ccode\u003e./gradlew assemble\u003c/code\u003e instead.\u003c/p\u003e\n\u003cp\u003eRemoved deprecated names \u0026quot;builder\u0026quot;,\n\u0026quot;object.construction\u0026quot;, and \u0026quot;objectconstruction\u0026quot; for\nthe Called Methods Checker.\u003c/p\u003e\n\u003ch3\u003eImplementation details\u003c/h3\u003e\n\u003cp\u003eNew method annotation \u003ccode\u003e@DoesNotUnrefineReceiver\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eIn \u003ccode\u003eAnnotatedTypeFactory\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003enew method \u003ccode\u003ehasDoesNotUnrefineReceiver()\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eisAliasedTypeAnnotation()\u003c/code\u003e is now protected rather than\npublic.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eClosed issues\u003c/h3\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/6890\"\u003e#6890\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7364\"\u003e#7364\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7488\"\u003e#7488\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/blob/master/docs/CHANGELOG.md\"\u003eorg.checkerframework:checker-qual\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 4.1.0 (2026-05-01)\u003c/h2\u003e\n\u003ch3\u003eUser-visible changes\u003c/h3\u003e\n\u003cp\u003eRemoved deprecated script \u003ccode\u003echecker/bin-devel/build.sh\u003c/code\u003e;\nuse \u003ccode\u003e./gradlew assemble\u003c/code\u003e\ninstead.\u003c/p\u003e\n\u003cp\u003eRemoved deprecated names \u0026quot;builder\u0026quot;,\n\u0026quot;object.construction\u0026quot;, and\n\u0026quot;objectconstruction\u0026quot; for the Called Methods Checker.\u003c/p\u003e\n\u003ch3\u003eImplementation details\u003c/h3\u003e\n\u003cp\u003eNew method annotation \u003ccode\u003e@DoesNotUnrefineReceiver\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eIn \u003ccode\u003eAnnotatedTypeFactory\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003enew method \u003ccode\u003ehasDoesNotUnrefineReceiver()\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eisAliasedTypeAnnotation()\u003c/code\u003e is now protected rather than\npublic.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eClosed issues\u003c/h3\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/6890\"\u003e#6890\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7364\"\u003e#7364\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7488\"\u003e#7488\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/b8a7ca60a241c37d6889e8ecd38ba5fe6234e4d6\"\u003e\u003ccode\u003eb8a7ca6\u003c/code\u003e\u003c/a\u003e\nnew release 4.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/f1563d2caeb6120b97b2dab32bc592ecf23b0848\"\u003e\u003ccode\u003ef1563d2\u003c/code\u003e\u003c/a\u003e\nUpdate for release.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/786773754bb83c294f3c04629027660fb289d699\"\u003e\u003ccode\u003e7867737\u003c/code\u003e\u003c/a\u003e\nSet environment variable \u003ccode\u003eGH_TOKEN\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/771b037663bdd490f04245437dff8ae6ebb1c64b\"\u003e\u003ccode\u003e771b037\u003c/code\u003e\u003c/a\u003e\nTweak documentation (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7668\"\u003e#7668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/71735d1ec23ef765d8e559c92cb736630b0efaa3\"\u003e\u003ccode\u003e71735d1\u003c/code\u003e\u003c/a\u003e\nFix documentation typo\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/6465706e3b4a69f95b2421da4284b47ccb49b81a\"\u003e\u003ccode\u003e6465706\u003c/code\u003e\u003c/a\u003e\nMake \u003ccode\u003eisAliasedTypeAnnotation()\u003c/code\u003e protected (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7667\"\u003e#7667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/8af69bca25fbd1d293a46ea224567feabce34370\"\u003e\u003ccode\u003e8af69bc\u003c/code\u003e\u003c/a\u003e\nUpdate cimg/base Docker tag to v2026.04\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/fa3ad9b59ac273df809e390fbcf2667e7977cce7\"\u003e\u003ccode\u003efa3ad9b\u003c/code\u003e\u003c/a\u003e\nHow to update the Hevea version number\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/18002bf382ef24f3a4605dc17725bd9909c4497f\"\u003e\u003ccode\u003e18002bf\u003c/code\u003e\u003c/a\u003e\nUse environment variable\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/dd8381c0344e7a3befb65c1e13b19b37aeb636c7\"\u003e\u003ccode\u003edd8381c\u003c/code\u003e\u003c/a\u003e\nSet up GitHub Actions CI\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/compare/checker-framework-4.0.0...checker-framework-4.1.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.checkerframework:checker` from 4.0.0 to 4.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/releases\"\u003eorg.checkerframework:checker\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eChecker Framework 4.1.0\u003c/h2\u003e\n\u003ch2\u003eVersion 4.1.0 (2026-05-01)\u003c/h2\u003e\n\u003ch3\u003eUser-visible changes\u003c/h3\u003e\n\u003cp\u003eRemoved deprecated script \u003ccode\u003echecker/bin-devel/build.sh\u003c/code\u003e;\nuse \u003ccode\u003e./gradlew assemble\u003c/code\u003e instead.\u003c/p\u003e\n\u003cp\u003eRemoved deprecated names \u0026quot;builder\u0026quot;,\n\u0026quot;object.construction\u0026quot;, and \u0026quot;objectconstruction\u0026quot; for\nthe Called Methods Checker.\u003c/p\u003e\n\u003ch3\u003eImplementation details\u003c/h3\u003e\n\u003cp\u003eNew method annotation \u003ccode\u003e@DoesNotUnrefineReceiver\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eIn \u003ccode\u003eAnnotatedTypeFactory\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003enew method \u003ccode\u003ehasDoesNotUnrefineReceiver()\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eisAliasedTypeAnnotation()\u003c/code\u003e is now protected rather than\npublic.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eClosed issues\u003c/h3\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/6890\"\u003e#6890\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7364\"\u003e#7364\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7488\"\u003e#7488\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/blob/master/docs/CHANGELOG.md\"\u003eorg.checkerframework:checker\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 4.1.0 (2026-05-01)\u003c/h2\u003e\n\u003ch3\u003eUser-visible changes\u003c/h3\u003e\n\u003cp\u003eRemoved deprecated script \u003ccode\u003echecker/bin-devel/build.sh\u003c/code\u003e;\nuse \u003ccode\u003e./gradlew assemble\u003c/code\u003e\ninstead.\u003c/p\u003e\n\u003cp\u003eRemoved deprecated names \u0026quot;builder\u0026quot;,\n\u0026quot;object.construction\u0026quot;, and\n\u0026quot;objectconstruction\u0026quot; for the Called Methods Checker.\u003c/p\u003e\n\u003ch3\u003eImplementation details\u003c/h3\u003e\n\u003cp\u003eNew method annotation \u003ccode\u003e@DoesNotUnrefineReceiver\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eIn \u003ccode\u003eAnnotatedTypeFactory\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003enew method \u003ccode\u003ehasDoesNotUnrefineReceiver()\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eisAliasedTypeAnnotation()\u003c/code\u003e is now protected rather than\npublic.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eClosed issues\u003c/h3\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/6890\"\u003e#6890\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7364\"\u003e#7364\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7488\"\u003e#7488\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/b8a7ca60a241c37d6889e8ecd38ba5fe6234e4d6\"\u003e\u003ccode\u003eb8a7ca6\u003c/code\u003e\u003c/a\u003e\nnew release 4.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/f1563d2caeb6120b97b2dab32bc592ecf23b0848\"\u003e\u003ccode\u003ef1563d2\u003c/code\u003e\u003c/a\u003e\nUpdate for release.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/786773754bb83c294f3c04629027660fb289d699\"\u003e\u003ccode\u003e7867737\u003c/code\u003e\u003c/a\u003e\nSet environment variable \u003ccode\u003eGH_TOKEN\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/771b037663bdd490f04245437dff8ae6ebb1c64b\"\u003e\u003ccode\u003e771b037\u003c/code\u003e\u003c/a\u003e\nTweak documentation (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7668\"\u003e#7668\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/71735d1ec23ef765d8e559c92cb736630b0efaa3\"\u003e\u003ccode\u003e71735d1\u003c/code\u003e\u003c/a\u003e\nFix documentation typo\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/6465706e3b4a69f95b2421da4284b47ccb49b81a\"\u003e\u003ccode\u003e6465706\u003c/code\u003e\u003c/a\u003e\nMake \u003ccode\u003eisAliasedTypeAnnotation()\u003c/code\u003e protected (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7667\"\u003e#7667\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/8af69bca25fbd1d293a46ea224567feabce34370\"\u003e\u003ccode\u003e8af69bc\u003c/code\u003e\u003c/a\u003e\nUpdate cimg/base Docker tag to v2026.04\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/fa3ad9b59ac273df809e390fbcf2667e7977cce7\"\u003e\u003ccode\u003efa3ad9b\u003c/code\u003e\u003c/a\u003e\nHow to update the Hevea version number\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/18002bf382ef24f3a4605dc17725bd9909c4497f\"\u003e\u003ccode\u003e18002bf\u003c/code\u003e\u003c/a\u003e\nUse environment variable\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/dd8381c0344e7a3befb65c1e13b19b37aeb636c7\"\u003e\u003ccode\u003edd8381c\u003c/code\u003e\u003c/a\u003e\nSet up GitHub Actions CI\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/compare/checker-framework-4.0.0...checker-framework-4.1.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "5e2fb636514c708cf27bd367c8f452d72ab5fdef", "tree": "b8475c2db0271bc0091b23f7ef2f737e41e37271", "parents": [ "5dc3ea699a4b7f8e4799c8ee318b96c9a9cc4f31" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon May 11 15:45:59 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon May 11 15:45:59 2026 +0200" }, "message": "MINOR: Bump com.google.api.grpc:proto-google-common-protos from 2.70.0 to 2.71.0 (#1144)\n\nBumps\n[com.google.api.grpc:proto-google-common-protos](https://github.com/googleapis/sdk-platform-java)\nfrom 2.70.0 to 2.71.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/647366865339840bbf1561e0f0cf776c7c88642a\"\u003e\u003ccode\u003e6473668\u003c/code\u003e\u003c/a\u003e\nchore(main): release 2.63.0 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3927\"\u003e#3927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/8015e7e48422b56f9c7e353447a7fcc75fe1787c\"\u003e\u003ccode\u003e8015e7e\u003c/code\u003e\u003c/a\u003e\nchore: update googleapis commit at Fri Oct 3 02:28:22 UTC 2025 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3923\"\u003e#3923\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/48075a80cea71fd3bc7697bca106633fb433f8a1\"\u003e\u003ccode\u003e48075a8\u003c/code\u003e\u003c/a\u003e\nchore: Upper bound file deps change has chore type (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3949\"\u003e#3949\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/1d7466332b5dc13fde6ed687247873135a5fa919\"\u003e\u003ccode\u003e1d74663\u003c/code\u003e\u003c/a\u003e\ndeps: update google auth library dependencies to v1.40.0 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3945\"\u003e#3945\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/7fb4f155eef478c1a66bc2f1fdecd7565d225b3e\"\u003e\u003ccode\u003e7fb4f15\u003c/code\u003e\u003c/a\u003e\ndeps: Upgrade Google Http Java Client to v2.0.2 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3946\"\u003e#3946\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/feabef32c4c45be0fb1db3615568365b902ece24\"\u003e\u003ccode\u003efeabef3\u003c/code\u003e\u003c/a\u003e\nfeat(librariangen): add bazel package (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3940\"\u003e#3940\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/8d6c1f915ba5f0c4ac9b89120e63dddd62e37a22\"\u003e\u003ccode\u003e8d6c1f9\u003c/code\u003e\u003c/a\u003e\ndeps: Bump Guava to v33.5.0 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3943\"\u003e#3943\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/180b9a017e839d5f3c34a980d7c0706cac30a38c\"\u003e\u003ccode\u003e180b9a0\u003c/code\u003e\u003c/a\u003e\nbuild(deps): update dependency\ncom.google.cloud:google-cloud-shared-config to...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/3f548fbcee1b2fc3f9aff7d12977e7d364ecfcf9\"\u003e\u003ccode\u003e3f548fb\u003c/code\u003e\u003c/a\u003e\ndeps: update upper bound dependencies file (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3947\"\u003e#3947\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/a1b5ba3bec5d3facdb1b5550b82dcc1c3172bd8b\"\u003e\u003ccode\u003ea1b5ba3\u003c/code\u003e\u003c/a\u003e\nchore: Manage errorprone and j2objc versions in pom-parent (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3948\"\u003e#3948\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/compare/gax/v2.70.0...gax/v2.71.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.google.api.grpc:proto-google-common-protos\u0026package-manager\u003dmaven\u0026previous-version\u003d2.70.0\u0026new-version\u003d2.71.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "5dc3ea699a4b7f8e4799c8ee318b96c9a9cc4f31", "tree": "6858086b17aab89c4831d430d393345d35f4fce8", "parents": [ "138e8521b17a2b83814b8714c7d8e0f94fe13656" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon May 11 07:58:24 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon May 11 07:58:24 2026 +0200" }, "message": "MINOR: Bump com.github.luben:zstd-jni from 1.5.7-7 to 1.5.7-8 (#1132)\n\nBumps [com.github.luben:zstd-jni](https://github.com/luben/zstd-jni)\nfrom 1.5.7-7 to 1.5.7-8.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/luben/zstd-jni/commit/0afb51a8420183cfb894063ea06cb08b91f63ce2\"\u003e\u003ccode\u003e0afb51a\u003c/code\u003e\u003c/a\u003e\nUse gcc on AIX\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/luben/zstd-jni/commit/1addabc11201bc2a33df8cbd4f90c0508a273d46\"\u003e\u003ccode\u003e1addabc\u003c/code\u003e\u003c/a\u003e\nv1.5.7-8\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/luben/zstd-jni/commit/3044e793cb449c0d55367a2232955136ee0d95f2\"\u003e\u003ccode\u003e3044e79\u003c/code\u003e\u003c/a\u003e\nMore validation\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/luben/zstd-jni/commit/8257354d97008c8cee736246bd45277e0998ce06\"\u003e\u003ccode\u003e8257354\u003c/code\u003e\u003c/a\u003e\nRemove the check for OSGI when trying to load from JAR\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/luben/zstd-jni/commit/702105065a4973e4faf179a32dd535e7ef64a93a\"\u003e\u003ccode\u003e7021050\u003c/code\u003e\u003c/a\u003e\nRevert \u0026quot;Test on RISE RISC-V runners\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/luben/zstd-jni/commit/9a1ed43541d6bd833eaa4c7537624e15fbc95151\"\u003e\u003ccode\u003e9a1ed43\u003c/code\u003e\u003c/a\u003e\nTest on RISE RISC-V runners\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/luben/zstd-jni/commit/92a338167cc6221b618f34e22010ec62ff2eea95\"\u003e\u003ccode\u003e92a3381\u003c/code\u003e\u003c/a\u003e\nignore .DS_Store\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/luben/zstd-jni/compare/v1.5.7-7...v1.5.7-8\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "138e8521b17a2b83814b8714c7d8e0f94fe13656", "tree": "963c8379a6b3b27d27cce5bfdb0091c81ee83a42", "parents": [ "e5482cd63d2043c0e418f1adc7bcd1e5192c5078" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon May 11 05:20:41 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon May 11 05:20:41 2026 +0200" }, "message": "MINOR: Bump com.fasterxml.jackson:jackson-bom from 2.21.2 to 2.21.3 (#1133)\n\nBumps\n[com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom)\nfrom 2.21.2 to 2.21.3.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/374fbd08ee91a6c91626bae1d6497df21c89b541\"\u003e\u003ccode\u003e374fbd0\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release jackson-bom-2.21.3\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/7059df78cc36832349acad026169ff890f4c718c\"\u003e\u003ccode\u003e7059df7\u003c/code\u003e\u003c/a\u003e\nPrep for 2.21.3 release\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/2fd60bdab3228f6b99dce81326d9fd7eaf587401\"\u003e\u003ccode\u003e2fd60bd\u003c/code\u003e\u003c/a\u003e\nMerge branch \u00272.20\u0027 into 2.21\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/b82a3640491f66be2e56bef377b5002cd9d1567b\"\u003e\u003ccode\u003eb82a364\u003c/code\u003e\u003c/a\u003e\nMerge branch \u00272.19\u0027 into 2.20\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/ef4e013e95fc64583b0a414711648a84fc50be46\"\u003e\u003ccode\u003eef4e013\u003c/code\u003e\u003c/a\u003e\nMerge branch \u00272.18\u0027 into 2.19\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/536ae51c1db9dfbfc8dda697ccfd6545cf626d2b\"\u003e\u003ccode\u003e536ae51\u003c/code\u003e\u003c/a\u003e\nPost-release dep version bump\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/536c5339035643fdca46ddd947f253afd072f764\"\u003e\u003ccode\u003e536c533\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/426b778e5ea490d164e572a63319c7cf2f362f2f\"\u003e\u003ccode\u003e426b778\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release jackson-bom-2.18.7\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/a73cda9be3e57f29c53fea748f1f867eaa1457ab\"\u003e\u003ccode\u003ea73cda9\u003c/code\u003e\u003c/a\u003e\nPrep for 2.18.7 release\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/76b4a05087a9e42eb1b26f59d5b7028b0496da5e\"\u003e\u003ccode\u003e76b4a05\u003c/code\u003e\u003c/a\u003e\nPost-release dep version bump\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.21.2...jackson-bom-2.21.3\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "e5482cd63d2043c0e418f1adc7bcd1e5192c5078", "tree": "ea6895a30a52830e64f8a28634bbdc0aaf302745", "parents": [ "0f0a58433b46004ff9869a2512beded177340bca" ], "author": { "name": "JB Onofré", "email": "jbonofre@apache.org", "time": "Sun May 10 08:15:56 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun May 10 08:15:56 2026 +0200" }, "message": "MINOR: Fix Gandiva JNI build against Arrow C++ 24.0.0 (#1140)\n\nArrow C++ 24.0.0 introduced two breaking changes for the JNI build:\n\n1. `arrow::decimal()` was removed; replaced with `arrow::decimal128()`\nin the Gandiva JNI source.\n\n2. xsimd \u003e\u003d 14.0.0 is now a required dependency. The Docker image\u0027s\nvcpkg registry only ships xsimd 13.2.0, so the Linux JNI CMake\nconfiguration was failing. Fixed by passing `xsimd_SOURCE\u003dBUNDLED` to\nthe Arrow C++ CMake configure step so Arrow downloads and uses xsimd\n14.0.0 directly, and by passing the vcpkg toolchain file to the Arrow\nC++ configure step so other vcpkg-managed dependencies are still\nresolved correctly." }, { "commit": "0f0a58433b46004ff9869a2512beded177340bca", "tree": "61bdc8074c685d23b805e85864b2f5a186e12db2", "parents": [ "09038fbb578d38e98878359557b1e13dcb96b04f" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Apr 27 06:17:22 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Apr 27 06:17:22 2026 +0200" }, "message": "MINOR: Bump io.grpc:grpc-bom from 1.79.0 to 1.80.0 (#1093)\n\nBumps [io.grpc:grpc-bom](https://github.com/grpc/grpc-java) from 1.79.0\nto 1.80.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/releases\"\u003eio.grpc:grpc-bom\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eV1.80.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAPI Changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ecore: Added PickResult.copyWithSubchannel() and\nPickResult.copyWithStreamTracerFactory() to simplify updating PickResult\nwhile preserving metadata. Load balancing policies should now ensure\nForwardingSubchannel decorators are unwrapped before being returned in a\npick result. (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12658\"\u003e#12658\u003c/a\u003e)\n(eae16b251)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBug Fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ecore: Fixed the retry backoff jitter range to [0.8, 1.2] to align\nwith the gRPC A6 specification. Retries will now occur more consistently\naround the calculated backoff interval. (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12639\"\u003e#12639\u003c/a\u003e)\n(024fdd0ea)\ncore: Fixed a race condition in RetriableStream where inFlightSubStreams\ncounting could become inconsistent during concurrent retry and deadline\nevents. This ensures that client calls (such as blockingUnaryCall) do\nnot hang indefinitely and correctly receive a close signal. (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12649\"\u003e#12649\u003c/a\u003e)\n(73abb4854)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eapi: Trigger R8\u0027s ServiceLoader optimization to reduce necessary\nconfiguration when using R8 Full Mode (470219f9c). This allows gRPC to\navoid reflection, and the need to specify -keeps for various class’s\nconstructors.\nUpgrade to protobuf 33.4 (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12615\"\u003e#12615\u003c/a\u003e)\n(50c18f183)\u003c/li\u003e\n\u003cli\u003ecronet: Introduced CRONET_READ_BUFFER_SIZE_KEY to allow customizing\nthe read buffer size per-stream via CallOptions. Increasing the buffer\nsize from the 4KB default can significantly improve performance for\nlarge messages by reducing JNI and context-switching overhead.\n(31fdb6c22)\u003c/li\u003e\n\u003cli\u003eapi: Moved FlagResetRule to api/testFixtures and updated\nManagedChannelRegistry to honor the GRPC_ENABLE_RFC3986_URIS feature\nflag. This ensures that target parsing is consistent across the library\nwhen the new URI parser is enabled. (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12608\"\u003e#12608\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eapi: Updated NameResolverRegistry to natively support io.grpc.Uri.\nThis is a foundational change that allows gRPC\u0027s name resolution system\nto handle URIs parsed with the new RFC 3986-compliant parser, ensuring\nmore robust target handling. (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12609\"\u003e#12609\u003c/a\u003e)\n(990348876)\u003c/li\u003e\n\u003cli\u003exds: Removed the GRPC_EXPERIMENTAL_XDS_SNI feature flag. SNI\ndetermination via xDS is now always enabled and follows gRFC A101, where\nSNI is derived from xDS configurations like auto_host_sni or\nUpstreamTlsContext.sni. This ensures that no SNI is sent if not\nexplicitly configured, unless the legacy channel authority fallback is\nenabled. (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12625\"\u003e#12625\u003c/a\u003e)\n(ac44e9681)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNew Features\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ecore: pick_first shuffling now a weighted shuffle and observes\nweights from EDS (34dd29042). This finishes the \u003ca\nhref\u003d\"https://github.com/grpc/proposal/blob/master/A113-pick-first-weighted-shuffling.md\"\u003egRFC\nA113 pick_first: Weighted Random Shuffling\u003c/a\u003e support\u003c/li\u003e\n\u003cli\u003enetty: Added RFC 3986 support to the unix: name resolver. This\nenables proper parsing of Unix domain socket URIs, including correct\nhandling of query and fragment components in both hierarchical (e.g.,\nunix:///path) and opaque (e.g., unix:/path) formats. (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12659\"\u003e#12659\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eThanks to\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/becomeStar\"\u003e\u003ccode\u003e@​becomeStar\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/aymanm-google\"\u003e\u003ccode\u003e@​aymanm-google\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/PetitBaguette\"\u003e\u003ccode\u003e@​PetitBaguette\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/stagegrowth\"\u003e\u003ccode\u003e@​stagegrowth\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/wcchoi\"\u003e\u003ccode\u003e@​wcchoi\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/Gyuhyeok99\"\u003e\u003ccode\u003e@​Gyuhyeok99\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/6c231b4c534d887bc6407f8af52733d996f19819\"\u003e\u003ccode\u003e6c231b4\u003c/code\u003e\u003c/a\u003e\nBump version to 1.80.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/daf7a6c3c0496dce3f9d9c26aeae2479a3a4d7de\"\u003e\u003ccode\u003edaf7a6c\u003c/code\u003e\u003c/a\u003e\nUpdate README etc to reference 1.80.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/b7f9074e23fa543e9a804e20df8a8a656feb39ea\"\u003e\u003ccode\u003eb7f9074\u003c/code\u003e\u003c/a\u003e\nRevert \u0026quot;fix(xds): Allow and normalize trailing dot (FQDN) in\nmatchHostName (#...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/09a6e2ef6ebdbee4d3980d5ac6bd3e3e1c2d9755\"\u003e\u003ccode\u003e09a6e2e\u003c/code\u003e\u003c/a\u003e\nRevert \u0026quot;netty: Preserve early server handshake failure cause in\nlogs\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/31fdb6c2268b4b1c8ba6c995ee46c58e84a831aa\"\u003e\u003ccode\u003e31fdb6c\u003c/code\u003e\u003c/a\u003e\nAdd \u003ccode\u003eCRONET_READ_BUFFER_SIZE_KEY\u003c/code\u003e API to\nCronetClientStream\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/470219f9ca330887215d3192f72095aa844d84fb\"\u003e\u003ccode\u003e470219f\u003c/code\u003e\u003c/a\u003e\nTrigger R8\u0027s ServiceLoader optimization\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/50ead96f4718569782cc7a3f694c9aa755722bac\"\u003e\u003ccode\u003e50ead96\u003c/code\u003e\u003c/a\u003e\nnetty: Preserve early server handshake failure cause in logs\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/eae16b2517e294cde94c2a8b1171c0131fa7991a\"\u003e\u003ccode\u003eeae16b2\u003c/code\u003e\u003c/a\u003e\nunwrap ForwardingSubchannel during Picks (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12658\"\u003e#12658\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/d9320eea62534e8a87319c1124a3a0f8443e43a8\"\u003e\u003ccode\u003ed9320ee\u003c/code\u003e\u003c/a\u003e\nnetty: Add RFC 3986 support to the \u0027unix:\u0027 name resolver.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/d5536b34b26788993c9b0ae4212f22a35a9ecf3c\"\u003e\u003ccode\u003ed5536b3\u003c/code\u003e\u003c/a\u003e\nnetty: factor out some duplicated code into a helper method\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/compare/v1.79.0...v1.80.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "09038fbb578d38e98878359557b1e13dcb96b04f", "tree": "7c6c035c4f56fbacf38d5688e67e57dbc12bcc3a", "parents": [ "980b5146b5c659e5a06c4592b59cef0f2514ea72" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Apr 27 06:15:04 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Apr 27 06:15:04 2026 +0200" }, "message": "MINOR: Bump checker.framework.version from 3.55.1 to 4.0.0 (#1113)\n\nBumps `checker.framework.version` from 3.55.1 to 4.0.0.\nUpdates `org.checkerframework:checker-qual` from 3.55.1 to 4.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/releases\"\u003eorg.checkerframework:checker-qual\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease 4.0.0 of the Checker Framework\u003c/h2\u003e\n\u003ch2\u003eVersion 4.0.0 (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eUser-visible changes\u003c/h3\u003e\n\u003cp\u003eTo run the Checker Framework, you need to use a JDK 17 or later\nversion of javac. That is, you need to use JDK 17 or later when\ncompiling your code.\u003c/p\u003e\n\u003cp\u003eThe Checker Framework can type-check any Java project, including\nprojects that compile to Java 8 or 11 bytecodes and run on JRE versions\n8 or 11. That is, your code can run under any release of Java, from Java\n8 onward.\u003c/p\u003e\n\u003cp\u003eThe type qualifiers and utility libraries in\n\u003ccode\u003echecker-qual.jar\u003c/code\u003e and \u003ccode\u003echecker-util.jar\u003c/code\u003e still\nuse Java 11 bytecode. Thus, they may be used in projects that run under\nJava 11 or later.\u003c/p\u003e\n\u003ch3\u003eChanges since version 3.0.0\u003c/h3\u003e\n\u003cp\u003eSince version 3.0.0, 91 authors have made over 4500 commits and\nclosed over 600 issues. Thanks to everyone who contributed!\u003c/p\u003e\n\u003cp\u003eNew checkers include:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ca\nhref\u003d\"https://checkerframework.org/manual/#index-checker\"\u003eIndex\nChecker\u003c/a\u003e warns about out-of-bounds accesses to arrays and\nstrings.\u003c/li\u003e\n\u003cli\u003eThe \u003ca\nhref\u003d\"https://checkerframework.org/manual/#initialized-fields-checker\"\u003eInitialized\nFields Checker\u003c/a\u003e warns if a constructor does not initialize a\nfield.\u003c/li\u003e\n\u003cli\u003eThe \u003ca\nhref\u003d\"https://checkerframework.org/manual/#resource-leak-checker\"\u003eResource\nLeak Checker\u003c/a\u003e guarantees that every resource is closed rather than\nleaked. Examples of resources are a channel, executor,\n\u003ccode\u003eExecutionControl\u003c/code\u003e, file, \u003ccode\u003eFileLock\u003c/code\u003e,\n\u003ccode\u003eFormatter\u003c/code\u003e, reader, \u003ccode\u003eScanner\u003c/code\u003e, socket, stream,\nwriter, etc.\u003c/li\u003e\n\u003cli\u003eThe \u003ca\nhref\u003d\"https://checkerframework.org/manual/#sql-quotes-checker\"\u003eSQL\nQuotes Checker\u003c/a\u003e helps prevent SQL injection vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eNew command-line arguments include:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e-AskipFiles\u003c/code\u003e, \u003ccode\u003e-AonlyFiles\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AassumeSideEffectFree\u003c/code\u003e,\n\u003ccode\u003e-AassumeDeterministic\u003c/code\u003e, \u003ccode\u003e-AassumePure\u003c/code\u003e,\n\u003ccode\u003e-AassumePureGetters\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AuseConservativeDefaultsForUncheckedCode\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AignoreRawTypeArguments\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AwarnRedundantAnnotations\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-Ainfer\u003dajava\u003c/code\u003e, \u003ccode\u003e-AinferOutputDirectory\u003c/code\u003e,\n\u003ccode\u003e-AinferOutputOriginal\u003c/code\u003e,\n\u003ccode\u003e-AshowWpiFailedInferences\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AshowSuppressWarningsStrings\u003c/code\u003e,\n\u003ccode\u003e-AwarnUnneededSuppressionsExceptions\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AshowPrefixInWarningMessages\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AstubNoWarnIfNotFound\u003c/code\u003e, \u003ccode\u003e-AstubWarnNote\u003c/code\u003e,\n\u003ccode\u003e-AmergeStubsWithSource\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-Aonelinemsg\u003c/code\u003e, \u003ccode\u003e-AdumpOnErrors\u003c/code\u003e,\n\u003ccode\u003e-AexceptionLineSeparator\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-ApermitMissingJdk\u003c/code\u003e, \u003ccode\u003e-AparseAllJdk\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AslowTypecheckingSeconds\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-Aversion\u003c/code\u003e, \u003ccode\u003e-AprintGitProperties\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eYou can pass an option to only a particular checker (not all\ncheckers) by using an underscore prefix.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eOther improvements include thousands of enhancements and bug fixes --\ntoo many to list here.\u003c/p\u003e\n\u003ch3\u003eImplementation details\u003c/h3\u003e\n\u003cp\u003eAll previously-deprecated methods and classes have been removed. If\nyour project builds upon the Checker Framework, we suggest that you\nupgrade to version 3.55.1, resolve all the deprecation warnings, then\nupgrade to version 4.0.0.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/blob/master/docs/CHANGELOG.md\"\u003eorg.checkerframework:checker-qual\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 4.0.0 (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eUser-visible changes\u003c/h3\u003e\n\u003cp\u003eTo run the Checker Framework, you need to use a JDK 17 or later\nversion of\njavac. That is, you need to use JDK 17 or later when compiling your\ncode.\u003c/p\u003e\n\u003cp\u003eThe Checker Framework can type-check any Java project, including\nprojects that\ncompile to Java 8 or 11 bytecodes and run on JRE versions 8 or 11. That\nis,\nyour code can run under any release of Java, from Java 8 onward.\u003c/p\u003e\n\u003cp\u003eThe type qualifiers and utility libraries in\n\u003ccode\u003echecker-qual.jar\u003c/code\u003e and\n\u003ccode\u003echecker-util.jar\u003c/code\u003e still use Java 11 bytecode. Thus, they may\nbe used in\nprojects that run under Java 11 or later.\u003c/p\u003e\n\u003ch3\u003eChanges since version 3.0.0\u003c/h3\u003e\n\u003cp\u003eSince version 3.0.0, 91 authors have made over 4500 commits and\nclosed over 600\nissues. Thanks to everyone who contributed!\u003c/p\u003e\n\u003cp\u003eNew checkers include:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ca\nhref\u003d\"https://checkerframework.org/manual/#index-checker\"\u003eIndex\nChecker\u003c/a\u003e warns\nabout out-of-bounds accesses to arrays and strings.\u003c/li\u003e\n\u003cli\u003eThe \u003ca\nhref\u003d\"https://checkerframework.org/manual/#initialized-fields-checker\"\u003eInitialized\nFields\nChecker\u003c/a\u003e\nwarns if a constructor does not initialize a field.\u003c/li\u003e\n\u003cli\u003eThe \u003ca\nhref\u003d\"https://checkerframework.org/manual/#resource-leak-checker\"\u003eResource\nLeak\nChecker\u003c/a\u003e\nguarantees that every resource is closed rather than leaked. Examples of\nresources are a channel, executor, \u003ccode\u003eExecutionControl\u003c/code\u003e, file,\n\u003ccode\u003eFileLock\u003c/code\u003e,\n\u003ccode\u003eFormatter\u003c/code\u003e, reader, \u003ccode\u003eScanner\u003c/code\u003e, socket, stream,\nwriter, etc.\u003c/li\u003e\n\u003cli\u003eThe \u003ca\nhref\u003d\"https://checkerframework.org/manual/#sql-quotes-checker\"\u003eSQL\nQuotes\nChecker\u003c/a\u003e helps\nprevent SQL injection vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eNew command-line arguments include:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e-AskipFiles\u003c/code\u003e, \u003ccode\u003e-AonlyFiles\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AassumeSideEffectFree\u003c/code\u003e,\n\u003ccode\u003e-AassumeDeterministic\u003c/code\u003e, \u003ccode\u003e-AassumePure\u003c/code\u003e,\n\u003ccode\u003e-AassumePureGetters\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AuseConservativeDefaultsForUncheckedCode\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AignoreRawTypeArguments\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AwarnRedundantAnnotations\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-Ainfer\u003dajava\u003c/code\u003e, \u003ccode\u003e-AinferOutputDirectory\u003c/code\u003e,\n\u003ccode\u003e-AinferOutputOriginal\u003c/code\u003e,\n\u003ccode\u003e-AshowWpiFailedInferences\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AshowSuppressWarningsStrings\u003c/code\u003e,\n\u003ccode\u003e-AwarnUnneededSuppressionsExceptions\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AshowPrefixInWarningMessages\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AstubNoWarnIfNotFound\u003c/code\u003e, \u003ccode\u003e-AstubWarnNote\u003c/code\u003e,\n\u003ccode\u003e-AmergeStubsWithSource\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-Aonelinemsg\u003c/code\u003e, \u003ccode\u003e-AdumpOnErrors\u003c/code\u003e,\n\u003ccode\u003e-AexceptionLineSeparator\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-ApermitMissingJdk\u003c/code\u003e, \u003ccode\u003e-AparseAllJdk\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AslowTypecheckingSeconds\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/479d0875daa271447e2822c657896b5f9d02ce24\"\u003e\u003ccode\u003e479d087\u003c/code\u003e\u003c/a\u003e\nnew release 4.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/bfff75751f4fa4094b7d3015c4b2cfbc2893fbc5\"\u003e\u003ccode\u003ebfff757\u003c/code\u003e\u003c/a\u003e\nPut the manual in the right place.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/c532f6d12fd5352610f70215f010786e9a2e9924\"\u003e\u003ccode\u003ec532f6d\u003c/code\u003e\u003c/a\u003e\nPut a copy of manual.pdf at top level of website as expected.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/5e53e6cfd1e5535623ea260342391037106778ec\"\u003e\u003ccode\u003e5e53e6c\u003c/code\u003e\u003c/a\u003e\nNo closed issues.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/e67ae858ed36f81ac586fbf42821fa3a483e7f23\"\u003e\u003ccode\u003ee67ae85\u003c/code\u003e\u003c/a\u003e\nPrep for release.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/4192d0d88bc272c571a8dd3454d499982cd0ee42\"\u003e\u003ccode\u003e4192d0d\u003c/code\u003e\u003c/a\u003e\nRemove file SKIP-REQUIRE-JAVADOC\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/7d6d85687d2298dbe85d59692ab85d03566a29e7\"\u003e\u003ccode\u003e7d6d856\u003c/code\u003e\u003c/a\u003e\nRemove or update references to JDK 8-16\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/b1e3761bbf0dfb1185d7e8e0b850ef97cafd5ea8\"\u003e\u003ccode\u003eb1e3761\u003c/code\u003e\u003c/a\u003e\nRemove all deprecated methods\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/a1b30642b07d64603a9ec9ef093f910e5be0bf41\"\u003e\u003ccode\u003ea1b3064\u003c/code\u003e\u003c/a\u003e\nDirectly use Java 17 and below Javac APIs. (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7582\"\u003e#7582\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/4efdbdbbda3ac5230bcae57341098816aa71abfb\"\u003e\u003ccode\u003e4efdbdb\u003c/code\u003e\u003c/a\u003e\nRemove support for Java 8 from scripts and build scripts. (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7575\"\u003e#7575\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/compare/checker-framework-3.55.1...checker-framework-4.0.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.checkerframework:checker` from 3.55.1 to 4.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/releases\"\u003eorg.checkerframework:checker\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eRelease 4.0.0 of the Checker Framework\u003c/h2\u003e\n\u003ch2\u003eVersion 4.0.0 (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eUser-visible changes\u003c/h3\u003e\n\u003cp\u003eTo run the Checker Framework, you need to use a JDK 17 or later\nversion of javac. That is, you need to use JDK 17 or later when\ncompiling your code.\u003c/p\u003e\n\u003cp\u003eThe Checker Framework can type-check any Java project, including\nprojects that compile to Java 8 or 11 bytecodes and run on JRE versions\n8 or 11. That is, your code can run under any release of Java, from Java\n8 onward.\u003c/p\u003e\n\u003cp\u003eThe type qualifiers and utility libraries in\n\u003ccode\u003echecker-qual.jar\u003c/code\u003e and \u003ccode\u003echecker-util.jar\u003c/code\u003e still\nuse Java 11 bytecode. Thus, they may be used in projects that run under\nJava 11 or later.\u003c/p\u003e\n\u003ch3\u003eChanges since version 3.0.0\u003c/h3\u003e\n\u003cp\u003eSince version 3.0.0, 91 authors have made over 4500 commits and\nclosed over 600 issues. Thanks to everyone who contributed!\u003c/p\u003e\n\u003cp\u003eNew checkers include:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ca\nhref\u003d\"https://checkerframework.org/manual/#index-checker\"\u003eIndex\nChecker\u003c/a\u003e warns about out-of-bounds accesses to arrays and\nstrings.\u003c/li\u003e\n\u003cli\u003eThe \u003ca\nhref\u003d\"https://checkerframework.org/manual/#initialized-fields-checker\"\u003eInitialized\nFields Checker\u003c/a\u003e warns if a constructor does not initialize a\nfield.\u003c/li\u003e\n\u003cli\u003eThe \u003ca\nhref\u003d\"https://checkerframework.org/manual/#resource-leak-checker\"\u003eResource\nLeak Checker\u003c/a\u003e guarantees that every resource is closed rather than\nleaked. Examples of resources are a channel, executor,\n\u003ccode\u003eExecutionControl\u003c/code\u003e, file, \u003ccode\u003eFileLock\u003c/code\u003e,\n\u003ccode\u003eFormatter\u003c/code\u003e, reader, \u003ccode\u003eScanner\u003c/code\u003e, socket, stream,\nwriter, etc.\u003c/li\u003e\n\u003cli\u003eThe \u003ca\nhref\u003d\"https://checkerframework.org/manual/#sql-quotes-checker\"\u003eSQL\nQuotes Checker\u003c/a\u003e helps prevent SQL injection vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eNew command-line arguments include:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e-AskipFiles\u003c/code\u003e, \u003ccode\u003e-AonlyFiles\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AassumeSideEffectFree\u003c/code\u003e,\n\u003ccode\u003e-AassumeDeterministic\u003c/code\u003e, \u003ccode\u003e-AassumePure\u003c/code\u003e,\n\u003ccode\u003e-AassumePureGetters\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AuseConservativeDefaultsForUncheckedCode\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AignoreRawTypeArguments\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AwarnRedundantAnnotations\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-Ainfer\u003dajava\u003c/code\u003e, \u003ccode\u003e-AinferOutputDirectory\u003c/code\u003e,\n\u003ccode\u003e-AinferOutputOriginal\u003c/code\u003e,\n\u003ccode\u003e-AshowWpiFailedInferences\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AshowSuppressWarningsStrings\u003c/code\u003e,\n\u003ccode\u003e-AwarnUnneededSuppressionsExceptions\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AshowPrefixInWarningMessages\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AstubNoWarnIfNotFound\u003c/code\u003e, \u003ccode\u003e-AstubWarnNote\u003c/code\u003e,\n\u003ccode\u003e-AmergeStubsWithSource\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-Aonelinemsg\u003c/code\u003e, \u003ccode\u003e-AdumpOnErrors\u003c/code\u003e,\n\u003ccode\u003e-AexceptionLineSeparator\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-ApermitMissingJdk\u003c/code\u003e, \u003ccode\u003e-AparseAllJdk\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AslowTypecheckingSeconds\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-Aversion\u003c/code\u003e, \u003ccode\u003e-AprintGitProperties\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eYou can pass an option to only a particular checker (not all\ncheckers) by using an underscore prefix.