)]}' { "log": [ { "commit": "1b93d22120890b37d7bdffdf4b8700f42c5e0a65", "tree": "f4ed2f8e80b6b489c679890334fdf3374d2ab6eb", "parents": [ "f168b40b7e1cbccc6a1415f562d559cbb601fdef" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Wed Apr 08 22:30:14 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Apr 08 22:30:14 2026 +0200" }, "message": "Better control of plexus-utils (#1826)\n\nResolver DOES NOT USE IT (only Wagon), still, it is constantly around\nas mvn transitive dependency. We still need to manage it properly,\ngiven it comes from parent as well." }, { "commit": "f168b40b7e1cbccc6a1415f562d559cbb601fdef", "tree": "d5bb314bbe1c030d3ad70cc4724679fda9a68eef", "parents": [ "50cbed379ab15dc5fc627390776f7d27685a2165" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Wed Apr 08 20:17:14 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Apr 08 20:17:14 2026 +0200" }, "message": "RRF: Place remark about broken MRMs (#1820)\n\n* RRF: Place remark about broken MRMs\n\nIn certain cases, when group/virtual repositories are involved,\nand MRMs leak random resources from member repositories,\ndocument the possible circumvention.\n\n* Apply suggestion from @cstamas" }, { "commit": "50cbed379ab15dc5fc627390776f7d27685a2165", "tree": "994b44205582b6748fb3c44f5df13587b81f3bca", "parents": [ "8ee6b2038ce1449936aaaa258c564f412eb52309" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed Apr 08 20:16:55 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Apr 08 20:16:55 2026 +0200" }, "message": "Bump org.redisson:redisson from 4.3.0 to 4.3.1 (#1824)\n\nBumps [org.redisson:redisson](https://github.com/redisson/redisson) from 4.3.0 to 4.3.1.\n- [Release notes](https://github.com/redisson/redisson/releases)\n- [Changelog](https://github.com/redisson/redisson/blob/master/CHANGELOG.md)\n- [Commits](https://github.com/redisson/redisson/compare/redisson-4.3.0...redisson-4.3.1)\n\n---\nupdated-dependencies:\n- dependency-name: org.redisson:redisson\n dependency-version: 4.3.1\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "8ee6b2038ce1449936aaaa258c564f412eb52309", "tree": "6124e1a80dfd656e13577268a7bf8667ad9dd552", "parents": [ "8a76814d6d74e6a5ae016c066c5e1061974fb42c" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Apr 06 13:14:01 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Apr 06 13:14:01 2026 +0200" }, "message": "Bump org.codehaus.plexus:plexus-classworlds from 2.9.0 to 2.10.0 (#1822)\n\nBumps [org.codehaus.plexus:plexus-classworlds](https://github.com/codehaus-plexus/plexus-classworlds) from 2.9.0 to 2.10.0.\n- [Release notes](https://github.com/codehaus-plexus/plexus-classworlds/releases)\n- [Commits](https://github.com/codehaus-plexus/plexus-classworlds/compare/plexus-classworlds-2.9.0...plexus-classworlds-2.10.0)\n\n---\nupdated-dependencies:\n- dependency-name: org.codehaus.plexus:plexus-classworlds\n dependency-version: 2.10.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "8a76814d6d74e6a5ae016c066c5e1061974fb42c", "tree": "fe0ec07c33c90a75b1fa88214c94610662245242", "parents": [ "7f82ab5bd7f9f5c5a87e5d6b514ca47018566ca7" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Thu Apr 02 06:43:42 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Apr 02 06:43:42 2026 +0200" }, "message": "Bump biz.aQute.bnd:bnd-maven-plugin from 7.2.1 to 7.2.3 (#1818)\n\nBumps [biz.aQute.bnd:bnd-maven-plugin](https://github.com/bndtools/bnd) from 7.2.1 to 7.2.3.\n- [Release notes](https://github.com/bndtools/bnd/releases)\n- [Commits](https://github.com/bndtools/bnd/compare/7.2.1...7.2.3)\n\n---\nupdated-dependencies:\n- dependency-name: biz.aQute.bnd:bnd-maven-plugin\n dependency-version: 7.2.3\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "7f82ab5bd7f9f5c5a87e5d6b514ca47018566ca7", "tree": "0c90c0603e76f758530c07c835eaba2cb9cd960d", "parents": [ "194128ae22ab4eda525250960105fae5667b9fcb" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Sun Mar 29 13:47:47 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Mar 29 13:47:47 2026 +0200" }, "message": "Bump org.codehaus.plexus:plexus-utils (#1817)\n\nBumps [org.codehaus.plexus:plexus-utils](https://github.com/codehaus-plexus/plexus-utils) from 4.0.2 to 4.0.3.\n- [Release notes](https://github.com/codehaus-plexus/plexus-utils/releases)\n- [Commits](https://github.com/codehaus-plexus/plexus-utils/compare/plexus-utils-4.0.2...plexus-utils-4.0.3)\n\n---\nupdated-dependencies:\n- dependency-name: org.codehaus.plexus:plexus-utils\n dependency-version: 4.0.3\n dependency-type: direct:production\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "194128ae22ab4eda525250960105fae5667b9fcb", "tree": "657d3efc46633de60b4b8b9231142b2ee02b5009", "parents": [ "4ab6c594f6b581cea79ace34a37c29685fe686ed" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Fri Mar 27 18:58:43 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Mar 27 18:58:43 2026 +0100" }, "message": "Increase timeout in tests (#1816)\n\nThere is one test that creates a swarm of 1000 threads\nall going for same file. Seems timeout of 1s is not enough?" }, { "commit": "4ab6c594f6b581cea79ace34a37c29685fe686ed", "tree": "a4ee10997ec91613d39c2bb3d1e03b37a058d2da", "parents": [ "60a8d363b2c45af19b68ce58da7dcc60fc672114" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Fri Mar 27 15:33:53 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Mar 27 15:33:53 2026 +0100" }, "message": "Provide modern TrackingFileManager (#1814)\n\nStill, provide escape hatch for those that must share their local repository with some parallel running Maven 3.9.x or older.\n\nChanges:\n* provide \"legacy\" and \"named locks\" based TrackingFileManager\n* demote both from being components, instead introduce TrackingFileManagerProvider that performs \"selection\" of wanted instance\n* **contains refactoring regarding NamedLocks** making them usable system-wide, unlike so far, only in scope of SyncContext that requires session\n\nRefactoring: NamedLocks are a standalone API in Resolver. But SyncContext today is implemented with combination of NamedLocks and NameMapper. But, NameMapper was _never_ a standalone API on its own (is part of synccontext implementation done with NamedLocks), and NameMapper also depends on RepositorySystemSession. This caused that NamedLocks were \"washed into same (component) scope\" as NameMappers, and made them somewhat unusable outside of a session. Also, due this mixup, NamedLockFactoryAdapterFactoryImpl had to deal with locks lifecycle, totally wrongly (fx it was registering locks lifecycle multiple times while system existed, ie in case of daemon). Registering lifecycle is needed only once.\n\nThis refactoring clear things up: NamedLocks do live a life independently of existence of repository system session. " }, { "commit": "60a8d363b2c45af19b68ce58da7dcc60fc672114", "tree": "619ffa6941617352b6b42c50af16b165a48db77d", "parents": [ "6baad966c334eddec9ba8160be86f020f84c9f03" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Fri Mar 27 15:22:37 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Mar 27 15:22:37 2026 +0100" }, "message": "Bump io.minio:minio from 8.6.0 to 9.0.0 (#1813)\n\nBumps [io.minio:minio](https://github.com/minio/minio-java) from 8.6.0 to 9.0.0.\n- [Release notes](https://github.com/minio/minio-java/releases)\n- [Commits](https://github.com/minio/minio-java/compare/8.6.0...9.0.0)\n\n---\nupdated-dependencies:\n- dependency-name: io.minio:minio\n dependency-version: 9.0.0\n dependency-type: direct:production\n update-type: version-update:semver-major\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "6baad966c334eddec9ba8160be86f020f84c9f03", "tree": "1496f8d0b995ff204ad0a43ff5e14d1b504c9c7d", "parents": [ "0a4ca926c9940866801f67c30ca230e7d99cb27a" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Fri Mar 27 15:22:29 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Mar 27 15:22:29 2026 +0100" }, "message": "Bump testcontainersVersion from 2.0.3 to 2.0.4 (#1811)\n\nBumps `testcontainersVersion` from 2.0.3 to 2.0.4.