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eOther improvements include thousands of enhancements and bug fixes --\ntoo many to list here.\u003c/p\u003e\n\u003ch3\u003eImplementation details\u003c/h3\u003e\n\u003cp\u003eAll previously-deprecated methods and classes have been removed. If\nyour project builds upon the Checker Framework, we suggest that you\nupgrade to version 3.55.1, resolve all the deprecation warnings, then\nupgrade to version 4.0.0.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/blob/master/docs/CHANGELOG.md\"\u003eorg.checkerframework:checker\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 4.0.0 (2026-04-07)\u003c/h2\u003e\n\u003ch3\u003eUser-visible changes\u003c/h3\u003e\n\u003cp\u003eTo run the Checker Framework, you need to use a JDK 17 or later\nversion of\njavac. That is, you need to use JDK 17 or later when compiling your\ncode.\u003c/p\u003e\n\u003cp\u003eThe Checker Framework can type-check any Java project, including\nprojects that\ncompile to Java 8 or 11 bytecodes and run on JRE versions 8 or 11. That\nis,\nyour code can run under any release of Java, from Java 8 onward.\u003c/p\u003e\n\u003cp\u003eThe type qualifiers and utility libraries in\n\u003ccode\u003echecker-qual.jar\u003c/code\u003e and\n\u003ccode\u003echecker-util.jar\u003c/code\u003e still use Java 11 bytecode. Thus, they may\nbe used in\nprojects that run under Java 11 or later.\u003c/p\u003e\n\u003ch3\u003eChanges since version 3.0.0\u003c/h3\u003e\n\u003cp\u003eSince version 3.0.0, 91 authors have made over 4500 commits and\nclosed over 600\nissues. Thanks to everyone who contributed!\u003c/p\u003e\n\u003cp\u003eNew checkers include:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThe \u003ca\nhref\u003d\"https://checkerframework.org/manual/#index-checker\"\u003eIndex\nChecker\u003c/a\u003e warns\nabout out-of-bounds accesses to arrays and strings.\u003c/li\u003e\n\u003cli\u003eThe \u003ca\nhref\u003d\"https://checkerframework.org/manual/#initialized-fields-checker\"\u003eInitialized\nFields\nChecker\u003c/a\u003e\nwarns if a constructor does not initialize a field.\u003c/li\u003e\n\u003cli\u003eThe \u003ca\nhref\u003d\"https://checkerframework.org/manual/#resource-leak-checker\"\u003eResource\nLeak\nChecker\u003c/a\u003e\nguarantees that every resource is closed rather than leaked. Examples of\nresources are a channel, executor, \u003ccode\u003eExecutionControl\u003c/code\u003e, file,\n\u003ccode\u003eFileLock\u003c/code\u003e,\n\u003ccode\u003eFormatter\u003c/code\u003e, reader, \u003ccode\u003eScanner\u003c/code\u003e, socket, stream,\nwriter, etc.\u003c/li\u003e\n\u003cli\u003eThe \u003ca\nhref\u003d\"https://checkerframework.org/manual/#sql-quotes-checker\"\u003eSQL\nQuotes\nChecker\u003c/a\u003e helps\nprevent SQL injection vulnerabilities.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eNew command-line arguments include:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003e-AskipFiles\u003c/code\u003e, \u003ccode\u003e-AonlyFiles\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AassumeSideEffectFree\u003c/code\u003e,\n\u003ccode\u003e-AassumeDeterministic\u003c/code\u003e, \u003ccode\u003e-AassumePure\u003c/code\u003e,\n\u003ccode\u003e-AassumePureGetters\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AuseConservativeDefaultsForUncheckedCode\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AignoreRawTypeArguments\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AwarnRedundantAnnotations\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-Ainfer\u003dajava\u003c/code\u003e, \u003ccode\u003e-AinferOutputDirectory\u003c/code\u003e,\n\u003ccode\u003e-AinferOutputOriginal\u003c/code\u003e,\n\u003ccode\u003e-AshowWpiFailedInferences\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AshowSuppressWarningsStrings\u003c/code\u003e,\n\u003ccode\u003e-AwarnUnneededSuppressionsExceptions\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AshowPrefixInWarningMessages\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AstubNoWarnIfNotFound\u003c/code\u003e, \u003ccode\u003e-AstubWarnNote\u003c/code\u003e,\n\u003ccode\u003e-AmergeStubsWithSource\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-Aonelinemsg\u003c/code\u003e, \u003ccode\u003e-AdumpOnErrors\u003c/code\u003e,\n\u003ccode\u003e-AexceptionLineSeparator\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-ApermitMissingJdk\u003c/code\u003e, \u003ccode\u003e-AparseAllJdk\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003e-AslowTypecheckingSeconds\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/479d0875daa271447e2822c657896b5f9d02ce24\"\u003e\u003ccode\u003e479d087\u003c/code\u003e\u003c/a\u003e\nnew release 4.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/bfff75751f4fa4094b7d3015c4b2cfbc2893fbc5\"\u003e\u003ccode\u003ebfff757\u003c/code\u003e\u003c/a\u003e\nPut the manual in the right place.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/c532f6d12fd5352610f70215f010786e9a2e9924\"\u003e\u003ccode\u003ec532f6d\u003c/code\u003e\u003c/a\u003e\nPut a copy of manual.pdf at top level of website as expected.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/5e53e6cfd1e5535623ea260342391037106778ec\"\u003e\u003ccode\u003e5e53e6c\u003c/code\u003e\u003c/a\u003e\nNo closed issues.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/e67ae858ed36f81ac586fbf42821fa3a483e7f23\"\u003e\u003ccode\u003ee67ae85\u003c/code\u003e\u003c/a\u003e\nPrep for release.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/4192d0d88bc272c571a8dd3454d499982cd0ee42\"\u003e\u003ccode\u003e4192d0d\u003c/code\u003e\u003c/a\u003e\nRemove file SKIP-REQUIRE-JAVADOC\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/7d6d85687d2298dbe85d59692ab85d03566a29e7\"\u003e\u003ccode\u003e7d6d856\u003c/code\u003e\u003c/a\u003e\nRemove or update references to JDK 8-16\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/b1e3761bbf0dfb1185d7e8e0b850ef97cafd5ea8\"\u003e\u003ccode\u003eb1e3761\u003c/code\u003e\u003c/a\u003e\nRemove all deprecated methods\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/a1b30642b07d64603a9ec9ef093f910e5be0bf41\"\u003e\u003ccode\u003ea1b3064\u003c/code\u003e\u003c/a\u003e\nDirectly use Java 17 and below Javac APIs. (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7582\"\u003e#7582\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/4efdbdbbda3ac5230bcae57341098816aa71abfb\"\u003e\u003ccode\u003e4efdbdb\u003c/code\u003e\u003c/a\u003e\nRemove support for Java 8 from scripts and build scripts. (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7575\"\u003e#7575\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/compare/checker-framework-3.55.1...checker-framework-4.0.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "980b5146b5c659e5a06c4592b59cef0f2514ea72", "tree": "1f30fe959384ff82f35f4319f52b53afa57c9633", "parents": [ "3dca92baf2a806802e437f84bfe06947d4433343" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue Apr 21 15:57:26 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Apr 21 15:57:26 2026 +0200" }, "message": "MINOR: Bump org.bouncycastle:bcpkix-jdk18on from 1.83 to 1.84 (#1122)\n\nBumps\n[org.bouncycastle:bcpkix-jdk18on](https://github.com/bcgit/bc-java) from\n1.83 to 1.84.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html\"\u003eorg.bouncycastle:bcpkix-jdk18on\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/bcgit/bc-java/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dorg.bouncycastle:bcpkix-jdk18on\u0026package-manager\u003dmaven\u0026previous-version\u003d1.83\u0026new-version\u003d1.84)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "3dca92baf2a806802e437f84bfe06947d4433343", "tree": "20a918612c3f62a62d1b64cef6e40b36c291bf5c", "parents": [ "8d3e8dd2f01f7ddc22cda5aa04cde30eb5f6d308" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue Apr 21 15:46:36 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Apr 21 15:46:36 2026 +0200" }, "message": "MINOR: Bump com.google.guava:guava-bom from 33.5.0-jre to 33.6.0-jre (#1123)\n\nBumps [com.google.guava:guava-bom](https://github.com/google/guava) from\n33.5.0-jre to 33.6.0-jre.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/google/guava/releases\"\u003ecom.google.guava:guava-bom\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e33.6.0\u003c/h2\u003e\n\u003ch3\u003eMaven\u003c/h3\u003e\n\u003cpre lang\u003d\"xml\"\u003e\u003ccode\u003e\u0026lt;dependency\u0026gt;\n \u0026lt;groupId\u0026gt;com.google.guava\u0026lt;/groupId\u0026gt;\n \u0026lt;artifactId\u0026gt;guava\u0026lt;/artifactId\u0026gt;\n \u0026lt;version\u0026gt;33.6.0-jre\u0026lt;/version\u0026gt;\n \u0026lt;!-- or, for Android: --\u0026gt;\n \u0026lt;version\u0026gt;33.6.0-android\u0026lt;/version\u0026gt;\n\u0026lt;/dependency\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eJar files\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://repo1.maven.org/maven2/com/google/guava/guava/33.6.0-jre/guava-33.6.0-jre.jar\"\u003e33.6.0-jre.jar\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://repo1.maven.org/maven2/com/google/guava/guava/33.6.0-android/guava-33.6.0-android.jar\"\u003e33.6.0-android.jar\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eGuava requires \u003ca\nhref\u003d\"https://github.com/google/guava/wiki/UseGuavaInYourBuild#what-about-guavas-own-dependencies\"\u003eone\nruntime dependency\u003c/a\u003e, which you can download here:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://repo1.maven.org/maven2/com/google/guava/failureaccess/1.0.3/failureaccess-1.0.3.jar\"\u003efailureaccess-1.0.3.jar\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eJavadoc\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://guava.dev/releases/33.6.0-jre/api/docs/\"\u003e33.6.0-jre\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://guava.dev/releases/33.6.0-android/api/docs/\"\u003e33.6.0-android\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eJDiff\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://guava.dev/releases/33.6.0-jre/api/diffs/\"\u003e33.6.0-jre vs.\n33.5.0-jre\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://guava.dev/releases/33.6.0-android/api/diffs/\"\u003e33.6.0-android\nvs. 33.5.0-android\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://guava.dev/releases/33.6.0-android/api/androiddiffs/\"\u003e33.6.0-android\nvs. 33.6.0-jre\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChangelog\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eMigrated some classes from \u003ccode\u003efinalize()\u003c/code\u003e to\n\u003ccode\u003ePhantomReference\u003c/code\u003e in preparation for \u003ca\nhref\u003d\"https://openjdk.org/jeps/421\"\u003ethe removal of finalization\u003c/a\u003e.\n(786b619dd6, 7c6b17c, aeef90988d)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ecache\u003c/code\u003e: Deprecated \u003ccode\u003eCacheBuilder\u003c/code\u003e APIs that\nuse \u003ccode\u003eTimeUnit\u003c/code\u003e in favor of those that use\n\u003ccode\u003eDuration\u003c/code\u003e. (73f8b0bb84)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ecollect\u003c/code\u003e: Added \u003ccode\u003etoImmutableSortedMap\u003c/code\u003e\ncollectors that use the natural comparator. (64d70b9f94)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ecollect\u003c/code\u003e: Changed \u003ccode\u003eConcurrentHashMultiset\u003c/code\u003e,\n\u003ccode\u003eImmutableMap\u003c/code\u003e and \u003ccode\u003eTreeMultiset\u003c/code\u003e deserialization\nto \u003ca href\u003d\"https://openjdk.org/jeps/500\"\u003eavoid mutating\n\u003ccode\u003efinal\u003c/code\u003e fields\u003c/a\u003e. In extremely unlikely scenarios in which\nan instance of that type contains an object that refers back to that\ninstance, this could lead to \u003ca\nhref\u003d\"https://docs.oracle.com/en/java/javase/26/docs/specs/serialization/input.html#the-readresolve-method:~:text\u003din%20cases%20where%20an%20object%20being%20serialized%20nominates%20a%20replacement%20object%20whose%20object%20graph%20has%20a%20reference%20to%20the%20original%20object\"\u003ea\nbroken instance\u003c/a\u003e that throws \u003ccode\u003eNullPointerException\u003c/code\u003e when\nused. (8240c7e596, 046468055f)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003egraph\u003c/code\u003e: Removed \u003ccode\u003e@Beta\u003c/code\u003e from all APIs in the\npackage. (dae9566b73)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003egraph\u003c/code\u003e: Added support to\n\u003ccode\u003eGraphs.transitiveClosure()\u003c/code\u003e for different strategies for\nadding self-loops. (2e13df25b2)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003egraph\u003c/code\u003e: Added an \u003ccode\u003easNetwork()\u003c/code\u003e view to\n\u003ccode\u003eGraph\u003c/code\u003e and \u003ccode\u003eValueGraph\u003c/code\u003e. (909c593c61)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ehash\u003c/code\u003e: Added \u003ccode\u003eBloomFilter.serializedSize()\u003c/code\u003e.\n(df9bcc251a)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003enet\u003c/code\u003e: Added \u003ccode\u003eHttpHeaders.CDN_CACHE_CONTROL\u003c/code\u003e.\n(75331b5030)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/google/guava/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.google.guava:guava-bom\u0026package-manager\u003dmaven\u0026previous-version\u003d33.5.0-jre\u0026new-version\u003d33.6.0-jre)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "8d3e8dd2f01f7ddc22cda5aa04cde30eb5f6d308", "tree": "e2aded2799bf89f129202b464d6ee6be92dac632", "parents": [ "0d55ba78aeed3e6b28e3d65ced37c360f5e0ed4e" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue Apr 21 15:18:55 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Apr 21 15:18:55 2026 +0200" }, "message": "MINOR: Bump com.google.api.grpc:proto-google-common-protos from 2.67.0 to 2.70.0 (#1124)\n\nBumps\n[com.google.api.grpc:proto-google-common-protos](https://github.com/googleapis/sdk-platform-java)\nfrom 2.67.0 to 2.70.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/releases\"\u003ecom.google.api.grpc:proto-google-common-protos\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.68.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/compare/v2.67.0...v2.68.0\"\u003e2.68.0\u003c/a\u003e\n(2026-03-17)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd client request duration metric. (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4132\"\u003e#4132\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/6a763979c2c5427f0a7ba23708fb7948520662d8\"\u003e6a76397\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd more attributes to golden signals metrics. (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4135\"\u003e#4135\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/59d0624ec5a85580a503f719897597161f529e3f\"\u003e59d0624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003egax-httpjson:\u003c/strong\u003e add HttpJsonErrorParser utility (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4137\"\u003e#4137\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/a1b7565ef752259d79d3f1288b85120c6ac7452b\"\u003ea1b7565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003egenerator:\u003c/strong\u003e add extra allowed modules that will not\nbe removed from the monorepo if they are present (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4124\"\u003e#4124\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/774fe6ede6bf25e150fb405dfe3bac9d85e21169\"\u003e774fe6e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eo11y:\u003c/strong\u003e introduce \u003ccode\u003egcp.client.repo\u003c/code\u003e and\n\u003ccode\u003egcp.client.artifact\u003c/code\u003e attributes (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4120\"\u003e#4120\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/105f644209cb78845a423d949cb7633a86d07868\"\u003e105f644\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eo11y:\u003c/strong\u003e Introduce \u003ccode\u003erpc.system.name\u003c/code\u003e and\n\u003ccode\u003erpc.method\u003c/code\u003e in gRPC (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4121\"\u003e#4121\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/7ab6d2e5784f264558b7aca6f23e771361dbea3a\"\u003e7ab6d2e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eo11y:\u003c/strong\u003e introduce server.port attribute (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4128\"\u003e#4128\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/56aa3438393e1992bb8f688291fb12030ec9bc0e\"\u003e56aa343\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd null checks for ApiTracerFactory in ClientContext (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4122\"\u003e#4122\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/4b3dbe29b32dd0fba6c7a5f4a08fafa2798eeca5\"\u003e4b3dbe2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDecrease log level for directpath warnings outside GCE (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4139\"\u003e#4139\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/c9651e7fa1501726798c0e38365e4b7c0acabc55\"\u003ec9651e7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003egax-grpc:\u003c/strong\u003e add pick_first fallback to direct path\nservice config (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4143\"\u003e#4143\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/b150fe9ccfd5a97319388be4079699722aa033dc\"\u003eb150fe9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePopulate method level attributes in metrics recording (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4149\"\u003e#4149\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/7b7e6c99251e1aecb1831084f5576aa9e8e48930\"\u003e7b7e6c9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esuppress warnings in generated projects for non-idiomatic durations\n(\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4119\"\u003e#4119\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/4206e6ed7546d6b8330dcb8dc29179e59677ccd3\"\u003e4206e6e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse ServiceName + MethodName as the regex for Otel (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/2543\"\u003e#2543\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/b9ae73fba59ba32e9688d11c2b3db51fe0d68d8d\"\u003eb9ae73f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ehermetic_build:\u003c/strong\u003e fix config field name in readme (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4130\"\u003e#4130\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/a0c8f67f5a425d9a365b8e451b18add2c5947a11\"\u003ea0c8f67\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/blob/main/CHANGELOG.md\"\u003ecom.google.api.grpc:proto-google-common-protos\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/compare/v2.67.0...v2.68.0\"\u003e2.68.0\u003c/a\u003e\n(2026-03-17)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd client request duration metric. (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4132\"\u003e#4132\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/6a763979c2c5427f0a7ba23708fb7948520662d8\"\u003e6a76397\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd more attributes to golden signals metrics. (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4135\"\u003e#4135\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/59d0624ec5a85580a503f719897597161f529e3f\"\u003e59d0624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003egax-httpjson:\u003c/strong\u003e add HttpJsonErrorParser utility (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4137\"\u003e#4137\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/a1b7565ef752259d79d3f1288b85120c6ac7452b\"\u003ea1b7565\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003egenerator:\u003c/strong\u003e add extra allowed modules that will not\nbe removed from the monorepo if they are present (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4124\"\u003e#4124\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/774fe6ede6bf25e150fb405dfe3bac9d85e21169\"\u003e774fe6e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eo11y:\u003c/strong\u003e introduce \u003ccode\u003egcp.client.repo\u003c/code\u003e and\n\u003ccode\u003egcp.client.artifact\u003c/code\u003e attributes (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4120\"\u003e#4120\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/105f644209cb78845a423d949cb7633a86d07868\"\u003e105f644\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eo11y:\u003c/strong\u003e Introduce \u003ccode\u003erpc.system.name\u003c/code\u003e and\n\u003ccode\u003erpc.method\u003c/code\u003e in gRPC (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4121\"\u003e#4121\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/7ab6d2e5784f264558b7aca6f23e771361dbea3a\"\u003e7ab6d2e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eo11y:\u003c/strong\u003e introduce server.port attribute (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4128\"\u003e#4128\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/56aa3438393e1992bb8f688291fb12030ec9bc0e\"\u003e56aa343\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd null checks for ApiTracerFactory in ClientContext (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4122\"\u003e#4122\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/4b3dbe29b32dd0fba6c7a5f4a08fafa2798eeca5\"\u003e4b3dbe2\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDecrease log level for directpath warnings outside GCE (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4139\"\u003e#4139\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/c9651e7fa1501726798c0e38365e4b7c0acabc55\"\u003ec9651e7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003egax-grpc:\u003c/strong\u003e add pick_first fallback to direct path\nservice config (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4143\"\u003e#4143\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/b150fe9ccfd5a97319388be4079699722aa033dc\"\u003eb150fe9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ePopulate method level attributes in metrics recording (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4149\"\u003e#4149\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/7b7e6c99251e1aecb1831084f5576aa9e8e48930\"\u003e7b7e6c9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esuppress warnings in generated projects for non-idiomatic durations\n(\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4119\"\u003e#4119\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/4206e6ed7546d6b8330dcb8dc29179e59677ccd3\"\u003e4206e6e\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUse ServiceName + MethodName as the regex for Otel (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/2543\"\u003e#2543\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/b9ae73fba59ba32e9688d11c2b3db51fe0d68d8d\"\u003eb9ae73f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ehermetic_build:\u003c/strong\u003e fix config field name in readme (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4130\"\u003e#4130\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/a0c8f67f5a425d9a365b8e451b18add2c5947a11\"\u003ea0c8f67\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/27fe524365a5bcecfab71165c3d2ec95ff85b5a4\"\u003e\u003ccode\u003e27fe524\u003c/code\u003e\u003c/a\u003e\nchore(main): release 2.62.0 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3884\"\u003e#3884\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/a660a869d2edbfc4b98e4f06c4885f520d45d869\"\u003e\u003ccode\u003ea660a86\u003c/code\u003e\u003c/a\u003e\nchore: Update the upper bound dependencies file (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3886\"\u003e#3886\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/592e899c516288b0a60b69525ba12d6f29bc6200\"\u003e\u003ccode\u003e592e899\u003c/code\u003e\u003c/a\u003e\nfeat: Set sampledToLocalTracing flag to true for all gRPC\nMethodDescriptors (...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/fc80c7b6e0e2b1d1100cc836a864a128bee426e5\"\u003e\u003ccode\u003efc80c7b\u003c/code\u003e\u003c/a\u003e\nchore: Fix dependency CI tests (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3883\"\u003e#3883\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/210464d5409fea56967a28f7eafe76e71a2ef5ef\"\u003e\u003ccode\u003e210464d\u003c/code\u003e\u003c/a\u003e\nci: Test upper bound dependenices file in Github CI (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3877\"\u003e#3877\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/f392d901bb77402972ee3c75e84a519b13382ade\"\u003e\u003ccode\u003ef392d90\u003c/code\u003e\u003c/a\u003e\nchore: Update auto triage guidelines (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3882\"\u003e#3882\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/7b1a15149db9106cfd4b6a65ed93b92432baf461\"\u003e\u003ccode\u003e7b1a151\u003c/code\u003e\u003c/a\u003e\nci: Fix gemini cli issues triage (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3881\"\u003e#3881\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/00195e637101037eb16d544a770754459173e7e7\"\u003e\u003ccode\u003e00195e6\u003c/code\u003e\u003c/a\u003e\nchore: Enable Gemini CLI Github Actions (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3880\"\u003e#3880\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/c34e3848ad771c66d30a9dd38322d23286931277\"\u003e\u003ccode\u003ec34e384\u003c/code\u003e\u003c/a\u003e\nchore: Add initial GEMINI.md file (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3879\"\u003e#3879\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/48792bcb295a151797dfdeaeb0ed33a2940603ad\"\u003e\u003ccode\u003e48792bc\u003c/code\u003e\u003c/a\u003e\nchore(main): release 2.61.1-SNAPSHOT (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3876\"\u003e#3876\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/compare/v2.67.0...gax/v2.70.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.google.api.grpc:proto-google-common-protos\u0026package-manager\u003dmaven\u0026previous-version\u003d2.67.0\u0026new-version\u003d2.70.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "0d55ba78aeed3e6b28e3d65ced37c360f5e0ed4e", "tree": "d8430451f31d9deba634052d82d9caa22176f205", "parents": [ "4ca6017bdd8590a6ad0a0a4154d993ec0c416076" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Apr 13 17:37:53 2026 +0900" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Apr 13 17:37:53 2026 +0900" }, "message": "MINOR: [CI] Bump actions/upload-artifact from 7.0.0 to 7.0.1 (#1111)\n\nBumps\n[actions/upload-artifact](https://github.com/actions/upload-artifact)\nfrom 7.0.0 to 7.0.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/actions/upload-artifact/releases\"\u003eactions/upload-artifact\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate the readme with direct upload details by \u003ca\nhref\u003d\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in\n\u003ca\nhref\u003d\"https://redirect.github.com/actions/upload-artifact/pull/795\"\u003eactions/upload-artifact#795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReadme: bump all the example versions to v7 by \u003ca\nhref\u003d\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in\n\u003ca\nhref\u003d\"https://redirect.github.com/actions/upload-artifact/pull/796\"\u003eactions/upload-artifact#796\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInclude changes in typespec/ts-http-runtime 0.3.5 by \u003ca\nhref\u003d\"https://github.com/yacaovsnc\"\u003e\u003ccode\u003e@​yacaovsnc\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/upload-artifact/pull/797\"\u003eactions/upload-artifact#797\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/actions/upload-artifact/compare/v7...v7.0.1\"\u003ehttps://github.com/actions/upload-artifact/compare/v7...v7.0.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/upload-artifact/commit/043fb46d1a93c77aae656e7c1c64a875d1fc6a0a\"\u003e\u003ccode\u003e043fb46\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/actions/upload-artifact/issues/797\"\u003e#797\u003c/a\u003e\nfrom actions/yacaovsnc/update-dependency\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/upload-artifact/commit/634250c1388765ea7ed0f053e636f1f399000b94\"\u003e\u003ccode\u003e634250c\u003c/code\u003e\u003c/a\u003e\nInclude changes in typespec/ts-http-runtime 0.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/upload-artifact/commit/e454baaac2be505c9450e11b8f3215c6fc023ce8\"\u003e\u003ccode\u003ee454baa\u003c/code\u003e\u003c/a\u003e\nReadme: bump all the example versions to v7 (\u003ca\nhref\u003d\"https://redirect.github.com/actions/upload-artifact/issues/796\"\u003e#796\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/upload-artifact/commit/74fad66b98a6d799dc004d3353ccd0e6f6b2530e\"\u003e\u003ccode\u003e74fad66\u003c/code\u003e\u003c/a\u003e\nUpdate the readme with direct upload details (\u003ca\nhref\u003d\"https://redirect.github.com/actions/upload-artifact/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/actions/upload-artifact/compare/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f...043fb46d1a93c77aae656e7c1c64a875d1fc6a0a\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dactions/upload-artifact\u0026package-manager\u003dgithub_actions\u0026previous-version\u003d7.0.0\u0026new-version\u003d7.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "4ca6017bdd8590a6ad0a0a4154d993ec0c416076", "tree": "1b2ba6a4ac83a5ea661b5bb43d65a6165a709082", "parents": [ "e4f8c9251229846190716cce5a9772292952c761" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Apr 13 17:37:40 2026 +0900" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Apr 13 17:37:40 2026 +0900" }, "message": "MINOR: [CI] Bump actions/github-script from 8 to 9 (#1110)\n\nBumps [actions/github-script](https://github.com/actions/github-script)\nfrom 8 to 9.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/actions/github-script/releases\"\u003eactions/github-script\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eNew features:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003egetOctokit\u003c/code\u003e factory function\u003c/strong\u003e —\nAvailable directly in the script context. Create additional\nauthenticated Octokit clients with different tokens for multi-token\nworkflows, GitHub App tokens, and cross-org access. See \u003ca\nhref\u003d\"https://github.com/actions/github-script#creating-additional-clients-with-getoctokit\"\u003eCreating\nadditional clients with \u003ccode\u003egetOctokit\u003c/code\u003e\u003c/a\u003e for details and\nexamples.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eOrchestration ID in user-agent\u003c/strong\u003e — The\n\u003ccode\u003eACTIONS_ORCHESTRATION_ID\u003c/code\u003e environment variable is\nautomatically appended to the user-agent string for request\ntracing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003erequire(\u0027@actions/github\u0027)\u003c/code\u003e no longer works in\nscripts.\u003c/strong\u003e The upgrade to \u003ccode\u003e@actions/github\u003c/code\u003e v9\n(ESM-only) means \u003ccode\u003erequire(\u0027@actions/github\u0027)\u003c/code\u003e will fail at\nruntime. If you previously used patterns like \u003ccode\u003econst { getOctokit }\n\u003d require(\u0027@actions/github\u0027)\u003c/code\u003e to create secondary clients, use the\nnew injected \u003ccode\u003egetOctokit\u003c/code\u003e function instead — it\u0027s available\ndirectly in the script context with no imports needed.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003egetOctokit\u003c/code\u003e is now an injected function parameter.\nScripts that declare \u003ccode\u003econst getOctokit \u003d ...\u003c/code\u003e or \u003ccode\u003elet\ngetOctokit \u003d ...\u003c/code\u003e will get a \u003ccode\u003eSyntaxError\u003c/code\u003e because\nJavaScript does not allow \u003ccode\u003econst\u003c/code\u003e/\u003ccode\u003elet\u003c/code\u003e\nredeclaration of function parameters. Use the injected\n\u003ccode\u003egetOctokit\u003c/code\u003e directly, or use \u003ccode\u003evar getOctokit \u003d\n...\u003c/code\u003e if you need to redeclare it.\u003c/li\u003e\n\u003cli\u003eIf your script accesses other \u003ccode\u003e@actions/github\u003c/code\u003e internals\nbeyond the standard \u003ccode\u003egithub\u003c/code\u003e/\u003ccode\u003eoctokit\u003c/code\u003e client, you\nmay need to update those references for v9 compatibility.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd ACTIONS_ORCHESTRATION_ID to user-agent string by \u003ca\nhref\u003d\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/695\"\u003eactions/github-script#695\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use deployment: false for integration test environments by \u003ca\nhref\u003d\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/712\"\u003eactions/github-script#712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat!: add getOctokit to script context, upgrade\n\u003ccode\u003e@​actions/github\u003c/code\u003e v9, \u003ccode\u003e@​octokit/core\u003c/code\u003e v7, and\nrelated packages by \u003ca\nhref\u003d\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/700\"\u003eactions/github-script#700\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/695\"\u003eactions/github-script#695\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/actions/github-script/compare/v8.0.0...v9.0.0\"\u003ehttps://github.com/actions/github-script/compare/v8.0.0...v9.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/3a2844b7e9c422d3c10d287c895573f7108da1b3\"\u003e\u003ccode\u003e3a2844b\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/issues/700\"\u003e#700\u003c/a\u003e\nfrom actions/salmanmkc/expose-getoctokit + prepare re...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/ca10bbdd1a7739de09e99a200c7a59f5d73a4079\"\u003e\u003ccode\u003eca10bbd\u003c/code\u003e\u003c/a\u003e\nfix: use \u003ccode\u003e@​octokit/core/\u003c/code\u003etypes import for v7\ncompatibility\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/86e48e20ac85c970ed1f96e718fd068173948b7b\"\u003e\u003ccode\u003e86e48e2\u003c/code\u003e\u003c/a\u003e\nmerge: incorporate main branch changes\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/c1084728b5b935ec4ddc1e4cee877b01797b3ff9\"\u003e\u003ccode\u003ec108472\u003c/code\u003e\u003c/a\u003e\nchore: rebuild dist for v9 upgrade and getOctokit factory\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/afff112e4f8b57c718168af75b89ce00bc8d091d\"\u003e\u003ccode\u003eafff112\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/issues/712\"\u003e#712\u003c/a\u003e\nfrom actions/salmanmkc/deployment-false + fix user-ag...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/ff8117e5b78c415f814f39ad6998f424fee7b817\"\u003e\u003ccode\u003eff8117e\u003c/code\u003e\u003c/a\u003e\nci: fix user-agent test to handle orchestration ID\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/81c6b7876079abe10ff715951c9fc7b3e1ab389d\"\u003e\u003ccode\u003e81c6b78\u003c/code\u003e\u003c/a\u003e\nci: use deployment: false to suppress deployment noise from integration\ntests\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/3953caf8858d318f37b6cc53a9f5708859b5a7b7\"\u003e\u003ccode\u003e3953caf\u003c/code\u003e\u003c/a\u003e\ndocs: update README examples from \u003ca\nhref\u003d\"https://github.com/v8\"\u003e\u003ccode\u003e@​v8\u003c/code\u003e\u003c/a\u003e to \u003ca\nhref\u003d\"https://github.com/v9\"\u003e\u003ccode\u003e@​v9\u003c/code\u003e\u003c/a\u003e, add getOctokit docs\nand v9 brea...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/c17d55b90dcdb3d554d0027a6c180a7adc2daf78\"\u003e\u003ccode\u003ec17d55b\u003c/code\u003e\u003c/a\u003e\nci: add getOctokit integration test job\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/a047196d9a02fe92098771cafbb98c2f1814e408\"\u003e\u003ccode\u003ea047196\u003c/code\u003e\u003c/a\u003e\ntest: add getOctokit integration tests via callAsyncFunction\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/actions/github-script/compare/v8...v9\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dactions/github-script\u0026package-manager\u003dgithub_actions\u0026previous-version\u003d8\u0026new-version\u003d9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "e4f8c9251229846190716cce5a9772292952c761", "tree": "c20c79bc703c42d131dd347755257d83a6ed25b5", "parents": [ "d952ed48ef257b90a2085bca574ddd9213b67c91" ], "author": { "name": "Sutou Kouhei", "email": "kou@clear-code.com", "time": "Fri Apr 10 14:31:54 2026 +0900" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Apr 10 14:31:54 2026 +0900" }, "message": "GH-1107: Increase publish job timeout (#1108)\n\n## What\u0027s Changed\n\nWe have many artifacts and need `sleep 1` per upload. So 5min timeout is\ntoo short.\n\nCloses #1107." }, { "commit": "d952ed48ef257b90a2085bca574ddd9213b67c91", "tree": "2a18c52f8749f5656278f22741ec99965fe515a6", "parents": [ "13c8b9353b80f553e720ff50fce0cb103de87c55" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Apr 06 14:24:24 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Apr 06 14:24:24 2026 +0200" }, "message": "MINOR: Bump dep.hadoop.version from 3.4.3 to 3.5.0 (#1104)\n\nBumps `dep.hadoop.version` from 3.4.3 to 3.5.0.\nUpdates `org.apache.hadoop:hadoop-client-runtime` from 3.4.3 to 3.5.0\n\nUpdates `org.apache.hadoop:hadoop-client-api` from 3.4.3 to 3.5.0\n\nUpdates `org.apache.hadoop:hadoop-common` from 3.4.3 to 3.5.0\n\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "13c8b9353b80f553e720ff50fce0cb103de87c55", "tree": "48959f324e2c1df256d83484f9ae7789121fc060", "parents": [ "d8ad7b6765620c4f3f3078ee87c3d2cfb7423945" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Apr 06 14:23:37 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Apr 06 14:23:37 2026 +0200" }, "message": "MINOR: Bump checker.framework.version from 3.54.0 to 3.55.1 (#1105)\n\nBumps `checker.framework.version` from 3.54.0 to 3.55.1.\nUpdates `org.checkerframework:checker-qual` from 3.54.0 to 3.55.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/releases\"\u003eorg.checkerframework:checker-qual\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eChecker Framework 3.55.1\u003c/h2\u003e\n\u003ch2\u003eVersion 3.55.1 (2026-04-03)\u003c/h2\u003e\n\u003cp\u003eNo user-visible changes.\u003c/p\u003e\n\u003ch2\u003eChecker Framework 3.54.1\u003c/h2\u003e\n\u003ch2\u003eVersion 3.55.0 (2026-04-02)\u003c/h2\u003e\n\u003ch3\u003eUser-visible changes\u003c/h3\u003e\n\u003cp\u003eThe Checker Framework runs under JDK 26 -- that is, it runs on a\nversion 26 JVM.\u003c/p\u003e\n\u003cp\u003eRemoved deprecated command-line option \u003ccode\u003e-AskipDirs\u003c/code\u003e; use\n\u003ccode\u003e-AskipFiles\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eImplementation details\u003c/h3\u003e\n\u003cp\u003eIn \u003ccode\u003eAnnotatedTypeMirror\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRenamed \u003ccode\u003egetEffectiveAnnotation*()\u003c/code\u003e to\n\u003ccode\u003egetAnnotation*()\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRenamed \u003ccode\u003ehasEffectiveAnnotation*()\u003c/code\u003e to\n\u003ccode\u003ehasAnnotation*()\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eRemoved deprecated method\n\u003ccode\u003eObjectCreationNode.getConstructor()\u003c/code\u003e; use\n\u003ccode\u003egetTypeToInstantiate()\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eClosed issues\u003c/h3\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7079\"\u003e#7079\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7489\"\u003e#7489\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7539\"\u003e#7539\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/blob/master/docs/CHANGELOG.md\"\u003eorg.checkerframework:checker-qual\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.55.1 (2026-04-03)\u003c/h2\u003e\n\u003cp\u003eNo user-visible changes.\u003c/p\u003e\n\u003ch2\u003eVersion 3.55.0 (2026-04-02)\u003c/h2\u003e\n\u003ch3\u003eUser-visible changes\u003c/h3\u003e\n\u003cp\u003eThe Checker Framework runs under JDK 26 -- that is, it runs on a\nversion 26 JVM.