\n\nUpdates `org.testcontainers:testcontainers` from 2.0.3 to 2.0.4\n- [Release notes](https://github.com/testcontainers/testcontainers-java/releases)\n- [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/testcontainers/testcontainers-java/compare/2.0.3...2.0.4)\n\nUpdates `org.testcontainers:testcontainers-junit-jupiter` from 2.0.3 to 2.0.4\n- [Release notes](https://github.com/testcontainers/testcontainers-java/releases)\n- [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/testcontainers/testcontainers-java/compare/2.0.3...2.0.4)\n\nUpdates `org.testcontainers:testcontainers-minio` from 2.0.3 to 2.0.4\n- [Release notes](https://github.com/testcontainers/testcontainers-java/releases)\n- [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/testcontainers/testcontainers-java/compare/2.0.3...2.0.4)\n\n---\nupdated-dependencies:\n- dependency-name: org.testcontainers:testcontainers\n dependency-version: 2.0.4\n dependency-type: direct:production\n update-type: version-update:semver-patch\n- dependency-name: org.testcontainers:testcontainers-junit-jupiter\n dependency-version: 2.0.4\n dependency-type: direct:production\n update-type: version-update:semver-patch\n- dependency-name: org.testcontainers:testcontainers-minio\n dependency-version: 2.0.4\n dependency-type: direct:development\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "0a4ca926c9940866801f67c30ca230e7d99cb27a", "tree": "88ddc408786f552dafa69927e73264f91daa5ea7", "parents": [ "0bc1e3eb8867b7a3229f1e55bcd50d5c5e8e4bf9" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Fri Mar 27 15:22:20 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Mar 27 15:22:20 2026 +0100" }, "message": "Bump maven3Version from 3.9.12 to 3.9.14 (#1810)\n\nBumps `maven3Version` from 3.9.12 to 3.9.14.\n\nUpdates `org.apache.maven:maven-resolver-provider` from 3.9.12 to 3.9.14\n\nUpdates `org.apache.maven:maven-model-builder` from 3.9.12 to 3.9.14\n\nUpdates `org.apache.maven:maven-plugin-api` from 3.9.12 to 3.9.14\n- [Release notes](https://github.com/apache/maven/releases)\n- [Commits](https://github.com/apache/maven/compare/maven-3.9.12...maven-3.9.14)\n\n---\nupdated-dependencies:\n- dependency-name: org.apache.maven:maven-resolver-provider\n dependency-version: 3.9.14\n dependency-type: direct:production\n update-type: version-update:semver-patch\n- dependency-name: org.apache.maven:maven-model-builder\n dependency-version: 3.9.14\n dependency-type: direct:production\n update-type: version-update:semver-patch\n- dependency-name: org.apache.maven:maven-plugin-api\n dependency-version: 3.9.14\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "0bc1e3eb8867b7a3229f1e55bcd50d5c5e8e4bf9", "tree": "4f8fc9806926157bec165888126515ec2ad160ae", "parents": [ "d3e2cbd12f36a4299b2254354e775f4f8e625c89" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Fri Mar 27 15:22:10 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Mar 27 15:22:10 2026 +0100" }, "message": "Bump org.mockito:mockito-core from 5.21.0 to 5.23.0 (#1808)\n\nBumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 5.21.0 to 5.23.0.\n- [Release notes](https://github.com/mockito/mockito/releases)\n- [Commits](https://github.com/mockito/mockito/compare/v5.21.0...v5.23.0)\n\n---\nupdated-dependencies:\n- dependency-name: org.mockito:mockito-core\n dependency-version: 5.23.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "d3e2cbd12f36a4299b2254354e775f4f8e625c89", "tree": "eda861bba0a3ae04e9f35cf9b8b780102d56e9ad", "parents": [ "6b73efa6fe7121de6f24672fd63c24c6ed0366eb" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Fri Mar 27 15:22:02 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Mar 27 15:22:02 2026 +0100" }, "message": "Bump org.redisson:redisson from 4.2.0 to 4.3.0 (#1805)\n\nBumps [org.redisson:redisson](https://github.com/redisson/redisson) from 4.2.0 to 4.3.0.\n- [Release notes](https://github.com/redisson/redisson/releases)\n- [Changelog](https://github.com/redisson/redisson/blob/master/CHANGELOG.md)\n- [Commits](https://github.com/redisson/redisson/compare/redisson-4.2.0...redisson-4.3.0)\n\n---\nupdated-dependencies:\n- dependency-name: org.redisson:redisson\n dependency-version: 4.3.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "6b73efa6fe7121de6f24672fd63c24c6ed0366eb", "tree": "26de67c1aa388af3484d13102a2cc21e97acc19b", "parents": [ "8457466c60bad78a04e1f3e5615545eea4c89a4d" ], "author": { "name": "Konrad Windszus", "email": "kwin@apache.org", "time": "Mon Mar 16 16:17:07 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 16 16:17:07 2026 +0100" }, "message": "Enhance RRF section with repository order link\n\nUpdated the explanation of Remote Repository Filtering to include a link to the effective repository order documentation." }, { "commit": "8457466c60bad78a04e1f3e5615545eea4c89a4d", "tree": "88a0505a381f813bd999044b7a5c7c3f1141bbd4", "parents": [ "b7f7f767b73e42dfebf302d81d95ddbbc4736a97" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Fri Feb 20 16:30:57 2026 +0100" }, "committer": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Fri Feb 20 16:30:57 2026 +0100" }, "message": "[maven-release-plugin] prepare for next development iteration\n" }, { "commit": "b7f7f767b73e42dfebf302d81d95ddbbc4736a97", "tree": "b399b0591ecdaccab329848d50632b2befba6cdc", "parents": [ "66c773b0e3b5fe2497c17c0fb4776f32705c9fa6" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Fri Feb 20 16:30:41 2026 +0100" }, "committer": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Fri Feb 20 16:30:41 2026 +0100" }, "message": "[maven-release-plugin] prepare release maven-resolver-2.0.16\n" }, { "commit": "66c773b0e3b5fe2497c17c0fb4776f32705c9fa6", "tree": "60681676a591dd9d924716912b21ef5e617f3780", "parents": [ "74bfbc09eb1b0472917a9166cc09c43d53501cd4" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Fri Feb 20 13:19:26 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Feb 20 13:19:26 2026 +0100" }, "message": "Undo some changes TrackingFileManager happened in 1.9.25 (#1801)\n\nhttps://github.com/apache/maven-resolver/commit/82766b0e211f8bfa0ca346bf7352d0de7a7d6706\n\nThis change happened in 1.9.25, but it seems it may allow under\nsome circumstances (fx symlinked local repository) to pass\nmore then one thread going for same file.\n\nSomewhat return the same code as before, but using Paths.\n" }, { "commit": "74bfbc09eb1b0472917a9166cc09c43d53501cd4", "tree": "db02f18a4a7edb665e41580fd30e305e5bcc7b5b", "parents": [ "1020f3e13f9fa0e8a1d14bc594bc63f28fc26302" ], "author": { "name": "Olivier Lamy", "email": "olamy@apache.org", "time": "Fri Feb 20 00:27:19 2026 +1000" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Feb 19 15:27:19 2026 +0100" }, "message": "Catch IOException with message \"Resource deadlock avoided\" which can happen on Unix level when multiple process try to lock same file (#1799)\n\n* Catch IOException with message \"Resource deadlock avoided\" which can happen on Unix level when multiple process try to lock same file\n\nSigned-off-by: Olivier Lamy \u003colamy@apache.org\u003e\n\n* spotless\n\nSigned-off-by: Olivier Lamy \u003colamy@apache.org\u003e\n\n---------\n\nSigned-off-by: Olivier Lamy \u003colamy@apache.org\u003e" }, { "commit": "1020f3e13f9fa0e8a1d14bc594bc63f28fc26302", "tree": "0afaec46428b69cdc9941dd16dbe96070d02a4e4", "parents": [ "9247aeeb808317e7b257afa2a788e1e152d4122d" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Wed Feb 18 14:26:28 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Feb 18 14:26:28 2026 +0100" }, "message": "Set content length for PUT in JDK transport (#1798)\n\nThat got lost once we moved off from ugly temp file hack.\n\n---------\n\nCo-authored-by: Konrad Windszus \u003ckonrad@windszus.net\u003e" }, { "commit": "9247aeeb808317e7b257afa2a788e1e152d4122d", "tree": "a2b98eb59cf04308bff24e237412397ebb51ac51", "parents": [ "aa5588c0ad5e6c8897c598845137b1d79eb2f01b" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Feb 12 17:02:49 2026 +0100" }, "committer": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Feb 12 17:02:49 2026 +0100" }, "message": "[maven-release-plugin] prepare for next development iteration\n" }, { "commit": "aa5588c0ad5e6c8897c598845137b1d79eb2f01b", "tree": "fa8a4fc92047417aa61ebdd90edb9ac63ef2167f", "parents": [ "711b0e1757c520fd51a15678471f082b018b5fb9" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Feb 12 17:02:32 2026 +0100" }, "committer": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Feb 12 17:02:32 2026 +0100" }, "message": "[maven-release-plugin] prepare release maven-resolver-2.0.15\n" }, { "commit": "711b0e1757c520fd51a15678471f082b018b5fb9", "tree": "073939a6cb1e776a7bcdab53d9cb9dc504e64bbe", "parents": [ "d67da51fd0e9933d62a84ef88861ca5f6b2e5a36" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Feb 12 16:41:11 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Feb 12 16:41:11 2026 +0100" }, "message": "Fix javadoc errors on new class (#1796)\n\nSite failed on this class, param names were off.\nAlso, removed some logical issue." }, { "commit": "d67da51fd0e9933d62a84ef88861ca5f6b2e5a36", "tree": "bb9f11eb4ac8780d40591bbf6308368e0a921240", "parents": [ "fcd4290cdc4113dc6e4d45d2debc72e3fd3e9fcb" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Feb 12 15:31:59 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Feb 12 15:31:59 2026 +0100" }, "message": "Document how resolver works internally (#1794)\n\nTo have a place to direct users asking wrong questions,\nbut also to align \"lingo\" we use.\n" }, { "commit": "fcd4290cdc4113dc6e4d45d2debc72e3fd3e9fcb", "tree": "0c3954a05d02959b63b59b107789b0eaa517eb4e", "parents": [ "acbcbbe1bf80b26cfb9d33687b0f859ca624d233" ], "author": { "name": "Elliotte Rusty Harold", "email": "elharo@users.noreply.github.com", "time": "Thu Feb 12 13:32:20 2026 +0000" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Feb 12 14:32:20 2026 +0100" }, "message": "Improve clarity and correctness in RRF documentation (#1795)\n\nRefined language and clarified concepts regarding Remote Repository Filtering in Maven documentation." }, { "commit": "acbcbbe1bf80b26cfb9d33687b0f859ca624d233", "tree": "c55f74fd6b4bb2d6f4888d0592508912b8abf268", "parents": [ "ad8dee92157a529ea35f388a559270d0787e55ce" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Feb 12 12:21:39 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Feb 12 12:21:39 2026 +0100" }, "message": "Minor bugfix: If proxy host cannot be resolved, fail (#1793)\n\nTo emit proper message saying what is the issue (ie typo in hostname of proxy)." }, { "commit": "ad8dee92157a529ea35f388a559270d0787e55ce", "tree": "0b7061c28a4f60ee0786af431775c9c193101668", "parents": [ "0c4f7a4fa3c476924e5f113eaa86ddb888fe58a0" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Feb 12 12:20:33 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Feb 12 12:20:33 2026 +0100" }, "message": "Document known transport issues (#1792)\n\nDocument \"known issues\" for transports, for start the HTTP capable transports." }, { "commit": "0c4f7a4fa3c476924e5f113eaa86ddb888fe58a0", "tree": "293fb12f49d71e23bb419c19c3c978d1d23140b2", "parents": [ "3d16457378b0a1e83484ea3519fa98fd818cbc77" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Feb 12 12:18:07 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Feb 12 12:18:07 2026 +0100" }, "message": "GH-1768 Drastically simplify auth caching (#1791)\n\nAs there is a reproducible issue for proxy auth cache. Seems auth cache fall apart in the moment non-single thread flow happens. Instead to chase and wrap around our head, I just went to drastically simplify the whole stuff, without dropping any existing feature, and making sure that reproducer does not reproduce anymore.\n\nFixes #1768" }, { "commit": "3d16457378b0a1e83484ea3519fa98fd818cbc77", "tree": "955ee8892b81e161c03b2c9e4a9583c3a10f45f5", "parents": [ "7a7a3daa64898fb551f07c9aa3f73e337c274228" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Feb 09 13:12:08 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Feb 09 13:12:08 2026 +0100" }, "message": "Bump sisuVersion from 0.9.0.M4 to 1.0.0 (#1789)\n\nBumps `sisuVersion` from 0.9.0.M4 to 1.0.0.\n\nUpdates `org.eclipse.sisu:org.eclipse.sisu.inject` from 0.9.0.M4 to 1.0.0\n- [Release notes](https://github.com/eclipse-sisu/sisu-project/releases)\n- [Changelog](https://github.com/eclipse-sisu/sisu-project/blob/main/RELEASE.md)\n- [Commits](https://github.com/eclipse-sisu/sisu-project/compare/milestones/0.9.0.M4...releases/1.0.0)\n\nUpdates `org.eclipse.sisu:org.eclipse.sisu.plexus` from 0.9.0.M4 to 1.0.0\n- [Release notes](https://github.com/eclipse-sisu/sisu-project/releases)\n- [Changelog](https://github.com/eclipse-sisu/sisu-project/blob/main/RELEASE.md)\n- [Commits](https://github.com/eclipse-sisu/sisu-project/compare/milestones/0.9.0.M4...releases/1.0.0)\n\n---\nupdated-dependencies:\n- dependency-name: org.eclipse.sisu:org.eclipse.sisu.inject\n dependency-version: 1.0.0\n dependency-type: direct:production\n update-type: version-update:semver-major\n- dependency-name: org.eclipse.sisu:org.eclipse.sisu.plexus\n dependency-version: 1.0.0\n dependency-type: direct:production\n update-type: version-update:semver-major\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "7a7a3daa64898fb551f07c9aa3f73e337c274228", "tree": "bbbc9d4a247b2b6219fd2180be2c7e5271b6a729", "parents": [ "968692dd4e67504db9c031dec7aa99c429cfa44b" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Fri Feb 06 18:13:27 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Feb 06 18:13:27 2026 +0100" }, "message": "Bump org.redisson:redisson from 4.1.0 to 4.2.0 (#1787)\n\nBumps [org.redisson:redisson](https://github.com/redisson/redisson) from 4.1.0 to 4.2.0.\n- [Release notes](https://github.com/redisson/redisson/releases)\n- [Changelog](https://github.com/redisson/redisson/blob/master/CHANGELOG.md)\n- [Commits](https://github.com/redisson/redisson/compare/redisson-4.1.0...redisson-4.2.0)\n\n---\nupdated-dependencies:\n- dependency-name: org.redisson:redisson\n dependency-version: 4.2.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "968692dd4e67504db9c031dec7aa99c429cfa44b", "tree": "31c9f71603a856c27a6b213527053752a186481c", "parents": [ "70696c0b5f2b4e74a1a910459dd94e1a6715303b" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Feb 05 18:39:55 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Feb 05 18:39:55 2026 +0100" }, "message": "Align configuration properties and more (#1785)\n\nInitial goal is to make Resolver 1.x configuration keys transparently supported, but also reduce the copy pasta around \"common\" HTTP configuration as well. Transport still needs to take care about their own \"native\" params (supported only by them).\n\nChanges:\n* removed \"smart\" from connector checksums, they are **included checksums** (aligned with enum)\n* removed \"maven2\" from newly (in 2.x) config property (class is named like it, but is totally internal). Property returned to \"checksums\".\n* made shared helper class for transports, that provides getter, validation and transformation for all \"common\" HTTP configurations, and reuse them.\n* checked other (important) properties, like split repo, and they already has \"legacy\" key support in place\n\nFixes #1783" }, { "commit": "70696c0b5f2b4e74a1a910459dd94e1a6715303b", "tree": "a5fbb2b10e87ba1d3cbb4a5f56ad631b757fce83", "parents": [ "ba18809776d676b04134c1be03e794586c6a0dba" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Wed Feb 04 13:03:44 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Feb 04 13:03:44 2026 +0100" }, "message": "Better checksum control (#1784)\n\nAbility to explicitly configure checksums for download (used to validate during donwloads) and for uploads (generated during uploads).