\u003c/p\u003e\n\u003cp\u003eRemoved deprecated command-line option \u003ccode\u003e-AskipDirs\u003c/code\u003e; use\n\u003ccode\u003e-AskipFiles\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eImplementation details\u003c/h3\u003e\n\u003cp\u003eIn \u003ccode\u003eAnnotatedTypeMirror\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRenamed \u003ccode\u003egetEffectiveAnnotation*()\u003c/code\u003e to\n\u003ccode\u003egetAnnotation*()\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRenamed \u003ccode\u003ehasEffectiveAnnotation*()\u003c/code\u003e to\n\u003ccode\u003ehasAnnotation*()\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eRemoved deprecated method\n\u003ccode\u003eObjectCreationNode.getConstructor()\u003c/code\u003e; use\n\u003ccode\u003egetTypeToInstantiate()\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eClosed issues\u003c/h3\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7079\"\u003e#7079\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7489\"\u003e#7489\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7539\"\u003e#7539\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/bf4ceb7660825e275f8c7561056310c47d48b81b\"\u003e\u003ccode\u003ebf4ceb7\u003c/code\u003e\u003c/a\u003e\nnew release 3.55.1\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/b8096660563a2349201e126c362c2000de20c1c5\"\u003e\u003ccode\u003eb809666\u003c/code\u003e\u003c/a\u003e\nRemove unneeded argument\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/448019e7d43607b0d1d23e94baae0cd937e0219b\"\u003e\u003ccode\u003e448019e\u003c/code\u003e\u003c/a\u003e\nMake scripts executable in .zip file\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/3bc1190be960534f1c5536ab74b760198ff5e70a\"\u003e\u003ccode\u003e3bc1190\u003c/code\u003e\u003c/a\u003e\nUpdate directory copying\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/22df6d61a52c4183401d2fa355a59645c16feca3\"\u003e\u003ccode\u003e22df6d6\u003c/code\u003e\u003c/a\u003e\nUpdate release date\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/3fc441bc5df12983f716282aeebaf8f6b934bfe6\"\u003e\u003ccode\u003e3fc441b\u003c/code\u003e\u003c/a\u003e\nNote about permissions\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/6baaa5287134b9e616cbcbc40a413f21d498e1a1\"\u003e\u003ccode\u003e6baaa52\u003c/code\u003e\u003c/a\u003e\nBrevity\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/d4ea6b993144c91992077e864c8cbf07ee929dac\"\u003e\u003ccode\u003ed4ea6b9\u003c/code\u003e\u003c/a\u003e\nSet version number to 3.55.1\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/6b03e94dcf412a24859cf5ac9d17c2a4de65d978\"\u003e\u003ccode\u003e6b03e94\u003c/code\u003e\u003c/a\u003e\nImprove release instructions\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/65613a0f0f05d39d74b36c40ba6ca398e1929157\"\u003e\u003ccode\u003e65613a0\u003c/code\u003e\u003c/a\u003e\nFix Nullness extra tests\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/compare/checker-framework-3.54.0...checker-framework-3.55.1\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.checkerframework:checker` from 3.54.0 to 3.55.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/releases\"\u003eorg.checkerframework:checker\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eChecker Framework 3.55.1\u003c/h2\u003e\n\u003ch2\u003eVersion 3.55.1 (2026-04-03)\u003c/h2\u003e\n\u003cp\u003eNo user-visible changes.\u003c/p\u003e\n\u003ch2\u003eChecker Framework 3.54.1\u003c/h2\u003e\n\u003ch2\u003eVersion 3.55.0 (2026-04-02)\u003c/h2\u003e\n\u003ch3\u003eUser-visible changes\u003c/h3\u003e\n\u003cp\u003eThe Checker Framework runs under JDK 26 -- that is, it runs on a\nversion 26 JVM.\u003c/p\u003e\n\u003cp\u003eRemoved deprecated command-line option \u003ccode\u003e-AskipDirs\u003c/code\u003e; use\n\u003ccode\u003e-AskipFiles\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eImplementation details\u003c/h3\u003e\n\u003cp\u003eIn \u003ccode\u003eAnnotatedTypeMirror\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRenamed \u003ccode\u003egetEffectiveAnnotation*()\u003c/code\u003e to\n\u003ccode\u003egetAnnotation*()\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRenamed \u003ccode\u003ehasEffectiveAnnotation*()\u003c/code\u003e to\n\u003ccode\u003ehasAnnotation*()\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eRemoved deprecated method\n\u003ccode\u003eObjectCreationNode.getConstructor()\u003c/code\u003e; use\n\u003ccode\u003egetTypeToInstantiate()\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eClosed issues\u003c/h3\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7079\"\u003e#7079\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7489\"\u003e#7489\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7539\"\u003e#7539\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/blob/master/docs/CHANGELOG.md\"\u003eorg.checkerframework:checker\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.55.1 (2026-04-03)\u003c/h2\u003e\n\u003cp\u003eNo user-visible changes.\u003c/p\u003e\n\u003ch2\u003eVersion 3.55.0 (2026-04-02)\u003c/h2\u003e\n\u003ch3\u003eUser-visible changes\u003c/h3\u003e\n\u003cp\u003eThe Checker Framework runs under JDK 26 -- that is, it runs on a\nversion 26 JVM.\u003c/p\u003e\n\u003cp\u003eRemoved deprecated command-line option \u003ccode\u003e-AskipDirs\u003c/code\u003e; use\n\u003ccode\u003e-AskipFiles\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eImplementation details\u003c/h3\u003e\n\u003cp\u003eIn \u003ccode\u003eAnnotatedTypeMirror\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRenamed \u003ccode\u003egetEffectiveAnnotation*()\u003c/code\u003e to\n\u003ccode\u003egetAnnotation*()\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRenamed \u003ccode\u003ehasEffectiveAnnotation*()\u003c/code\u003e to\n\u003ccode\u003ehasAnnotation*()\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eRemoved deprecated method\n\u003ccode\u003eObjectCreationNode.getConstructor()\u003c/code\u003e; use\n\u003ccode\u003egetTypeToInstantiate()\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eClosed issues\u003c/h3\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7079\"\u003e#7079\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7489\"\u003e#7489\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7539\"\u003e#7539\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/bf4ceb7660825e275f8c7561056310c47d48b81b\"\u003e\u003ccode\u003ebf4ceb7\u003c/code\u003e\u003c/a\u003e\nnew release 3.55.1\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/b8096660563a2349201e126c362c2000de20c1c5\"\u003e\u003ccode\u003eb809666\u003c/code\u003e\u003c/a\u003e\nRemove unneeded argument\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/448019e7d43607b0d1d23e94baae0cd937e0219b\"\u003e\u003ccode\u003e448019e\u003c/code\u003e\u003c/a\u003e\nMake scripts executable in .zip file\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/3bc1190be960534f1c5536ab74b760198ff5e70a\"\u003e\u003ccode\u003e3bc1190\u003c/code\u003e\u003c/a\u003e\nUpdate directory copying\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/22df6d61a52c4183401d2fa355a59645c16feca3\"\u003e\u003ccode\u003e22df6d6\u003c/code\u003e\u003c/a\u003e\nUpdate release date\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/3fc441bc5df12983f716282aeebaf8f6b934bfe6\"\u003e\u003ccode\u003e3fc441b\u003c/code\u003e\u003c/a\u003e\nNote about permissions\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/6baaa5287134b9e616cbcbc40a413f21d498e1a1\"\u003e\u003ccode\u003e6baaa52\u003c/code\u003e\u003c/a\u003e\nBrevity\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/d4ea6b993144c91992077e864c8cbf07ee929dac\"\u003e\u003ccode\u003ed4ea6b9\u003c/code\u003e\u003c/a\u003e\nSet version number to 3.55.1\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/6b03e94dcf412a24859cf5ac9d17c2a4de65d978\"\u003e\u003ccode\u003e6b03e94\u003c/code\u003e\u003c/a\u003e\nImprove release instructions\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/65613a0f0f05d39d74b36c40ba6ca398e1929157\"\u003e\u003ccode\u003e65613a0\u003c/code\u003e\u003c/a\u003e\nFix Nullness extra tests\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/compare/checker-framework-3.54.0...checker-framework-3.55.1\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "d8ad7b6765620c4f3f3078ee87c3d2cfb7423945", "tree": "5d47b057320ed5a203cb00f027ab64328e8a8430", "parents": [ "e54681b80e84573f4cb6e7fdcb77b4247768965f" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Apr 06 17:41:35 2026 +0900" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Apr 06 17:41:35 2026 +0900" }, "message": "MINOR: [CI] Bump docker/login-action from 4.0.0 to 4.1.0 (#1103)\n\nBumps [docker/login-action](https://github.com/docker/login-action) from\n4.0.0 to 4.1.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/docker/login-action/releases\"\u003edocker/login-action\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix scoped Docker Hub cleanup path when registry is omitted by \u003ca\nhref\u003d\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/945\"\u003edocker/login-action#945\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-ecr\u003c/code\u003e and\n\u003ccode\u003e@​aws-sdk/client-ecr-public\u003c/code\u003e to 3.1020.0 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/930\"\u003edocker/login-action#930\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.77.0 to 0.86.0 in\n\u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/932\"\u003edocker/login-action#932\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/936\"\u003edocker/login-action#936\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump brace-expansion from 1.1.12 to 1.1.13 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/952\"\u003edocker/login-action#952\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump fast-xml-parser from 5.3.4 to 5.3.6 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/942\"\u003edocker/login-action#942\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump flatted from 3.3.3 to 3.4.2 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/944\"\u003edocker/login-action#944\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump glob from 10.3.12 to 10.5.0 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/940\"\u003edocker/login-action#940\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump handlebars from 4.7.8 to 4.7.9 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/949\"\u003edocker/login-action#949\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump http-proxy-agent and https-proxy-agent to 8.0.0 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/937\"\u003edocker/login-action#937\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump lodash from 4.17.23 to 4.18.1 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/958\"\u003edocker/login-action#958\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump minimatch from 3.1.2 to 3.1.5 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/941\"\u003edocker/login-action#941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump picomatch from 4.0.3 to 4.0.4 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/948\"\u003edocker/login-action#948\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.24.1 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/938\"\u003edocker/login-action#938\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/docker/login-action/compare/v4.0.0...v4.1.0\"\u003ehttps://github.com/docker/login-action/compare/v4.0.0...v4.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/4907a6ddec9925e35a0a9e82d7399ccc52663121\"\u003e\u003ccode\u003e4907a6d\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/issues/930\"\u003e#930\u003c/a\u003e\nfrom docker/dependabot/npm_and_yarn/aws-sdk-dependenc...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/1e233e691a8881d7f35ca7c2d5dfaaed80b39636\"\u003e\u003ccode\u003e1e233e6\u003c/code\u003e\u003c/a\u003e\nchore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/6c24ead68057f18c30c808a431f0b85dc25663cb\"\u003e\u003ccode\u003e6c24ead\u003c/code\u003e\u003c/a\u003e\nbuild(deps): bump the aws-sdk-dependencies group with 2 updates\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/ee034d70944e3546349cd24295914f139342f1e6\"\u003e\u003ccode\u003eee034d7\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/issues/958\"\u003e#958\u003c/a\u003e\nfrom docker/dependabot/npm_and_yarn/lodash-4.18.1\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/1527209db9734bd2352a2dc1a63d79c9aa5358bb\"\u003e\u003ccode\u003e1527209\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/issues/937\"\u003e#937\u003c/a\u003e\nfrom docker/dependabot/npm_and_yarn/proxy-agent-depen...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/d39362aba4d72f8d9d93e0962119840690133e1b\"\u003e\u003ccode\u003ed39362a\u003c/code\u003e\u003c/a\u003e\nbuild(deps): bump lodash from 4.17.23 to 4.18.1\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/a6f092b568105cbb6d9deb7e55e0a4c5c1025fce\"\u003e\u003ccode\u003ea6f092b\u003c/code\u003e\u003c/a\u003e\nchore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/60953f0bed2120ec69659d271fe18d34bc069779\"\u003e\u003ccode\u003e60953f0\u003c/code\u003e\u003c/a\u003e\nbuild(deps): bump the proxy-agent-dependencies group with 2 updates\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/62c688590fb4ab6c6e89a217ced0a7b2ddcf1340\"\u003e\u003ccode\u003e62c6885\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/issues/936\"\u003e#936\u003c/a\u003e\nfrom docker/dependabot/npm_and_yarn/docker/actions-to...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/102c0e672992d2e992c89b6f4808d65a353b5a1a\"\u003e\u003ccode\u003e102c0e6\u003c/code\u003e\u003c/a\u003e\nchore: update generated content\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/docker/login-action/compare/b45d80f862d83dbcd57f89517bcf500b2ab88fb2...4907a6ddec9925e35a0a9e82d7399ccc52663121\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003ddocker/login-action\u0026package-manager\u003dgithub_actions\u0026previous-version\u003d4.0.0\u0026new-version\u003d4.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "e54681b80e84573f4cb6e7fdcb77b4247768965f", "tree": "526760b3a88b1950eea14a3d600e3ce6c1b4fb0c", "parents": [ "0703021c8315a55651b6f7446da8cc781f039f72" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 30 16:20:40 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 30 16:20:40 2026 +0200" }, "message": "MINOR: Bump com.diffplug.spotless:spotless-maven-plugin from 2.44.4 to 3.4.0 (#1088)\n\nBumps\n[com.diffplug.spotless:spotless-maven-plugin](https://github.com/diffplug/spotless)\nfrom 2.44.4 to 3.4.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/diffplug/spotless/releases\"\u003ecom.diffplug.spotless:spotless-maven-plugin\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eMaven Plugin v3.4.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003etableTest\u003c/code\u003e format type for standalone\n\u003ccode\u003e.table\u003c/code\u003e files. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2880\"\u003e#2880\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump default \u003ccode\u003etabletest-formatter\u003c/code\u003e version\n\u003ccode\u003e1.0.1\u003c/code\u003e -\u0026gt; \u003ccode\u003e1.1.1\u003c/code\u003e, now works with Java 17+.\n(\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2880\"\u003e#2880\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eLib v3.3.1\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eGitPrePushHookInstaller\u003c/code\u003e didn\u0027t work on windows, now\nfixed. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2562\"\u003e#2562\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eLib v3.3.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAllow specifying path to Biome JSON config file directly in\n\u003ccode\u003ebiome\u003c/code\u003e step. Requires biome 2.x. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2548\"\u003e#2548\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eGitPrePushHookInstaller\u003c/code\u003e, a reusable library component\nfor installing a Git \u003ccode\u003epre-push\u003c/code\u003e hook that runs formatter\nchecks. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2553\"\u003e#2553\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAllow setting Eclipse XML config from a string, not only from files\n(\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2361\"\u003e#2361\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChanged\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump default \u003ccode\u003egson\u003c/code\u003e version to latest \u003ccode\u003e2.11.0\u003c/code\u003e\n-\u0026gt; \u003ccode\u003e2.13.1\u003c/code\u003e. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2414\"\u003e#2414\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump default \u003ccode\u003ejackson\u003c/code\u003e version to latest\n\u003ccode\u003e2.18.1\u003c/code\u003e -\u0026gt; \u003ccode\u003e2.19.2\u003c/code\u003e. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2558\"\u003e#2558\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump default \u003ccode\u003egherkin-utils\u003c/code\u003e version to latest\n\u003ccode\u003e9.0.0\u003c/code\u003e -\u0026gt; \u003ccode\u003e9.2.0\u003c/code\u003e. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2408\"\u003e#2408\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump default \u003ccode\u003ecleanthat\u003c/code\u003e version to latest\n\u003ccode\u003e2.22\u003c/code\u003e -\u0026gt; \u003ccode\u003e2.23\u003c/code\u003e. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2556\"\u003e#2556\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMaven Plugin v3.3.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003etabletest-formatter\u003c/code\u003e support for Java and Kotlin.\n(\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2860\"\u003e#2860\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix the ability to specify a wildcard version (\u003ccode\u003e*\u003c/code\u003e) for\nexternal formatter executables, which did not work. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2848\"\u003e#2848\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e[fix] \u003ccode\u003eConcurrentModificationException\u003c/code\u003e in\n\u003ccode\u003eexpandWildcardImports\u003c/code\u003e (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/issues/2830\"\u003e#2830\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMaven Plugin v3.2.1\u003c/h2\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eremoveSemicolons()\u003c/code\u003e should not be applied to multiline\nstrings in groovy \u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/issues/2780\"\u003e#2780\u003c/a\u003e\n(\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/issues/2792\"\u003e#2792\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eLib v3.2.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for \u003ccode\u003eidea\u003c/code\u003e (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2020\"\u003e#2020\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2535\"\u003e#2535\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd support for removing wildcard imports via\n\u003ccode\u003eremoveWildcardImports\u003c/code\u003e step. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2517\"\u003e#2517\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003escalafmt: enforce version consistency between the version configured\nin Spotless and the version declared in Scalafmt config file (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/issues/2460\"\u003e#2460\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eSortPom\u003c/code\u003e disable expandEmptyElements, to avoid empty\nbody warnings. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2520\"\u003e#2520\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix biome formatter for new major release 2.x of biome (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2537\"\u003e#2537\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMake sure npm-based formatters use the correct\n\u003ccode\u003enode_modules\u003c/code\u003e directory when running in parallel. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2542\"\u003e#2542\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump internal dependencies for npm-based formatters (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2542\"\u003e#2542\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMaven Plugin v3.2.0\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd the ability to specify a wildcard version (\u003ccode\u003e*\u003c/code\u003e) for\nexternal formatter executables. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/issues/2757\"\u003e#2757\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDramatic (~100x) performance improvement when using git\n\u003ccode\u003eratchetFrom\u003c/code\u003e. (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/pull/2805\"\u003e#2805\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/diffplug/spotless/commit/708a1b0e6383ad2dd34cf3def185bb085a786789\"\u003e\u003ccode\u003e708a1b0\u003c/code\u003e\u003c/a\u003e\nPublished maven/3.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/diffplug/spotless/commit/1cc0163c25b52824cd57b56cdcb8c4cb0c7b4795\"\u003e\u003ccode\u003e1cc0163\u003c/code\u003e\u003c/a\u003e\nPublished gradle/8.4.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/diffplug/spotless/commit/a4cd808f6092c6ed9371205de4af5285beea9533\"\u003e\u003ccode\u003ea4cd808\u003c/code\u003e\u003c/a\u003e\nPublished lib/4.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/diffplug/spotless/commit/9066bf6ede907e913fbe30259de0763f1b0b55ea\"\u003e\u003ccode\u003e9066bf6\u003c/code\u003e\u003c/a\u003e\nAdd links to the changelog.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/diffplug/spotless/commit/db8dc1cc8e83b18ef357a0e660f03556fd792247\"\u003e\u003ccode\u003edb8dc1c\u003c/code\u003e\u003c/a\u003e\nFix for illegal mutation issue with \u003ccode\u003epredeclareDeps\u003c/code\u003e (\u003ca\nhref\u003d\"https://redirect.github.com/diffplug/spotless/issues/2892\"\u003e#2892\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/diffplug/spotless/commit/0eb98a9574304e362f0ca6ddbfb71617de46df75\"\u003e\u003ccode\u003e0eb98a9\u003c/code\u003e\u003c/a\u003e\nchore: Updated gradle plugin change\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/diffplug/spotless/commit/3f7f12e649b1085a7937b8730e6a7689a52ca6da\"\u003e\u003ccode\u003e3f7f12e\u003c/code\u003e\u003c/a\u003e\nchore: Removes check for predeclare as it\u0027s not needed anymore\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/diffplug/spotless/commit/55c0c5c081b83ad35e92911718e3069a64467c2a\"\u003e\u003ccode\u003e55c0c5c\u003c/code\u003e\u003c/a\u003e\nfix: IsolatedProjectTest.predeclaredIsUnsupported() is now actually\nsupported...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/diffplug/spotless/commit/47489afd92aa79f56372bd53e82d09a44f606a32\"\u003e\u003ccode\u003e47489af\u003c/code\u003e\u003c/a\u003e\nfix: avoid IllegalMutationException when root project uses\npredeclareDeps() w...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/diffplug/spotless/commit/4010e8b42c32b8dfac31a988c6820b6b0ef499bd\"\u003e\u003ccode\u003e4010e8b\u003c/code\u003e\u003c/a\u003e\ntest: Introduce a test harnessing predeclared deps\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/diffplug/spotless/compare/maven/2.44.4...maven/3.4.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.diffplug.spotless:spotless-maven-plugin\u0026package-manager\u003dmaven\u0026previous-version\u003d2.44.4\u0026new-version\u003d3.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\n---------\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e\nCo-authored-by: JB Onofré \u003cjbonofre@apache.org\u003e\nCo-authored-by: JB Onofré \u003cjb.onofre@dremio.com\u003e" }, { "commit": "0703021c8315a55651b6f7446da8cc781f039f72", "tree": "1b54586c183aa69108d4e7ac05af2578943c3ef8", "parents": [ "447372ce4caa5a53387018861e3ea9d1f7be795c" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 30 14:56:30 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 30 14:56:30 2026 +0200" }, "message": "MINOR: Bump org.apache:apache from 33 to 37 (#1033)\n\nBumps [org.apache:apache](https://github.com/apache/maven-apache-parent)\nfrom 33 to 37.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/apache/maven-apache-parent/releases\"\u003eorg.apache:apache\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eApache Parent POM version 37\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e🚀 New features and improvements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDisable parallel PUT on release (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/566\"\u003e#566\u003c/a\u003e)\n\u003ca\nhref\u003d\"https://github.com/slawekjaranowski\"\u003e\u003ccode\u003e@​slawekjaranowski\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eApache Parent POM version 36\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e:boom: Breaking changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate minimum maven version to match current stable version (3.6.3\n-\u0026gt; 3.9) (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/533\"\u003e#533\u003c/a\u003e)\n\u003ca\nhref\u003d\"https://github.com/DomGarguilo\"\u003e\u003ccode\u003e@​DomGarguilo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIntroduce javaVersion property for maven.compiler.* configuration\n(\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/551\"\u003e#551\u003c/a\u003e)\n\u003ca\nhref\u003d\"https://github.com/slawekjaranowski\"\u003e\u003ccode\u003e@​slawekjaranowski\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch JDK \u0026gt;\u003d 9 to only use maven.compiler.release (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/543\"\u003e#543\u003c/a\u003e)\n\u003ca href\u003d\"https://github.com/gnodet\"\u003e\u003ccode\u003e@​gnodet\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🚀 New features and improvements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate minimum maven version to match current stable version (3.6.3\n-\u0026gt; 3.9) (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/533\"\u003e#533\u003c/a\u003e)\n\u003ca\nhref\u003d\"https://github.com/DomGarguilo\"\u003e\u003ccode\u003e@​DomGarguilo\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIntroduce javaVersion property for maven.compiler.* configuration\n(\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/551\"\u003e#551\u003c/a\u003e)\n\u003ca\nhref\u003d\"https://github.com/slawekjaranowski\"\u003e\u003ccode\u003e@​slawekjaranowski\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch JDK \u0026gt;\u003d 9 to only use maven.compiler.release (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/543\"\u003e#543\u003c/a\u003e)\n\u003ca href\u003d\"https://github.com/gnodet\"\u003e\u003ccode\u003e@​gnodet\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd default specification and implementation for javadoc and source\nmanifest entries (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/548\"\u003e#548\u003c/a\u003e)\n\u003ca\nhref\u003d\"https://github.com/slawekjaranowski\"\u003e\u003ccode\u003e@​slawekjaranowski\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e📝 Documentation updates\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClarify how to use Apache Snapshot repository (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/558\"\u003e#558\u003c/a\u003e)\n\u003ca href\u003d\"https://github.com/kwin\"\u003e\u003ccode\u003e@​kwin\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eactivate Fluido skin\u0027s anchorJs (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/553\"\u003e#553\u003c/a\u003e)\n\u003ca href\u003d\"https://github.com/hboutemy\"\u003e\u003ccode\u003e@​hboutemy\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e👻 Maintenance\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAvoid - WARNING: Use of the three-letter time zone ID ... on JDK 25\nfor RAT plugin (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/562\"\u003e#562\u003c/a\u003e)\n\u003ca\nhref\u003d\"https://github.com/slawekjaranowski\"\u003e\u003ccode\u003e@​slawekjaranowski\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: enable prevent branch protection rules (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/535\"\u003e#535\u003c/a\u003e)\n\u003ca href\u003d\"https://github.com/sebtiem\"\u003e\u003ccode\u003e@​sebtiem\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e📦 Dependency updates\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump org.apache.maven.plugins:maven-release-plugin from 3.3.0 to\n3.3.1 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/565\"\u003e#565\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven.plugins:maven-release-plugin from 3.2.0 to\n3.3.0 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/559\"\u003e#559\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven.plugins:maven-source-plugin from 3.3.1 to\n3.4.0 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/557\"\u003e#557\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven.plugins:maven-assembly-plugin from 3.7.1 to\n3.8.0 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/556\"\u003e#556\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven.plugins:maven-war-plugin from 3.5.0 to 3.5.1\n(\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/555\"\u003e#555\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven.plugins:maven-resources-plugin from 3.3.1 to\n3.4.0 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/554\"\u003e#554\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven.plugins:maven-jar-plugin from 3.4.2 to 3.5.0\n(\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/552\"\u003e#552\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade maven-release-plugin to version 3.2.0 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/549\"\u003e#549\u003c/a\u003e)\n\u003ca href\u003d\"https://github.com/kwin\"\u003e\u003ccode\u003e@​kwin\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven.plugins:maven-dependency-plugin from 3.8.1 to\n3.9.0 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/542\"\u003e#542\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven.plugins:maven-war-plugin from 3.4.0 to 3.5.0\n(\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/546\"\u003e#546\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump version.maven-plugin-tools from 3.15.1 to 3.15.2 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/547\"\u003e#547\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven.plugins:maven-antrun-plugin from 3.1.0 to\n3.2.0 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/545\"\u003e#545\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven.plugins:maven-enforcer-plugin from 3.6.1 to\n3.6.2 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/541\"\u003e#541\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven.plugins:maven-scm-plugin from 2.1.0 to 2.2.1\n(\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/540\"\u003e#540\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven.plugins:maven-ear-plugin from 3.3.0 to 3.4.0\n(\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/527\"\u003e#527\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven.plugins:maven-javadoc-plugin from 3.11.3 to\n3.12.0 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/538\"\u003e#538\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven.plugins:maven-compiler-plugin from 3.14.0 to\n3.14.1 (\u003ca\nhref\u003d\"https://redirect.github.com/apache/maven-apache-parent/pull/539\"\u003e#539\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/apache/maven-apache-parent/commits\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dorg.apache:apache\u0026package-manager\u003dmaven\u0026previous-version\u003d33\u0026new-version\u003d37)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\n\u003e **Note**\n\u003e Automatic rebases have been disabled on this pull request as it has\nbeen open for over 30 days.\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "447372ce4caa5a53387018861e3ea9d1f7be795c", "tree": "2a9a8f79f06197af53f15aea2863bf630cd03ca6", "parents": [ "4297733dae36ca83234a239b25068db775a09743" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 30 10:57:29 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 30 10:57:29 2026 +0200" }, "message": "MINOR: Bump com.google.api.grpc:proto-google-common-protos from 2.66.0 to 2.67.0 (#1092)\n\nBumps\n[com.google.api.grpc:proto-google-common-protos](https://github.com/googleapis/sdk-platform-java)\nfrom 2.66.0 to 2.67.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/releases\"\u003ecom.google.api.grpc:proto-google-common-protos\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.67.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/compare/v2.66.1...v2.67.0\"\u003e2.67.0\u003c/a\u003e\n(2026-02-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eobservability:\u003c/strong\u003e introduce minimal tracing\nimplementation (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4105\"\u003e#4105\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/e4e5e893e7a62bd12528e7d448dc2789f71946eb\"\u003ee4e5e89\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade Google-Auth-Library to v1.43.0 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4114\"\u003e#4114\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/825298b6bf225bb8536ecab9d788f82f3f8eec4d\"\u003e825298b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpgrade grpc to 1.76.3 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4106\"\u003e#4106\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/c6555f5f0cd85683db76394271e1f57989cac7d0\"\u003ec6555f5\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.66.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/compare/v2.66.0...v2.66.1\"\u003e2.66.1\u003c/a\u003e\n(2026-02-04)\u003c/h2\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[common-protos] update reference documentation for\n\u003ccode\u003eSelectionInput.DROPDOWN\u003c/code\u003e to include dynamic data sources and\nautosuggestion (\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/9960262cf248400836c04063e6a701bec2aca1ba\"\u003e9960262\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/blob/main/CHANGELOG.md\"\u003ecom.google.api.grpc:proto-google-common-protos\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/compare/v2.66.1...v2.67.0\"\u003e2.67.0\u003c/a\u003e\n(2026-02-18)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eobservability:\u003c/strong\u003e introduce minimal tracing\nimplementation (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4105\"\u003e#4105\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/e4e5e893e7a62bd12528e7d448dc2789f71946eb\"\u003ee4e5e89\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade Google-Auth-Library to v1.43.0 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4114\"\u003e#4114\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/825298b6bf225bb8536ecab9d788f82f3f8eec4d\"\u003e825298b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eUpgrade grpc to 1.76.3 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4106\"\u003e#4106\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/c6555f5f0cd85683db76394271e1f57989cac7d0\"\u003ec6555f5\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/compare/v2.66.0...v2.66.1\"\u003e2.66.1\u003c/a\u003e\n(2026-02-04)\u003c/h2\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[common-protos] update reference documentation for\n\u003ccode\u003eSelectionInput.DROPDOWN\u003c/code\u003e to include dynamic data sources and\nautosuggestion (\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/9960262cf248400836c04063e6a701bec2aca1ba\"\u003e9960262\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/50d2af33e055075693b8ee14cc8a2da107320144\"\u003e\u003ccode\u003e50d2af3\u003c/code\u003e\u003c/a\u003e\nchore(main): release 2.67.0 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4107\"\u003e#4107\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/ffb6b02f9711d247204fce57d98d5f0fb974bf39\"\u003e\u003ccode\u003effb6b02\u003c/code\u003e\u003c/a\u003e\nchore(deps): update upper bound dependencies file (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4112\"\u003e#4112\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/825298b6bf225bb8536ecab9d788f82f3f8eec4d\"\u003e\u003ccode\u003e825298b\u003c/code\u003e\u003c/a\u003e\ndeps: Upgrade Google-Auth-Library to v1.43.0 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4114\"\u003e#4114\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/3fa1ca3ffa0e4d103e2812bd5c29547b7e4d6410\"\u003e\u003ccode\u003e3fa1ca3\u003c/code\u003e\u003c/a\u003e\nchore: update googleapis commit at Thu Feb 5 03:00:22 UTC 2026 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4104\"\u003e#4104\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/e4e5e893e7a62bd12528e7d448dc2789f71946eb\"\u003e\u003ccode\u003ee4e5e89\u003c/code\u003e\u003c/a\u003e\nfeat(observability): introduce minimal tracing implementation (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4105\"\u003e#4105\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/c6555f5f0cd85683db76394271e1f57989cac7d0\"\u003e\u003ccode\u003ec6555f5\u003c/code\u003e\u003c/a\u003e\ndeps: Upgrade grpc to 1.76.3 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4106\"\u003e#4106\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/117c390d24a734aafb0f994ded30a054c6eed901\"\u003e\u003ccode\u003e117c390\u003c/code\u003e\u003c/a\u003e\nchore(main): release 2.66.2-SNAPSHOT (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4102\"\u003e#4102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/ff33367579969c7ce65dd84a505f8d91b8ba67fd\"\u003e\u003ccode\u003eff33367\u003c/code\u003e\u003c/a\u003e\ntests: Upgrade logback to 1.5.25 in tests (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4103\"\u003e#4103\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/a4d8c44b60f3285244afbff7ef2cbfe032947688\"\u003e\u003ccode\u003ea4d8c44\u003c/code\u003e\u003c/a\u003e\ntests: Remove 3.25.8 from protobuf compatibility testing (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4101\"\u003e#4101\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/3b280a3d65bc45368536e715a4fa6c04ddbfff66\"\u003e\u003ccode\u003e3b280a3\u003c/code\u003e\u003c/a\u003e\nchore(main): release 2.66.1 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4100\"\u003e#4100\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/compare/v2.66.0...v2.67.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.google.api.grpc:proto-google-common-protos\u0026package-manager\u003dmaven\u0026previous-version\u003d2.66.0\u0026new-version\u003d2.67.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "4297733dae36ca83234a239b25068db775a09743", "tree": "3cb201618c6d83e0a5aa7902524a08aa8360646d", "parents": [ "89fa995eac2aa84e0195341bff601dfce66b942e" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 30 10:30:50 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 30 10:30:50 2026 +0200" }, "message": "MINOR: Bump com.gradle:develocity-maven-extension from 2.3.4 to 2.4.0 (#1095)\n\nBumps com.gradle:develocity-maven-extension from 2.3.4 to 2.4.0.\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.gradle:develocity-maven-extension\u0026package-manager\u003dmaven\u0026previous-version\u003d2.3.4\u0026new-version\u003d2.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "89fa995eac2aa84e0195341bff601dfce66b942e", "tree": "e87d7dc9e739303da3b6b15a4388663e52f2c1be", "parents": [ "168a969147ea77a6fe8f12fa15c6bc25b1e671f2" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 30 10:22:13 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 30 10:22:13 2026 +0200" }, "message": "MINOR: Bump com.nimbusds:oauth2-oidc-sdk from 11.34 to 11.37 (#1096)\n\nBumps\n[com.nimbusds:oauth2-oidc-sdk](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions)\nfrom 11.34 to 11.37.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/src/master/CHANGELOG.txt\"\u003ecom.nimbusds:oauth2-oidc-sdk\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eversion 1.0 (2012-05-29)\n* First official release with authorisation endpoint, token endpoint,\ncheck\nID endpoint and UserInfo endpoint support.\n* JSON Web Tokens (JWTs) support through the Nimbus-JWT library.\n* Language Tags (RFC 5646) support through the Nimbus-LangTag library.\n* JSON support through the JSON Smart library.\u003c/p\u003e\n\u003cp\u003eversion 2.0 (2013-05-13)\n* Intermediary development release with Maven build, published to\nMaven Central.\u003c/p\u003e\n\u003cp\u003eversion 2.1 (2013-06-06)\n* Updates the APIs to OpenID Connect Messages draft 20, OpenID Connect\nStandard draft 21, OpenID Connect Discovery draft 17 and OpenID\nConnect Registration draft 19.\n* Major refactoring of the APIs for greater simplicity.\n* Adds JUnit tests.\u003c/p\u003e\n\u003cp\u003eversion 2.2 (2013-06-18)\n* Refactors dynamic OpenID Connect client registration.\n* Adds partial support of the OAuth 2.0 Dynamic Client Registration\nProtocol (draft-ietf-oauth-dyn-reg-12).\n* Optimises parsing of request parameters consisting of one or more\ntokens (scope, response type, etc).\u003c/p\u003e\n\u003cp\u003eversion 2.3 (2013-06-19)\n* Renames OAuth 2.0 dynamic client registration package.\n* Adds ClientInformation.getClientMetadata() method.\n* Adds OIDCClientInformation class.\u003c/p\u003e\n\u003cp\u003eversion 2.4 (2013-06-20)\n* Adds static OIDCClientInformation.parse(JSONObject) method.\u003c/p\u003e\n\u003cp\u003eversion 2.5 (2013-06-22)\n* Adds support OAuth 2.0 dynamic client update.