\n\nFixes #1782" }, { "commit": "ba18809776d676b04134c1be03e794586c6a0dba", "tree": "4ec442ef635b4af8985bbe66d6db5ebb215ca7cf", "parents": [ "df7c28944f3684c2814a5ccba3e23367e11c6067" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Sat Jan 31 20:20:34 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sat Jan 31 20:20:34 2026 +0100" }, "message": "Deps: Jetty 12.1.6 (#1779)\n\nUpdate to Jetty 12.1.6\nhttps://github.com/jetty/jetty.project/releases/tag/jetty-12.1.6" }, { "commit": "df7c28944f3684c2814a5ccba3e23367e11c6067", "tree": "40364da75d34fee3262a415bd97e71b93c16d427", "parents": [ "d13e45f79476e7239208396ed87902060555df84" ], "author": { "name": "Konrad Windszus", "email": "kwin@apache.org", "time": "Sat Jan 31 18:54:32 2026 +0100" }, "committer": { "name": "Konrad Windszus", "email": "konrad@windszus.net", "time": "Sat Jan 31 19:55:02 2026 +0100" }, "message": "Disable Brotli Support in JDK HTTP Client again\n\nReason: Incorrect logging tracked in\nhttps://github.com/mizosoft/methanol/issues/181 leading to WARN in\nMaven.\n\nThis relates to #1744" }, { "commit": "d13e45f79476e7239208396ed87902060555df84", "tree": "795f6e33c182fa992b2aafd34de0994c244d3c79", "parents": [ "30608be22c4e14bd35d4952d51830e8cf2c4a64a" ], "author": { "name": "Konrad Windszus", "email": "kwin@apache.org", "time": "Sat Jan 31 10:15:46 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sat Jan 31 10:15:46 2026 +0100" }, "message": "JDK Transport: Do no longer leverage temp file for transfering artifact (#1755)\n\nDirectly transfer based on the PutTask\u0027s InputStream.\nImprove retry handling to not retry (some) BodyPublisher exceptions." }, { "commit": "30608be22c4e14bd35d4952d51830e8cf2c4a64a", "tree": "36e2b524d693055229b93aeb43588e3c57dce6b6", "parents": [ "88cc437bc313e9911c1ba1b7deb396148a2b31fb" ], "author": { "name": "Konrad Windszus", "email": "kwin@apache.org", "time": "Fri Jan 30 09:46:37 2026 +0100" }, "committer": { "name": "Konrad Windszus", "email": "konrad@windszus.net", "time": "Fri Jan 30 14:04:47 2026 +0100" }, "message": "Log retries in JDK HTTP Client" }, { "commit": "88cc437bc313e9911c1ba1b7deb396148a2b31fb", "tree": "b8d4ac4dc05c1e3e3086c6e21a9064960fa15cc9", "parents": [ "f3b42f78ed909da663caed360fc3727b1c09f0df" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Fri Jan 30 13:38:11 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Jan 30 13:38:11 2026 +0100" }, "message": "Bump commons-codec:commons-codec from 1.20.0 to 1.21.0 (#1777)\n\nBumps [commons-codec:commons-codec](https://github.com/apache/commons-codec) from 1.20.0 to 1.21.0.\n- [Changelog](https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt)\n- [Commits](https://github.com/apache/commons-codec/compare/rel/commons-codec-1.20.0...rel/commons-codec-1.21.0)\n\n---\nupdated-dependencies:\n- dependency-name: commons-codec:commons-codec\n dependency-version: 1.21.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "f3b42f78ed909da663caed360fc3727b1c09f0df", "tree": "876aa71b89e77eb5489226cd857917a3228a978e", "parents": [ "b03f5c035624b9eac3c95e7baf8046cc6586f927" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Jan 29 18:08:57 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Jan 29 18:08:57 2026 +0100" }, "message": "GH-1773: Treat 410 Gone as 404 Not Found (#1775)\n\nFixes #1773\n" }, { "commit": "b03f5c035624b9eac3c95e7baf8046cc6586f927", "tree": "febb74fef9a32c032856f1c339e35c5239812a57", "parents": [ "700fcb04046973e513aace2c6a26f536cab428f7" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Wed Jan 28 19:15:50 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Jan 28 19:15:50 2026 +0100" }, "message": "GH-1737: Revert partially parallel upload change (#1765)\n\nRevert partially (connector only) commit:\n09c3fa9f1880058a2d29ca9ebcd3d2c23da0af4c\n\nFixes #1737\n" }, { "commit": "700fcb04046973e513aace2c6a26f536cab428f7", "tree": "0a1b190a332ab55e14dfff051733302594c33d39", "parents": [ "08f8381d99865ced18a627b79842076cee4575a1" ], "author": { "name": "Konrad Windszus", "email": "kwin@apache.org", "time": "Tue Jan 27 17:52:27 2026 +0100" }, "committer": { "name": "Konrad Windszus", "email": "konrad@windszus.net", "time": "Wed Jan 28 18:24:23 2026 +0100" }, "message": "Clarify description of JDK Transport modules" }, { "commit": "08f8381d99865ced18a627b79842076cee4575a1", "tree": "640c9c6b8f1af226b62f5d078d76932905a02c63", "parents": [ "ec52693dc400578dd03f731c88c58807cca6a148" ], "author": { "name": "Konrad Windszus", "email": "kwin@apache.org", "time": "Wed Jan 28 10:17:30 2026 +0100" }, "committer": { "name": "Konrad Windszus", "email": "konrad@windszus.net", "time": "Wed Jan 28 14:33:27 2026 +0100" }, "message": "Remove generated configuration.md from Git\n\nPlace generated markdown source instead in\n\"target/generated-site/markdown/\" which is included by default\n(https://maven.apache.org/plugins/maven-site-plugin/site-mojo.html#generatedSiteDirectory)" }, { "commit": "ec52693dc400578dd03f731c88c58807cca6a148", "tree": "ee0f8248a89f09fdc7e86d09de89c848d11126d7", "parents": [ "0426ed03bb3d4b6e96a7f4502b3e05cf263a99f1" ], "author": { "name": "Konrad Windszus", "email": "kwin@apache.org", "time": "Mon Jan 19 09:22:11 2026 +0100" }, "committer": { "name": "Konrad Windszus", "email": "konrad@windszus.net", "time": "Tue Jan 27 18:05:05 2026 +0100" }, "message": "Fix preemptive proxy authentication in JDK Client" }, { "commit": "0426ed03bb3d4b6e96a7f4502b3e05cf263a99f1", "tree": "b8f15395caf3e43340c19beb89fe501e819f8fc4", "parents": [ "15cae5519e21c1a7c4ef7409d80a2f5926e716ed" ], "author": { "name": "Konrad Windszus", "email": "kwin@apache.org", "time": "Mon Jan 19 09:22:11 2026 +0100" }, "committer": { "name": "Konrad Windszus", "email": "konrad@windszus.net", "time": "Tue Jan 27 13:49:37 2026 +0100" }, "message": "Support Brotli compression in JDK HTTP Client\n\nEnable Brotli/ZStandard in Jetty HTTP Client\nAdd tests for compressed responses.\n\nThis closes #1744" }, { "commit": "15cae5519e21c1a7c4ef7409d80a2f5926e716ed", "tree": "f76c851d291a681b60950f9962e92686d95c840d", "parents": [ "2daf98540f16892d1f95490661542d7ce360a6d7" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Jan 26 05:44:06 2026 +0000" }, "committer": { "name": "Sylwester Lachiewicz", "email": "slachiewicz@apache.org", "time": "Tue Jan 27 02:22:47 2026 +0100" }, "message": "Bump org.codehaus.plexus:plexus-xml from 4.1.0 to 4.1.1\n\nBumps [org.codehaus.plexus:plexus-xml](https://github.com/codehaus-plexus/plexus-xml) from 4.1.0 to 4.1.1.\n- [Release notes](https://github.com/codehaus-plexus/plexus-xml/releases)\n- [Commits](https://github.com/codehaus-plexus/plexus-xml/compare/plexus-xml-4.1.0...plexus-xml-4.1.1)\n\n---\nupdated-dependencies:\n- dependency-name: org.codehaus.plexus:plexus-xml\n dependency-version: 4.1.1\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e" }, { "commit": "2daf98540f16892d1f95490661542d7ce360a6d7", "tree": "aa97cd73c384821ab76fa4766fd48c3a0cd1ba73", "parents": [ "c1dfbd899f00840f4d580c42218e55b27333f79c" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Jan 19 14:03:20 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jan 19 14:03:20 2026 +0100" }, "message": "Bump com.github.siom79.japicmp:japicmp-maven-plugin (#1745)\n\nBumps [com.github.siom79.japicmp:japicmp-maven-plugin](https://github.com/siom79/japicmp) from 0.25.3 to 0.25.4.\n- [Release notes](https://github.com/siom79/japicmp/releases)\n- [Changelog](https://github.com/siom79/japicmp/blob/master/release.py)\n- [Commits](https://github.com/siom79/japicmp/compare/japicmp-base-0.25.3...japicmp-base-0.25.4)\n\n---\nupdated-dependencies:\n- dependency-name: com.github.siom79.japicmp:japicmp-maven-plugin\n dependency-version: 0.25.4\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "c1dfbd899f00840f4d580c42218e55b27333f79c", "tree": "5daacacc95ad5f8a4d041410b544e5807d9b822e", "parents": [ "bca61862a72d50429cf7c1d5bc9ea4c45f4b624a" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Jan 19 14:02:34 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jan 19 14:02:34 2026 +0100" }, "message": "Bump biz.aQute.bnd:bnd-maven-plugin from 7.2.0 to 7.2.1 (#1746)\n\nBumps [biz.aQute.bnd:bnd-maven-plugin](https://github.com/bndtools/bnd) from 7.2.0 to 7.2.1.