\n* Adds OpenID Connect dynamic client registration classes.\u003c/p\u003e\n\u003cp\u003eversion 2.6 (2013-06-25)\n* Enforces order of preference of ACR values in OpenID Connect client\nmetadata, as required by the specification.\n* Documentation and performance improvements.\u003c/p\u003e\n\u003cp\u003eversion 2.7 (2013-06-26)\n* Switches Identifier generation to java.security.SecureRandom.\u003c/p\u003e\n\u003cp\u003eversion 2.8 (2013-06-30)\n* Fixes serialisation and assignment bugs in ClientMetadata.\n* Switches Secret generation to java.security.SecureRandom.\u003c/p\u003e\n\u003cp\u003eversion 2.9 (2013-09-17)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/d98de1ab39f699e39903967775abc242fc064e78\"\u003e\u003ccode\u003ed98de1a\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/2ea716f29401515a656c73bef9d66d5860270b2f\"\u003e\u003ccode\u003e2ea716f\u003c/code\u003e\u003c/a\u003e\nShortens InvalidClientException messages\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/ed5773c5a3383a4c5af5f8484aad2864dc1b79c6\"\u003e\u003ccode\u003eed5773c\u003c/code\u003e\u003c/a\u003e\nTokenRevocationRequest receives custom form parameters support\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/e133559f00d1469a5da284cfdbb30d4d0102e3be\"\u003e\u003ccode\u003ee133559\u003c/code\u003e\u003c/a\u003e\nUpdates tests for shortened InvalidClientException messages\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/fe43e1f129febee53c0a15178b08b6e835bcd460\"\u003e\u003ccode\u003efe43e1f\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release 11.35\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/73224c9422c0ebb3c1a3b5387aac2d529d8bef5b\"\u003e\u003ccode\u003e73224c9\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/f3f728613feb023640801faf33873d55f6c2ec98\"\u003e\u003ccode\u003ef3f7286\u003c/code\u003e\u003c/a\u003e\nAdds static JSONObjectUtils.getNonNegativeLong methods\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/d6899e0554d630956dd09e3d2ba1236ee66d2bd6\"\u003e\u003ccode\u003ed6899e0\u003c/code\u003e\u003c/a\u003e\nCleans up JSONObjectUtils.getEnum(net.minidev.json.JSONObject,\njava.lang.Stri...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/9b05d23a876550842e75c1abff08795ac825b9a0\"\u003e\u003ccode\u003e9b05d23\u003c/code\u003e\u003c/a\u003e\nAdds non-negative checks when parsing Date instances from Unix\ntimestamps (is...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/592d8f4e82e7815966258c114b66834b9b4c9e6c\"\u003e\u003ccode\u003e592d8f4\u003c/code\u003e\u003c/a\u003e\nAdds \u0026quot;acr\u0026quot; and \u0026quot;auth_time\u0026quot; parameter (RFC 9470)\nsupport to TokenIntrospection...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/branches/compare/11.37..11.34\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.nimbusds:oauth2-oidc-sdk\u0026package-manager\u003dmaven\u0026previous-version\u003d11.34\u0026new-version\u003d11.37)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "168a969147ea77a6fe8f12fa15c6bc25b1e671f2", "tree": "28fb1af6255e6f73a7263d5278aa15177a91e685", "parents": [ "07d998733b9c31117941d7ec6c983e7ae51d47b7" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 30 10:21:57 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 30 10:21:57 2026 +0200" }, "message": "MINOR: Bump io.netty:netty-bom from 4.2.10.Final to 4.2.12.Final (#1091)\n\nBumps [io.netty:netty-bom](https://github.com/netty/netty) from\n4.2.10.Final to 4.2.12.Final.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/netty/netty/releases\"\u003eio.netty:netty-bom\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003enetty-4.2.12.Final\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRevert \u0026quot;Eliminate redundant bounds checks in CompositeByteBuf\naccessors\u0026quot; by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16550\"\u003enetty/netty#16550\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/netty/netty/compare/netty-4.2.11.Final...netty-4.2.12.Final\"\u003ehttps://github.com/netty/netty/compare/netty-4.2.11.Final...netty-4.2.12.Final\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003enetty-4.2.11.Final\u003c/h2\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCVE-2026-33871, \u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-w9fj-cfpg-grvv\"\u003eHTTP/2\nCONTINUATION Frame Flood Denial of Service\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCVE-2026-33870, \u003ca\nhref\u003d\"https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8\"\u003eHTTP\nRequest Smuggling via Chunked Extension Quoted-String Parsing\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to latest JDK 26 EA release by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16230\"\u003enetty/netty#16230\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHTTP3: Allow to support non-standard HTTP3 settings by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16171\"\u003enetty/netty#16171\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix Incorrect nanos-to-millis conversion in epoll_wait EINTR retry\nloop by \u003ca\nhref\u003d\"https://github.com/adwsingh\"\u003e\u003ccode\u003e@​adwsingh\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16245\"\u003enetty/netty#16245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllocate one large segment and slice for each MsgHdrMemory by \u003ca\nhref\u003d\"https://github.com/dreamlike-ocean\"\u003e\u003ccode\u003e@​dreamlike-ocean\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16234\"\u003enetty/netty#16234\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake RefCntOpenSslContext.deallocate more robust by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16253\"\u003enetty/netty#16253\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEpoll: Fix excessive CPU usage when Channel is only registered but\nno… by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16250\"\u003enetty/netty#16250\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to gcc for arm 10.3-2021.07 by \u003ca\nhref\u003d\"https://github.com/m1ngyuan\"\u003e\u003ccode\u003e@​m1ngyuan\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16255\"\u003enetty/netty#16255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd acmeIdentifier extension support to pkitesting by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16256\"\u003enetty/netty#16256\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate JDK versions to latest patch releases by \u003ca\nhref\u003d\"https://github.com/m1ngyuan\"\u003e\u003ccode\u003e@​m1ngyuan\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16254\"\u003enetty/netty#16254\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid allocation in HttpObjectEncoder.addEncodedLengthHex method by\n\u003ca href\u003d\"https://github.com/doom369\"\u003e\u003ccode\u003e@​doom369\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16241\"\u003enetty/netty#16241\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAutomatic backporting workflow from 4.1 to 4.2 by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16269\"\u003enetty/netty#16269\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRevert \u0026quot;Automatic backporting workflow from 4.1 to 4.2\u0026quot; by\n\u003ca href\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in\n\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16270\"\u003enetty/netty#16270\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHTTP2: Correctly account for padding when decompress by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16264\"\u003enetty/netty#16264\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAutomatic backporting workflow from 4.1 to 4.2 by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16271\"\u003enetty/netty#16271\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAutomatic backporting workflow from 4.1 to 4.2 by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16273\"\u003enetty/netty#16273\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBackport PRs must be created with personal access tokens by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16276\"\u003enetty/netty#16276\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpose QuicSslContextBuilder::sni by \u003ca\nhref\u003d\"https://github.com/ZeroErrors\"\u003e\u003ccode\u003e@​ZeroErrors\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16178\"\u003enetty/netty#16178\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd more porting workflows by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16275\"\u003enetty/netty#16275\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd more porting workflows by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16283\"\u003enetty/netty#16283\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove the unpooled allocator from test permutations by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16282\"\u003enetty/netty#16282\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSome polishing of the porting workflows by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16288\"\u003enetty/netty#16288\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAllow to set destination connection id when creating a client side\nQuicheChannel by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16286\"\u003enetty/netty#16286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to latest JDK26 EA build by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16295\"\u003enetty/netty#16295\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd javadoc to clarify responsibility of the user when generating\nthe remote connection id by \u003ca\nhref\u003d\"https://github.com/normanmaurer\"\u003e\u003ccode\u003e@​normanmaurer\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16293\"\u003enetty/netty#16293\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake the build run faster by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16290\"\u003enetty/netty#16290\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix IDE warnings in SslHandler by \u003ca\nhref\u003d\"https://github.com/doom369\"\u003e\u003ccode\u003e@​doom369\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16237\"\u003enetty/netty#16237\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDecrease Long allocations and map.put calls in\nReferenceCountedOpenSllEngine in handshake() method by \u003ca\nhref\u003d\"https://github.com/doom369\"\u003e\u003ccode\u003e@​doom369\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16242\"\u003enetty/netty#16242\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport boringssl SSLCredential API by \u003ca\nhref\u003d\"https://github.com/jmcrawford45\"\u003e\u003ccode\u003e@​jmcrawford45\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/15919\"\u003enetty/netty#15919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix high-order bit aliasing in HttpUtil.validateToken by \u003ca\nhref\u003d\"https://github.com/furkanvarol\"\u003e\u003ccode\u003e@​furkanvarol\u003c/code\u003e\u003c/a\u003e in\n\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16279\"\u003enetty/netty#16279\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove multi-byte access performance when UNALIGNED availability is\nunknown by \u003ca\nhref\u003d\"https://github.com/Songdoeon\"\u003e\u003ccode\u003e@​Songdoeon\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16207\"\u003enetty/netty#16207\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAvoid unnecessary SSL.getVersion() call and string allocation in\nReferenceCountedOpenSslEngine by \u003ca\nhref\u003d\"https://github.com/doom369\"\u003e\u003ccode\u003e@​doom369\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16278\"\u003enetty/netty#16278\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport more branch freedom for auto-porting by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16300\"\u003enetty/netty#16300\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: the precedence of + is higher than \u0026gt;\u0026gt; by \u003ca\nhref\u003d\"https://github.com/cuiweixie\"\u003e\u003ccode\u003e@​cuiweixie\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16312\"\u003enetty/netty#16312\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdaptiveByteBufAllocator: make sure byteBuf.capacity() not greater\nthan byteBuf.maxCapacity() by \u003ca\nhref\u003d\"https://github.com/laosijikaichele\"\u003e\u003ccode\u003e@​laosijikaichele\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16309\"\u003enetty/netty#16309\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix flaky PooledByteBufAllocatorTest by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16313\"\u003enetty/netty#16313\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix pooled arena accounting tests by \u003ca\nhref\u003d\"https://github.com/chrisvest\"\u003e\u003ccode\u003e@​chrisvest\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/pull/16321\"\u003enetty/netty#16321\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/67ce541e4692853e24fc506466960db35bb64914\"\u003e\u003ccode\u003e67ce541\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release netty-4.2.12.Final\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/7074624644b79f4e97081bd58a58ed135962b8c2\"\u003e\u003ccode\u003e7074624\u003c/code\u003e\u003c/a\u003e\nRevert \u0026quot;Eliminate redundant bounds checks in CompositeByteBuf\naccessors\u0026quot; (\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16\"\u003e#16\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/c3b0a43442dbf84e3eb161d5f252623f832f1579\"\u003e\u003ccode\u003ec3b0a43\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/c94a8180e749f694fb76963dd494bae17c31aff6\"\u003e\u003ccode\u003ec94a818\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release netty-4.2.11.Final\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/3b76df185678353733aa21702d6be16130d188a0\"\u003e\u003ccode\u003e3b76df1\u003c/code\u003e\u003c/a\u003e\nMerge commit from fork\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/aae944a19eb036993fc47c4b40639476f519deaf\"\u003e\u003ccode\u003eaae944a\u003c/code\u003e\u003c/a\u003e\nAuto-port 4.2: Limit the number of Continuation frames per HTTP2 Headers\n(\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16\"\u003e#16\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/60014996491c41d91c26f80bca096610f34fc858\"\u003e\u003ccode\u003e6001499\u003c/code\u003e\u003c/a\u003e\nEliminate redundant bounds checks in CompositeByteBuf accessors (\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16525\"\u003e#16525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/a7fbb6f84625ef29733a1506ed3520e3c21d5247\"\u003e\u003ccode\u003ea7fbb6f\u003c/code\u003e\u003c/a\u003e\nJdkZlibDecoder: accumulate decompressed output before firing channelRead\n(\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16\"\u003e#16\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/7937553d8f49e17b064f57b1414907aed8e3be3d\"\u003e\u003ccode\u003e7937553\u003c/code\u003e\u003c/a\u003e\nEnforce io.netty.maxDirectMemory accounting on all Java versions (\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16489\"\u003e#16489\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/893ea2ea6c35c9e1812e5d331530b88d8690022b\"\u003e\u003ccode\u003e893ea2e\u003c/code\u003e\u003c/a\u003e\nAllocate less in QueryStringDecoder.addParam for typical use case (\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16527\"\u003e#16527\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/netty/netty/compare/netty-4.2.10.Final...netty-4.2.12.Final\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dio.netty:netty-bom\u0026package-manager\u003dmaven\u0026previous-version\u003d4.2.10.Final\u0026new-version\u003d4.2.12.Final)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "07d998733b9c31117941d7ec6c983e7ae51d47b7", "tree": "899a15d4104e8e59740f6c2d9d693945e88e9b24", "parents": [ "01affd741864c493cb76b9357fb32ead7f977672" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue Mar 24 09:40:43 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Mar 24 09:40:43 2026 +0100" }, "message": "MINOR: Bump com.h2database:h2 from 2.3.232 to 2.4.240 (#1084)\n\nBumps [com.h2database:h2](https://github.com/h2database/h2database) from\n2.3.232 to 2.4.240.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/h2database/h2database/releases\"\u003ecom.h2database:h2\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.4.240\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/h2database/h2database/commit/c8eb81be7a30786b7534377a7e475bdaa08aeeb8\"\u003e\u003ccode\u003ec8eb81b\u003c/code\u003e\u003c/a\u003e\nin preparation for a release\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/h2database/h2database/commit/7ff5ee5cf0fa7d75ad341ebf53ff9301e390b537\"\u003e\u003ccode\u003e7ff5ee5\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/h2database/h2database/issues/4260\"\u003e#4260\u003c/a\u003e\nfrom JackPGreen/update-maven-central-url\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/h2database/h2database/commit/da4c337f0251d51b2aaeeb28133fb87c8da4907c\"\u003e\u003ccode\u003eda4c337\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/h2database/h2database/issues/4271\"\u003e#4271\u003c/a\u003e\nfrom IrisesD/master\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/h2database/h2database/commit/d053544f6baa9d91339b51a1b30572d1fabfe705\"\u003e\u003ccode\u003ed053544\u003c/code\u003e\u003c/a\u003e\nfeat: allow \u003ccode\u003eCATALOG\u003c/code\u003e in \u003ccode\u003eCREATE SCHEMA\u003c/code\u003e and\n\u003ccode\u003eDROP SCHEMA\u003c/code\u003e (\u003ca\nhref\u003d\"https://redirect.github.com/h2database/h2database/issues/4277\"\u003e#4277\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/h2database/h2database/commit/a448d91e083eceec493be60d398656f27a0ed4c7\"\u003e\u003ccode\u003ea448d91\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/h2database/h2database/issues/4273\"\u003e#4273\u003c/a\u003e\nfrom naive924/feat/compactThreads\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/h2database/h2database/commit/6672123e6a404d6fde309bc9871538ddf838b0b6\"\u003e\u003ccode\u003e6672123\u003c/code\u003e\u003c/a\u003e\nfix: change log\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/h2database/h2database/commit/858e74abc3676686c547f0182a73519e9962044c\"\u003e\u003ccode\u003e858e74a\u003c/code\u003e\u003c/a\u003e\nfix: MVStore.compact: run map copy in parallel by default (¼ cores,\noverride ...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/h2database/h2database/commit/bce0ec1f9e116dae837d756af14281d3d566905d\"\u003e\u003ccode\u003ebce0ec1\u003c/code\u003e\u003c/a\u003e\nfeat: parallel map copy option for MVStore.compact()\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/h2database/h2database/commit/d8a6cc3e20e028ac854c08764b9c3e41e360b72e\"\u003e\u003ccode\u003ed8a6cc3\u003c/code\u003e\u003c/a\u003e\nFix command syntax in help.csv\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/h2database/h2database/commit/c45413cdc3f0c0bf77a62817c14cdaec65c87096\"\u003e\u003ccode\u003ec45413c\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/h2database/h2database/issues/4266\"\u003e#4266\u003c/a\u003e\nfrom andreitokar/issue-4208-2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/h2database/h2database/compare/version-2.3.232...version-2.4.240\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.h2database:h2\u0026package-manager\u003dmaven\u0026previous-version\u003d2.3.232\u0026new-version\u003d2.4.240)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "01affd741864c493cb76b9357fb32ead7f977672", "tree": "eadcdbd78569f44ee875d7701c3a73474f7ba7e7", "parents": [ "d5497915c604582e66613c96599b32a812fda4bc" ], "author": { "name": "JB Onofré", "email": "jb.onofre@dremio.com", "time": "Tue Mar 24 07:49:08 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Mar 24 07:49:08 2026 +0100" }, "message": "GH-1078: Upgrade minimum JDK version from 11 to 17 (#1079)\n\nUpdate compiler source/target/release to 17 across build config\n(pom.xml, bom), CI workflows, Docker images, Brewfile, and\ndocumentation. Replace deprecated boxed-type constructors with valueOf()\nin HolderReaderImpl codegen template to fix -Werror under release\u003d17.\n\n## What\u0027s Changed\n\nJDK 11 would not be supported in some cases.\n\n**This contains breaking changes.** \u003c!-- Remove this line if there are\nno breaking changes. --\u003e\n\nCloses #1078." }, { "commit": "d5497915c604582e66613c96599b32a812fda4bc", "tree": "5981b8e5cffa7169a9d34ede72fd20401d242176", "parents": [ "d9d6112b3e4037d72aa44e978bc72c2f7706c52c" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 23 18:47:12 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 23 18:47:12 2026 +0100" }, "message": "MINOR: Bump com.fasterxml.jackson:jackson-bom from 2.21.1 to 2.21.2 (#1082)\n\nBumps\n[com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom)\nfrom 2.21.1 to 2.21.2.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/10e12a55b0a1d0caaa82b8b41101e8ecd39ed976\"\u003e\u003ccode\u003e10e12a5\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release jackson-bom-2.21.2\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/d75490376b71e112c18fbe4d5f43a984bb2b2d6d\"\u003e\u003ccode\u003ed754903\u003c/code\u003e\u003c/a\u003e\nPrep for 2.21.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/63e1b3bb3e115e40580cd8c57263955d4fcbee24\"\u003e\u003ccode\u003e63e1b3b\u003c/code\u003e\u003c/a\u003e\nPost-release dep version bump\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/716ab0d1d95d45d07e9f00f5b8a889f500375981\"\u003e\u003ccode\u003e716ab0d\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.21.1...jackson-bom-2.21.2\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.fasterxml.jackson:jackson-bom\u0026package-manager\u003dmaven\u0026previous-version\u003d2.21.1\u0026new-version\u003d2.21.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "d9d6112b3e4037d72aa44e978bc72c2f7706c52c", "tree": "38f9d6f10a3862395208e88a7ab04fca891fc001", "parents": [ "1348b8dc8302daebe7bb76df9f3c13bdcf2766e9" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 23 18:46:51 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 23 18:46:51 2026 +0100" }, "message": "MINOR: Bump com.google.guava:guava-bom from 33.4.8-jre to 33.5.0-jre (#1083)\n\nBumps [com.google.guava:guava-bom](https://github.com/google/guava) from\n33.4.8-jre to 33.5.0-jre.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/google/guava/releases\"\u003ecom.google.guava:guava-bom\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e33.5.0\u003c/h2\u003e\n\u003ch3\u003eMaven\u003c/h3\u003e\n\u003cpre lang\u003d\"xml\"\u003e\u003ccode\u003e\u0026lt;dependency\u0026gt;\n \u0026lt;groupId\u0026gt;com.google.guava\u0026lt;/groupId\u0026gt;\n \u0026lt;artifactId\u0026gt;guava\u0026lt;/artifactId\u0026gt;\n \u0026lt;version\u0026gt;33.5.0-jre\u0026lt;/version\u0026gt;\n \u0026lt;!-- or, for Android: --\u0026gt;\n \u0026lt;version\u0026gt;33.5.0-android\u0026lt;/version\u0026gt;\n\u0026lt;/dependency\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch3\u003eJar files\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://repo1.maven.org/maven2/com/google/guava/guava/33.5.0-jre/guava-33.5.0-jre.jar\"\u003e33.5.0-jre.jar\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://repo1.maven.org/maven2/com/google/guava/guava/33.5.0-android/guava-33.5.0-android.jar\"\u003e33.5.0-android.jar\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eGuava requires \u003ca\nhref\u003d\"https://github.com/google/guava/wiki/UseGuavaInYourBuild#what-about-guavas-own-dependencies\"\u003eone\nruntime dependency\u003c/a\u003e, which you can download here:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://repo1.maven.org/maven2/com/google/guava/failureaccess/1.0.3/failureaccess-1.0.3.jar\"\u003efailureaccess-1.0.3.jar\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eJavadoc\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://guava.dev/releases/33.5.0-jre/api/docs/\"\u003e33.5.0-jre\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://guava.dev/releases/33.5.0-android/api/docs/\"\u003e33.5.0-android\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eJDiff\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://guava.dev/releases/33.5.0-jre/api/diffs/\"\u003e33.5.0-jre vs.\n33.4.8-jre\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://guava.dev/releases/33.5.0-android/api/diffs/\"\u003e33.5.0-android\nvs. 33.4.8-android\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://guava.dev/releases/33.5.0-android/api/androiddiffs/\"\u003e33.5.0-android\nvs. 33.5.0-jre\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChangelog\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRestored the \u003ccode\u003eAutomatic-Module-Name\u003c/code\u003e to\n\u003ccode\u003eguava-android\u003c/code\u003e. (It, unlike, \u003ccode\u003eguava-jre\u003c/code\u003e, is not\na proper module.) (7a04a8a955)\u003c/li\u003e\n\u003cli\u003eFor users of \u003ccode\u003eguava-gwt\u003c/code\u003e: Google \u003ca\nhref\u003d\"https://redirect.github.com/gwtproject/gwt-site/pull/394\"\u003ehas\nmoved off GWT internally\u003c/a\u003e. We plan to continue to release\n\u003ccode\u003eguava-gwt\u003c/code\u003e for users of GWT and \u003ca\nhref\u003d\"https://github.com/google/j2cl\"\u003eJ2CL\u003c/a\u003e, but the artifact is no\nlonger tested for GWT-specific issues, and we have limited resources to\nfix any unexpected issues that might arise. While we do not anticipate\nany specific problems, we can\u0027t guarantee how long support will\ncontinue.\u003c/li\u003e\n\u003cli\u003eIncreased our Android \u003ccode\u003eminSdkVersion\u003c/code\u003e to 23\n(Marshmallow). This follows the minimum of Google\u0027s foundational Android\nlibraries, and we expect it to have no practical impact on users.\n(5c23347cc1)\u003c/li\u003e\n\u003cli\u003eListed the JSpecify annotations as an optional dependency in our\nOSGi metadata. (2dfd572981)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ecache\u003c/code\u003e: Improved the handling of exceptions from compute\nfunctions in \u003ccode\u003eCache.asMap()\u003c/code\u003e. (We do still \u003ca\nhref\u003d\"https://guava.dev/releases/snapshot-jre/api/docs/com/google/common/cache/CacheBuilder.html#prefer-caffeine-over-guava-s-caching-api-heading\"\u003erecommend\u003c/a\u003e\nusing \u003ca href\u003d\"https://github.com/ben-manes/caffeine\"\u003eCaffeine\u003c/a\u003e\nrather than \u003ccode\u003ecom.google.common.cache\u003c/code\u003e.) (087f2c4a80)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003ecollect\u003c/code\u003e: Improved \u003ccode\u003eIterators.mergeSorted()\u003c/code\u003e\nto preserve stability for equal elements. (4dc93be9a8)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003emath\u003c/code\u003e: Added \u003ccode\u003esaturatedAbs\u003c/code\u003e methods to\n\u003ccode\u003eIntMath\u003c/code\u003e and \u003ccode\u003eLongMath\u003c/code\u003e. (ed0e518f20)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003enet\u003c/code\u003e: Added \u003ccode\u003eimage/avif\u003c/code\u003e to\n\u003ccode\u003eMediaType\u003c/code\u003e. (53344caba6)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003etesting\u003c/code\u003e: Made \u003ccode\u003eCollectorTester\u003c/code\u003e available to\nAndroid users. (294c251079)\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eutil.concurrent\u003c/code\u003e: Added \u003ccode\u003eStriped.custom\u003c/code\u003e.\n(1586eb271d)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/google/guava/commits\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.google.guava:guava-bom\u0026package-manager\u003dmaven\u0026previous-version\u003d33.4.8-jre\u0026new-version\u003d33.5.0-jre)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "1348b8dc8302daebe7bb76df9f3c13bdcf2766e9", "tree": "6ac37cb670668fc2dc4d970608692e282d55a864", "parents": [ "a8b238061bfdab433d25ee223ce11d697a572efd" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 23 13:16:04 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 23 13:16:04 2026 +0100" }, "message": "MINOR: Bump io.netty:netty-bom from 4.2.9.Final to 4.2.10.Final (#1085)\n\nBumps [io.netty:netty-bom](https://github.com/netty/netty) from\n4.2.9.Final to 4.2.10.Final.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/4cc98736c3947bc93122e0b64e0bd8fc970c6437\"\u003e\u003ccode\u003e4cc9873\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release netty-4.2.10.Final\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/54b8663619577749511269a4149adf018438c8b0\"\u003e\u003ccode\u003e54b8663\u003c/code\u003e\u003c/a\u003e\nRemove unnecessary allocations and abstractions in HttpContentCompressor\n(\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16\"\u003e#16\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/961f427289730cd1ff92b734ddeea8dd0b7d276a\"\u003e\u003ccode\u003e961f427\u003c/code\u003e\u003c/a\u003e\nUpdate to netty-tcnative 2.0.75.Final (\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16227\"\u003e#16227\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/3007ba9d2853a03d3d0281be1ec9b358e48170b1\"\u003e\u003ccode\u003e3007ba9\u003c/code\u003e\u003c/a\u003e\nUse recommanded finalize chain pattern when override finalize() method\n(\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16212\"\u003e#16212\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/b91804287e0e06e8ca9da5e508f0490f9b7e4ad9\"\u003e\u003ccode\u003eb918042\u003c/code\u003e\u003c/a\u003e\nUpdate some dependencies (\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16198\"\u003e#16198\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16215\"\u003e#16215\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/874c99529e1db187cc3f5346f5f8ffea94e34f0c\"\u003e\u003ccode\u003e874c995\u003c/code\u003e\u003c/a\u003e\nReduce allocations on DefaultHeaders::containsValue (\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/15843\"\u003e#15843\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/e0fe7940ce6070be48b8cb5af22ce9e7e4813ec2\"\u003e\u003ccode\u003ee0fe794\u003c/code\u003e\u003c/a\u003e\nRemove unnecessary null check in WebSocketServerExtensionHandler (\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16201\"\u003e#16201\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/1b0636b7ac773052c1fefe7f86593e655aacb1b4\"\u003e\u003ccode\u003e1b0636b\u003c/code\u003e\u003c/a\u003e\nMove default compression options into static variable in\nHttpContentCompresso...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/85a3a0ee8d67bac9f6a85aa6444e0805564fffc6\"\u003e\u003ccode\u003e85a3a0e\u003c/code\u003e\u003c/a\u003e\ncodec-http2: move the accessors from Http2Headers to DefaultHttp2Headers\n(\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16\"\u003e#16\u003c/a\u003e...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/netty/netty/commit/f44a88d340580510cb3a94e454c10cb949dc07fd\"\u003e\u003ccode\u003ef44a88d\u003c/code\u003e\u003c/a\u003e\nImprove chunk picking for the large-size buddy allocator (\u003ca\nhref\u003d\"https://redirect.github.com/netty/netty/issues/16179\"\u003e#16179\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/netty/netty/compare/netty-4.2.9.Final...netty-4.2.10.Final\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dio.netty:netty-bom\u0026package-manager\u003dmaven\u0026previous-version\u003d4.2.9.Final\u0026new-version\u003d4.2.10.Final)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "a8b238061bfdab433d25ee223ce11d697a572efd", "tree": "85bc2474a28afe7f28e7f87f6a74e3b896729ac5", "parents": [ "899e883428ee067da4542393e7ecc958cfb5d90c" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 23 13:15:02 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 23 13:15:02 2026 +0100" }, "message": "MINOR: Bump org.mockito:mockito-bom from 5.21.0 to 5.23.0 (#1087)\n\nBumps [org.mockito:mockito-bom](https://github.com/mockito/mockito) from\n5.21.0 to 5.23.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/mockito/mockito/releases\"\u003eorg.mockito:mockito-bom\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.23.0\u003c/h2\u003e\n\u003ch2\u003eNOTE: Breaking change for Android\u003c/h2\u003e\n\u003cp\u003eThe \u003ccode\u003emockito-android\u003c/code\u003e artifact has a breaking change:\ntests now require a device or emulator based on API 28+ (Android P).\nThis is to enable new support for mocking Kotlin classes. See \u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3788\"\u003e#3788\u003c/a\u003e\nfor more details.\u003c/p\u003e\n\u003chr /\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003cem\u003eChangelog\ngenerated by \u003ca\nhref\u003d\"https://github.com/shipkit/shipkit-changelog\"\u003eShipkit Changelog\nGradle Plugin\u003c/a\u003e\u003c/em\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted\n--\u003e\u003c/p\u003e\n\u003ch4\u003e5.23.0\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e2026-03-11 - \u003ca\nhref\u003d\"https://github.com/mockito/mockito/compare/v5.22.0...v5.23.0\"\u003e6\ncommit(s)\u003c/a\u003e by Brice Dutheil, Joshua Selbo, Philippe Kernevez\u003c/li\u003e\n\u003cli\u003eReplace mockito-android mock maker implementation with\ndexmaker-mockito-inline [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3792\"\u003e#3792\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3792\"\u003emockito/mockito#3792\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix StackOverflowError with AbstractList after using mockSingleton\n[(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3790\"\u003e#3790\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3790\"\u003emockito/mockito#3790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eMark parameters of \u003ccode\u003eMockito.when\u003c/code\u003e \u003ccode\u003e@Nullable\u003c/code\u003e\n[(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3503\"\u003e#3503\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3503\"\u003emockito/mockito#3503\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.22.0\u003c/h2\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003cem\u003eChangelog\ngenerated by \u003ca\nhref\u003d\"https://github.com/shipkit/shipkit-changelog\"\u003eShipkit Changelog\nGradle Plugin\u003c/a\u003e\u003c/em\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted\n--\u003e\u003c/p\u003e\n\u003ch4\u003e5.22.0\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e2026-02-27 - \u003ca\nhref\u003d\"https://github.com/mockito/mockito/compare/v5.21.0...v5.22.0\"\u003e6\ncommit(s)\u003c/a\u003e by Joshua Selbo, NiMv1, Rafael Winterhalter,\ndependabot[bot], eunbin son\u003c/li\u003e\n\u003cli\u003eAvoid mocking of internal static utilities [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3785\"\u003e#3785\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3785\"\u003emockito/mockito#3785\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump graalvm/setup-graalvm from 1.4.4 to 1.4.5 [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3780\"\u003e#3780\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3780\"\u003emockito/mockito#3780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eStatic mocking of UUID.class corrupted under JDK 25 [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3778\"\u003e#3778\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3778\"\u003emockito/mockito#3778\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump actions/upload-artifact from 5 to 6 [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3774\"\u003e#3774\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3774\"\u003emockito/mockito#3774\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edocs: clarify RETURNS_MOCKS behavior with sealed abstract enums\n(Java 15+) [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3773\"\u003e#3773\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3773\"\u003emockito/mockito#3773\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd tests for Sets utility class [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3771\"\u003e#3771\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3771\"\u003emockito/mockito#3771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdd core API to enable Kotlin singleton mocking [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3762\"\u003e#3762\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3762\"\u003emockito/mockito#3762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eStubbing Kotlin \u003ccode\u003eobject\u003c/code\u003e singletons [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3652\"\u003e#3652\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3652\"\u003emockito/mockito#3652\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIncorrect documentation for RETURNS_MOCKS [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3285\"\u003e#3285\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3285\"\u003emockito/mockito#3285\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mockito/mockito/commit/a231205b240e7884a63bf0f63440012867a4da21\"\u003e\u003ccode\u003ea231205\u003c/code\u003e\u003c/a\u003e\nFix StackOverflowError with AbstractList after using mockSingleton (\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3790\"\u003e#3790\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mockito/mockito/commit/f6a91a6a6138c776fa8b41ffb3fd078c64802044\"\u003e\u003ccode\u003ef6a91a6\u003c/code\u003e\u003c/a\u003e\nReplace mockito-android mock maker implementation with\ndexmaker-mockito-inlin...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mockito/mockito/commit/aa2298a627ab2c0bce07f648e444477d8e2e05ba\"\u003e\u003ccode\u003eaa2298a\u003c/code\u003e\u003c/a\u003e\nfix: make spotless happy\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mockito/mockito/commit/a6729d657e232ca64da81d9801d7b8f3be6fc49a\"\u003e\u003ccode\u003ea6729d6\u003c/code\u003e\u003c/a\u003e\nchore: update BDDMockito with jspecify annotation\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mockito/mockito/commit/bb83c922484cfd3693d61549b5d6ef39a9c02c2b\"\u003e\u003ccode\u003ebb83c92\u003c/code\u003e\u003c/a\u003e\nchore: move jspecify as a compile only dependency\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mockito/mockito/commit/47a46954cd1c0f8ef64ec63d43da9b71081d74e6\"\u003e\u003ccode\u003e47a4695\u003c/code\u003e\u003c/a\u003e\nchore: add jspecify with minimal change. Fixes \u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3503\"\u003e#3503\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mockito/mockito/commit/25f13951d35ca391ee50207e6c564f3e869f3d91\"\u003e\u003ccode\u003e25f1395\u003c/code\u003e\u003c/a\u003e\nAdd core API to enable Kotlin singleton mocking (\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3762\"\u003e#3762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mockito/mockito/commit/ef9ee5529853d96028b520f84a41ffd41afc9a1d\"\u003e\u003ccode\u003eef9ee55\u003c/code\u003e\u003c/a\u003e\nAvoids mocking private static methods, as well as package-private static\nmeth...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mockito/mockito/commit/d16fcfc274d7ca03a2b4bdc22dd7c3ec6dac8690\"\u003e\u003ccode\u003ed16fcfc\u003c/code\u003e\u003c/a\u003e\nBump graalvm/setup-graalvm from 1.4.4 to 1.4.5 (\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3780\"\u003e#3780\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mockito/mockito/commit/27eb8a3acdd9c9eb3ff788a71b22777026874439\"\u003e\u003ccode\u003e27eb8a3\u003c/code\u003e\u003c/a\u003e\nClarify \u003ccode\u003eRETURNS_MOCKS\u003c/code\u003e behavior with sealed abstract enums\n(Java 15+) (\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3773\"\u003e#3773\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/mockito/mockito/compare/v5.21.0...v5.23.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dorg.mockito:mockito-bom\u0026package-manager\u003dmaven\u0026previous-version\u003d5.21.0\u0026new-version\u003d5.23.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "899e883428ee067da4542393e7ecc958cfb5d90c", "tree": "84a663c8528b07f45cc5c465165ecc6ed9633dae", "parents": [ "27382cd92baf29762dba2454d7e9e911c58821e3" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 23 13:14:24 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 23 13:14:24 2026 +0100" }, "message": "MINOR: Bump com.google.protobuf:protobuf-bom from 4.33.4 to 4.34.1 (#1086)\n\nBumps\n[com.google.protobuf:protobuf-bom](https://github.com/protocolbuffers/protobuf)\nfrom 4.33.4 to 4.34.1.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/protocolbuffers/protobuf/commits\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.google.protobuf:protobuf-bom\u0026package-manager\u003dmaven\u0026previous-version\u003d4.33.4\u0026new-version\u003d4.34.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "27382cd92baf29762dba2454d7e9e911c58821e3", "tree": "18a15e47940c27f63d836b9a6cea39c66c13a005", "parents": [ "394d12ef455fad83f76ec4b3a79ac6b5c6fe1139" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 16 10:07:18 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 16 10:07:18 2026 +0100" }, "message": "MINOR: Bump checker.framework.version from 3.53.1 to 3.54.0 (#1070)\n\nBumps `checker.framework.version` from 3.53.1 to 3.54.0.\nUpdates `org.checkerframework:checker-qual` from 3.53.1 to 3.54.