\n- [Release notes](https://github.com/bndtools/bnd/releases)\n- [Commits](https://github.com/bndtools/bnd/compare/7.2.0...7.2.1)\n\n---\nupdated-dependencies:\n- dependency-name: biz.aQute.bnd:bnd-maven-plugin\n dependency-version: 7.2.1\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "bca61862a72d50429cf7c1d5bc9ea4c45f4b624a", "tree": "7bcccb3710164b8ffbd11a8fed3fe271ad497274", "parents": [ "2340c676f3aaf920ea7bbb5120b0ade4829a737c" ], "author": { "name": "Konrad Windszus", "email": "kwin@apache.org", "time": "Fri Jan 16 20:21:46 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Jan 16 20:21:46 2026 +0100" }, "message": "Update to Jetty 12.1 (#1748)\n\nThis affects both Server used for Tests and Jetty Transport (for HTTP).\nIt raises Java requirements to 17 for Jetty Transport.\nSupport rewind on PutTasks based on InputStream." }, { "commit": "2340c676f3aaf920ea7bbb5120b0ade4829a737c", "tree": "38b039edfddd5a40b614428273a2b776987ff2c7", "parents": [ "1f01b66d782c592d3e073de3e734f797a74a988b" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed Jan 14 17:22:26 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Jan 14 17:22:26 2026 +0100" }, "message": "Bump org.apache.maven:maven-parent from 46 to 47 (#1749)\n\nBumps [org.apache.maven:maven-parent](https://github.com/apache/maven-parent) from 46 to 47.\n- [Release notes](https://github.com/apache/maven-parent/releases)\n- [Commits](https://github.com/apache/maven-parent/commits)\n\n---\nupdated-dependencies:\n- dependency-name: org.apache.maven:maven-parent\n dependency-version: \u002747\u0027\n dependency-type: direct:production\n update-type: version-update:semver-major\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "1f01b66d782c592d3e073de3e734f797a74a988b", "tree": "dcdf8b50334f3c43c170da2c3be65d741eb842dc", "parents": [ "b9d00c853fc96b5e5cdb1d82f4850328dd734f48" ], "author": { "name": "Konrad Windszus", "email": "kwin@apache.org", "time": "Mon Jan 12 17:20:37 2026 +0100" }, "committer": { "name": "Konrad Windszus", "email": "kwin@apache.org", "time": "Mon Jan 12 17:20:37 2026 +0100" }, "message": "Trivial: Mention HTTP Client in description of Apache Transport" }, { "commit": "b9d00c853fc96b5e5cdb1d82f4850328dd734f48", "tree": "4769cf9557c00e4147d972ce9cd71b6445f96a22", "parents": [ "789457c0a52b18932e5f2bf94824930c6e8c3b2b" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Mon Jan 12 14:27:23 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jan 12 14:27:23 2026 +0100" }, "message": "Update parent 46 (#1742)\n\nAnd some slight reformat and other updates as well." }, { "commit": "789457c0a52b18932e5f2bf94824930c6e8c3b2b", "tree": "901e2b1d54784a4f3e66aef7228e0d949e981f05", "parents": [ "7a34f93aa6037c4ff2a9b0084a777f15a0a4c5c4" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Jan 12 13:18:02 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jan 12 13:18:02 2026 +0100" }, "message": "Bump roasterVersion from 2.30.3.Final to 2.31.0.Final (#1729)\n\nBumps `roasterVersion` from 2.30.3.Final to 2.31.0.Final.\n\nUpdates `org.jboss.forge.roaster:roaster-api` from 2.30.3.Final to 2.31.0.Final\n- [Release notes](https://github.com/forge/roaster/releases)\n- [Commits](https://github.com/forge/roaster/compare/2.30.3.Final...2.31.0.Final)\n\nUpdates `org.jboss.forge.roaster:roaster-jdt` from 2.30.3.Final to 2.31.0.Final\n\n---\nupdated-dependencies:\n- dependency-name: org.jboss.forge.roaster:roaster-api\n dependency-version: 2.31.0.Final\n dependency-type: direct:production\n update-type: version-update:semver-minor\n- dependency-name: org.jboss.forge.roaster:roaster-jdt\n dependency-version: 2.31.0.Final\n dependency-type: direct:production\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "7a34f93aa6037c4ff2a9b0084a777f15a0a4c5c4", "tree": "cb356e41f36bf9d7f6a5d4bfd709121867a0519b", "parents": [ "35e2ecf223bab30425527fc7084025e4b749fb58" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Jan 12 13:17:55 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jan 12 13:17:55 2026 +0100" }, "message": "Bump com.github.siom79.japicmp:japicmp-maven-plugin (#1740)\n\nBumps [com.github.siom79.japicmp:japicmp-maven-plugin](https://github.com/siom79/japicmp) from 0.25.1 to 0.25.3.\n- [Release notes](https://github.com/siom79/japicmp/releases)\n- [Changelog](https://github.com/siom79/japicmp/blob/master/release.py)\n- [Commits](https://github.com/siom79/japicmp/compare/japicmp-base-0.25.1...japicmp-base-0.25.3)\n\n---\nupdated-dependencies:\n- dependency-name: com.github.siom79.japicmp:japicmp-maven-plugin\n dependency-version: 0.25.3\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "35e2ecf223bab30425527fc7084025e4b749fb58", "tree": "449b7271929729507bde9842c230a1e0156d1021", "parents": [ "4ab57b9e12fddb76909a9ddf0116b5b63c84078a" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue Jan 06 05:19:22 2026 +0000" }, "committer": { "name": "Sylwester Lachiewicz", "email": "slachiewicz@apache.org", "time": "Thu Jan 08 09:31:59 2026 +0100" }, "message": "Bump org.codehaus.plexus:plexus-testing from 2.0.2 to 2.1.0\n\nBumps [org.codehaus.plexus:plexus-testing](https://github.com/codehaus-plexus/plexus-testing) from 2.0.2 to 2.1.0.\n- [Release notes](https://github.com/codehaus-plexus/plexus-testing/releases)\n- [Commits](https://github.com/codehaus-plexus/plexus-testing/compare/plexus-testing-2.0.2...plexus-testing-2.1.0)\n\n---\nupdated-dependencies:\n- dependency-name: org.codehaus.plexus:plexus-testing\n dependency-version: 2.1.0\n dependency-type: direct:development\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e" }, { "commit": "4ab57b9e12fddb76909a9ddf0116b5b63c84078a", "tree": "3e9c8618f283158f41753b58b745c9cb48196956", "parents": [ "7accf0400960c4d1acc9bb11d2cff6ebef8bf866" ], "author": { "name": "Konrad Windszus", "email": "kwin@apache.org", "time": "Wed Jan 07 20:18:57 2026 +0100" }, "committer": { "name": "Konrad Windszus", "email": "konrad@windszus.net", "time": "Wed Jan 07 22:24:32 2026 +0100" }, "message": "Add retries for JDK HTTP client\n\nAdd tests for retries after 429 (\"Too Many Requests\")\nThis closes #1732" }, { "commit": "7accf0400960c4d1acc9bb11d2cff6ebef8bf866", "tree": "c8889cf87628955e3127b9478169e546e63694ca", "parents": [ "f9e7d5adab86a29068bd26f52782781dd28c3063" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Dec 22 05:13:48 2025 +0000" }, "committer": { "name": "Konrad Windszus", "email": "konrad@windszus.net", "time": "Wed Jan 07 17:17:24 2026 +0100" }, "message": "Bump com.github.mizosoft.methanol:methanol from 1.8.4 to 1.9.0\n\nBumps [com.github.mizosoft.methanol:methanol](https://github.com/mizosoft/methanol) from 1.8.4 to 1.9.0.\n- [Release notes](https://github.com/mizosoft/methanol/releases)\n- [Changelog](https://github.com/mizosoft/methanol/blob/master/CHANGELOG.md)\n- [Commits](https://github.com/mizosoft/methanol/compare/v1.8.4...v1.9.0)\n\n---\nupdated-dependencies:\n- dependency-name: com.github.mizosoft.methanol:methanol\n dependency-version: 1.9.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e" }, { "commit": "f9e7d5adab86a29068bd26f52782781dd28c3063", "tree": "7e69d0a832095f170c60c95ee2563f9027951e31", "parents": [ "ae71ab1d8d95ac15cc0dec9a3acd2d625dfdf4a4" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed Dec 31 07:52:47 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Dec 31 07:52:47 2025 +0100" }, "message": "Bump org.redisson:redisson from 4.0.0 to 4.1.0 (#1728)\n\nBumps [org.redisson:redisson](https://github.com/redisson/redisson) from 4.0.0 to 4.1.0.\n- [Release notes](https://github.com/redisson/redisson/releases)\n- [Changelog](https://github.com/redisson/redisson/blob/master/CHANGELOG.md)\n- [Commits](https://github.com/redisson/redisson/compare/redisson-4.0.0...redisson-4.1.0)\n\n---\nupdated-dependencies:\n- dependency-name: org.redisson:redisson\n dependency-version: 4.1.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "ae71ab1d8d95ac15cc0dec9a3acd2d625dfdf4a4", "tree": "b96ad17b1681bfcc96491925cb0a1843b52ee7a4", "parents": [ "39f34b44544dc8fc99bf8d3b7f4151b187943de1" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Dec 29 13:29:12 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Dec 29 13:29:12 2025 +0100" }, "message": "Bump org.redisson:redisson from 3.52.0 to 4.0.0 (#1717)\n\nBumps [org.redisson:redisson](https://github.com/redisson/redisson) from 3.52.0 to 4.0.0.\n- [Release notes](https://github.com/redisson/redisson/releases)\n- [Changelog](https://github.com/redisson/redisson/blob/master/CHANGELOG.md)\n- [Commits](https://github.com/redisson/redisson/compare/redisson-3.52.0...redisson-4.0.0)\n\n---\nupdated-dependencies:\n- dependency-name: org.redisson:redisson\n dependency-version: 4.0.0\n dependency-type: direct:production\n update-type: version-update:semver-major\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "39f34b44544dc8fc99bf8d3b7f4151b187943de1", "tree": "df735e93e7404ccda74677112b7c5b5a9629eede", "parents": [ "c623ac3284a3cf476923ee1942496cc75c60b2e9" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Dec 29 13:29:05 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Dec 29 13:29:05 2025 +0100" }, "message": "Bump testcontainersVersion from 2.0.2 to 2.0.3 (#1715)\n\nBumps `testcontainersVersion` from 2.0.2 to 2.0.3.\n\nUpdates `org.testcontainers:testcontainers` from 2.0.2 to 2.0.3\n- [Release notes](https://github.com/testcontainers/testcontainers-java/releases)\n- [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/testcontainers/testcontainers-java/compare/2.0.2...2.0.3)\n\nUpdates `org.testcontainers:testcontainers-junit-jupiter` from 2.0.2 to 2.0.3\n- [Release notes](https://github.com/testcontainers/testcontainers-java/releases)\n- [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/testcontainers/testcontainers-java/compare/2.0.2...2.0.3)\n\nUpdates `org.testcontainers:testcontainers-minio` from 2.0.2 to 2.0.3\n- [Release notes](https://github.com/testcontainers/testcontainers-java/releases)\n- [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md)\n- [Commits](https://github.com/testcontainers/testcontainers-java/compare/2.0.2...2.0.3)\n\n---\nupdated-dependencies:\n- dependency-name: org.testcontainers:testcontainers\n dependency-version: 2.0.3\n dependency-type: direct:production\n update-type: version-update:semver-patch\n- dependency-name: org.testcontainers:testcontainers-junit-jupiter\n dependency-version: 2.0.3\n dependency-type: direct:production\n update-type: version-update:semver-patch\n- dependency-name: org.testcontainers:testcontainers-minio\n dependency-version: 2.0.3\n dependency-type: direct:development\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "c623ac3284a3cf476923ee1942496cc75c60b2e9", "tree": "cef3175d32e576de2e0830bc58b31ad908cc7d97", "parents": [ "1b52bd5760f1a30eba15e5fe01080955b60b35fb" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Dec 29 13:28:51 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Dec 29 13:28:51 2025 +0100" }, "message": "Bump biz.aQute.bnd:bnd-maven-plugin from 7.1.0 to 7.2.0 (#1726)\n\nBumps [biz.aQute.bnd:bnd-maven-plugin](https://github.com/bndtools/bnd) from 7.1.0 to 7.2.0.\n- [Release notes](https://github.com/bndtools/bnd/releases)\n- [Commits](https://github.com/bndtools/bnd/compare/7.1.0...7.2.0)\n\n---\nupdated-dependencies:\n- dependency-name: biz.aQute.bnd:bnd-maven-plugin\n dependency-version: 7.2.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "1b52bd5760f1a30eba15e5fe01080955b60b35fb", "tree": "50614059cd5f63e676e7c5392aed6916332b3a8c", "parents": [ "ea56ad9bcbbfeec5add47809aada0d54d044c570" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Dec 22 06:43:20 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Dec 22 06:43:20 2025 +0100" }, "message": "Bump org.codehaus.mojo:exec-maven-plugin from 3.6.2 to 3.6.3 (#1721)\n\nBumps [org.codehaus.mojo:exec-maven-plugin](https://github.com/mojohaus/exec-maven-plugin) from 3.6.2 to 3.6.3.\n- [Release notes](https://github.com/mojohaus/exec-maven-plugin/releases)\n- [Commits](https://github.com/mojohaus/exec-maven-plugin/compare/3.6.2...3.6.3)\n\n---\nupdated-dependencies:\n- dependency-name: org.codehaus.mojo:exec-maven-plugin\n dependency-version: 3.6.3\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "ea56ad9bcbbfeec5add47809aada0d54d044c570", "tree": "7cb0c79f2d37df266f063bfc9670452c258a9148", "parents": [ "21ac40ed9a3876d414f194a5b4f989d82940d451" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Dec 22 06:43:11 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Dec 22 06:43:11 2025 +0100" }, "message": "Bump com.github.siom79.japicmp:japicmp-maven-plugin (#1722)\n\nBumps [com.github.siom79.japicmp:japicmp-maven-plugin](https://github.com/siom79/japicmp) from 0.25.0 to 0.25.1.\n- [Release notes](https://github.com/siom79/japicmp/releases)\n- [Changelog](https://github.com/siom79/japicmp/blob/master/release.py)\n- [Commits](https://github.com/siom79/japicmp/compare/japicmp-base-0.25.0...japicmp-base-0.25.1)\n\n---\nupdated-dependencies:\n- dependency-name: com.github.siom79.japicmp:japicmp-maven-plugin\n dependency-version: 0.25.1\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "21ac40ed9a3876d414f194a5b4f989d82940d451", "tree": "a774ec3163dd35150ee17381dbd9cff45a63833e", "parents": [ "4749407b1c6ad99e2bf2f9ab178288eb22208dba" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Sat Dec 20 10:16:29 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sat Dec 20 10:16:29 2025 +0100" }, "message": "Bump org.ow2.asm:asm from 9.9 to 9.9.1 (#1716)\n\nBumps org.ow2.asm:asm from 9.9 to 9.9.1.\n\n---\nupdated-dependencies:\n- dependency-name: org.ow2.asm:asm\n dependency-version: 9.9.1\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "4749407b1c6ad99e2bf2f9ab178288eb22208dba", "tree": "32cfee906b1620956b96a33054c1f16702917886", "parents": [ "3bba4d2b19f8bb5e81836436308412925b0d5752" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed Dec 17 18:45:59 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Dec 17 18:45:59 2025 +0100" }, "message": "Bump maven3Version from 3.9.11 to 3.9.12 (#1718)\n\nBumps `maven3Version` from 3.9.11 to 3.9.12.\n\nUpdates `org.apache.maven:maven-resolver-provider` from 3.9.11 to 3.9.12\n\nUpdates `org.apache.maven:maven-model-builder` from 3.9.11 to 3.9.12\n\nUpdates `org.apache.maven:maven-plugin-api` from 3.9.11 to 3.9.12\n- [Release notes](https://github.com/apache/maven/releases)\n- [Commits](https://github.com/apache/maven/compare/maven-3.9.11...maven-3.9.12)\n\n---\nupdated-dependencies:\n- dependency-name: org.apache.maven:maven-resolver-provider\n dependency-version: 3.9.12\n dependency-type: direct:production\n update-type: version-update:semver-patch\n- dependency-name: org.apache.maven:maven-model-builder\n dependency-version: 3.9.12\n dependency-type: direct:production\n update-type: version-update:semver-patch\n- dependency-name: org.apache.maven:maven-plugin-api\n dependency-version: 3.9.12\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "3bba4d2b19f8bb5e81836436308412925b0d5752", "tree": "a7f1828c41042860202d1087e5cc3aad1b7dbea6", "parents": [ "5b46366f8bfcb8cb40f935907648f7c41141d472" ], "author": { "name": "Elliotte Rusty Harold", "email": "elharo@users.noreply.github.com", "time": "Mon Dec 15 13:07:58 2025 +0000" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Dec 15 13:07:58 2025 +0000" }, "message": "Fix typos and improve clarity in using resolver docs (#1713)\n\n* Fix typos and improve clarity in documentation\n\n* Fix grammar in using-resolver-in-maven-plugins.md\n\nCorrect minor grammatical errors for clarity.