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/releases\"\u003eorg.checkerframework:checker-qual\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eChecker Framework 3.54.0\u003c/h2\u003e\n\u003ch2\u003eVersion 3.54.0 (2026-03-02)\u003c/h2\u003e\n\u003ch3\u003eUser-visible changes\u003c/h3\u003e\n\u003cp\u003eCommand-line arguments:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e-AinferOutputDirectory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRemoved long-deprecated\n\u003ccode\u003e-Alint\u003dforbidnonnullarraycomponents\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eNew command-line argument \u003ccode\u003e-Aonelinemsg\u003c/code\u003e puts error\nmessages on a single line. This is useful when using a tool that only\nshows the first line of the error.\u003c/p\u003e\n\u003cp\u003eThe command-line argument \u003ccode\u003e-Anomsgtext\u003c/code\u003e surrounds the\nerror key with brackets instead of parenthesis. This matches Java error\nmessages.\u003c/p\u003e\n\u003ch3\u003eImplementation details\u003c/h3\u003e\n\u003cp\u003eIn \u003ccode\u003eAnnotatedTypeFactory\u003c/code\u003e,\n\u003ccode\u003ecanonicalAnnotation()\u003c/code\u003e returns a non-null value.\u003c/p\u003e\n\u003cp\u003eIn \u003ccode\u003eAnnotationClassLoader\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRenamed \u003ccode\u003ehasWellDefinedTargetMetaAnnotation()\u003c/code\u003e to\n\u003ccode\u003eisTypeQualifierAnnotation()\u003c/code\u003e. The method now returns\n\u003ccode\u003etrue\u003c/code\u003e for annotations bearing\n\u003ccode\u003e@InvisibleQualifier\u003c/code\u003e or \u003ccode\u003e@SubtypeOf\u003c/code\u003e, in addition\nto the existing \u003ccode\u003e@Target(TYPE_USE)\u003c/code\u003e check.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIn \u003ccode\u003eTestDiagnostic\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRenamed field \u003ccode\u003emessage\u003c/code\u003e to \u003ccode\u003ekey\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdded new nullable field \u003ccode\u003emessage\u003c/code\u003e for the full message\nwithout the key.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eRemoved classes and methods that have been deprecated for more than\ntwo years.\u003c/p\u003e\n\u003ch3\u003eClosed issues\u003c/h3\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/6874\"\u003e#6874\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7471\"\u003e#7471\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7475\"\u003e#7475\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7486\"\u003e#7486\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/blob/master/docs/CHANGELOG.md\"\u003eorg.checkerframework:checker-qual\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.54.0 (2026-03-02)\u003c/h2\u003e\n\u003ch3\u003eUser-visible changes\u003c/h3\u003e\n\u003cp\u003eCommand-line arguments:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e-AinferOutputDirectory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRemoved long-deprecated\n\u003ccode\u003e-Alint\u003dforbidnonnullarraycomponents\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eNew command-line argument \u003ccode\u003e-Aonelinemsg\u003c/code\u003e puts error\nmessages on a single line.\nThis is useful when using a tool that only shows the first line of the\nerror.\u003c/p\u003e\n\u003cp\u003eThe command-line argument \u003ccode\u003e-Anomsgtext\u003c/code\u003e surrounds the\nerror key with brackets\ninstead of parenthesis. This matches Java error messages.\u003c/p\u003e\n\u003ch3\u003eImplementation details\u003c/h3\u003e\n\u003cp\u003eIn \u003ccode\u003eAnnotatedTypeFactory\u003c/code\u003e,\n\u003ccode\u003ecanonicalAnnotation()\u003c/code\u003e returns a non-null value.\u003c/p\u003e\n\u003cp\u003eIn \u003ccode\u003eAnnotationClassLoader\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRenamed \u003ccode\u003ehasWellDefinedTargetMetaAnnotation()\u003c/code\u003e to\n\u003ccode\u003eisTypeQualifierAnnotation()\u003c/code\u003e.\nThe method now returns \u003ccode\u003etrue\u003c/code\u003e for annotations bearing\n\u003ccode\u003e@InvisibleQualifier\u003c/code\u003e\nor \u003ccode\u003e@SubtypeOf\u003c/code\u003e, in addition to the existing\n\u003ccode\u003e@Target(TYPE_USE)\u003c/code\u003e check.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIn \u003ccode\u003eTestDiagnostic\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRenamed field \u003ccode\u003emessage\u003c/code\u003e to \u003ccode\u003ekey\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdded new nullable field \u003ccode\u003emessage\u003c/code\u003e for the full message\nwithout the key.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eRemoved classes and methods that have been deprecated for more than\ntwo years.\u003c/p\u003e\n\u003ch3\u003eClosed issues\u003c/h3\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/6874\"\u003e#6874\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7471\"\u003e#7471\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7475\"\u003e#7475\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7486\"\u003e#7486\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/a6eff70058f1cf8094315c0918a1d5ec1963788b\"\u003e\u003ccode\u003ea6eff70\u003c/code\u003e\u003c/a\u003e\nnew release 3.54.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/fd347006340c5a365a286b46d8c4eb5743fe39ae\"\u003e\u003ccode\u003efd34700\u003c/code\u003e\u003c/a\u003e\nPrep for release.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/edb6e7a0ee35ca54f440248a99af3c5c5a3335e0\"\u003e\u003ccode\u003eedb6e7a\u003c/code\u003e\u003c/a\u003e\nPrint error key in brackets (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7525\"\u003e#7525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/a79b1dea956ab18bc23e95799a7559afac539f5a\"\u003e\u003ccode\u003ea79b1de\u003c/code\u003e\u003c/a\u003e\nShow details of the error message in test failures (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7513\"\u003e#7513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/a5ecc22d196f7d87c3db465aaa11aaba97d3fec3\"\u003e\u003ccode\u003ea5ecc22\u003c/code\u003e\u003c/a\u003e\nClone the JDK using the same fork and branch as CF (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7491\"\u003e#7491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/2770c5239b907f27b2609d13ed4d80535bf42893\"\u003e\u003ccode\u003e2770c52\u003c/code\u003e\u003c/a\u003e\nUpdate cimg/base Docker tag to v2026.03\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/bba6bc98c52031e0023cba575f83a2f2385c8fcf\"\u003e\u003ccode\u003ebba6bc9\u003c/code\u003e\u003c/a\u003e\nUpdate plugin com-gradleup-shadow to v9.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/3a6d4d4dadae58a1b4dc1b67cfb684de5e7185b2\"\u003e\u003ccode\u003e3a6d4d4\u003c/code\u003e\u003c/a\u003e\nUpdate error-prone monorepo to v2.48.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/70aa5f3ce93425a87543cb60048c3dbdbe0cd8b5\"\u003e\u003ccode\u003e70aa5f3\u003c/code\u003e\u003c/a\u003e\nUpdate plugin net-ltgt-errorprone to v5.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/0dbd3e77823b66b498b9b7890ffba81866e57f8d\"\u003e\u003ccode\u003e0dbd3e7\u003c/code\u003e\u003c/a\u003e\nPrepare for javac AST changes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/compare/checker-framework-3.53.1...checker-framework-3.54.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.checkerframework:checker` from 3.53.1 to 3.54.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/releases\"\u003eorg.checkerframework:checker\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eChecker Framework 3.54.0\u003c/h2\u003e\n\u003ch2\u003eVersion 3.54.0 (2026-03-02)\u003c/h2\u003e\n\u003ch3\u003eUser-visible changes\u003c/h3\u003e\n\u003cp\u003eCommand-line arguments:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e-AinferOutputDirectory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRemoved long-deprecated\n\u003ccode\u003e-Alint\u003dforbidnonnullarraycomponents\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eNew command-line argument \u003ccode\u003e-Aonelinemsg\u003c/code\u003e puts error\nmessages on a single line. This is useful when using a tool that only\nshows the first line of the error.\u003c/p\u003e\n\u003cp\u003eThe command-line argument \u003ccode\u003e-Anomsgtext\u003c/code\u003e surrounds the\nerror key with brackets instead of parenthesis. This matches Java error\nmessages.\u003c/p\u003e\n\u003ch3\u003eImplementation details\u003c/h3\u003e\n\u003cp\u003eIn \u003ccode\u003eAnnotatedTypeFactory\u003c/code\u003e,\n\u003ccode\u003ecanonicalAnnotation()\u003c/code\u003e returns a non-null value.\u003c/p\u003e\n\u003cp\u003eIn \u003ccode\u003eAnnotationClassLoader\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRenamed \u003ccode\u003ehasWellDefinedTargetMetaAnnotation()\u003c/code\u003e to\n\u003ccode\u003eisTypeQualifierAnnotation()\u003c/code\u003e. The method now returns\n\u003ccode\u003etrue\u003c/code\u003e for annotations bearing\n\u003ccode\u003e@InvisibleQualifier\u003c/code\u003e or \u003ccode\u003e@SubtypeOf\u003c/code\u003e, in addition\nto the existing \u003ccode\u003e@Target(TYPE_USE)\u003c/code\u003e check.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIn \u003ccode\u003eTestDiagnostic\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRenamed field \u003ccode\u003emessage\u003c/code\u003e to \u003ccode\u003ekey\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdded new nullable field \u003ccode\u003emessage\u003c/code\u003e for the full message\nwithout the key.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eRemoved classes and methods that have been deprecated for more than\ntwo years.\u003c/p\u003e\n\u003ch3\u003eClosed issues\u003c/h3\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/6874\"\u003e#6874\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7471\"\u003e#7471\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7475\"\u003e#7475\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7486\"\u003e#7486\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/blob/master/docs/CHANGELOG.md\"\u003eorg.checkerframework:checker\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.54.0 (2026-03-02)\u003c/h2\u003e\n\u003ch3\u003eUser-visible changes\u003c/h3\u003e\n\u003cp\u003eCommand-line arguments:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eAdded \u003ccode\u003e-AinferOutputDirectory\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRemoved long-deprecated\n\u003ccode\u003e-Alint\u003dforbidnonnullarraycomponents\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eNew command-line argument \u003ccode\u003e-Aonelinemsg\u003c/code\u003e puts error\nmessages on a single line.\nThis is useful when using a tool that only shows the first line of the\nerror.\u003c/p\u003e\n\u003cp\u003eThe command-line argument \u003ccode\u003e-Anomsgtext\u003c/code\u003e surrounds the\nerror key with brackets\ninstead of parenthesis. This matches Java error messages.\u003c/p\u003e\n\u003ch3\u003eImplementation details\u003c/h3\u003e\n\u003cp\u003eIn \u003ccode\u003eAnnotatedTypeFactory\u003c/code\u003e,\n\u003ccode\u003ecanonicalAnnotation()\u003c/code\u003e returns a non-null value.\u003c/p\u003e\n\u003cp\u003eIn \u003ccode\u003eAnnotationClassLoader\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRenamed \u003ccode\u003ehasWellDefinedTargetMetaAnnotation()\u003c/code\u003e to\n\u003ccode\u003eisTypeQualifierAnnotation()\u003c/code\u003e.\nThe method now returns \u003ccode\u003etrue\u003c/code\u003e for annotations bearing\n\u003ccode\u003e@InvisibleQualifier\u003c/code\u003e\nor \u003ccode\u003e@SubtypeOf\u003c/code\u003e, in addition to the existing\n\u003ccode\u003e@Target(TYPE_USE)\u003c/code\u003e check.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eIn \u003ccode\u003eTestDiagnostic\u003c/code\u003e:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eRenamed field \u003ccode\u003emessage\u003c/code\u003e to \u003ccode\u003ekey\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eAdded new nullable field \u003ccode\u003emessage\u003c/code\u003e for the full message\nwithout the key.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eRemoved classes and methods that have been deprecated for more than\ntwo years.\u003c/p\u003e\n\u003ch3\u003eClosed issues\u003c/h3\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/6874\"\u003e#6874\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7471\"\u003e#7471\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7475\"\u003e#7475\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7486\"\u003e#7486\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/a6eff70058f1cf8094315c0918a1d5ec1963788b\"\u003e\u003ccode\u003ea6eff70\u003c/code\u003e\u003c/a\u003e\nnew release 3.54.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/fd347006340c5a365a286b46d8c4eb5743fe39ae\"\u003e\u003ccode\u003efd34700\u003c/code\u003e\u003c/a\u003e\nPrep for release.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/edb6e7a0ee35ca54f440248a99af3c5c5a3335e0\"\u003e\u003ccode\u003eedb6e7a\u003c/code\u003e\u003c/a\u003e\nPrint error key in brackets (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7525\"\u003e#7525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/a79b1dea956ab18bc23e95799a7559afac539f5a\"\u003e\u003ccode\u003ea79b1de\u003c/code\u003e\u003c/a\u003e\nShow details of the error message in test failures (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7513\"\u003e#7513\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/a5ecc22d196f7d87c3db465aaa11aaba97d3fec3\"\u003e\u003ccode\u003ea5ecc22\u003c/code\u003e\u003c/a\u003e\nClone the JDK using the same fork and branch as CF (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7491\"\u003e#7491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/2770c5239b907f27b2609d13ed4d80535bf42893\"\u003e\u003ccode\u003e2770c52\u003c/code\u003e\u003c/a\u003e\nUpdate cimg/base Docker tag to v2026.03\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/bba6bc98c52031e0023cba575f83a2f2385c8fcf\"\u003e\u003ccode\u003ebba6bc9\u003c/code\u003e\u003c/a\u003e\nUpdate plugin com-gradleup-shadow to v9.3.2\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/3a6d4d4dadae58a1b4dc1b67cfb684de5e7185b2\"\u003e\u003ccode\u003e3a6d4d4\u003c/code\u003e\u003c/a\u003e\nUpdate error-prone monorepo to v2.48.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/70aa5f3ce93425a87543cb60048c3dbdbe0cd8b5\"\u003e\u003ccode\u003e70aa5f3\u003c/code\u003e\u003c/a\u003e\nUpdate plugin net-ltgt-errorprone to v5.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/0dbd3e77823b66b498b9b7890ffba81866e57f8d\"\u003e\u003ccode\u003e0dbd3e7\u003c/code\u003e\u003c/a\u003e\nPrepare for javac AST changes\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/compare/checker-framework-3.53.1...checker-framework-3.54.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "394d12ef455fad83f76ec4b3a79ac6b5c6fe1139", "tree": "6e5ca51d7d6fbae95e8ff538f60a819967cfc75e", "parents": [ "97e491399382215e248b3ba33e7f0d7d9650da5e" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 16 10:04:36 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 16 10:04:36 2026 +0100" }, "message": "MINOR: Bump com.fasterxml.jackson:jackson-bom from 2.21.0 to 2.21.1 (#1071)\n\nBumps\n[com.fasterxml.jackson:jackson-bom](https://github.com/FasterXML/jackson-bom)\nfrom 2.21.0 to 2.21.1.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/08a5a9a2156cb06674505e3308e6855ac9e25283\"\u003e\u003ccode\u003e08a5a9a\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release jackson-bom-2.21.1\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/5b0337650b3a8b56e81de5e5241143108c2b4bc6\"\u003e\u003ccode\u003e5b03376\u003c/code\u003e\u003c/a\u003e\nPrep for 2.21.1 release\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/1d78778a8fa5428d7f8347b5afe7ce6bfbdd0f77\"\u003e\u003ccode\u003e1d78778\u003c/code\u003e\u003c/a\u003e\nMerge branch \u00272.20\u0027 into 2.21\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/cd46b24421444beebc2bfc9a5ab8785111a031d0\"\u003e\u003ccode\u003ecd46b24\u003c/code\u003e\u003c/a\u003e\nPost-release dep version bump\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/17179ff9d28756155d0dd28da01e3f88d021e05c\"\u003e\u003ccode\u003e17179ff\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/2a26844ad13cf49562009867d55b30a084230f2b\"\u003e\u003ccode\u003e2a26844\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release jackson-bom-2.20.2\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/6adf11bced44313d271312b2f9d158d956a0e15b\"\u003e\u003ccode\u003e6adf11b\u003c/code\u003e\u003c/a\u003e\nPrep for 2.20.2 release\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/441df8a982a8d7d12523406087493092a16b34fb\"\u003e\u003ccode\u003e441df8a\u003c/code\u003e\u003c/a\u003e\nPost-release version bump\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/commit/a1b48141c0ed54614050e28c3edb3a55c4b245ec\"\u003e\u003ccode\u003ea1b4814\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/FasterXML/jackson-bom/compare/jackson-bom-2.21.0...jackson-bom-2.21.1\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.fasterxml.jackson:jackson-bom\u0026package-manager\u003dmaven\u0026previous-version\u003d2.21.0\u0026new-version\u003d2.21.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "97e491399382215e248b3ba33e7f0d7d9650da5e", "tree": "3b8bf0c34f993b6feed200f321de576bee4f5a10", "parents": [ "74a7996d40226c659c3b0ae03c0ae75a4964f282" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 16 09:59:10 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 16 09:59:10 2026 +0100" }, "message": "MINOR: Bump com.github.luben:zstd-jni from 1.5.7-6 to 1.5.7-7 (#1073)\n\nBumps [com.github.luben:zstd-jni](https://github.com/luben/zstd-jni)\nfrom 1.5.7-6 to 1.5.7-7.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/luben/zstd-jni/commit/73bfa2722d168f948f619f88b29913ab4df8fe1d\"\u003e\u003ccode\u003e73bfa27\u003c/code\u003e\u003c/a\u003e\nBump version to v1.5.7-7\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/luben/zstd-jni/commit/322f6bcc084cd04322978e122d97c285b3e46e6d\"\u003e\u003ccode\u003e322f6bc\u003c/code\u003e\u003c/a\u003e\nUpdate GH actions\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/luben/zstd-jni/commit/d18bc0a078bb9852d95c66d9c56ff2e0940662c3\"\u003e\u003ccode\u003ed18bc0a\u003c/code\u003e\u003c/a\u003e\nUse latest MacOS runners\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/luben/zstd-jni/commit/105111233f681a0c14e754da4f31a288df978f31\"\u003e\u003ccode\u003e1051112\u003c/code\u003e\u003c/a\u003e\nFix typo in ZstdDictCompress.java\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/luben/zstd-jni/commit/2d94b35f9b98c503ed960f899fcdaaf6616e7f1e\"\u003e\u003ccode\u003e2d94b35\u003c/code\u003e\u003c/a\u003e\naddress\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/luben/zstd-jni/commit/7c2e3ffd84a835c123cf1f0281feb5c1fcdf2baa\"\u003e\u003ccode\u003e7c2e3ff\u003c/code\u003e\u003c/a\u003e\nAvoid SetLongField call when GetPrimitiveArrayCritical return NULL\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/luben/zstd-jni/commit/d82fedadfc540f1d069ad6962733c70807495f8f\"\u003e\u003ccode\u003ed82feda\u003c/code\u003e\u003c/a\u003e\nfix: ZstdInputStream decompression failure when underlying stream\nreturns 0 t...\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/luben/zstd-jni/compare/v1.5.7-6...v1.5.7-7\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.github.luben:zstd-jni\u0026package-manager\u003dmaven\u0026previous-version\u003d1.5.7-6\u0026new-version\u003d1.5.7-7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "74a7996d40226c659c3b0ae03c0ae75a4964f282", "tree": "ab98952b6748367fab8d64b3e3adc6723a49fef8", "parents": [ "4242d587b25a74e944f2a01e79d52dcd401d5cf2" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 16 09:55:27 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 16 09:55:27 2026 +0100" }, "message": "MINOR: Bump com.nimbusds:oauth2-oidc-sdk from 11.20.1 to 11.34 (#1074)\n\nBumps\n[com.nimbusds:oauth2-oidc-sdk](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions)\nfrom 11.20.1 to 11.34.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/src/master/CHANGELOG.txt\"\u003ecom.nimbusds:oauth2-oidc-sdk\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003eversion 1.0 (2012-05-29)\n* First official release with authorisation endpoint, token endpoint,\ncheck\nID endpoint and UserInfo endpoint support.\n* JSON Web Tokens (JWTs) support through the Nimbus-JWT library.\n* Language Tags (RFC 5646) support through the Nimbus-LangTag library.\n* JSON support through the JSON Smart library.\u003c/p\u003e\n\u003cp\u003eversion 2.0 (2013-05-13)\n* Intermediary development release with Maven build, published to\nMaven Central.\u003c/p\u003e\n\u003cp\u003eversion 2.1 (2013-06-06)\n* Updates the APIs to OpenID Connect Messages draft 20, OpenID Connect\nStandard draft 21, OpenID Connect Discovery draft 17 and OpenID\nConnect Registration draft 19.\n* Major refactoring of the APIs for greater simplicity.\n* Adds JUnit tests.\u003c/p\u003e\n\u003cp\u003eversion 2.2 (2013-06-18)\n* Refactors dynamic OpenID Connect client registration.\n* Adds partial support of the OAuth 2.0 Dynamic Client Registration\nProtocol (draft-ietf-oauth-dyn-reg-12).\n* Optimises parsing of request parameters consisting of one or more\ntokens (scope, response type, etc).\u003c/p\u003e\n\u003cp\u003eversion 2.3 (2013-06-19)\n* Renames OAuth 2.0 dynamic client registration package.\n* Adds ClientInformation.getClientMetadata() method.\n* Adds OIDCClientInformation class.\u003c/p\u003e\n\u003cp\u003eversion 2.4 (2013-06-20)\n* Adds static OIDCClientInformation.parse(JSONObject) method.\u003c/p\u003e\n\u003cp\u003eversion 2.5 (2013-06-22)\n* Adds support OAuth 2.0 dynamic client update.\n* Adds OpenID Connect dynamic client registration classes.\u003c/p\u003e\n\u003cp\u003eversion 2.6 (2013-06-25)\n* Enforces order of preference of ACR values in OpenID Connect client\nmetadata, as required by the specification.\n* Documentation and performance improvements.\u003c/p\u003e\n\u003cp\u003eversion 2.7 (2013-06-26)\n* Switches Identifier generation to java.security.SecureRandom.\u003c/p\u003e\n\u003cp\u003eversion 2.8 (2013-06-30)\n* Fixes serialisation and assignment bugs in ClientMetadata.\n* Switches Secret generation to java.security.SecureRandom.\u003c/p\u003e\n\u003cp\u003eversion 2.9 (2013-09-17)\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/668f6d8de81cad42984e4cacb19f69261a2254b6\"\u003e\u003ccode\u003e668f6d8\u003c/code\u003e\u003c/a\u003e\nThe ParseException message thrown by Prompt.Type.parse must not include\nparse...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/75cde87ee5301a3cc558ed040bcc51db4ff0184d\"\u003e\u003ccode\u003e75cde87\u003c/code\u003e\u003c/a\u003e\nUpdates test sample X.509 cert chain resource\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/a7a9623882a119b4024798a91955b9fc0cc095b5\"\u003e\u003ccode\u003ea7a9623\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release 11.30.2\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/e03c9bbc8e208307b0ec6d0970901b2b5fcc5d83\"\u003e\u003ccode\u003ee03c9bb\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/6f11e3038f6ebc6ded2045a145bafb22d3c66b13\"\u003e\u003ccode\u003e6f11e30\u003c/code\u003e\u003c/a\u003e\nExpands AMR test coverage\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/afba676c638c25b9acbc88f677bfa321e6e0d6da\"\u003e\u003ccode\u003eafba676\u003c/code\u003e\u003c/a\u003e\nAdds static AMR.parseList(Collection\u0026lt;String\u0026gt;) method\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/4b700b3f2176a8c04c8df6298a594a6419041caf\"\u003e\u003ccode\u003e4b700b3\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release 11.31\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/b214cfadec399b2bd695173cc8613529434f1237\"\u003e\u003ccode\u003eb214cfa\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/28628f9543f4b18f4a4c1368846386a95142777d\"\u003e\u003ccode\u003e28628f9\u003c/code\u003e\u003c/a\u003e\nThe DPoPCommonVerifier must instantiate the DPoPProofClaimsSetVerifier\nwith t...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/commits/4df4d53cea079a3bc14ec8a36117205284bdbdf3\"\u003e\u003ccode\u003e4df4d53\u003c/code\u003e\u003c/a\u003e\nThe DPoPCommonVerifier must instantiate the DPoPProofClaimsSetVerifier\nwith t...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/branches/compare/11.34..11.20.1\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.nimbusds:oauth2-oidc-sdk\u0026package-manager\u003dmaven\u0026previous-version\u003d11.20.1\u0026new-version\u003d11.34)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "4242d587b25a74e944f2a01e79d52dcd401d5cf2", "tree": "c22140b8edd1eb716824e2ff4f9aeee54e3ffa8a", "parents": [ "47cd032939f15edbfc7c87fbcb02d585f82e5948" ], "author": { "name": "JB Onofré", "email": "jb.onofre@dremio.com", "time": "Mon Mar 16 09:37:09 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 16 09:37:09 2026 +0100" }, "message": "MINOR: Bump version to 20.0.0-SNAPSHOT (#1076)" }, { "commit": "47cd032939f15edbfc7c87fbcb02d585f82e5948", "tree": "3846f19af350ebddfe29de8027e0332f118514ec", "parents": [ "fa781dcc3c42ab98214743e3aef1eb8fd5297209" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 16 08:46:10 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 16 08:46:10 2026 +0100" }, "message": "MINOR: Bump org.codehaus.mojo:properties-maven-plugin from 1.2.1 to 1.3.0 (#1072)\n\nBumps\n[org.codehaus.mojo:properties-maven-plugin](https://github.com/mojohaus/properties-maven-plugin)\nfrom 1.2.1 to 1.3.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/mojohaus/properties-maven-plugin/releases\"\u003eorg.codehaus.mojo:properties-maven-plugin\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e1.3.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e🚀 New features and improvements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFeature Request: add yml properties manager (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/properties-maven-plugin/pull/134\"\u003e#134\u003c/a\u003e)\n\u003ca href\u003d\"https://github.com/mattmeye\"\u003e\u003ccode\u003e@​mattmeye\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInclude/exclude project properties (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/properties-maven-plugin/pull/126\"\u003e#126\u003c/a\u003e)\n\u003ca\nhref\u003d\"https://github.com/reda-alaoui\"\u003e\u003ccode\u003e@​reda-alaoui\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e👻 Maintenance\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse Sisu plugin (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/properties-maven-plugin/pull/140\"\u003e#140\u003c/a\u003e)\n\u003ca\nhref\u003d\"https://github.com/slachiewicz\"\u003e\u003ccode\u003e@​slachiewicz\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔧 Build\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump release-drafter/release-drafter from 5 to 6 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/properties-maven-plugin/pull/120\"\u003e#120\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e📦 Dependency updates\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump org.codehaus.mojo:mojo-parent from 94 to 95 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/properties-maven-plugin/pull/156\"\u003e#156\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.mojo:mojo-parent from 93 to 94 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/properties-maven-plugin/pull/154\"\u003e#154\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.yaml:snakeyaml from 2.4 to 2.5 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/properties-maven-plugin/pull/153\"\u003e#153\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.mojo:mojo-parent from 92 to 93 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/properties-maven-plugin/pull/152\"\u003e#152\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.mojo:mojo-parent from 91 to 92 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/properties-maven-plugin/pull/149\"\u003e#149\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.mojo:mojo-parent from 87 to 91 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/properties-maven-plugin/pull/148\"\u003e#148\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRequire Maven 3.6.3 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/properties-maven-plugin/pull/139\"\u003e#139\u003c/a\u003e)\n\u003ca\nhref\u003d\"https://github.com/slachiewicz\"\u003e\u003ccode\u003e@​slachiewicz\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.yaml:snakeyaml from 2.3 to 2.4 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/properties-maven-plugin/pull/138\"\u003e#138\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.mojo:mojo-parent from 86 to 87 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/properties-maven-plugin/pull/137\"\u003e#137\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.mojo:mojo-parent from 85 to 86 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/properties-maven-plugin/pull/132\"\u003e#132\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.plexus:plexus-utils from 4.0.1 to 4.0.2 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/properties-maven-plugin/pull/133\"\u003e#133\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.mojo:mojo-parent from 84 to 85 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/properties-maven-plugin/pull/131\"\u003e#131\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.mojo:mojo-parent from 80 to 84 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/properties-maven-plugin/pull/130\"\u003e#130\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.mojo:mojo-parent from 78 to 80 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/properties-maven-plugin/pull/122\"\u003e#122\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.plexus:plexus-utils from 4.0.0 to 4.0.1 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/properties-maven-plugin/pull/125\"\u003e#125\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump apache/maven-gh-actions-shared from 3 to 4 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/properties-maven-plugin/pull/124\"\u003e#124\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.mojo:mojo-parent from 77 to 78 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/properties-maven-plugin/pull/119\"\u003e#119\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/properties-maven-plugin/commit/91a2ade909971501f4fb7cb5b11aa79c55daebbc\"\u003e\u003ccode\u003e91a2ade\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release\nproperties-maven-plugin-1.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/properties-maven-plugin/commit/bf56d329e0a2bf93cf898d55d06bb82af1b65a67\"\u003e\u003ccode\u003ebf56d32\u003c/code\u003e\u003c/a\u003e\nBump org.codehaus.mojo:mojo-parent from 94 to 95\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/properties-maven-plugin/commit/80e20be60fb2fc5e32191c44ff179abb18e0771f\"\u003e\u003ccode\u003e80e20be\u003c/code\u003e\u003c/a\u003e\nBump org.codehaus.mojo:mojo-parent from 93 to 94\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/properties-maven-plugin/commit/e8ae7a549abfbedd3d0a55024a6bf7bbe120475a\"\u003e\u003ccode\u003ee8ae7a5\u003c/code\u003e\u003c/a\u003e\nBump org.yaml:snakeyaml from 2.4 to 2.5\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/properties-maven-plugin/commit/bb39c3dac8d245b593ade92775ac3c26dee06359\"\u003e\u003ccode\u003ebb39c3d\u003c/code\u003e\u003c/a\u003e\nBump org.codehaus.mojo:mojo-parent from 92 to 93\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/properties-maven-plugin/commit/b41267b38c2e505668f2e9b7f76dffc6971ec0d2\"\u003e\u003ccode\u003eb41267b\u003c/code\u003e\u003c/a\u003e\nBump org.codehaus.mojo:mojo-parent from 91 to 92\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/properties-maven-plugin/commit/bb548c594cc64177609a30410c0efdbb234a2d3e\"\u003e\u003ccode\u003ebb548c5\u003c/code\u003e\u003c/a\u003e\nBump org.codehaus.mojo:mojo-parent from 87 to 91\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/properties-maven-plugin/commit/3ffa9cb844ecacce5b49c860eeffc8ad6a19b078\"\u003e\u003ccode\u003e3ffa9cb\u003c/code\u003e\u003c/a\u003e\nUse Sisu plugin\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/properties-maven-plugin/commit/7adbe3b5b6cb112219128f903d30bee53d598be1\"\u003e\u003ccode\u003e7adbe3b\u003c/code\u003e\u003c/a\u003e\nRequire Maven 3.6.3\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/properties-maven-plugin/commit/407342ff704d73472aa7f0ad05684b5e403e37bf\"\u003e\u003ccode\u003e407342f\u003c/code\u003e\u003c/a\u003e\nBump org.yaml:snakeyaml from 2.3 to 2.4\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/mojohaus/properties-maven-plugin/compare/1.2.1...properties-maven-plugin-1.3.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dorg.codehaus.mojo:properties-maven-plugin\u0026package-manager\u003dmaven\u0026previous-version\u003d1.2.1\u0026new-version\u003d1.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "fa781dcc3c42ab98214743e3aef1eb8fd5297209", "tree": "86d2e9928340d14d28542cde0719e6e593440dbe", "parents": [ "d5e132b96500646ea4021d3b032d00a65233b6b5" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 16 08:45:54 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 16 08:45:54 2026 +0100" }, "message": "MINOR: Bump com.squareup.okio:okio-jvm from 3.16.4 to 3.17.0 (#1075)\n\nBumps [com.squareup.okio:okio-jvm](https://github.com/square/okio) from\n3.16.4 to 3.17.0.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/square/okio/blob/master/CHANGELOG.md\"\u003ecom.squareup.okio:okio-jvm\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.17.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-03-11\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eNew: Adjust down the Kotlin stdlib dependency to [Kotlin\n2.1.21][kotlin_2_1_21]. Okio is built\nwith an up-to-date Kotlin compiler (2.2.21), but depends on an older\nkotlin-stdlib. We\u0027re doing\nthis so you can update Okio and Kotlin independently.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: Return the correct timestamp in\n\u003ccode\u003eFileMetadata.createdAtMillis\u003c/code\u003e on Kotlin/Native on UNIX\nplatforms. We were incorrectly using the POSIX \u003ccode\u003ectime\u003c/code\u003e\n(\u003cem\u003echange\u003c/em\u003e time) instead of the\n\u003ccode\u003ebirthtime\u003c/code\u003e. With this fix Okio now prefers\n\u003ccode\u003estatx()\u003c/code\u003e over \u003ccode\u003estat()\u003c/code\u003e on native platforms. This\nAPI first appeared in Linux in 4.11 (2017) and Android in API 30\n(2020).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/square/okio/commit/80a50234e5edb96041a8168c4754ba9e1ff3625a\"\u003e\u003ccode\u003e80a5023\u003c/code\u003e\u003c/a\u003e\nPrepare for release 3.17.0.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/square/okio/commit/65c0c26bb5242b697ffc28f6c666ae0a01197ff6\"\u003e\u003ccode\u003e65c0c26\u003c/code\u003e\u003c/a\u003e\nSwitch to FileMetadata to use statx instead of stat on Linux and Apple\nplatfo...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/square/okio/commit/b11f17b233601af92ae1fabea3fecdeea0608631\"\u003e\u003ccode\u003eb11f17b\u003c/code\u003e\u003c/a\u003e\nRemove Kotlin/JS IR default parameter workarounds. (\u003ca\nhref\u003d\"https://redirect.github.com/square/okio/issues/1786\"\u003e#1786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/square/okio/commit/b35f473635db8ad9d5a9b096780e960d1b8f7d4d\"\u003e\u003ccode\u003eb35f473\u003c/code\u003e\u003c/a\u003e\nUpdate Gradle to v9.4.0 (\u003ca\nhref\u003d\"https://redirect.github.com/square/okio/issues/1785\"\u003e#1785\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/square/okio/commit/cbcee31f2bcb7e6f606d8eafc45f4c8ea7228cae\"\u003e\u003ccode\u003ecbcee31\u003c/code\u003e\u003c/a\u003e\nUpdate actions/upload-artifact action to v7 (\u003ca\nhref\u003d\"https://redirect.github.com/square/okio/issues/1783\"\u003e#1783\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/square/okio/commit/fc7aecb7f6f7a123f2024ab6397da04311546bf2\"\u003e\u003ccode\u003efc7aecb\u003c/code\u003e\u003c/a\u003e\nUpdate dependency com.android.tools.build:gradle to v9.0.1 (\u003ca\nhref\u003d\"https://redirect.github.com/square/okio/issues/1781\"\u003e#1781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/square/okio/commit/79aa26755c77df8c4d0233926c7308fd353ad697\"\u003e\u003ccode\u003e79aa267\u003c/code\u003e\u003c/a\u003e\nDrop \u003ccode\u003eisWasm()\u003c/code\u003e early return workaround for KT-60212. (\u003ca\nhref\u003d\"https://redirect.github.com/square/okio/issues/1777\"\u003e#1777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/square/okio/commit/45459dca7d40b4c2df1454a0f363e0b8e153beb5\"\u003e\u003ccode\u003e45459dc\u003c/code\u003e\u003c/a\u003e\nFix result of an \u0027errnoToIOException\u0027 call is not thrown. inside\n`PosixFileSy...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/square/okio/commit/9fbab0f7ab00b525b0ae331c8c3ac3c645afc8c8\"\u003e\u003ccode\u003e9fbab0f\u003c/code\u003e\u003c/a\u003e\nDecode env variables in WASI tests (\u003ca\nhref\u003d\"https://redirect.github.com/square/okio/issues/1773\"\u003e#1773\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/square/okio/commit/50abe8900f2e7bd48d4afc77bda0afd74fc790ac\"\u003e\u003ccode\u003e50abe89\u003c/code\u003e\u003c/a\u003e\nStop using AssertJ (\u003ca\nhref\u003d\"https://redirect.github.com/square/okio/issues/1771\"\u003e#1771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/square/okio/compare/parent-3.16.4...parent-3.17.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.squareup.okio:okio-jvm\u0026package-manager\u003dmaven\u0026previous-version\u003d3.16.4\u0026new-version\u003d3.17.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "d5e132b96500646ea4021d3b032d00a65233b6b5", "tree": "02e07183c00ebfb331c3ba0f20afe0f36eca0854", "parents": [ "77127ef54272b578075c574071f24ee8c1bba22e" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 16 08:45:29 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 16 08:45:29 2026 +0100" }, "message": "MINOR: [CI] Bump actions/download-artifact from 8.0.0 to 8.0.1 (#1068)\n\nBumps\n[actions/download-artifact](https://github.com/actions/download-artifact)\nfrom 8.0.0 to 8.0.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/actions/download-artifact/releases\"\u003eactions/download-artifact\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for CJK characters in the artifact name by \u003ca\nhref\u003d\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in\n\u003ca\nhref\u003d\"https://redirect.github.com/actions/download-artifact/pull/471\"\u003eactions/download-artifact#471\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd a regression test for artifact name + content-type mismatches by\n\u003ca href\u003d\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/actions/download-artifact/pull/472\"\u003eactions/download-artifact#472\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/actions/download-artifact/compare/v8...v8.0.1\"\u003ehttps://github.com/actions/download-artifact/compare/v8...v8.0.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/download-artifact/commit/3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c\"\u003e\u003ccode\u003e3e5f45b\u003c/code\u003e\u003c/a\u003e\nAdd regression tests for CJK characters (\u003ca\nhref\u003d\"https://redirect.github.com/actions/download-artifact/issues/471\"\u003e#471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/download-artifact/commit/e6d03f67377d4412c7aa56a8e2e4988e6ec479dd\"\u003e\u003ccode\u003ee6d03f6\u003c/code\u003e\u003c/a\u003e\nAdd a regression test for artifact name + content-type mismatches (\u003ca\nhref\u003d\"https://redirect.github.com/actions/download-artifact/issues/472\"\u003e#472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/actions/download-artifact/compare/70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3...3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dactions/download-artifact\u0026package-manager\u003dgithub_actions\u0026previous-version\u003d8.0.0\u0026new-version\u003d8.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "77127ef54272b578075c574071f24ee8c1bba22e", "tree": "3fb51ad9dc4b51c5452f4c3f8e90d022bb58c2e0", "parents": [ "b410fb26d01c7cefc4c6e3443a53562164001371" ], "author": { "name": "Sutou Kouhei", "email": "kou@clear-code.com", "time": "Mon Mar 16 16:17:40 2026 +0900" }, "committer": { "name": "Sutou Kouhei", "email": "kou@clear-code.com", "time": "Mon Mar 16 16:17:40 2026 +0900" }, "message": "GH-1077: Add missing `export GH_TOKEN` to release scripts\n" }, { "commit": "b410fb26d01c7cefc4c6e3443a53562164001371", "tree": "9ac2519e7d58f077b075bd7e86d7dfce34aced4f", "parents": [ "77df3ecb2cf5517fb5d37a4b2806844e3b4700df" ], "author": { "name": "JB Onofré", "email": "jb.onofre@dremio.com", "time": "Thu Mar 12 11:58:50 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Mar 12 11:58:50 2026 +0100" }, "message": "MINOR: Bump version to 19.0.0 (#1066)" }, { "commit": "77df3ecb2cf5517fb5d37a4b2806844e3b4700df", "tree": "0ad7c0f8ab6e6541b7c6b89546662b2008e0240d", "parents": [ "4a7fb4ef95d9386a0a7102fb18fbe52547527c21" ], "author": { "name": "Yicong Huang", "email": "17627829+Yicong-Huang@users.noreply.github.com", "time": "Thu Mar 12 01:39:44 2026 -0700" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Mar 12 09:39:44 2026 +0100" }, "message": "GH-343: Fix BaseVariableWidthVector and BaseLargeVariableWidthVector offset buffer serialization (#989)\n\n## What\u0027s Changed\n\nFix `BaseVariableWidthVector`/`BaseLargeVariableWidthVector` IPC\nserialization when `valueCount` is 0.\n\n### Problem\n\nWhen `valueCount \u003d\u003d 0`, `setReaderAndWriterIndex()` was setting\n`offsetBuffer.writerIndex(0)`, which means `readableBytes() \u003d\u003d 0`. IPC\nserializer uses `readableBytes()` to determine buffer size, so 0 bytes\nwere written to the IPC stream. This crashes IPC readers in other\nlibraries because Arrow spec requires offset buffer to have at least one\nentry `[0]`.\n\nThis is a follow-up to #967 which fixed the same issue in\n`ListVector`/`LargeListVector`.\n\n### Fix\n\nModify `setReaderAndWriterIndex()` to always use `(valueCount + 1) *\nOFFSET_WIDTH` for the offset buffer\u0027s `writerIndex`, moved outside the\nif/else branch. When the offset buffer capacity is insufficient (e.g.,\nempty buffer from constructor or loaded via `loadFieldBuffers()`), it\nreallocates a properly sized buffer on demand.\n\n\n### Testing\n\nAdded tests for empty `VarCharVector` and `LargeVarCharVector` verifying\noffset buffer has correct `readableBytes()` after `setValueCount(0)`.\n\n\nCloses #343\n\n---------\n\nCo-authored-by: Yicong Huang \u003cyicong.huang+data@databricks.com\u003e" }, { "commit": "4a7fb4ef95d9386a0a7102fb18fbe52547527c21", "tree": "4f09f3dd69e311626992e51184f2721d3e019857", "parents": [ "18de621ff2e7a72f54d416b9ef6e6a4a96b2aa8d" ], "author": { "name": "Aleksei Starikov", "email": "aleksei.starikov.ax@gmail.com", "time": "Wed Mar 11 14:59:21 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 11 14:59:21 2026 +0100" }, "message": "GH-552: [Vector] Add absent methods to the UnionFixedSizeListWriter (#1052)\n\n## What\u0027s Changed\n\nAdd absent methods to the `UnionFixedSizeListWriter`.\n\n1. Aligned the `UnionFixedSizeListWriter` template with the\n`UnionListWriter` template, which added the following previously absent\nmethods to the generated `UnionFixedSizeListWriter` class:\n\n```\n- duration() methods\n - DurationWriter duration()\n - DurationWriter duration(String name, org.apache.arrow.vector.types.TimeUnit unit)\n - DurationWriter duration(String name)\n- timeStampSecTZ() methods\n - TimeStampSecTZWriter timeStampSecTZ()\n - TimeStampSecTZWriter timeStampSecTZ(String name, String timezone)\n - TimeStampSecTZWriter timeStampSecTZ(String name)\n- timeStampMilliTZ() methods\n - TimeStampMilliTZWriter timeStampMilliTZ()\n - TimeStampMilliTZWriter timeStampMilliTZ(String name, String timezone)\n - TimeStampMilliTZWriter timeStampMilliTZ(String name)\n- timeStampMicroTZ() methods\n - TimeStampMicroTZWriter timeStampMicroTZ()\n - TimeStampMicroTZWriter timeStampMicroTZ(String name, String timezone)\n - TimeStampMicroTZWriter timeStampMicroTZ(String name)\n- timeStampNanoTZ() methods\n - TimeStampNanoTZWriter timeStampNanoTZ()\n - TimeStampNanoTZWriter timeStampNanoTZ(String name, String timezone)\n - TimeStampNanoTZWriter timeStampNanoTZ(String name)\n- fixedSizeBinary() methods\n - FixedSizeBinaryWriter fixedSizeBinary()\n - FixedSizeBinaryWriter fixedSizeBinary(String name, int byteWidth)\n - FixedSizeBinaryWriter fixedSizeBinary(String name)\n- write() methods for Duration\n - void writeDuration(long value)\n - void write(DurationHolder holder)\n- write() methods for TimeStampSecTZ \n - void writeTimeStampSecTZ(long value)\n - void write(TimeStampSecTZHolder holder)\n- write() methods for TimeStampMilliTZ\n - void writeTimeStampMilliTZ(long value)\n - void write(TimeStampMilliTZHolder holder)\n- write() methods for TimeStampMicroTZ\n - void writeTimeStampMicroTZ(long value)\n - void write(TimeStampMicroTZHolder holder)\n- write() methods for TimeStampNanoTZ\n - void writeTimeStampNanoTZ(long value)\n - void write(TimeStampNanoTZHolder holder)\n- write() methods for FixedSizeBinary\n - void writeFixedSizeBinary(ArrowBuf buffer)\n - void write(FixedSizeBinaryHolder holder)\n```\n\n2. Add `structName \u003d name;` for 2 existing methods (align them with\nother similar methods):\n\n```\n- DecimalWriter decimal(String name)\n- Decimal256Writer decimal256(String name)\n```\n\n3. Remove unused assignments from the `UnionListWriter` template + add\nmissing overrides.\n\nThis fix adds override annotations to the `UnionListWriter` generated\nclass and extend/fix the code of the `UnionFixedSizeListWriter`\ngenerated class. So, the change is backward compatible.\n\nSee the gists for the generated writer classes:\n-\n[UnionFixedSizeListWriter](https://gist.github.com/axreldable/9908f98d75ec4c0a62e4ccfa176cbbe1)\n-\n[UnionListWriter](https://gist.github.com/axreldable/881f3cf1ed001c513870daf3ea4f3bbd)\n\n---\n\nInspired by this [PR](https://github.com/apache/arrow/pull/35353).\n\n---\n\nCloses #552 ." }, { "commit": "18de621ff2e7a72f54d416b9ef6e6a4a96b2aa8d", "tree": "044e31ee6465580848455e9a6a5367aaf6a83037", "parents": [ "6ffb2d0450effccf115203ae31da10708a35dda8" ], "author": { "name": "Pedro Matias", "email": "pedro.matias@dremio.com", "time": "Wed Mar 11 10:59:07 2026 +0000" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 11 11:59:07 2026 +0100" }, "message": "GH-1004: [JDBC] Fix NPE in ArrowFlightJdbcDriver#connect​(final String url, final Properties info) (#1005)\n\n## What\u0027s Changed\n`ArrowFlightJdbcDriver.connect(final String url, final Properties info)`\nnow properly ignores a null value for `info`, obtaining the properties\nsolely from the URL.\n\nCloses #1004." }, { "commit": "6ffb2d0450effccf115203ae31da10708a35dda8", "tree": "6a58d18d1eb1c5c9c03d3ae69b2d62b1bae7e7c0", "parents": [ "c8666f28569ca7e825b45f8ca39434c12428bec6" ], "author": { "name": "Aleksei Starikov", "email": "aleksei.starikov.ax@gmail.com", "time": "Wed Mar 11 11:23:45 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 11 11:23:45 2026 +0100" }, "message": "GH-301: [Vector] Allow adding a vector at the end of VectorSchemaRoot (#1013)\n\n## What\u0027s Changed\n\nAllow adding a vector at the end of VectorSchemaRoot in the\n`VectorSchemaRoot#addVector()` method.\n\nPreviously, the precondition `index \u003c fieldVectors.size()` rejected\n`index \u003d\u003d fieldVectors.size()`, so appending was impossible. The\nprecondition is now `index \u003c\u003d fieldVectors.size()`, and when `index \u003d\u003d\nfieldVectors.size()` the new vector is appended after all existing\nvectors.\n\nThe implementation of `VectorSchemaRoot#addVector()` is now aligned with\n[BaseTable#insertVector()](https://github.com/apache/arrow-java/blob/main/vector/src/main/java/org/apache/arrow/vector/table/BaseTable.java#L156)\n\nThe change is backward compatible, as it extends the functionality of\nthe `VectorSchemaRoot#addVector()` method.\n\nCloses #301." }, { "commit": "c8666f28569ca7e825b45f8ca39434c12428bec6", "tree": "4408b9e039da0f4a1ed5c106002c11356bede430", "parents": [ "bdec833fb69f945db9f3c767715c93d09214f2b5" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed Mar 11 11:09:05 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 11 11:09:05 2026 +0100" }, "message": "MINOR: Bump com.gradle:common-custom-user-data-maven-extension from 2.0.3 to 2.1.0 (#998)\n\nBumps\n[com.gradle:common-custom-user-data-maven-extension](https://github.com/gradle/common-custom-user-data-maven-extension)\nfrom 2.0.3 to 2.1.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/releases\"\u003ecom.gradle:common-custom-user-data-maven-extension\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[NEW] Add support for evaluating one or more Groovy scripts in the\nDevelocity storage directory\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[FIX] Added a null-safety check to handle cases where the Maven\nsession may be null\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[FIX] GitHub Actions build link doesn\u0027t include run attempt\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[FIX] Add GitHub run attempt as custom value to precisely identify\nGitHub Action run\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.0.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e[FIX] Add GitHub run number as custom value to precisely identify\nGitHub Action run\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/commit/0bb5838877d857339d4978d7cf95ebf92d80fca0\"\u003e\u003ccode\u003e0bb5838\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release v2.1.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/commit/4b1a27c382505dd0141ded0f97b55e762b36b60e\"\u003e\u003ccode\u003e4b1a27c\u003c/code\u003e\u003c/a\u003e\nUpdate changes.md\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/commit/b9010d0e992d013c796db047d0d6198625cb4ee8\"\u003e\u003ccode\u003eb9010d0\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/gradle/common-custom-user-data-maven-extension/issues/329\"\u003e#329\u003c/a\u003e\nfrom gradle/erichaagdev/groovy-scripts-m2-directory\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/commit/82281ec9c8e64b513c21dc3a070ce3d9e1024189\"\u003e\u003ccode\u003e82281ec\u003c/code\u003e\u003c/a\u003e\nSwitch Groovy script evaluation order\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/commit/7cdb3cc04431f2df925970f598b493debad18413\"\u003e\u003ccode\u003e7cdb3cc\u003c/code\u003e\u003c/a\u003e\nClarify script locations in README\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/commit/2c511ae9448ff6709e3ec126051ce85c32d4321b\"\u003e\u003ccode\u003e2c511ae\u003c/code\u003e\u003c/a\u003e\nAdd support for evaluating one or more Groovy scripts in the Develocity\nstora...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/commit/f02dbca75dfe88afdf5e3a6aec78cf85474fbd3f\"\u003e\u003ccode\u003ef02dbca\u003c/code\u003e\u003c/a\u003e\nUpdate to use version 2.0.7 of the Common Custom User Data Maven\nExtension\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/commit/88e0f414d7035a5a15b3a08105851887113bc051\"\u003e\u003ccode\u003e88e0f41\u003c/code\u003e\u003c/a\u003e\nPrepare for next round of development\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/commit/36edaf81c38f68c0ecc85f906d5877ec819432ba\"\u003e\u003ccode\u003e36edaf8\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare for next development iteration\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/commit/683a96653c5d96555bb9c2f84cc948edeb101bd8\"\u003e\u003ccode\u003e683a966\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release v2.0.7\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/gradle/common-custom-user-data-maven-extension/compare/v2.0.3...v2.1.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.gradle:common-custom-user-data-maven-extension\u0026package-manager\u003dmaven\u0026previous-version\u003d2.0.3\u0026new-version\u003d2.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\n\u003e **Note**\n\u003e Automatic rebases have been disabled on this pull request as it has\nbeen open for over 30 days.\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "bdec833fb69f945db9f3c767715c93d09214f2b5", "tree": "83301490fcbc110ff78ffe224463fba4ae4c6de3", "parents": [ "e349a9a837aa9e3c5a56cbdd841f4e9655fa9ab2" ], "author": { "name": "Pedro Matias", "email": "pedro.matias@dremio.com", "time": "Wed Mar 11 07:34:47 2026 +0000" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 11 08:34:47 2026 +0100" }, "message": "GH-994: Fix DatabaseMetaData NPEs when SqlInfo is unavailable (#995)\n\n## What\u0027s Changed\n\nMultiple DatabaseMetaData methods had NPEs when the method\n`ArrowDatabaseMetadata.getSqlInfoAndCacheIfCacheIsEmpty(final SqlInfo\nsqlInfoCommand, final Class\u003cT\u003e desiredType)`\nreturned null.\n\nNow the method never returns null. If the database server does not\nprovide the requested info, either a sensible default is returned or a\nSQLException is thrown.\n\nCloses #994." }, { "commit": "e349a9a837aa9e3c5a56cbdd841f4e9655fa9ab2", "tree": "fda76ccd75c285a7acfda9ddacd6afd9e2ce6234", "parents": [ "7390f551267798d4670eae6b2894c527dbc90403" ], "author": { "name": "Logan Riggs", "email": "logan.riggs@dremio.com", "time": "Wed Mar 11 00:09:23 2026 -0700" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 11 08:09:23 2026 +0100" }, "message": "GH-1061: Add codegen classifier jar for arrow-vector. (#1062)\n\n## What\u0027s Changed\n\nAdd a new codegen classifier jar for arrow-vector that contains tdd and\nother template files.\n\nCloses #1061 ." }, { "commit": "7390f551267798d4670eae6b2894c527dbc90403", "tree": "822dcce4fb5e611573c70b2a2f756df8e7add1fd", "parents": [ "a53339b6ba2321f51f7f10f16a1ce06b12384498" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue Mar 10 14:46:43 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Mar 10 14:46:43 2026 +0100" }, "message": "MINOR: Bump io.grpc:grpc-bom from 1.78.0 to 1.79.0 (#1048)\n\nBumps [io.grpc:grpc-bom](https://github.com/grpc/grpc-java) from 1.78.0\nto 1.79.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/releases\"\u003eio.grpc:grpc-bom\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.79.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eAPI Changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ecore: Delete the never-used\nio.grpc.internal.ReadableBuffer.readBytes(ByteBuffer) (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12580\"\u003e#12580\u003c/a\u003e)\n(738782fb0). This is deeply internal and not accessible, so shouldn’t\nimpact anything. However, Apache Arrow Java \u003ca\nhref\u003d\"https://github.com/apache/arrow-java/blob/96156ccc2bf933c75c852ca7c04418a61f87defd/flight/flight-core/src/main/java/org/apache/arrow/flight/grpc/GetReadableBuffer.java#L44-L45\"\u003euses\nreflection to access private fields\u003c/a\u003e; \u003ca\nhref\u003d\"https://redirect.github.com/apache/arrow-java/pull/954\"\u003eGH-939:\nRemove reflection for gRPC buffers\u003c/a\u003e is swapping to gRPC’s public\nzero-copy APIs\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eopentelemetry: Add target attribute filter for metrics (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12587\"\u003e#12587\u003c/a\u003e).\nIntroduce an optional Predicate targetAttributeFilter to control how\ngrpc.target is recorded in OpenTelemetry client metrics. When a filter\nis provided, targets rejected by the predicate are normalized to\n\u0026quot;other\u0026quot; to reduce grpc.target metric cardinality, while\naccepted targets are recorded as-is. If no filter is set, existing\nbehavior is preserved. This change adds a new Builder API on\nGrpcOpenTelemetry to allow applications to configure the filter. \u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBehavior Changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ecore: Convert AutoConfiguredLB to an actual LB (4bbf8eee5). This is\nan internal refactoring, but it does improve how errors are handled for\nbroken binaries. Previously, not being able to load pick_first would\nresult in a channel panic. Now it is handled as a regular load balancing\nerror\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eokhttp: Assert no pending streams before transport READY (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12566\"\u003e#12566\u003c/a\u003e)\n(ed6d175fc). No pending streams should exist when the transport\ntransitions to READY. This PR adds an assertion to help verify this\ninvariant.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBug Fixes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003ecore: PickFirstLB should not return a subchannel during CONNECTING\n(228fc8ecd). Pick-first in grpc-java has behaved this way since it was\ncreated, and it was of no consequence. However, now there are some load\nbalancing policies (mainly RLS) that will do a pick() and hope the\nresult to be reasonably accurate for metrics.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eImprovements\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003ecore: Improve DEADLINE_EXCEEDED message for CallCreds delays\n(ead532b39). Previously the error message contained “buffered_nanos” and\n“waiting_for_connection” for connection delays. However, we discovered\nthe same strings were also used if waiting on CallCredentials. Now\nyou’ll see details like “connecting_and_lb_delay”,\n“call_credentials_delay”, and “was_still_waiting”.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eopentelemetry: Add Android API checking (a9f73f4c0). Previously we\nassumed OpenTelemetry support would not be used on Android. It did\nhappen to be compatible with Android, but since OpenTelemetry does have\nsome Android support, we now have a check that it remains compatible\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecore: Catch Errors when calling complex config parsing code\n(a535ed799). Error (and any other Throwable) is now caught and handled\nwhen parsing configuration (e.g., service config, xds). This will cause\nsuch failures to be handled gracefully instead of panicking the\nchannel\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003ecore: Implement LoadBalancer.Helper.createOobChannel() with the\ninternals of createResolvingOobChannel() (3915d029c). This API is only\nexpected to be relevant to the gRPC-LB lookaside load balancer, and is\nnot believed to have behavior changes. Out-of-band channel had been\nimplemented with its own stripped-down Channel without load balancing.\nReimplementing using the resolving oob channel makes it a full-fledged\nchannel and reduces the burden when integrating new features and allows\nus to have a ManagedChannelBuilder to use with efforts like \u003ca\nhref\u003d\"https://redirect.github.com/grpc/proposal/pull/529\"\u003egRFC A110:\nChild Channel Options\u003c/a\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003exds: Implement the proactive connection logic in RingHashLoadBalancer\nas outlined in gRFC A61 (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12596\"\u003e#12596\u003c/a\u003e).\nPreviously, the Java implementation only initialized child balancers\nwhen a ring-chosen endpoint was in TRANSIENT_FAILURE during a picker\u0027s\npickSubchannel call. This PR adds the missing logic: when a child\nbalancer reports TRANSIENT_FAILURE, the LoadBalancer now proactively\ninitializes the first available IDLE child if no other children are\ncurrently connecting or ready.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis ensures a backup subchannel starts warming up immediately\noutside the RPC flow, reducing failover latency and improving overall\nresilience. This behavior was previously present but was inadvertently\nlost after \u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/pull/10610\"\u003e#10610\u003c/a\u003e.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eapi: Add RFC 3986 support to DnsNameResolverProvider (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12602\"\u003e#12602\u003c/a\u003e)\n(f65127cf7) Experimental RFC 3986 target URI parsing mode (disabled by\ndefault)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eNew Features\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eopentelemetry: Actual reason for the disconnects in subchannel\nmetrics(6b2f7580c), completing the remaining work in \u003ca\nhref\u003d\"https://redirect.github.com/grpc/proposal/pull/485/files\"\u003egRFC\nA96: OTel metrics for Subchannels\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDependencies\u003c/strong\u003e \u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eprotobuf: Upgrade Bazel protobuf to 33.1 (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12553\"\u003e#12553\u003c/a\u003e)\n(b61a8f49c) and load java_proto_library from the protobuf repo\n(c7f3cdbc3)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eprotobuf: Fix build with Bazel 9 by upgrading bazel_jar_jar and\ngrpc-proto versions (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12569\"\u003e#12569\u003c/a\u003e)\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eUpgrade dependencies (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12588\"\u003e#12588\u003c/a\u003e)\n(6422092e3) Netty to 4.1.130, error-prone annotations to 2.45.0,\ngoogle-auth-library to 1.41.0, tomcat-embed-core9 to 9.0.113,\ntomcat-embed-core to 10.1.50, opentelemetry to 1.57.0,\njetty-ee10-servlet to 12.1.5, jetty-http2-server to 12.1.5,\ngoogle-cloud-logging to 3.23.9, google-auth to 1.41.0,\nproto-google-common-protos to 2.63.2.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/381593f39e37b530177faad3c6035cfce4536ec7\"\u003e\u003ccode\u003e381593f\u003c/code\u003e\u003c/a\u003e\nBump version to 1.79.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/f93ecb0ae2395d20c02b4eafe931c6796ac12598\"\u003e\u003ccode\u003ef93ecb0\u003c/code\u003e\u003c/a\u003e\nUpdate README etc to reference 1.79.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/f6d140f877ca11d428389b688e68e5e33f78740d\"\u003e\u003ccode\u003ef6d140f\u003c/code\u003e\u003c/a\u003e\nxds: Normalize weights before combining endpoint and locality\nweights\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/c589bef18f33c1aead47382391adba70f8bd4655\"\u003e\u003ccode\u003ec589bef\u003c/code\u003e\u003c/a\u003e\ncore: clarify dns javadoc/test about trailing path segments\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/65596ae3a9cdf420d91748e5ad1779ad92e14627\"\u003e\u003ccode\u003e65596ae\u003c/code\u003e\u003c/a\u003e\ncore: Move 4 test cases from DnsNameResolverTest to\nDnsNameResolverProviderTe...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/59a64f0b685f32b70b9bf73c7e15a5b0f847f767\"\u003e\u003ccode\u003e59a64f0\u003c/code\u003e\u003c/a\u003e\ncore: Use FlagResetRule to set/restore system properties in\nDnsNameResolverTe...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/c5f5ee0e994f76d4edac48ea17b52a0f918af822\"\u003e\u003ccode\u003ec5f5ee0\u003c/code\u003e\u003c/a\u003e\nopentelemetry: Add target attribute filter for metrics (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12587\"\u003e#12587\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/f65127cf7c861a1b7cf7411ef48df6f9116d6bc3\"\u003e\u003ccode\u003ef65127c\u003c/code\u003e\u003c/a\u003e\napi: Add RFC 3986 support to DnsNameResolverProvider (\u003ca\nhref\u003d\"https://redirect.github.com/grpc/grpc-java/issues/12602\"\u003e#12602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/a535ed799387e41b1edb44b59907af99e770259b\"\u003e\u003ccode\u003ea535ed7\u003c/code\u003e\u003c/a\u003e\nCatch Errors when calling complex parsing code\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/commit/ebb9420948e4c5ea380f9da2e1c6c0d8cf991bbe\"\u003e\u003ccode\u003eebb9420\u003c/code\u003e\u003c/a\u003e\nxds: Merge ClusterResolverLB into CdsLB2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/grpc/grpc-java/compare/v1.78.0...v1.79.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dio.grpc:grpc-bom\u0026package-manager\u003dmaven\u0026previous-version\u003d1.78.0\u0026new-version\u003d1.79.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\n---------\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e\nCo-authored-by: JB Onofré \u003cjbonofre@apache.org\u003e" }, { "commit": "a53339b6ba2321f51f7f10f16a1ce06b12384498", "tree": "b75693170780cd2ee2f04661bba8cd7eef997093", "parents": [ "a7313c22c17211ecb666e44e97158a495a176778" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 09 18:59:48 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 09 18:59:48 2026 +0100" }, "message": "MINOR: Bump dep.hadoop.version from 3.4.2 to 3.4.3 (#1055)\n\nBumps `dep.hadoop.version` from 3.4.2 to 3.4.3.\nUpdates `org.apache.hadoop:hadoop-client-runtime` from 3.4.2 to 3.4.3\n\nUpdates `org.apache.hadoop:hadoop-client-api` from 3.4.2 to 3.4.3\n\nUpdates `org.apache.hadoop:hadoop-common` from 3.4.2 to 3.4.3\n\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "a7313c22c17211ecb666e44e97158a495a176778", "tree": "19cffd797391a281ae370d41a2da146ddb0f09b5", "parents": [ "07c5f48a16230275cb502b94ffe4a3ca70f9adad" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 09 17:32:56 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 09 17:32:56 2026 +0100" }, "message": "MINOR: [CI] Bump docker/login-action from 3.7.0 to 4.0.0 (#1053)\n\nBumps [docker/login-action](https://github.com/docker/login-action) from\n3.7.0 to 4.0.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/docker/login-action/releases\"\u003edocker/login-action\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNode 24 as default runtime (requires \u003ca\nhref\u003d\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eActions\nRunner v2.327.1\u003c/a\u003e or later) by \u003ca\nhref\u003d\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/929\"\u003edocker/login-action#929\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch to ESM and update config/test wiring by \u003ca\nhref\u003d\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/927\"\u003edocker/login-action#927\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/919\"\u003edocker/login-action#919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-ecr\u003c/code\u003e from 3.890.0 to 3.1000.0 in\n\u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/909\"\u003edocker/login-action#909\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/920\"\u003edocker/login-action#920\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-ecr-public\u003c/code\u003e from 3.890.0 to\n3.1000.0 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/909\"\u003edocker/login-action#909\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/920\"\u003edocker/login-action#920\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.63.0 to 0.77.0 in\n\u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/910\"\u003edocker/login-action#910\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/928\"\u003edocker/login-action#928\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​isaacs/brace-expansion\u003c/code\u003e from 5.0.0 to 5.0.1 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/921\"\u003edocker/login-action#921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump js-yaml from 4.1.0 to 4.1.1 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/901\"\u003edocker/login-action#901\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/docker/login-action/compare/v3.7.0...v4.0.0\"\u003ehttps://github.com/docker/login-action/compare/v3.7.0...v4.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/b45d80f862d83dbcd57f89517bcf500b2ab88fb2\"\u003e\u003ccode\u003eb45d80f\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/issues/929\"\u003e#929\u003c/a\u003e\nfrom crazy-max/node24\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/176cb9c12abea98dfe844071c0999ff6ee9688a7\"\u003e\u003ccode\u003e176cb9c\u003c/code\u003e\u003c/a\u003e\nnode 24 as default runtime\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/cad89843109a11cb6f69f52fe695c42cf69d57d3\"\u003e\u003ccode\u003ecad8984\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/issues/920\"\u003e#920\u003c/a\u003e\nfrom docker/dependabot/npm_and_yarn/aws-sdk-dependenc...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/92cbcb231ed341e7dc71693351b21f5ba65f8349\"\u003e\u003ccode\u003e92cbcb2\u003c/code\u003e\u003c/a\u003e\nchore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/5a2d6a71bd3e0cb4abb6faae33f3dde61ece8e5b\"\u003e\u003ccode\u003e5a2d6a7\u003c/code\u003e\u003c/a\u003e\nbuild(deps): bump the aws-sdk-dependencies group with 2 updates\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/44512b6b2e08b878e82b107b394fcd1af5748e63\"\u003e\u003ccode\u003e44512b6\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/issues/928\"\u003e#928\u003c/a\u003e\nfrom docker/dependabot/npm_and_yarn/docker/actions-to...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/28737a5e46bc0c62910ef429b2e55f9cabbbd5df\"\u003e\u003ccode\u003e28737a5\u003c/code\u003e\u003c/a\u003e\nchore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/dac079354afbd8db4c3b58b8cc6946573479b2a6\"\u003e\u003ccode\u003edac0793\u003c/code\u003e\u003c/a\u003e\nbuild(deps): bump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.76.0 to\n0.77.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/62029f315d6d05c8646343320e4a1552e5f1c77a\"\u003e\u003ccode\u003e62029f3\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/issues/919\"\u003e#919\u003c/a\u003e\nfrom docker/dependabot/npm_and_yarn/actions/core-3.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/08c8f064bf22a1c55918ee608a81d87b13cc4461\"\u003e\u003ccode\u003e08c8f06\u003c/code\u003e\u003c/a\u003e\nchore: update generated content\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/docker/login-action/compare/c94ce9fb468520275223c153574b00df6fe4bcc9...b45d80f862d83dbcd57f89517bcf500b2ab88fb2\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003ddocker/login-action\u0026package-manager\u003dgithub_actions\u0026previous-version\u003d3.7.0\u0026new-version\u003d4.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "07c5f48a16230275cb502b94ffe4a3ca70f9adad", "tree": "494418a78f3bbeb8cc5ae0c928a5ed1cc3a032bc", "parents": [ "2f39438afd4a2c8bf7ba63b7e3aa726c680036e1" ], "author": { "name": "JB Onofré", "email": "jb.onofre@dremio.com", "time": "Mon Mar 09 17:32:10 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 09 17:32:10 2026 +0100" }, "message": "MINOR: [CI] Increase JNI macOS job timeout from 45 to 60 minutes (#1060)\n\nAs MacOS executor as slightly slower than other executors, this PR\nincrease the JNI MacOS job timeout to 60 minutes (instead of 45\nminutes)." }, { "commit": "2f39438afd4a2c8bf7ba63b7e3aa726c680036e1", "tree": "acf8b740ddfa03225db3c85cee64c426c60f697e", "parents": [ "15f50796b5603100702560fad4b4c843f4fa379c" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 09 16:32:14 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 09 16:32:14 2026 +0100" }, "message": "MINOR: Bump org.apache.orc:orc-core from 2.2.2 to 2.3.0 (#1056)\n\nBumps org.apache.orc:orc-core from 2.2.2 to 2.3.0.\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dorg.apache.orc:orc-core\u0026package-manager\u003dmaven\u0026previous-version\u003d2.2.2\u0026new-version\u003d2.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "15f50796b5603100702560fad4b4c843f4fa379c", "tree": "949919523e77713761308540cb5f9a03aec3a55b", "parents": [ "7cbf15994ae7c82fbcb178dded6b3f128219d9ad" ], "author": { "name": "JB Onofré", "email": "jb.onofre@dremio.com", "time": "Mon Mar 09 15:12:41 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 09 15:12:41 2026 +0100" }, "message": "MINOR: Fix flaky TestBasicAuth memory leak by waiting for async buffer release (#1058)\n\n## What\u0027s Changed\n\ngRPC/Netty releases Arrow buffers asynchronously after server shutdown.\nPoll briefly for the allocator\u0027s memory to drain before closing it,\npreventing spurious \"Memory was leaked\" errors in CI.\n\nThe fix adds a brief polling loop to wait for the allocator\u0027s memory to\ndrain before closing it." }, { "commit": "7cbf15994ae7c82fbcb178dded6b3f128219d9ad", "tree": "0cee389c63acf77576e2650d3b5f946d239ec237", "parents": [ "5dfd2595080a15d3d6ff3e40d8de57af4bdd7858" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed Mar 04 21:18:49 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 04 21:18:49 2026 +0100" }, "message": "MINOR: Bump org.codehaus.mojo:build-helper-maven-plugin from 3.6.0 to 3.6.1 (#1049)\n\nBumps\n[org.codehaus.mojo:build-helper-maven-plugin](https://github.com/mojohaus/build-helper-maven-plugin)\nfrom 3.6.0 to 3.6.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/mojohaus/build-helper-maven-plugin/releases\"\u003eorg.codehaus.mojo:build-helper-maven-plugin\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e3.6.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e📝 Documentation updates\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRename Goals to Plugin Documentation in the site menu (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/229\"\u003e#229\u003c/a\u003e)\n\u003ca\nhref\u003d\"https://github.com/slawekjaranowski\"\u003e\u003ccode\u003e@​slawekjaranowski\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate the documentation for adding more resource directories (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/213\"\u003e#213\u003c/a\u003e)\n\u003ca href\u003d\"https://github.com/mjj042\"\u003e\u003ccode\u003e@​mjj042\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e👻 Maintenance\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse common release-drafter configuration (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/230\"\u003e#230\u003c/a\u003e)\n\u003ca\nhref\u003d\"https://github.com/slawekjaranowski\"\u003e\u003ccode\u003e@​slawekjaranowski\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e📦 Dependency updates\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump org.codehaus.mojo:mojo-parent from 87 to 91 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/228\"\u003e#228\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven.shared:file-management from 3.1.0 to 3.2.0 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/222\"\u003e#222\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.mojo:mojo-parent from 86 to 87 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/221\"\u003e#221\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.mojo:mojo-parent from 85 to 86 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/219\"\u003e#219\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.plexus:plexus-utils from 4.0.1 to 4.0.2 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/220\"\u003e#220\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.mojo:mojo-parent from 84 to 85 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/217\"\u003e#217\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.mojo:mojo-parent from 82 to 84 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/build-helper-maven-plugin/pull/214\"\u003e#214\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/build-helper-maven-plugin/commit/908df59c109817837a30e2340d2e8e6481bd4359\"\u003e\u003ccode\u003e908df59\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release 3.6.1\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/build-helper-maven-plugin/commit/faafd8f533f04511c6b1107ef3a90dd287d9a90b\"\u003e\u003ccode\u003efaafd8f\u003c/code\u003e\u003c/a\u003e\nUse common release-drafter configuration\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/build-helper-maven-plugin/commit/a91b402d31251d1ee7bd7de53e94440d09162ef2\"\u003e\u003ccode\u003ea91b402\u003c/code\u003e\u003c/a\u003e\nRename Goals to Plugin Documentation in the site menu\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/build-helper-maven-plugin/commit/1e9136d0ebb7689737906574134f6fb4465033b2\"\u003e\u003ccode\u003e1e9136d\u003c/code\u003e\u003c/a\u003e\nBump org.codehaus.mojo:mojo-parent from 87 to 91\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/build-helper-maven-plugin/commit/8700ddcd1659f0c7754d5cf977a0e52f53defa4a\"\u003e\u003ccode\u003e8700ddc\u003c/code\u003e\u003c/a\u003e\nBump org.apache.maven.shared:file-management from 3.1.0 to 3.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/build-helper-maven-plugin/commit/ab2c63520127f18f8b432ec110f0951f1e40d48b\"\u003e\u003ccode\u003eab2c635\u003c/code\u003e\u003c/a\u003e\nBump org.codehaus.mojo:mojo-parent from 86 to 87\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/build-helper-maven-plugin/commit/611ce4052a7668acdffd804c097a7548a935faa2\"\u003e\u003ccode\u003e611ce40\u003c/code\u003e\u003c/a\u003e\nTypos.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/build-helper-maven-plugin/commit/02d2b8e4feb3ebf8db8174a720b3550f9a74b55d\"\u003e\u003ccode\u003e02d2b8e\u003c/code\u003e\u003c/a\u003e\nBump org.codehaus.mojo:mojo-parent from 85 to 86\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/build-helper-maven-plugin/commit/d742e5c858e428b79b5a2136de2609999951ce36\"\u003e\u003ccode\u003ed742e5c\u003c/code\u003e\u003c/a\u003e\nUpdate site.xml to Doxia 2\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/build-helper-maven-plugin/commit/80b89b8cc9fcf5ebf47430aab60f8ed7d35793c4\"\u003e\u003ccode\u003e80b89b8\u003c/code\u003e\u003c/a\u003e\nBump org.codehaus.plexus:plexus-utils from 4.0.1 to 4.0.2\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/mojohaus/build-helper-maven-plugin/compare/3.6.0...3.6.1\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dorg.codehaus.mojo:build-helper-maven-plugin\u0026package-manager\u003dmaven\u0026previous-version\u003d3.6.0\u0026new-version\u003d3.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "5dfd2595080a15d3d6ff3e40d8de57af4bdd7858", "tree": "8e87935d89f1e7513297a362c75a763df50e2b76", "parents": [ "41acbdc681c4792b01655066bf7230f4a07c2ef2" ], "author": { "name": "Logan Riggs", "email": "logan.riggs@gmail.com", "time": "Wed Mar 04 12:03:18 2026 -0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 04 21:03:18 2026 +0100" }, "message": "GH-1038: Trim object memory for ArrowBuf (#1044)\n\n## What\u0027s Changed\n\nA significant number of ArrowBuf and BufferLedger objects are created\nduring certain workloads. Saving several bytes per instance could add up\nto significant memory savings and reduced memory allocation expense and\ngarbage collection.\n\nThe id field, which was a sequential value used when logging object\ninformation, is replaced with an identity hash code. This should still\nallow enough information for debugging without the memory overhead.\nThere may be possible duplicate values but it shouldn\u0027t matter for\nlogging purposes.\n\nAtomic fields can be replaced by a primitive and a static updater which\nsaves several bytes per instance.\n\n### ArrowBuf\n| Component | Before | After | Savings |\n|-----------|--------|-------|---------|\n| `idGenerator` (static) | `AtomicLong` | Removed | 24 bytes globally |\n| `id` field (per instance) | `long` (8 bytes) | Removed | **8 bytes per\ninstance** |\n| `getId()` | Returns `id` field | Returns\n`System.identityHashCode(this)` | — |\n\n### BufferLedger\n| Component | Before | After | Savings |\n|-----------|--------|-------|---------|\n| `LEDGER_ID_GENERATOR` (static) | `AtomicLong` | Removed | 24 bytes\nglobally |\n| `ledgerId` (per instance) | `long` (8 bytes) | Removed | **8 bytes per\ninstance** |\n| `bufRefCnt` | `AtomicInteger` (24 bytes) | `volatile int` + static\nupdater | **20 bytes per instance** |\n\n### Total Savings\n\n| Scale | ArrowBuf | BufferLedger | Combined |\n|-------|----------|--------------|----------|\n| 100K | 800 KB | 2.8 MB | **~3.6 MB** |\n| 1M | 8 MB | 28 MB | **~36 MB** |\n| 10M | 80 MB | 280 MB | **~360 MB** |\n\n\n\n### Benchmarking\nI ran the added benchmark before and after the metadata trimming.\n\n**Metadata Trimmed**\n\n| Benchmark | Mode | Score | Error |Units|\n|-------|----------|--------------|----------|----------|\n|MemoryFootprintBenchmarks.measureAllocationPerformance | avgt | 456.831\n|± 36.059 | us/op|\n|MemoryFootprintBenchmarks.measureArrowBufMemoryFootprint | ss | 161.085\n|± 35.596| ms/op|\n|Created 100000 ArrowBuf instances. Heap memory used | sum | 35631520\nbytes (33.98 MB) |0 |bytes|\n|Average memory per ArrowBuf| sum | 356.32 bytes |0 |bytes|\n\n\n**Previous Object Layout**\n\n| Benchmark | Mode | Score | Error |Units|\n|-------|----------|--------------|----------|----------|\n|MemoryFootprintBenchmarks.measureAllocationPerformance | avgt | 466.171\n|± 16.233 | us/op|\n|MemoryFootprintBenchmarks.measureArrowBufMemoryFootprint | ss | 176.790\n|± 17.943 |ms/op|\n|Created 100000 ArrowBuf instances. Heap memory used | sum | 38817480\nbytes (37.02 MB) |0 |bytes|\n|Average memory per ArrowBuf| sum | 388.17 bytes |0 |bytes|\n\n\nCloses #1038." }, { "commit": "41acbdc681c4792b01655066bf7230f4a07c2ef2", "tree": "82b74aac83a0c365edb7e6bec319fa5231e76366", "parents": [ "9c497848f9e7a531aae1095009257217d993c24b" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 02 13:26:12 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 02 13:26:12 2026 +0100" }, "message": "MINOR: [CI] Bump actions/download-artifact from 7.0.0 to 8.0.0 (#1047)\n\nBumps\n[actions/download-artifact](https://github.com/actions/download-artifact)\nfrom 7.0.0 to 8.0.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/actions/download-artifact/releases\"\u003eactions/download-artifact\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.0\u003c/h2\u003e\n\u003ch2\u003ev8 - What\u0027s new\u003c/h2\u003e\n\u003ch3\u003eDirect downloads\u003c/h3\u003e\n\u003cp\u003eTo support direct uploads in \u003ccode\u003eactions/upload-artifact\u003c/code\u003e,\nthe action will no longer attempt to unzip all downloaded files.\nInstead, the action checks the \u003ccode\u003eContent-Type\u003c/code\u003e header ahead of\nunzipping and skips non-zipped files. Callers wishing to download a\nzipped file as-is can also set the new \u003ccode\u003eskip-decompress\u003c/code\u003e\nparameter to \u003ccode\u003efalse\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eEnforced checks (breaking)\u003c/h3\u003e\n\u003cp\u003eA previous release introduced digest checks on the download. If a\ndownload hash didn\u0027t match the expected hash from the server, the action\nwould log a warning. Callers can now configure the behavior on mismatch\nwith the \u003ccode\u003edigest-mismatch\u003c/code\u003e parameter. To be secure by\ndefault, we are now defaulting the behavior to \u003ccode\u003eerror\u003c/code\u003e which\nwill fail the workflow run.\u003c/p\u003e\n\u003ch3\u003eESM\u003c/h3\u003e\n\u003cp\u003eTo support new versions of the @actions/* packages, we\u0027ve upgraded\nthe package to ESM.