\n\n* Fix link and wording in Maven plugins documentation\n\nUpdated link format and corrected wording in documentation." }, { "commit": "5b46366f8bfcb8cb40f935907648f7c41141d472", "tree": "19c7cfddc249c6ca85206872facd298a1e044cf2", "parents": [ "a1a75fb5875e4186cc988441ef9d3ec4957a5ce0" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Fri Dec 12 19:37:18 2025 +0100" }, "committer": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Fri Dec 12 19:37:18 2025 +0100" }, "message": "[maven-release-plugin] prepare for next development iteration\n" }, { "commit": "a1a75fb5875e4186cc988441ef9d3ec4957a5ce0", "tree": "958c4089656972b2fc8a2f812577dbb121fad8cb", "parents": [ "d45597db4047685ca0fac7eb8565277b50cb5acf" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Fri Dec 12 19:37:04 2025 +0100" }, "committer": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Fri Dec 12 19:37:04 2025 +0100" }, "message": "[maven-release-plugin] prepare release maven-resolver-2.0.14\n" }, { "commit": "d45597db4047685ca0fac7eb8565277b50cb5acf", "tree": "c2b9327b42af584d4ad5bb11d3db0c1b367c33cc", "parents": [ "1c2ab711311271b7ddf8de057cc49e8b6913b704" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Fri Dec 12 19:34:31 2025 +0100" }, "committer": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Fri Dec 12 19:34:31 2025 +0100" }, "message": "Sneaky errors fixed for release\n" }, { "commit": "1c2ab711311271b7ddf8de057cc49e8b6913b704", "tree": "0aee46e843b83d8f1fef4b6293e78a9fdb48d76a", "parents": [ "83235d917a85ee20a06079e3a78ebc26e2d81c0a" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Fri Dec 12 19:28:50 2025 +0100" }, "committer": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Fri Dec 12 19:28:50 2025 +0100" }, "message": "[maven-release-plugin] rollback the release of maven-resolver-2.0.14\n" }, { "commit": "83235d917a85ee20a06079e3a78ebc26e2d81c0a", "tree": "2036e8c2aa2c832c434acbfc4ee1dd7676120517", "parents": [ "e44bcef95c9299cf9ca8b6a37822f470755c7a1c" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Fri Dec 12 19:22:56 2025 +0100" }, "committer": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Fri Dec 12 19:22:56 2025 +0100" }, "message": "[maven-release-plugin] prepare for next development iteration\n" }, { "commit": "e44bcef95c9299cf9ca8b6a37822f470755c7a1c", "tree": "1a8d5122c4923bbce2bd0e5bc6762ff46cfdf4ef", "parents": [ "63e4736b333c5d4ae5a8afb2a4728b2074a59cb5" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Fri Dec 12 19:21:48 2025 +0100" }, "committer": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Fri Dec 12 19:21:48 2025 +0100" }, "message": "[maven-release-plugin] prepare release maven-resolver-2.0.14\n" }, { "commit": "63e4736b333c5d4ae5a8afb2a4728b2074a59cb5", "tree": "0aee46e843b83d8f1fef4b6293e78a9fdb48d76a", "parents": [ "0766f6b3cc0eeee62569880c430a3a2fb5b2b2d8" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Fri Dec 12 13:50:35 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Dec 12 13:50:35 2025 +0100" }, "message": "Bug: GH-1711 make sure last wins (#1712)\n\nNodes once created were immutable, now structure is made mutable for parsing, with \"last wins\" strategy. Also, split and simplify things, as prefix tree does not even need stop/allow, is groupTree only thing.\n\nFixes #1711 \n" }, { "commit": "0766f6b3cc0eeee62569880c430a3a2fb5b2b2d8", "tree": "2f25c7358196c51dce0bcb8c60cadc787e92aeb4", "parents": [ "a3304f0266b0f878b290ebbca513ca65fe558f8b" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Dec 11 16:20:36 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Dec 11 16:20:36 2025 +0100" }, "message": "Enhance RRF (#1709)\n\nChanges:\n* prefix: introduce \"resolvePrefixFiles\" config that controls auto-discovery (def: true; as before)\n* both: introduce \"noInputOutcome\" config that controls filtering outcome when enabled but no input provided (def: true; as before)\n* both: cleanup of configuration and use of helper classes\n" }, { "commit": "a3304f0266b0f878b290ebbca513ca65fe558f8b", "tree": "c9c6f753c01a3d81e3dc36d1bd57ab104ab33df4", "parents": [ "f81573223382ec90ddb561a6a0d4af852ea80f3e" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Dec 11 16:00:41 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Dec 11 16:00:41 2025 +0100" }, "message": "Bug: GH-1703 Gaps in G segments resets result (#1706)\n\nGroupTree did reset accepted state causing middle elements\nto become forbidden." }, { "commit": "f81573223382ec90ddb561a6a0d4af852ea80f3e", "tree": "5ee48a89ec55ccb65a260fbf8a509ccceb2cac7e", "parents": [ "6053cbea0f0b64d9a055eb20e6482aefe407ba26" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Dec 11 16:00:27 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Dec 11 16:00:27 2025 +0100" }, "message": "Bug: GH-1703 Locally cached artifacts defy RRF (#1707)\n\nWithin ArtifactResolver there was a subtle bug, caused by\nunintentional lazy evaluation of logical OR. In case filter is\npresent, it is ONLY and only lrm availability that drives\nthe logic." }, { "commit": "6053cbea0f0b64d9a055eb20e6482aefe407ba26", "tree": "82fc3401ee0f5a81a1f96d3bde504a67763aa364", "parents": [ "9746ab4ae962ac973773054a9bf6c7d61fd47c34" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Dec 11 15:59:56 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Dec 11 15:59:56 2025 +0100" }, "message": "Test: Increase IPC test timeout (#1710)\n\nAs it times out quite often, seems 5sec is not enough?" }, { "commit": "9746ab4ae962ac973773054a9bf6c7d61fd47c34", "tree": "8fd0b2938bf0d0c3974dea434aacfb05dbb7e40a", "parents": [ "a65fa20242efdf24eeb770b6faa0555cc72e97b3" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Wed Dec 10 18:57:52 2025 +0100" }, "committer": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Wed Dec 10 18:57:52 2025 +0100" }, "message": "Javadoc typo fixes\n\nNo code and no semantic change, just fixing Javadoc that\ncaused errors.\n" }, { "commit": "a65fa20242efdf24eeb770b6faa0555cc72e97b3", "tree": "5910284cbc9c4172f743be4c9b8f0165e7a4f2a3", "parents": [ "0a127818e636b5a409bd008ac5fea215f54533c3" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Wed Dec 10 17:47:21 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Dec 10 17:47:21 2025 +0100" }, "message": "Update test tools (#1705)\n\nChanges:\n* JUnit 5.14.1 (we are still Java 8)\n* Testcontainers 2.0.2" }, { "commit": "0a127818e636b5a409bd008ac5fea215f54533c3", "tree": "e0a26c832aa800476b3dcea045c11c1403037b41", "parents": [ "d4035d3a277dec91b56780b72358727b9df13bdd" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed Dec 10 11:24:48 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Dec 10 11:24:48 2025 +0100" }, "message": "Bump org.mockito:mockito-core from 5.20.0 to 5.21.0 (#1704)\n\nBumps [org.mockito:mockito-core](https://github.com/mockito/mockito) from 5.20.0 to 5.21.0.\n- [Release notes](https://github.com/mockito/mockito/releases)\n- [Commits](https://github.com/mockito/mockito/compare/v5.20.0...v5.21.0)\n\n---\nupdated-dependencies:\n- dependency-name: org.mockito:mockito-core\n dependency-version: 5.21.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "d4035d3a277dec91b56780b72358727b9df13bdd", "tree": "492d4e3c0d9bfb5fe37fb13dd4e157ee1b7f8cf9", "parents": [ "3fc3557e332927917f8d8cce86068fee3fd38cc6" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Tue Dec 09 20:01:00 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Dec 09 20:01:00 2025 +0100" }, "message": "Bug: depMgt in manager was \"last wins\" instead of \"first wins\" (#1702)\n\nThe dependency manager since commit 51a3de6cd5834bbb2748111f7d767093bf99007e (2.0.11+) had a bug to detect just added entries, and it resulted in \"last wins\" logic.\n\nThis PR fixes the issue and adds UT ensuring \"first wins\".