\u003c/p\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDon\u0027t attempt to un-zip non-zipped downloads by \u003ca\nhref\u003d\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in\n\u003ca\nhref\u003d\"https://redirect.github.com/actions/download-artifact/pull/460\"\u003eactions/download-artifact#460\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd a setting to specify what to do on hash mismatch and default it\nto \u003ccode\u003eerror\u003c/code\u003e by \u003ca\nhref\u003d\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in\n\u003ca\nhref\u003d\"https://redirect.github.com/actions/download-artifact/pull/461\"\u003eactions/download-artifact#461\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/actions/download-artifact/compare/v7...v8.0.0\"\u003ehttps://github.com/actions/download-artifact/compare/v7...v8.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/download-artifact/commit/70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3\"\u003e\u003ccode\u003e70fc10c\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/actions/download-artifact/issues/461\"\u003e#461\u003c/a\u003e\nfrom actions/danwkennedy/digest-mismatch-behavior\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/download-artifact/commit/f258da9a506b755b84a09a531814700b86ccfc62\"\u003e\u003ccode\u003ef258da9\u003c/code\u003e\u003c/a\u003e\nAdd change docs\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/download-artifact/commit/ccc058e5fbb0bb2352213eaec3491e117cbc4a5c\"\u003e\u003ccode\u003eccc058e\u003c/code\u003e\u003c/a\u003e\nFix linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/download-artifact/commit/bd7976ba57ecea96e6f3df575eb922d11a12a9fd\"\u003e\u003ccode\u003ebd7976b\u003c/code\u003e\u003c/a\u003e\nAdd a setting to specify what to do on hash mismatch and default it to\n\u003ccode\u003eerror\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/download-artifact/commit/ac21fcf45e0aaee541c0f7030558bdad38d77d6c\"\u003e\u003ccode\u003eac21fcf\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/actions/download-artifact/issues/460\"\u003e#460\u003c/a\u003e\nfrom actions/danwkennedy/download-no-unzip\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/download-artifact/commit/15999bff51058bc7c19b50ebbba518eaef7c26c0\"\u003e\u003ccode\u003e15999bf\u003c/code\u003e\u003c/a\u003e\nAdd note about package bumps\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/download-artifact/commit/974686ed5098c7f9c9289ec946b9058e496a2561\"\u003e\u003ccode\u003e974686e\u003c/code\u003e\u003c/a\u003e\nBump the version to \u003ccode\u003ev8\u003c/code\u003e and add release notes\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/download-artifact/commit/fbe48b1d2756394be4cd4358ed3bc1343b330e75\"\u003e\u003ccode\u003efbe48b1\u003c/code\u003e\u003c/a\u003e\nUpdate test names to make it clearer what they do\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/download-artifact/commit/96bf374a614d4360e225874c3efd6893a3f285e7\"\u003e\u003ccode\u003e96bf374\u003c/code\u003e\u003c/a\u003e\nOne more test fix\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/download-artifact/commit/b8c4819ef592cbe04fd93534534b38f853864332\"\u003e\u003ccode\u003eb8c4819\u003c/code\u003e\u003c/a\u003e\nFix skip decompress test\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/actions/download-artifact/compare/37930b1c2abaa49bbe596cd826c3c89aef350131...70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dactions/download-artifact\u0026package-manager\u003dgithub_actions\u0026previous-version\u003d7.0.0\u0026new-version\u003d8.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "9c497848f9e7a531aae1095009257217d993c24b", "tree": "bcfb5c7b936b2b6bd13da307335934558e87ea02", "parents": [ "1a99518180b6a89fe17a9af5ce12f6956b5c6c27" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 02 13:19:43 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 02 13:19:43 2026 +0100" }, "message": "MINOR: Bump checker.framework.version from 3.53.0 to 3.53.1 (#1046)\n\nBumps `checker.framework.version` from 3.53.0 to 3.53.1.\nUpdates `org.checkerframework:checker-qual` from 3.53.0 to 3.53.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/releases\"\u003eorg.checkerframework:checker-qual\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eChecker Framework 3.53.1\u003c/h2\u003e\n\u003ch2\u003eVersion 3.53.1 (2026-02-02)\u003c/h2\u003e\n\u003ch3\u003eClosed issues\u003c/h3\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/4858\"\u003e#4858\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/6141\"\u003e#6141\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/6620\"\u003e#6620\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7360\"\u003e#7360\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7388\"\u003e#7388\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/blob/master/docs/CHANGELOG.md\"\u003eorg.checkerframework:checker-qual\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.53.1 (2026-02-02)\u003c/h2\u003e\n\u003ch3\u003eClosed issues\u003c/h3\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/4858\"\u003e#4858\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/6141\"\u003e#6141\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/6620\"\u003e#6620\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7360\"\u003e#7360\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7388\"\u003e#7388\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/ef993ae5df68b25a038f8fac771b492e9ec9cd82\"\u003e\u003ccode\u003eef993ae\u003c/code\u003e\u003c/a\u003e\nnew release 3.53.1\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/c712fad4f8152b39ba6ec80155e67e061e82baa7\"\u003e\u003ccode\u003ec712fad\u003c/code\u003e\u003c/a\u003e\nUpdate release number.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/18c01fc26dc0713cc5c21a7e0d678a6e2c86ee26\"\u003e\u003ccode\u003e18c01fc\u003c/code\u003e\u003c/a\u003e\nPrep for release.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/f8d4d5521b5b5b4ebbc72b4ec3d4da070c0aa207\"\u003e\u003ccode\u003ef8d4d55\u003c/code\u003e\u003c/a\u003e\nRelease script corrections\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/37845c817a018f0ddb338e260b4099aa0536b0f7\"\u003e\u003ccode\u003e37845c8\u003c/code\u003e\u003c/a\u003e\nRename Shrinkable to CanShrink, to accommodate a future checker\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/77d27e7e2ae0935a015df1551c0bee68ddcda5b2\"\u003e\u003ccode\u003e77d27e7\u003c/code\u003e\u003c/a\u003e\nUpdate cimg/base Docker tag to v2026.02 (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7470\"\u003e#7470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/e096e0dba840883bd5734683155a6a6754fc5ba4\"\u003e\u003ccode\u003ee096e0d\u003c/code\u003e\u003c/a\u003e\nUpdate URLs\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/971a3f789cfb77dcc385f56077bf0f53f00fcb0a\"\u003e\u003ccode\u003e971a3f7\u003c/code\u003e\u003c/a\u003e\nUse https URLs rather than http URLs\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/c62acd1aae432332117105a90ada7805ae66d6a5\"\u003e\u003ccode\u003ec62acd1\u003c/code\u003e\u003c/a\u003e\nUpdate Gradle to v9.3.1 (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7464\"\u003e#7464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/ce0eaa8027fe2c2df6c08642a9f7dbd6283d5b04\"\u003e\u003ccode\u003ece0eaa8\u003c/code\u003e\u003c/a\u003e\nAdd link to project list\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/compare/checker-framework-3.53.0...checker-framework-3.53.1\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.checkerframework:checker` from 3.53.0 to 3.53.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/releases\"\u003eorg.checkerframework:checker\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eChecker Framework 3.53.1\u003c/h2\u003e\n\u003ch2\u003eVersion 3.53.1 (2026-02-02)\u003c/h2\u003e\n\u003ch3\u003eClosed issues\u003c/h3\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/4858\"\u003e#4858\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/6141\"\u003e#6141\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/6620\"\u003e#6620\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7360\"\u003e#7360\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7388\"\u003e#7388\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/blob/master/docs/CHANGELOG.md\"\u003eorg.checkerframework:checker\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.53.1 (2026-02-02)\u003c/h2\u003e\n\u003ch3\u003eClosed issues\u003c/h3\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/4858\"\u003e#4858\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/6141\"\u003e#6141\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/6620\"\u003e#6620\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7360\"\u003e#7360\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7388\"\u003e#7388\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/ef993ae5df68b25a038f8fac771b492e9ec9cd82\"\u003e\u003ccode\u003eef993ae\u003c/code\u003e\u003c/a\u003e\nnew release 3.53.1\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/c712fad4f8152b39ba6ec80155e67e061e82baa7\"\u003e\u003ccode\u003ec712fad\u003c/code\u003e\u003c/a\u003e\nUpdate release number.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/18c01fc26dc0713cc5c21a7e0d678a6e2c86ee26\"\u003e\u003ccode\u003e18c01fc\u003c/code\u003e\u003c/a\u003e\nPrep for release.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/f8d4d5521b5b5b4ebbc72b4ec3d4da070c0aa207\"\u003e\u003ccode\u003ef8d4d55\u003c/code\u003e\u003c/a\u003e\nRelease script corrections\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/37845c817a018f0ddb338e260b4099aa0536b0f7\"\u003e\u003ccode\u003e37845c8\u003c/code\u003e\u003c/a\u003e\nRename Shrinkable to CanShrink, to accommodate a future checker\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/77d27e7e2ae0935a015df1551c0bee68ddcda5b2\"\u003e\u003ccode\u003e77d27e7\u003c/code\u003e\u003c/a\u003e\nUpdate cimg/base Docker tag to v2026.02 (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7470\"\u003e#7470\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/e096e0dba840883bd5734683155a6a6754fc5ba4\"\u003e\u003ccode\u003ee096e0d\u003c/code\u003e\u003c/a\u003e\nUpdate URLs\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/971a3f789cfb77dcc385f56077bf0f53f00fcb0a\"\u003e\u003ccode\u003e971a3f7\u003c/code\u003e\u003c/a\u003e\nUse https URLs rather than http URLs\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/c62acd1aae432332117105a90ada7805ae66d6a5\"\u003e\u003ccode\u003ec62acd1\u003c/code\u003e\u003c/a\u003e\nUpdate Gradle to v9.3.1 (\u003ca\nhref\u003d\"https://redirect.github.com/typetools/checker-framework/issues/7464\"\u003e#7464\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/commit/ce0eaa8027fe2c2df6c08642a9f7dbd6283d5b04\"\u003e\u003ccode\u003ece0eaa8\u003c/code\u003e\u003c/a\u003e\nAdd link to project list\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/typetools/checker-framework/compare/checker-framework-3.53.0...checker-framework-3.53.1\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "1a99518180b6a89fe17a9af5ce12f6956b5c6c27", "tree": "4ccc1b37eda11ca2ca28bc18221efefcdfcd7f71", "parents": [ "394755bc612f9457446396e4374f2871bbc99d9d" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 02 13:15:36 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 02 13:15:36 2026 +0100" }, "message": "MINOR: [CI] Bump actions/upload-artifact from 6.0.0 to 7.0.0 (#1045)\n\nBumps\n[actions/upload-artifact](https://github.com/actions/upload-artifact)\nfrom 6.0.0 to 7.0.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/actions/upload-artifact/releases\"\u003eactions/upload-artifact\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch2\u003ev7 What\u0027s new\u003c/h2\u003e\n\u003ch3\u003eDirect Uploads\u003c/h3\u003e\n\u003cp\u003eAdds support for uploading single files directly (unzipped). Callers\ncan set the new \u003ccode\u003earchive\u003c/code\u003e parameter to \u003ccode\u003efalse\u003c/code\u003e to\nskip zipping the file during upload. Right now, we only support single\nfiles. The action will fail if the glob passed resolves to multiple\nfiles. The \u003ccode\u003ename\u003c/code\u003e parameter is also ignored with this\nsetting. Instead, the name of the artifact will be the name of the\nuploaded file.\u003c/p\u003e\n\u003ch3\u003eESM\u003c/h3\u003e\n\u003cp\u003eTo support new versions of the \u003ccode\u003e@actions/*\u003c/code\u003e packages,\nwe\u0027ve upgraded the package to ESM.\u003c/p\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd proxy integration test by \u003ca\nhref\u003d\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca\nhref\u003d\"https://redirect.github.com/actions/upload-artifact/pull/754\"\u003eactions/upload-artifact#754\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade the module to ESM and bump dependencies by \u003ca\nhref\u003d\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in\n\u003ca\nhref\u003d\"https://redirect.github.com/actions/upload-artifact/pull/762\"\u003eactions/upload-artifact#762\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport direct file uploads by \u003ca\nhref\u003d\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in\n\u003ca\nhref\u003d\"https://redirect.github.com/actions/upload-artifact/pull/764\"\u003eactions/upload-artifact#764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/actions/upload-artifact/pull/754\"\u003eactions/upload-artifact#754\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/actions/upload-artifact/compare/v6...v7.0.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v6...v7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/upload-artifact/commit/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f\"\u003e\u003ccode\u003ebbbca2d\u003c/code\u003e\u003c/a\u003e\nSupport direct file uploads (\u003ca\nhref\u003d\"https://redirect.github.com/actions/upload-artifact/issues/764\"\u003e#764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/upload-artifact/commit/589182c5a4cec8920b8c1bce3e2fab1c97a02296\"\u003e\u003ccode\u003e589182c\u003c/code\u003e\u003c/a\u003e\nUpgrade the module to ESM and bump dependencies (\u003ca\nhref\u003d\"https://redirect.github.com/actions/upload-artifact/issues/762\"\u003e#762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/upload-artifact/commit/47309c993abb98030a35d55ef7ff34b7fa1074b5\"\u003e\u003ccode\u003e47309c9\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/actions/upload-artifact/issues/754\"\u003e#754\u003c/a\u003e\nfrom actions/Link-/add-proxy-integration-tests\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/upload-artifact/commit/02a8460834e70dab0ce194c64360c59dc1475ef0\"\u003e\u003ccode\u003e02a8460\u003c/code\u003e\u003c/a\u003e\nAdd proxy integration test\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/actions/upload-artifact/compare/b7c566a772e6b6bfb58ed0dc250532a479d7789f...bbbca2ddaa5d8feaa63e36b76fdaad77386f024f\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dactions/upload-artifact\u0026package-manager\u003dgithub_actions\u0026previous-version\u003d6.0.0\u0026new-version\u003d7.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "394755bc612f9457446396e4374f2871bbc99d9d", "tree": "2c8934104f22ccc1a047420a6ac4ca5cc4e38f43", "parents": [ "39b0593ac53c1444d0eb05f698fc3c0aa300f30b" ], "author": { "name": "Issac Garcia", "email": "issac.garcia@siren.io", "time": "Thu Feb 26 13:20:01 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Feb 26 13:20:01 2026 +0100" }, "message": "GH-1007: fix: does not break class loading if direct buffer allocator is not available (#1008)\n\n## What\u0027s Changed\n\nThe Direct Buffer is not always needed to use Arrow memory, however, we\ncannot load MemoryUtil class if we don\u0027t set:\n```\n--add-opens\u003djava.base/java.nio\u003dorg.apache.arrow.memory.core,ALL-UNNAMED\n```\nWhich is not always needed/possible.\n\nThis fix proposes to catch the `InaccessibleObjectException` to not\navoiding the load of the class.\n\nThe directBuffer is, in any case not available and a\n`UnsupportedOperationException` will be throw as it is in the existing\ncode\n\n\n\nCloses #1007 ." }, { "commit": "39b0593ac53c1444d0eb05f698fc3c0aa300f30b", "tree": "d66d0d7d0399e689807a62db4cb93f9200effc34", "parents": [ "2e76de1d2542811843b7dc262cdae0e20102b034" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Feb 23 09:47:30 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Feb 23 09:47:30 2026 +0100" }, "message": "MINOR: Bump com.google.api.grpc:proto-google-common-protos from 2.63.2 to 2.66.0 (#1034)\n\nBumps\n[com.google.api.grpc:proto-google-common-protos](https://github.com/googleapis/sdk-platform-java)\nfrom 2.63.2 to 2.66.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/releases\"\u003ecom.google.api.grpc:proto-google-common-protos\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.66.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/compare/v2.65.1...v2.66.0\"\u003e2.66.0\u003c/a\u003e\n(2026-01-23)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade protobuf runtime and gen code to 4.33.x (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4000\"\u003e#4000\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4074\"\u003e#4074\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/3e37376ccaddf42617436471dc9b014974b8e3df\"\u003e3e37376\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade opentelemetry to 1.51.0 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4075\"\u003e#4075\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/cf6548232830e0461500d92954050186e255b572\"\u003ecf65482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate auth library to 1.42.0 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4087\"\u003e#4087\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/ad9ee0731a64585ad8ee0f0ac71bece9f6eaf068\"\u003ead9ee07\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate googleapis/java-cloud-bom digest to ef3656d (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3630\"\u003e#3630\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/790bcf0542dc8aba5afe2f65e80a74d643b40cfe\"\u003e790bcf0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate http-client to 2.1.0 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4086\"\u003e#4086\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/d8bc8f5d335ffde52a603b47718574858f04f5ee\"\u003ed8bc8f5\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.65.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/compare/v2.65.0...v2.65.1\"\u003e2.65.1\u003c/a\u003e\n(2026-01-13)\u003c/h2\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate docs for GoogleCredentialsProvider#setScopesToApply (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4057\"\u003e#4057\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/0a9962f9945b6018796a808f89a6a3a309d1ca04\"\u003e0a9962f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.65.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/compare/v2.64.2...v2.65.0\"\u003e2.65.0\u003c/a\u003e\n(2026-01-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd org.json:json to third-party-dependencies pom (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4047\"\u003e#4047\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/ffa432e4e4ae763845afd48b404836c88698bdc0\"\u003effa432e\u003c/a\u003e),\ncloses \u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4046\"\u003e#4046\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eremove dependency management of graal-sdk (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4033\"\u003e#4033\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/ad05c34e205c09ad035f469170b0c62b4423b748\"\u003ead05c34\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd api_version breadcrumb to client docs (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4018\"\u003e#4018\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/a2b2179874e6a5435001fe201f4eecc2a8e4c531\"\u003ea2b2179\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCreate a single S2AChannelCredentials per application (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3989\"\u003e#3989\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/3758b436d7e80b79ad7d5ea330d8f2bf2f430330\"\u003e3758b43\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eprovide API to share the same background executor for channel po…\n(\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4030\"\u003e#4030\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/178182c76c1b35e702215a88adc3ab511dd35a9e\"\u003e178182c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate dependencies.txt for grpc-gcp to 1.9.0 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4025\"\u003e#4025\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/b68791d074c02e02a5ccf2f937a5922749a14f56\"\u003eb68791d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate google api dependencies (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3917\"\u003e#3917\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/480cf13148687c53c4af3da9d48490aeb5bf4b88\"\u003e480cf13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate google.http-client.version to 2.0.3 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4054\"\u003e#4054\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/b9a8c8924e7b03bca8a97e476abfd012b86f6d45\"\u003eb9a8c89\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/blob/main/CHANGELOG.md\"\u003ecom.google.api.grpc:proto-google-common-protos\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/compare/v2.65.1...v2.66.0\"\u003e2.66.0\u003c/a\u003e\n(2026-01-23)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade protobuf runtime and gen code to 4.33.x (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4000\"\u003e#4000\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4074\"\u003e#4074\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/3e37376ccaddf42617436471dc9b014974b8e3df\"\u003e3e37376\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade opentelemetry to 1.51.0 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4075\"\u003e#4075\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/cf6548232830e0461500d92954050186e255b572\"\u003ecf65482\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate auth library to 1.42.0 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4087\"\u003e#4087\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/ad9ee0731a64585ad8ee0f0ac71bece9f6eaf068\"\u003ead9ee07\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate googleapis/java-cloud-bom digest to ef3656d (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3630\"\u003e#3630\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/790bcf0542dc8aba5afe2f65e80a74d643b40cfe\"\u003e790bcf0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate http-client to 2.1.0 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4086\"\u003e#4086\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/d8bc8f5d335ffde52a603b47718574858f04f5ee\"\u003ed8bc8f5\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/compare/v2.65.0...v2.65.1\"\u003e2.65.1\u003c/a\u003e\n(2026-01-13)\u003c/h2\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate docs for GoogleCredentialsProvider#setScopesToApply (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4057\"\u003e#4057\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/0a9962f9945b6018796a808f89a6a3a309d1ca04\"\u003e0a9962f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/compare/v2.64.2...v2.65.0\"\u003e2.65.0\u003c/a\u003e\n(2026-01-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd org.json:json to third-party-dependencies pom (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4047\"\u003e#4047\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/ffa432e4e4ae763845afd48b404836c88698bdc0\"\u003effa432e\u003c/a\u003e),\ncloses \u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4046\"\u003e#4046\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eremove dependency management of graal-sdk (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4033\"\u003e#4033\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/ad05c34e205c09ad035f469170b0c62b4423b748\"\u003ead05c34\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd api_version breadcrumb to client docs (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4018\"\u003e#4018\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/a2b2179874e6a5435001fe201f4eecc2a8e4c531\"\u003ea2b2179\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eCreate a single S2AChannelCredentials per application (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3989\"\u003e#3989\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/3758b436d7e80b79ad7d5ea330d8f2bf2f430330\"\u003e3758b43\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eprovide API to share the same background executor for channel po…\n(\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4030\"\u003e#4030\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/178182c76c1b35e702215a88adc3ab511dd35a9e\"\u003e178182c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupdate dependencies.txt for grpc-gcp to 1.9.0 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4025\"\u003e#4025\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/b68791d074c02e02a5ccf2f937a5922749a14f56\"\u003eb68791d\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate google api dependencies (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/3917\"\u003e#3917\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/480cf13148687c53c4af3da9d48490aeb5bf4b88\"\u003e480cf13\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate google.http-client.version to 2.0.3 (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4054\"\u003e#4054\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/b9a8c8924e7b03bca8a97e476abfd012b86f6d45\"\u003eb9a8c89\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix retry guide link in javadocs (\u003ca\nhref\u003d\"https://redirect.github.com/googleapis/sdk-platform-java/issues/4029\"\u003e#4029\u003c/a\u003e)\n(\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commit/b43f77c66d93d2423744d0f6d6a0a2a53a06e6d9\"\u003eb43f77c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/compare/v2.64.1...v2.64.2\"\u003e2.64.2\u003c/a\u003e\n(2025-12-10)\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/googleapis/sdk-platform-java/commits/v2.66.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.google.api.grpc:proto-google-common-protos\u0026package-manager\u003dmaven\u0026previous-version\u003d2.63.2\u0026new-version\u003d2.66.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "2e76de1d2542811843b7dc262cdae0e20102b034", "tree": "effb3c091e60d086a510e94a1d6166432e74172f", "parents": [ "0e54b379ff871084139679f1bc501faf05996e18" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Feb 23 09:46:15 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Feb 23 09:46:15 2026 +0100" }, "message": "MINOR: Bump org.codehaus.mojo:versions-maven-plugin from 2.20.0 to 2.21.0 (#1029)\n\nBumps\n[org.codehaus.mojo:versions-maven-plugin](https://github.com/mojohaus/versions)\nfrom 2.20.0 to 2.21.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/mojohaus/versions/releases\"\u003eorg.codehaus.mojo:versions-maven-plugin\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e2.21.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e🚀 New features and improvements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd versions.skip parameter to skip plugin execution (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/pull/1328\"\u003e#1328\u003c/a\u003e)\n\u003ca\nhref\u003d\"https://github.com/jorgheymans\"\u003e\u003ccode\u003e@​jorgheymans\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/issues/1331\"\u003e#1331\u003c/a\u003e:\nFix NPE in restrictionForUnchangedSegment if actual version is null (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/pull/1332\"\u003e#1332\u003c/a\u003e)\n\u003ca href\u003d\"https://github.com/andrzejj0\"\u003e\u003ccode\u003e@​andrzejj0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/issues/1310\"\u003e#1310\u003c/a\u003e:\nCorrected UseDepVersionMojo + handling a similar case in SetMojo,\nSetScmTagMojo, UpdateChildModulesMojo (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/pull/1322\"\u003e#1322\u003c/a\u003e)\n\u003ca href\u003d\"https://github.com/andrzejj0\"\u003e\u003ccode\u003e@​andrzejj0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUseDepVersionMoto should process all projects on the project list\n(\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/pull/1320\"\u003e#1320\u003c/a\u003e)\n\u003ca href\u003d\"https://github.com/andrzejj0\"\u003e\u003ccode\u003e@​andrzejj0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed \u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/issues/1317\"\u003e#1317\u003c/a\u003e:\nRegression coming from ArtifactVersions::filter when currentVersion is\nnull and ignoredVersions is not null (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/pull/1319\"\u003e#1319\u003c/a\u003e)\n\u003ca href\u003d\"https://github.com/andrzejj0\"\u003e\u003ccode\u003e@​andrzejj0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e📝 Documentation updates\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix README typos in Contributing section (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/pull/1337\"\u003e#1337\u003c/a\u003e)\n\u003ca\nhref\u003d\"https://github.com/kranthipoturaju\"\u003e\u003ccode\u003e@​kranthipoturaju\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/issues/1323\"\u003e#1323\u003c/a\u003e:\nDocumentation (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/pull/1324\"\u003e#1324\u003c/a\u003e)\n\u003ca href\u003d\"https://github.com/andrzejj0\"\u003e\u003ccode\u003e@​andrzejj0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e📦 Dependency updates\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump byteBuddyVersion from 1.18.3 to 1.18.4 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/pull/1335\"\u003e#1335\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven.plugin-testing:maven-plugin-testing-harness\nfrom 3.4.0 to 3.5.0 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/pull/1333\"\u003e#1333\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.plexus:plexus-archiver from 4.10.4 to 4.11.0 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/pull/1334\"\u003e#1334\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.codehaus.mojo:mojo-parent from 94 to 95 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/pull/1330\"\u003e#1330\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump byteBuddyVersion from 1.18.2 to 1.18.3 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/pull/1329\"\u003e#1329\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.commons:commons-text from 1.14.0 to 1.15.0 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/pull/1325\"\u003e#1325\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump byteBuddyVersion from 1.18.1 to 1.18.2 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/pull/1318\"\u003e#1318\u003c/a\u003e)\n@\u003ca href\u003d\"https://github.com/apps/dependabot\"\u003edependabot[bot]\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e2.20.1\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e🐛 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed \u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/issues/1313\"\u003e#1313\u003c/a\u003e:\nDo not show existing version as update (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/pull/1315\"\u003e#1315\u003c/a\u003e)\n\u003ca href\u003d\"https://github.com/andrzejj0\"\u003e\u003ccode\u003e@​andrzejj0\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/versions/commit/1cdedea53c3c29a34494fc198db8626ea64942ef\"\u003e\u003ccode\u003e1cdedea\u003c/code\u003e\u003c/a\u003e\n[maven-release-plugin] prepare release 2.21.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/versions/commit/b94795745ed51d84935742cd15e8b42709f8cb8c\"\u003e\u003ccode\u003eb947957\u003c/code\u003e\u003c/a\u003e\nFix README typos in Contributing section\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/versions/commit/b85c0a8f41240dc012d0bde7833963cdfff1c76a\"\u003e\u003ccode\u003eb85c0a8\u003c/code\u003e\u003c/a\u003e\nBump project version to 2.21.0-SNAPSHOT\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/versions/commit/7ae37673007d7d27d448a2dee92f58f122622118\"\u003e\u003ccode\u003e7ae3767\u003c/code\u003e\u003c/a\u003e\nBump byteBuddyVersion from 1.18.3 to 1.18.4 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/issues/1335\"\u003e#1335\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/versions/commit/38afa9f7503d05143342bace5a3cc126ea179adc\"\u003e\u003ccode\u003e38afa9f\u003c/code\u003e\u003c/a\u003e\nBump org.apache.maven.plugin-testing:maven-plugin-testing-harness\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/versions/commit/39af6a23525e853a03b58c7a3d23319232e1c707\"\u003e\u003ccode\u003e39af6a2\u003c/code\u003e\u003c/a\u003e\nBump org.codehaus.plexus:plexus-archiver from 4.10.4 to 4.11.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/versions/commit/f51b9d59d1dea3128956492281b013831cfc8143\"\u003e\u003ccode\u003ef51b9d5\u003c/code\u003e\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/issues/1331\"\u003e#1331\u003c/a\u003e:\nFix NPE in restrictionForUnchangedSegment if actual version is null\n(#...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/versions/commit/8d209b3404eb7497c15c257d5083bcee1f4c4de2\"\u003e\u003ccode\u003e8d209b3\u003c/code\u003e\u003c/a\u003e\nBump org.codehaus.mojo:mojo-parent from 94 to 95 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/issues/1330\"\u003e#1330\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/versions/commit/4929d48b9e4599e479be9044ccfc40598b0177f6\"\u003e\u003ccode\u003e4929d48\u003c/code\u003e\u003c/a\u003e\nBump byteBuddyVersion from 1.18.2 to 1.18.3 (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/issues/1329\"\u003e#1329\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mojohaus/versions/commit/cb84d01dac8f9a82ddf5842cad38b6dedadecee6\"\u003e\u003ccode\u003ecb84d01\u003c/code\u003e\u003c/a\u003e\nAdd versions.skip parameter to skip plugin execution (\u003ca\nhref\u003d\"https://redirect.github.com/mojohaus/versions/issues/1328\"\u003e#1328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/mojohaus/versions/compare/2.20.0...2.21.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dorg.codehaus.mojo:versions-maven-plugin\u0026package-manager\u003dmaven\u0026previous-version\u003d2.20.0\u0026new-version\u003d2.21.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "0e54b379ff871084139679f1bc501faf05996e18", "tree": "9e960b53abe261fad6fabc2b327587cace5a6aba", "parents": [ "6e73f7f563b28eec4218d8afabdfaa0ef41e714a" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Feb 23 09:45:46 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Feb 23 09:45:46 2026 +0100" }, "message": "MINOR: Bump commons-cli:commons-cli from 1.9.0 to 1.11.0 (#1028)\n\nBumps [commons-cli:commons-cli](https://github.com/apache/commons-cli)\nfrom 1.9.0 to 1.11.0.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/apache/commons-cli/blob/master/RELEASE-NOTES.txt\"\u003ecommons-cli:commons-cli\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eApache Commons CLI 1.11.0 Release Notes\u003c/h2\u003e\n\u003cp\u003eThe Apache Commons CLI team is pleased to announce the release of\nApache Commons CLI 1.11.0.\u003c/p\u003e\n\u003cp\u003eApache Commons CLI provides a simple API for presenting, processing,\nand validating a Command Line Interface.\u003c/p\u003e\n\u003cp\u003eThis is a feature and maintenance release. Java 8 or later is\nrequired.\u003c/p\u003e\n\u003ch2\u003eNew Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cpre\u003e\u003ccode\u003e Add CommandLine.getOptionCount() to measure option\nrepetition [#396](https://github.com/apache/commons-cli/issues/396).\nThanks to David Larochette, Gary Gregory.\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFixed Bugs\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCLI-351: Multiple trailing BREAK_CHAR_SET characters cause infinite\nloop in HelpFormatter. Thanks to Damien Carbonne, Claude Warren, Gary\nGregory.\u003c/li\u003e\n\u003cli\u003eCLI-351: Fix issue with groups not being reported in help output. \u003ca\nhref\u003d\"https://redirect.github.com/apache/commons-cli/issues/411\"\u003e#411\u003c/a\u003e.\nThanks to Damien Carbonne, Claude Warren, Gary Gregory.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eUpdates\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cpre\u003e\u003ccode\u003e Bump org.apache.commons:commons-parent from 85 to 91\n[#393](https://github.com/apache/commons-cli/issues/393). Thanks to Gary\nGregory, Dependabot.\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cpre\u003e\u003ccode\u003e Bump commons-io:commons-io from 2.20.0 to 2.21.0. Thanks to\nGary Gregory.\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eHistorical list of changes: \u003ca\nhref\u003d\"https://commons.apache.org/proper/commons-cli/changes.html\"\u003ehttps://commons.apache.org/proper/commons-cli/changes.html\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eFor complete information on Apache Commons CLI, including\ninstructions on how to submit bug reports,\npatches, or suggestions for improvement, see the Apache Commons CLI\nwebsite:\u003c/p\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://commons.apache.org/proper/commons-cli/\"\u003ehttps://commons.apache.org/proper/commons-cli/\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eDownload page: \u003ca\nhref\u003d\"https://commons.apache.org/proper/commons-cli/download_cli.cgi\"\u003ehttps://commons.apache.org/proper/commons-cli/download_cli.cgi\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eHave fun!\nThe Apache Commons Team\u003c/p\u003e\n\u003chr /\u003e\n\u003ch2\u003eApache Commons CLI 1.11.0 Release Notes\u003c/h2\u003e\n\u003cp\u003eThe Apache Commons CLI team is pleased to announce the release of\nApache Commons CLI 1.11.0.\u003c/p\u003e\n\u003cp\u003eApache Commons CLI provides a simple API for presenting, processing,\nand validating a Command Line Interface.\u003c/p\u003e\n\u003cp\u003eThis is a feature and maintenance release. Java 8 or later is\nrequired.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-cli/commit/d74613321325f6081fa0206c4ab608ab65d80e2e\"\u003e\u003ccode\u003ed746133\u003c/code\u003e\u003c/a\u003e\nPrepare for the release candidate 1.11.0 RC1\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-cli/commit/966ddd66b31e0608ecbd650a3eb2bb2426e26c22\"\u003e\u003ccode\u003e966ddd6\u003c/code\u003e\u003c/a\u003e\nPrepare for the next release candidate\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-cli/commit/234a34d61dc11a302358c92fd18ed702327c5e39\"\u003e\u003ccode\u003e234a34d\u003c/code\u003e\u003c/a\u003e\nUse ternary to reduce duplication\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-cli/commit/ef98fc4b9302fbf10e8b608dce0571d2bc066345\"\u003e\u003ccode\u003eef98fc4\u003c/code\u003e\u003c/a\u003e\nBetter test assertions\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-cli/commit/a9baf80a113c75885f53bb0dc34e6f9e15bc37b3\"\u003e\u003ccode\u003ea9baf80\u003c/code\u003e\u003c/a\u003e\nNo need to create an intermediary array\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-cli/commit/4c464592162bbae53dd606ca56375ce92894e3cf\"\u003e\u003ccode\u003e4c46459\u003c/code\u003e\u003c/a\u003e\nReduce returns\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-cli/commit/7108379d50938de7ac26de6d1c76ee6a0ef2845f\"\u003e\u003ccode\u003e7108379\u003c/code\u003e\u003c/a\u003e\nJavadoc\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-cli/commit/7199a701924f0ecf95d729095bc610d6434a3a77\"\u003e\u003ccode\u003e7199a70\u003c/code\u003e\u003c/a\u003e\nUse forEachRemaining\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-cli/commit/e852acf572129fa8b2e3824b0e23a32a074e832f\"\u003e\u003ccode\u003ee852acf\u003c/code\u003e\u003c/a\u003e\nReuse constants\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-cli/commit/395346c58f510fcff79893d0adeb9961ab430a43\"\u003e\u003ccode\u003e395346c\u003c/code\u003e\u003c/a\u003e\nBetter exception message\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/apache/commons-cli/compare/rel/commons-cli-1.9.0...rel/commons-cli-1.11.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcommons-cli:commons-cli\u0026package-manager\u003dmaven\u0026previous-version\u003d1.9.0\u0026new-version\u003d1.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "6e73f7f563b28eec4218d8afabdfaa0ef41e714a", "tree": "55efa54a8c7e2004d148830fe6fd8f5f963b1686", "parents": [ "6b6d16a42fdcb46dae728ef0795559e1606c2372" ], "author": { "name": "Ashish", "email": "paliwalashish@gmail.com", "time": "Sun Feb 22 09:29:47 2026 -0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Feb 22 18:29:47 2026 +0100" }, "message": "MINOR: Fix minor issue with README (#1026)\n\n## What\u0027s Changed\n\nPlease fill in a description of the changes here.\n\nThe PR fixes minor documentation issue, where commands needed to be\nadjusted to new repo.\nThese were found while setting up the environment.\n\nAI was **NOT** used to generate the PR\n\nCloses #NNN." }, { "commit": "6b6d16a42fdcb46dae728ef0795559e1606c2372", "tree": "24c1e8fbd9501f9d4117380c8f73c859502739fe", "parents": [ "5adfb7e32922de6bc7d929a248911904aab80abd" ], "author": { "name": "Aleksei Starikov", "email": "aleksei.starikov.ax@gmail.com", "time": "Sun Feb 22 14:41:02 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Feb 22 14:41:02 2026 +0100" }, "message": "GH-139: [Flight] Stop return null from MetadataAdapter.getAll(String) and getAllByte(String) (#1016)\n\n## What\u0027s Changed\n\n`CallHeaders` has 3 implementations:\n- FlightCallHeaders\n- ErrorFlightMetadata\n- MetadataAdapter\n\n**Before this change:**\n`MetadataAdapter` could return `null` from `getAll(String)` and\n`getAllByte(String)` when there were no values for the key, because\ngRPC’s `Metadata.getAll()` returns `null` in that case. This was\nundocumented and forced callers to null-check.\n\n**After this change:**\nAll 3 implementations consistently return an `empty iterable` (never\n`null`) when the key is absent or has no values. The contract is\ndocumented on the interface and covered by tests for each\nimplementation.\n\n---\n**This contains breaking changes.**\n`MetadataAdapter.getAll(String)` and `getAllByte(String)` return empty\niterator instead of null.\n\n---\nCloses #139." }, { "commit": "5adfb7e32922de6bc7d929a248911904aab80abd", "tree": "473652f4c3b7a12591eb6980add166477bba6718", "parents": [ "b209fa2ee8ca9840530b404e1448f90d5ae0889d" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed Feb 18 07:11:51 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Feb 18 07:11:51 2026 +0100" }, "message": "MINOR: Bump commons-codec:commons-codec from 1.20.0 to 1.21.0 (#997)\n\nBumps\n[commons-codec:commons-codec](https://github.com/apache/commons-codec)\nfrom 1.20.0 to 1.21.0.\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt\"\u003ecommons-codec:commons-codec\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eApache Commons Codec 1.21.0 Release Notes\u003c/h2\u003e\n\u003cp\u003eThe Apache Commons Codec team is pleased to announce the release of\nApache Commons Codec 1.21.0.\u003c/p\u003e\n\u003cp\u003eThe Apache Commons Codec component contains encoders and decoders for\nformats such as Base16, Base32, Base64, digest, and Hexadecimal. In\naddition to these\nwidely used encoders and decoders, the codec package also maintains a\ncollection of phonetic encoding utilities.\u003c/p\u003e\n\u003cp\u003eThis is a feature and maintenance release. Java 8 or later is\nrequired.\u003c/p\u003e\n\u003ch2\u003eNew features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCODEC-333: Add distinct Base64 decoding for standard and URL-safe\nformats. Thanks to Aleksandr Beliakov, Gary Gregory.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFixed Bugs\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cpre\u003e\u003ccode\u003e Fix oak leaf icon references in overview.html when running\n`mvn clean javadoc:javadoc`. Thanks to Gary Gregory.\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cpre\u003e\u003ccode\u003e Fix Apache RAT plugin console warnings. Thanks to Gary\nGregory.\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cpre\u003e\u003ccode\u003e Fix malformed Javadoc comments. Thanks to Gary Gregory.\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChanges\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cpre\u003e\u003ccode\u003e Bump org.apache.commons:commons-parent from 91 to 96\n[#415](https://github.com/apache/commons-codec/issues/415),\n[#418](https://github.com/apache/commons-codec/issues/418). Thanks to\nGary Gregory, Dependabot.\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cpre\u003e\u003ccode\u003e Bump commons-io:commons-io from 2.20.0 to 2.21.0. Thanks to\nGary Gregory.\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cpre\u003e\u003ccode\u003e Bump org.apache.commons:commons-lang3 from 3.19.0 to 3.20.0.\nThanks to Gary Gregory, Dependabot.\n\u003c/code\u003e\u003c/pre\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eFor complete information on Apache Commons Codec, including\ninstructions on how to submit bug reports,\npatches, or suggestions for improvement, see the Apache Commons Codec\nwebsite:\u003c/p\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://commons.apache.org/proper/commons-codec/\"\u003ehttps://commons.apache.org/proper/commons-codec/\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eDownload page: \u003ca\nhref\u003d\"https://commons.apache.org/proper/commons-codec/download_codec.cgi\"\u003ehttps://commons.apache.org/proper/commons-codec/download_codec.cgi\u003c/a\u003e\u003c/p\u003e\n\u003chr /\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-codec/commit/91c44048f2751ef89567cd50ff04851da4f56e3f\"\u003e\u003ccode\u003e91c4404\u003c/code\u003e\u003c/a\u003e\nPrepare for the release candidate 1.21.0 RC1\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-codec/commit/21fe1d7f86bbc198975c4282c9239ef1b5e9f094\"\u003e\u003ccode\u003e21fe1d7\u003c/code\u003e\u003c/a\u003e\nPrepare for the next release candidate\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-codec/commit/d4ea4d0867dce2b36deda123d9e477531aefcacf\"\u003e\u003ccode\u003ed4ea4d0\u003c/code\u003e\u003c/a\u003e\nBump actions/checkout from 6.0.1 to 6.0.2\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-codec/commit/e30b1f6c247468f5ab2d06dd101c535c77778bc9\"\u003e\u003ccode\u003ee30b1f6\u003c/code\u003e\u003c/a\u003e\nBump actions/setup-java from 5.1.0 to 5.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-codec/commit/2e4891c194cf4733fda4be4e8b29c2fa3ae46476\"\u003e\u003ccode\u003e2e4891c\u003c/code\u003e\u003c/a\u003e\nBump org.apache.commons:commons-parent from 95 to 96\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-codec/commit/d02c003231a2ae8d065f9edfecf4e97dcffc085e\"\u003e\u003ccode\u003ed02c003\u003c/code\u003e\u003c/a\u003e\nUse a URL to a prettier page: \u003ca\nhref\u003d\"https://www.ietf.org/rfc/rfc2045\"\u003ehttps://www.ietf.org/rfc/rfc2045\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-codec/commit/3c961b83ead5140fbaffb1191692f943758ecdec\"\u003e\u003ccode\u003e3c961b8\u003c/code\u003e\u003c/a\u003e\nCheckstyle\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-codec/commit/99cf6b7800f7f1af1b45c4b167aae128e3bb4aeb\"\u003e\u003ccode\u003e99cf6b7\u003c/code\u003e\u003c/a\u003e\nJavadoc and exception messages: \u0026quot;base 32\u0026quot; -\u0026gt;\n\u0026quot;Base32\u0026quot;.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-codec/commit/2df7b9a20ed600ad64bc00edf1c9a619edab76a0\"\u003e\u003ccode\u003e2df7b9a\u003c/code\u003e\u003c/a\u003e\nJavadoc and exception messages: \u0026quot;base 64\u0026quot; -\u0026gt;\n\u0026quot;Base64\u0026quot;.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/apache/commons-codec/commit/0643fdd0b7fcac6bd1543cdd1868ec7b5de4bbcc\"\u003e\u003ccode\u003e0643fdd\u003c/code\u003e\u003c/a\u003e\nJavadoc 8 doesn\u0027t know how to find this link\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/apache/commons-codec/compare/rel/commons-codec-1.20.0...rel/commons-codec-1.21.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcommons-codec:commons-codec\u0026package-manager\u003dmaven\u0026previous-version\u003d1.20.0\u0026new-version\u003d1.21.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "b209fa2ee8ca9840530b404e1448f90d5ae0889d", "tree": "41b0d959804e7b6c366837b2d90dd0134de41f62", "parents": [ "de97138845abbd12ad253170b5738c4ec3d45473" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue Feb 17 21:29:33 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Feb 17 21:29:33 2026 +0100" }, "message": "MINOR: [CI] Bump docker/login-action from 3.6.0 to 3.7.0 (#996)\n\nBumps [docker/login-action](https://github.com/docker/login-action) from\n3.6.0 to 3.7.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/docker/login-action/releases\"\u003edocker/login-action\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003escope\u003c/code\u003e input to set scopes for the authentication\ntoken by \u003ca\nhref\u003d\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/912\"\u003edocker/login-action#912\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for AWS European Sovereign Cloud ECR by \u003ca\nhref\u003d\"https://github.com/dphi\"\u003e\u003ccode\u003e@​dphi\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/914\"\u003edocker/login-action#914\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnsure passwords are redacted with \u003ccode\u003eregistry-auth\u003c/code\u003e input\nby \u003ca href\u003d\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/911\"\u003edocker/login-action#911\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump lodash from 4.17.21 to 4.17.23 in \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/pull/915\"\u003edocker/login-action#915\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/docker/login-action/compare/v3.6.0...v3.7.0\"\u003ehttps://github.com/docker/login-action/compare/v3.6.0...v3.7.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/c94ce9fb468520275223c153574b00df6fe4bcc9\"\u003e\u003ccode\u003ec94ce9f\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/issues/915\"\u003e#915\u003c/a\u003e\nfrom docker/dependabot/npm_and_yarn/lodash-4.17.23\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/8339c958ce8511f38d0c474c1886a87c802bf1ef\"\u003e\u003ccode\u003e8339c95\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/issues/912\"\u003e#912\u003c/a\u003e\nfrom docker/scope\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/c83e9320c8beb50b77dd007c46d5c8161f0cac4a\"\u003e\u003ccode\u003ec83e932\u003c/code\u003e\u003c/a\u003e\nbuild(deps): bump lodash from 4.17.21 to 4.17.23\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/b268aa57e39ff0a5386d2fd1eded4e2e1d60d705\"\u003e\u003ccode\u003eb268aa5\u003c/code\u003e\u003c/a\u003e\nchore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/a60322927812ddc99316dd6252b4fba6d8f09ac1\"\u003e\u003ccode\u003ea603229\u003c/code\u003e\u003c/a\u003e\ndocumentation for scope input\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/7567f92a74b2639be1bd8bc932a112a0d81283da\"\u003e\u003ccode\u003e7567f92\u003c/code\u003e\u003c/a\u003e\nAdd scope input to set scopes for the authentication token\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/0567fa5ae8c9a197cb207537dc5cbb43ca3d803f\"\u003e\u003ccode\u003e0567fa5\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/issues/914\"\u003e#914\u003c/a\u003e\nfrom dphi/add-support-for-amazonaws.eu\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/f6ef57754547a85003a0e18f789be661346d4a6e\"\u003e\u003ccode\u003ef6ef577\u003c/code\u003e\u003c/a\u003e\nfeat: add support for AWS European Sovereign Cloud ECR registries\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/916386b00027d425839f8da46d302dab33f5875b\"\u003e\u003ccode\u003e916386b\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/docker/login-action/issues/911\"\u003e#911\u003c/a\u003e\nfrom crazy-max/ensure-redact\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/docker/login-action/commit/5b3f94a294ea5478af3af437baa6ad0d3dcd04fd\"\u003e\u003ccode\u003e5b3f94a\u003c/code\u003e\u003c/a\u003e\nchore: update generated content\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/docker/login-action/compare/5e57cd118135c172c3672efd75eb46360885c0ef...c94ce9fb468520275223c153574b00df6fe4bcc9\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003ddocker/login-action\u0026package-manager\u003dgithub_actions\u0026previous-version\u003d3.6.0\u0026new-version\u003d3.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "de97138845abbd12ad253170b5738c4ec3d45473", "tree": "2cdf0135399b69b2f01ba24cf378b50ffdbe2824", "parents": [ "9fd4973d12abbd9e9d14098c2acd41d97a6c4407" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue Feb 17 21:29:08 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Feb 17 21:29:08 2026 +0100" }, "message": "MINOR: Bump logback.version from 1.5.26 to 1.5.27 (#999)\n\nBumps `logback.version` from 1.5.26 to 1.5.27.\nUpdates `ch.qos.logback:logback-classic` from 1.5.26 to 1.5.27\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/qos-ch/logback/releases\"\u003ech.qos.logback:logback-classic\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eLogback 1.5.27\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003e2026-01-30 Release of logback version 1.5.27\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e• Updated license to Eclipse Public License version 2.0 from version\n1.0, retaining the GPL 2.1 dual-license.\u003c/p\u003e\n\u003cp\u003e• Fixed missing MDC data transmitted by \u003ccode\u003eSocketAppender\u003c/code\u003e\nreported in \u003ca\nhref\u003d\"https://redirect.github.com/qos-ch/logback/issues/1010\"\u003eissues/1010\u003c/a\u003e\nby Lars Vogel.\u003c/p\u003e\n\u003cp\u003e• Removed all \u003ccode\u003eReceiver\u003c/code\u003e classes and components which were\nalready disabled for several years.\u003c/p\u003e\n\u003cp\u003e• Refactored file scanning code for improved clarity.\u003c/p\u003e\n\u003cp\u003e• In \u003ccode\u003eSizeAndTimeBasedRollingPolicy\u003c/code\u003e modified\n\u003ccode\u003etotalSizeCap\u003c/code\u003e and \u003ccode\u003emaxFileSize\u003c/code\u003e comparison to\ntaking into account file compression. This fixes \u003ca\nhref\u003d\"https://redirect.github.com/qos-ch/logback/issues/1007\"\u003eissues/1007\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e• A bit-wise identical binary of this version can be reproduced by\nbuilding from source code at commit\n3618eb01aad6672f9cd250dccf7546a69cbe982f associated with the tag\nv_1.5.27. Release built using Java \u0026quot;21\u0026quot; 2023-10-17 LTS build\n21.0.1.+12-LTS-29 under Linux Debian 11.6.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/qos-ch/logback/commit/3618eb01aad6672f9cd250dccf7546a69cbe982f\"\u003e\u003ccode\u003e3618eb0\u003c/code\u003e\u003c/a\u003e\nincrease timeout delay to 2000 millis\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/qos-ch/logback/commit/db150c3c92656ed01c66dbd8ec2a0f1548637663\"\u003e\u003ccode\u003edb150c3\u003c/code\u003e\u003c/a\u003e\nprepare release 1.5.27\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/qos-ch/logback/commit/0370b137a47a6148c3f2d527f6bfdbd22d3136a8\"\u003e\u003ccode\u003e0370b13\u003c/code\u003e\u003c/a\u003e\nfix missing MDC transmission in SocketAppender. Fixes issues/1010\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/qos-ch/logback/commit/8100acd4e49f7d3c78520efacfd98bd398f0e810\"\u003e\u003ccode\u003e8100acd\u003c/code\u003e\u003c/a\u003e\nremove RemoteAppender*\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/qos-ch/logback/commit/2b67210613628b8610f44063c4e739b71ce83190\"\u003e\u003ccode\u003e2b67210\u003c/code\u003e\u003c/a\u003e\nremove Receiver related classes\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/qos-ch/logback/commit/d84b58686b3e04661bb47e7260d1fdcb731826ac\"\u003e\u003ccode\u003ed84b586\u003c/code\u003e\u003c/a\u003e\nremove ReceiverModelHandler - project still builds indicating no active\nusage\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/qos-ch/logback/commit/44049ed38ff396bc45a98d9b536da8f179547132\"\u003e\u003ccode\u003e44049ed\u003c/code\u003e\u003c/a\u003e\nremove support for receivers in SerializedModelConfigurator and\nJoranConfigur...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/qos-ch/logback/commit/56085d898665d6e99489591333a4ddf381465443\"\u003e\u003ccode\u003e56085d8\u003c/code\u003e\u003c/a\u003e\nfix test\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/qos-ch/logback/commit/e7764f47e51921abe9635b32c2fa80e65d29efba\"\u003e\u003ccode\u003ee7764f4\u003c/code\u003e\u003c/a\u003e\nrefactor file change scanning for clarity\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/qos-ch/logback/commit/e56a12f865751ce6a599963187b4a861854c7e8a\"\u003e\u003ccode\u003ee56a12f\u003c/code\u003e\u003c/a\u003e\nbump assertj version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/qos-ch/logback/compare/v_1.5.26...v_1.5.27\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ch.qos.logback:logback-core` from 1.5.26 to 1.5.27\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/qos-ch/logback/releases\"\u003ech.qos.logback:logback-core\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eLogback 1.5.27\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003e2026-01-30 Release of logback version 1.5.27\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003e• Updated license to Eclipse Public License version 2.0 from version\n1.0, retaining the GPL 2.1 dual-license.\u003c/p\u003e\n\u003cp\u003e• Fixed missing MDC data transmitted by \u003ccode\u003eSocketAppender\u003c/code\u003e\nreported in \u003ca\nhref\u003d\"https://redirect.github.com/qos-ch/logback/issues/1010\"\u003eissues/1010\u003c/a\u003e\nby Lars Vogel.\u003c/p\u003e\n\u003cp\u003e• Removed all \u003ccode\u003eReceiver\u003c/code\u003e classes and components which were\nalready disabled for several years.\u003c/p\u003e\n\u003cp\u003e• Refactored file scanning code for improved clarity.\u003c/p\u003e\n\u003cp\u003e• In \u003ccode\u003eSizeAndTimeBasedRollingPolicy\u003c/code\u003e modified\n\u003ccode\u003etotalSizeCap\u003c/code\u003e and \u003ccode\u003emaxFileSize\u003c/code\u003e comparison to\ntaking into account file compression. This fixes \u003ca\nhref\u003d\"https://redirect.github.com/qos-ch/logback/issues/1007\"\u003eissues/1007\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003e• A bit-wise identical binary of this version can be reproduced by\nbuilding from source code at commit\n3618eb01aad6672f9cd250dccf7546a69cbe982f associated with the tag\nv_1.5.27. Release built using Java \u0026quot;21\u0026quot; 2023-10-17 LTS build\n21.0.1.+12-LTS-29 under Linux Debian 11.6.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/qos-ch/logback/commit/3618eb01aad6672f9cd250dccf7546a69cbe982f\"\u003e\u003ccode\u003e3618eb0\u003c/code\u003e\u003c/a\u003e\nincrease timeout delay to 2000 millis\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/qos-ch/logback/commit/db150c3c92656ed01c66dbd8ec2a0f1548637663\"\u003e\u003ccode\u003edb150c3\u003c/code\u003e\u003c/a\u003e\nprepare release 1.5.27\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/qos-ch/logback/commit/0370b137a47a6148c3f2d527f6bfdbd22d3136a8\"\u003e\u003ccode\u003e0370b13\u003c/code\u003e\u003c/a\u003e\nfix missing MDC transmission in SocketAppender. Fixes issues/1010\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/qos-ch/logback/commit/8100acd4e49f7d3c78520efacfd98bd398f0e810\"\u003e\u003ccode\u003e8100acd\u003c/code\u003e\u003c/a\u003e\nremove RemoteAppender*\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/qos-ch/logback/commit/2b67210613628b8610f44063c4e739b71ce83190\"\u003e\u003ccode\u003e2b67210\u003c/code\u003e\u003c/a\u003e\nremove Receiver related classes\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/qos-ch/logback/commit/d84b58686b3e04661bb47e7260d1fdcb731826ac\"\u003e\u003ccode\u003ed84b586\u003c/code\u003e\u003c/a\u003e\nremove ReceiverModelHandler - project still builds indicating no active\nusage\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/qos-ch/logback/commit/44049ed38ff396bc45a98d9b536da8f179547132\"\u003e\u003ccode\u003e44049ed\u003c/code\u003e\u003c/a\u003e\nremove support for receivers in SerializedModelConfigurator and\nJoranConfigur...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/qos-ch/logback/commit/56085d898665d6e99489591333a4ddf381465443\"\u003e\u003ccode\u003e56085d8\u003c/code\u003e\u003c/a\u003e\nfix test\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/qos-ch/logback/commit/e7764f47e51921abe9635b32c2fa80e65d29efba\"\u003e\u003ccode\u003ee7764f4\u003c/code\u003e\u003c/a\u003e\nrefactor file change scanning for clarity\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/qos-ch/logback/commit/e56a12f865751ce6a599963187b4a861854c7e8a\"\u003e\u003ccode\u003ee56a12f\u003c/code\u003e\u003c/a\u003e\nbump assertj version\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/qos-ch/logback/compare/v_1.5.26...v_1.5.27\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "9fd4973d12abbd9e9d14098c2acd41d97a6c4407", "tree": "fdb83088ccfe11e9da93bdd7a389d72a3d89cd00", "parents": [ "46211fccf642d6dcfcebc31081817da1529d6a35" ], "author": { "name": "Aleksei Starikov", "email": "aleksei.starikov.ax@gmail.com", "time": "Tue Feb 17 14:15:00 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Feb 17 14:15:00 2026 +0100" }, "message": "GH-470: [Vector] Fix ListViewVector.getElementEndIndex(index) method (#1019)\n\n## What\u0027s Changed\n\n[First\ncommit](https://github.com/apache/arrow-java/commit/a758cadb17c3d50c08a139a3e2ddced71215ccf5)\nchanges logic:\n\n- The PR fixes a bug in the `ListViewVector.getElementEndIndex(index)`\nmethod .\n\nBefore:\n```\npublic int getElementEndIndex(int index) {\n return sizeBuffer.getInt(index * OFFSET_WIDTH);\n}\n```\nAfter:\n```\npublic int getElementEndIndex(int index) {\n return offsetBuffer.getInt(index * OFFSET_WIDTH) + sizeBuffer.getInt(index * SIZE_WIDTH);\n}\n```\n\n[Second\ncommit](https://github.com/apache/arrow-java/commit/aec29750202ff1aac73e7fdc9c2020b3dcf72696)\ndoesn\u0027t change logic:\n\n- Fixes a bug of usage `sizeBuffer` with `OFFSET_WIDTH` (`hashCode`\nmethod) and `offsetBuffer` with `SIZE_WIDTH` (`setSize` method). It\ndoesn\u0027t introduce real changes in the logic as `OFFSET_WIDTH` \u003d\u003d\n`SIZE_WIDTH` \u003d\u003d 4\n\n- Plus small refactoring of ListViewVector to avoid code duplication and\nsimilar issues in the future.\n\n---\nIt\u0027s a bug fix.\n\n---\nCloses #470." }, { "commit": "46211fccf642d6dcfcebc31081817da1529d6a35", "tree": "6da2a6fe2fdfbfb542e009d606527b28d68e5e90", "parents": [ "32984435ed1ffbe6ce1578e075da6eeb012d6bbb" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue Feb 17 14:06:40 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Feb 17 14:06:40 2026 +0100" }, "message": "MINOR: Bump com.gradle:develocity-maven-extension from 2.3.1 to 2.3.3 (#1001)\n\nBumps com.gradle:develocity-maven-extension from 2.3.1 to 2.3.3.\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dcom.gradle:develocity-maven-extension\u0026package-manager\u003dmaven\u0026previous-version\u003d2.3.1\u0026new-version\u003d2.3.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "32984435ed1ffbe6ce1578e075da6eeb012d6bbb", "tree": "b757da8fb3f76f4e56e1827fbbb3017c02931b3b", "parents": [ "9d6237ed4761b0ae923499a24d1545bae6218add" ], "author": { "name": "Aleksei Starikov", "email": "aleksei.starikov.ax@gmail.com", "time": "Tue Feb 17 13:59:36 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Feb 17 13:59:36 2026 +0100" }, "message": "GH-130: Fix AutoCloseables to work with @Nullable structures (#1017)\n\n## What\u0027s Changed\n\n`AutoCloseables` supposes to work with nullable `Iterables`, `varargs`,\nand `collection of nulls`. The PR introduces:\n- `@Nullable` annotation for all public methods in `AutoCloseables`\n(only private `flatten` method doesn\u0027t support null `Iterable`)\n- `null` checks to prevent NPEs\n\n---\nThe change is backward compatible. Only possible NPEs are prevented.\n\n---\nCloses #130 ." }, { "commit": "9d6237ed4761b0ae923499a24d1545bae6218add", "tree": "70ed56d864deb5464213ef9f38cbe674126f7ea6", "parents": [ "6dbc5d3690168e381f6b70c94638a9907c5489b3" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue Feb 17 07:49:34 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Feb 17 07:49:34 2026 +0100" }, "message": "MINOR: Bump org.mockito:mockito-bom from 5.17.0 to 5.21.0 (#1000)\n\nBumps [org.mockito:mockito-bom](https://github.com/mockito/mockito) from\n5.17.0 to 5.21.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/mockito/mockito/releases\"\u003eorg.mockito:mockito-bom\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.21.0\u003c/h2\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003cem\u003eChangelog\ngenerated by \u003ca\nhref\u003d\"https://github.com/shipkit/shipkit-changelog\"\u003eShipkit Changelog\nGradle Plugin\u003c/a\u003e\u003c/em\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted\n--\u003e\u003c/p\u003e\n\u003ch4\u003e5.21.0\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e2025-12-09 - \u003ca\nhref\u003d\"https://github.com/mockito/mockito/compare/v5.20.0...v5.21.0\"\u003e17\ncommit(s)\u003c/a\u003e by Giulio Longfils, Joshua Selbo, Woongi9, Zylox,\ndependabot[bot]\u003c/li\u003e\n\u003cli\u003eBump graalvm/setup-graalvm from 1.4.3 to 1.4.4 [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3768\"\u003e#3768\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3768\"\u003emockito/mockito#3768\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump graalvm/setup-graalvm from 1.4.2 to 1.4.3 [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3767\"\u003e#3767\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3767\"\u003emockito/mockito#3767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 5 to 6 [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3765\"\u003e#3765\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3765\"\u003emockito/mockito#3765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdds output of matchers to potential mismatch; Fixes \u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/2468\"\u003e#2468\u003c/a\u003e\n[(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3760\"\u003e#3760\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3760\"\u003emockito/mockito#3760\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eForbid mocking WeakReference with inline mock maker [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3759\"\u003e#3759\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3759\"\u003emockito/mockito#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eStackOverflowError when mocking WeakReference [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3758\"\u003e#3758\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3758\"\u003emockito/mockito#3758\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump actions/upload-artifact from 4 to 5 [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3756\"\u003e#3756\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3756\"\u003emockito/mockito#3756\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump graalvm/setup-graalvm from 1.4.1 to 1.4.2 [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3755\"\u003e#3755\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3755\"\u003emockito/mockito#3755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSupport primitives in GenericArrayReturnType. [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3753\"\u003e#3753\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3753\"\u003emockito/mockito#3753\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eClassNotFoundException when stubbing array of primitive type on\nAndroid [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3752\"\u003e#3752\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3752\"\u003emockito/mockito#3752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump graalvm/setup-graalvm from 1.4.0 to 1.4.1 [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3744\"\u003e#3744\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3744\"\u003emockito/mockito#3744\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump gradle/actions from 4 to 5 [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3743\"\u003e#3743\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3743\"\u003emockito/mockito#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump org.graalvm.buildtools.native from 0.11.0 to 0.11.1 [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3738\"\u003e#3738\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3738\"\u003emockito/mockito#3738\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump com.diffplug.spotless:spotless-plugin-gradle from 7.2.1 to\n8.0.0 [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3735\"\u003e#3735\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3735\"\u003emockito/mockito#3735\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump graalvm/setup-graalvm from 1.3.7 to 1.4.0 [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3734\"\u003e#3734\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3734\"\u003emockito/mockito#3734\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump org.assertj:assertj-core from 3.27.5 to 3.27.6 [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3733\"\u003e#3733\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3733\"\u003emockito/mockito#3733\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump errorprone from 2.41.0 to 2.42.0 [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3732\"\u003e#3732\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3732\"\u003emockito/mockito#3732\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFeat: automatically detect class to mock in mockStatic and\nmockConstruction [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3731\"\u003e#3731\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3731\"\u003emockito/mockito#3731\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReturn completed futures for unstubbed Future/CompletionStage in\nReturnsEmptyValues [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3727\"\u003e#3727\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3727\"\u003emockito/mockito#3727\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eautomatically detect class to mock [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/2779\"\u003e#2779\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/2779\"\u003emockito/mockito#2779\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIncorrect \u0026quot;has following stubbing(s) with different\narguments\u0026quot; message when using Argument Matchers [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/2468\"\u003e#2468\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/2468\"\u003emockito/mockito#2468\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.20.0\u003c/h2\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003cem\u003eChangelog\ngenerated by \u003ca\nhref\u003d\"https://github.com/shipkit/shipkit-changelog\"\u003eShipkit Changelog\nGradle Plugin\u003c/a\u003e\u003c/em\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted\n--\u003e\u003c/p\u003e\n\u003ch4\u003e5.20.0\u003c/h4\u003e\n\u003cul\u003e\n\u003cli\u003e2025-09-20 - \u003ca\nhref\u003d\"https://github.com/mockito/mockito/compare/v5.19.0...v5.20.0\"\u003e11\ncommit(s)\u003c/a\u003e by Adrian-Kim, Giulio Longfils, Rafael Winterhalter,\ndependabot[bot]\u003c/li\u003e\n\u003cli\u003eBump org.assertj:assertj-core from 3.27.4 to 3.27.5 [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3730\"\u003e#3730\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3730\"\u003emockito/mockito#3730\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIntroducing the Ability to Mock Construction of Generic Types (\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/2401\"\u003e#2401\u003c/a\u003e)\n[(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3729\"\u003e#3729\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3729\"\u003emockito/mockito#3729\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump com.gradle.develocity from 4.1.1 to 4.2 [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3726\"\u003e#3726\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3726\"\u003emockito/mockito#3726\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump graalvm/setup-graalvm from 1.3.6 to 1.3.7 [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3725\"\u003e#3725\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3725\"\u003emockito/mockito#3725\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump org.eclipse.platform:org.eclipse.osgi from 3.23.100 to 3.23.200\n[(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3720\"\u003e#3720\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3720\"\u003emockito/mockito#3720\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump graalvm/setup-graalvm from 1.3.5 to 1.3.6 [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3719\"\u003e#3719\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3719\"\u003emockito/mockito#3719\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump actions/setup-java from 4 to 5 [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3715\"\u003e#3715\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3715\"\u003emockito/mockito#3715\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump com.gradle.develocity from 4.1 to 4.1.1 [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3713\"\u003e#3713\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3713\"\u003emockito/mockito#3713\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump bytebuddy from 1.17.6 to 1.17.7 [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3712\"\u003e#3712\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3712\"\u003emockito/mockito#3712\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003etest: Use Assume.assumeThat for SequencedCollection tests [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3711\"\u003e#3711\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3711\"\u003emockito/mockito#3711\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3709\"\u003e#3709\u003c/a\u003e\n[(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3710\"\u003e#3710\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3710\"\u003emockito/mockito#3710\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat: Add support for JDK21 Sequenced Collections. [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3708\"\u003e#3708\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/pull/3708\"\u003emockito/mockito#3708\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eIntroducing the Ability to Mock Construction of Generic Types [(\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/2401\"\u003e#2401\u003c/a\u003e)](\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/2401\"\u003emockito/mockito#2401\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.19.0\u003c/h2\u003e\n\u003cp\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e\u003cem\u003eChangelog\ngenerated by \u003ca\nhref\u003d\"https://github.com/shipkit/shipkit-changelog\"\u003eShipkit Changelog\nGradle Plugin\u003c/a\u003e\u003c/em\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted\n--\u003e\u003c/p\u003e\n\u003ch4\u003e5.19.0\u003c/h4\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mockito/mockito/commit/09d2230acd7160252a6db228313c226a976e51b9\"\u003e\u003ccode\u003e09d2230\u003c/code\u003e\u003c/a\u003e\nBump graalvm/setup-graalvm from 1.4.3 to 1.4.4 (\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3768\"\u003e#3768\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mockito/mockito/commit/df3e0ccdd42533ac933f87e3fa00c0681d362c5b\"\u003e\u003ccode\u003edf3e0cc\u003c/code\u003e\u003c/a\u003e\nBump graalvm/setup-graalvm from 1.4.2 to 1.4.3 (\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3767\"\u003e#3767\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mockito/mockito/commit/04a6e9f88ccc6c29e77b95a8e0b617319bcee234\"\u003e\u003ccode\u003e04a6e9f\u003c/code\u003e\u003c/a\u003e\nBump actions/checkout from 5 to 6 (\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3765\"\u003e#3765\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mockito/mockito/commit/756a3cf3fa890437603704f1dc2932e908ef3951\"\u003e\u003ccode\u003e756a3cf\u003c/code\u003e\u003c/a\u003e\nAdd description of matchers to potential mismatch (\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3760\"\u003e#3760\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mockito/mockito/commit/58ba4455209a126d025eecbf18b33a7e04dece3b\"\u003e\u003ccode\u003e58ba445\u003c/code\u003e\u003c/a\u003e\nForbid mocking WeakReference with inline mock maker (\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3759\"\u003e#3759\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mockito/mockito/commit/966d6009047c7f6617dbf080e68ee38ea049aa54\"\u003e\u003ccode\u003e966d600\u003c/code\u003e\u003c/a\u003e\nBump actions/upload-artifact from 4 to 5 (\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3756\"\u003e#3756\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mockito/mockito/commit/632bf7bf5521208b237dcd08602c84b399b78031\"\u003e\u003ccode\u003e632bf7b\u003c/code\u003e\u003c/a\u003e\nBump graalvm/setup-graalvm from 1.4.1 to 1.4.2 (\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3755\"\u003e#3755\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mockito/mockito/commit/8564b43fbbdf4911a35148f7f11689dd5524c7c8\"\u003e\u003ccode\u003e8564b43\u003c/code\u003e\u003c/a\u003e\nFix primitives support in GenericArrayReturnType for Android (\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3753\"\u003e#3753\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mockito/mockito/commit/bf3a80983b99339716ec6070e09e60fbe3d9858c\"\u003e\u003ccode\u003ebf3a809\u003c/code\u003e\u003c/a\u003e\nBump graalvm/setup-graalvm from 1.4.0 to 1.4.1 (\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3744\"\u003e#3744\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/mockito/mockito/commit/cffddd4c759feda23185b6d25495fc8f9006190b\"\u003e\u003ccode\u003ecffddd4\u003c/code\u003e\u003c/a\u003e\nBump gradle/actions from 4 to 5 (\u003ca\nhref\u003d\"https://redirect.github.com/mockito/mockito/issues/3743\"\u003e#3743\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/mockito/mockito/compare/v5.17.0...v5.21.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dorg.mockito:mockito-bom\u0026package-manager\u003dmaven\u0026previous-version\u003d5.17.0\u0026new-version\u003d5.21.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "6dbc5d3690168e381f6b70c94638a9907c5489b3", "tree": "b7c8c5fc95f44ff84113688804ca227f6ed8b375", "parents": [ "bc7132b92c9c8ab693e5264cddf5145a3eed902e" ], "author": { "name": "Tamas Mate", "email": "50709850+tmater@users.noreply.github.com", "time": "Tue Feb 17 06:16:03 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Feb 17 06:16:03 2026 +0100" }, "message": "GH-946: Add Variant extension type support (#947)\n\n### Summary\n\nThis PR adds support for the Variant extension type in Arrow Java,\nenabling storage and manipulation of semi-structured variant data with\nmetadata and value buffers.\n\n### Changes\n\nA new `arrow-variant` module introduces the `Variant` class for parsing\nand working with variant data. This module is separated from the core\nvector module to isolate the `parquet-variant` dependency, so users of\nthe Arrow vector library don\u0027t have to depend on Parquet. This also\nmaintains a clean API boundary between Arrow\u0027s core functionality and\nvariant-specific parsing logic.\n\nThe core vector module gains `VariantType` as an extension type along\nwith `VariantVector` for storing variant data as metadata/value buffer\npairs. The implementation includes reader and writer support through\n`VariantReaderImpl`, `VariantWriterImpl`, and\n`NullableVariantHolderReaderImpl`, with corresponding holder classes for\nuse in generated code paths.\n\n### Testing\n\n- Unit tests for `VariantType`, `VariantVector`, and `Variant` parsing\n- Integration tests with `ListVector` and `MapVector`\n- Extension type round-trip tests\n\nCloses #946" }, { "commit": "bc7132b92c9c8ab693e5264cddf5145a3eed902e", "tree": "156dd0e6ae9c71a9455cd2f5788ce470822ac7b6", "parents": [ "2b74309ba4d5844593d6a3191d7b958f18468ae9" ], "author": { "name": "Sutou Kouhei", "email": "kou@clear-code.com", "time": "Mon Feb 16 22:02:33 2026 +0900" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Feb 16 14:02:33 2026 +0100" }, "message": "GH-1021: Use released apache/arrow instead of main (#1022)\n\n## What\u0027s Changed\n\nIn general, we should use released apache/arrow for apache/arrow-java\nrelease.\n\nCloses #1021." }, { "commit": "2b74309ba4d5844593d6a3191d7b958f18468ae9", "tree": "b54e78f2f748c19911df7436d5a547562d5733eb", "parents": [ "60a1a424200675710cc002c87b5a9a3afc6bada5" ], "author": { "name": "Aleksei Starikov", "email": "aleksei.starikov.ax@gmail.com", "time": "Mon Feb 16 11:42:29 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Feb 16 19:42:29 2026 +0900" }, "message": "MINOR: [Docs] Remove extra line in README.md (fix pre-commit) (#1018)\n\n## What\u0027s Changed\n\nRemove extra line in README.md for fixing the `end-of-file-fixer` hook\nin the `pre-commit` build.\n\nE.g.\n[here](https://github.com/apache/arrow-java/actions/runs/21902454512/job/63233962122)\nin the main branch build.\n```\nfix end of files.........................................................Failed\n- hook id: end-of-file-fixer\n- exit code: 1\n- files were modified by this hook\n\nFixing README.md\n```" }, { "commit": "60a1a424200675710cc002c87b5a9a3afc6bada5", "tree": "9a269ea45ce8f45990025208d268b7dcb7631a41", "parents": [ "776466e904f3ae44f52c3baa019e795e8a68c527" ], "author": { "name": "Aleksei Starikov", "email": "aleksei.starikov.ax@gmail.com", "time": "Wed Feb 11 12:00:23 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Feb 11 12:00:23 2026 +0100" }, "message": "GH-1014: [Docs] Fix broken and obsolete links in the README.md (#1015)\n\n## What\u0027s Changed\n\nFix broken links in `README.md` file.\nRemove the unused reference [2]:\nhttps://github.com/apache/arrow/blob/main/cpp/README.md.\nInline footnote links.\n\nCloses #1014." } ], "next": "776466e904f3ae44f52c3baa019e795e8a68c527" }