\n\nStill, we are uncovered in tests (seems we are biased), as we have no \"duplicate entries in depMgt\"-like tests as all!" }, { "commit": "3fc3557e332927917f8d8cce86068fee3fd38cc6", "tree": "be043b1f9aba5d6162767b9326482434f187cb4a", "parents": [ "fd44490aab0b0c83d1cd5c272fdc7efd9991ca39" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Fri Dec 05 18:36:01 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Dec 05 18:36:01 2025 +0100" }, "message": "Bugfix: Prioritized Components Cache change detection got removed (#1698)\n\nThe commit c32b8c9236389ee04ab5d0aac3d206f8bb1b2f36 added discriminator\n(\"owner class\") to key, but by mistake dropped the change detection.\n\nThe original intent of that commit was to avoid hash clashes as\nkey did not factor in owner.\n\nAlso now this uses cache as intended." }, { "commit": "fd44490aab0b0c83d1cd5c272fdc7efd9991ca39", "tree": "88a1da1e140dfeac0b11b877757050d077fd402e", "parents": [ "a4058a8c94b93e7fcc25bc7705d95469683460be" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed Dec 03 13:31:39 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Dec 03 13:31:39 2025 +0100" }, "message": "Bump org.codehaus.plexus:plexus-testing from 2.0.1 to 2.0.2 (#1697)\n\nBumps [org.codehaus.plexus:plexus-testing](https://github.com/codehaus-plexus/plexus-testing) from 2.0.1 to 2.0.2.\n- [Release notes](https://github.com/codehaus-plexus/plexus-testing/releases)\n- [Commits](https://github.com/codehaus-plexus/plexus-testing/compare/plexus-testing-2.0.1...plexus-testing-2.0.2)\n\n---\nupdated-dependencies:\n- dependency-name: org.codehaus.plexus:plexus-testing\n dependency-version: 2.0.2\n dependency-type: direct:development\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "a4058a8c94b93e7fcc25bc7705d95469683460be", "tree": "460f803eca073f9e6f2eb573811dcb2ce0e416ee", "parents": [ "79b6d5f2ee1472a4aaf3224b7670f3c55b8dace2" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Mon Dec 01 17:33:51 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Dec 01 17:33:51 2025 +0100" }, "message": "Locking inhibitor SPI (#1696)\n\nA new SPI that offers ability to augment Resolver locking and inhibit locking on certain resources.\n\nOut of the box RRF prefix file inhibition is provided.\n\nFixes #1663\nFixes #1641\n" }, { "commit": "79b6d5f2ee1472a4aaf3224b7670f3c55b8dace2", "tree": "90f93ad83a87fc72390eae108c8f083aeb3ae005", "parents": [ "beb63f6f62a0a739ea225d4206caafc2bbca3368" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Mon Dec 01 17:31:39 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Dec 01 17:31:39 2025 +0100" }, "message": "Repository Key Function SPI (#1679)\n\nNew opt-in **experimental** feature for enhanced local repository: ability to choose \"repository key\" function. Local repository (simple and enhanced) by default uses the `simple` key (historically) where other places all used `nid`. Have to note, that `simple` is technically equivalent to `nid` as `RemoteRepository.isRepositoryManager()` is not set anywhere in Maven.\n\nAdded key functions:\n* `simple` -\u003e the original code in LRM\n* `nid` -\u003e `norm(id)` (path friendly)\n* `hurl` -\u003e `sha1(url)`\n* `nid_hurl` -\u003e `norm(id)-sha1(url)`\n* `gurk` -\u003e `norm(id)-sha1(seed)` where \"seed\" is all config properties of repo\n* `ngurk` -\u003e `norm(id)-sha1(seed)` where \"seed\" is all config sans mirror list (just the string \"isMirrored\" is added for mirrors)\n\nIntroduced `RepositoryKeyFunction` type, that is used consistently in enhanced local repository (availability calculation), prefix composer (split repository prefix calculation) and remote repository manager (remote repository consolidation). This is new SPI, and impl provides default implementation with those above." }, { "commit": "beb63f6f62a0a739ea225d4206caafc2bbca3368", "tree": "14bc64a278c0e0d059d5e6892a5f97b3d550a071", "parents": [ "5bf4b92a6b04c3d1a836a90378b97e04aec99462" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Fri Nov 28 15:44:47 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Nov 28 15:44:47 2025 +0100" }, "message": "GH-1668: Add catch-all for group filter (#1694)\n\nIntroduced `*` \"root\" entry, that may define the \"default acceptance\".\n\nFixes #1668" }, { "commit": "5bf4b92a6b04c3d1a836a90378b97e04aec99462", "tree": "ef355baf1926e7d87ee7b2c7e118ac13d122943f", "parents": [ "96a719501da482b7f74950ac7c9d4f1465b7e52e" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Fri Nov 28 15:44:27 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Nov 28 15:44:27 2025 +0100" }, "message": "TrackingFileManager changes (#1692)\n\nDrop out of band deletion, let TFM delete as well. Also, simplify but do not drop locking, is needed for interoperability with 3.9.11 and 4.0.0-rc-5 and older released versions. Make FNFEx ignored in case of read/delete.\n\nBackport to 1.9.x is here https://github.com/apache/maven-resolver/pull/1695.\n\n" }, { "commit": "96a719501da482b7f74950ac7c9d4f1465b7e52e", "tree": "240b30cc0e03850c591502c607b50442d6aa5b02", "parents": [ "60ee5c0902167d7f52545645c67b0ad531c66bca" ], "author": { "name": "Mārtiņš Avots", "email": "119068338+martins-avots@users.noreply.github.com", "time": "Thu Nov 27 11:58:47 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Nov 27 11:58:47 2025 +0100" }, "message": "Use try-with for resource in test HttpServer (#1521) (#1686)\n\n" }, { "commit": "60ee5c0902167d7f52545645c67b0ad531c66bca", "tree": "225d28e4fb239421f39301bb83990cf94ed76062", "parents": [ "2b9058f3b5b70083882e428ebf3e49bb92695761" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Thu Nov 27 11:31:50 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Nov 27 11:31:50 2025 +0100" }, "message": "Bump bouncycastleVersion from 1.82 to 1.83 (#1693)\n\nBumps `bouncycastleVersion` from 1.82 to 1.83.\n\nUpdates `org.bouncycastle:bcpg-jdk18on` from 1.82 to 1.83\n- [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html)\n- [Commits](https://github.com/bcgit/bc-java/commits)\n\nUpdates `org.bouncycastle:bcpkix-jdk18on` from 1.82 to 1.83\n- [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html)\n- [Commits](https://github.com/bcgit/bc-java/commits)\n\nUpdates `org.bouncycastle:bcprov-jdk18on` from 1.82 to 1.83\n- [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html)\n- [Commits](https://github.com/bcgit/bc-java/commits)\n\nUpdates `org.bouncycastle:bcutil-jdk18on` from 1.82 to 1.83\n- [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html)\n- [Commits](https://github.com/bcgit/bc-java/commits)\n\n---\nupdated-dependencies:\n- dependency-name: org.bouncycastle:bcpg-jdk18on\n dependency-version: \u00271.83\u0027\n dependency-type: direct:production\n update-type: version-update:semver-minor\n- dependency-name: org.bouncycastle:bcpkix-jdk18on\n dependency-version: \u00271.83\u0027\n dependency-type: direct:production\n update-type: version-update:semver-minor\n- dependency-name: org.bouncycastle:bcprov-jdk18on\n dependency-version: \u00271.83\u0027\n dependency-type: direct:production\n update-type: version-update:semver-minor\n- dependency-name: org.bouncycastle:bcutil-jdk18on\n dependency-version: \u00271.83\u0027\n dependency-type: direct:production\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "2b9058f3b5b70083882e428ebf3e49bb92695761", "tree": "5a220fdae82be1ed670791bfa30446ce4159af54", "parents": [ "2b0edb35202937c50f03041d642bd65a1fb165f2" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Mon Nov 24 15:03:52 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Nov 24 15:03:52 2025 +0100" }, "message": "Update to SigStore 2.0.0 (#1685)\n\nBumps [dev.sigstore:sigstore-java](https://github.com/sigstore/sigstore-java) from 1.3.0 to 2.0.0.\n\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href\u003d\"https://github.com/sigstore/sigstore-java/releases\"\u003edev.sigstore:sigstore-java\u0027s releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e \u003cblockquote\u003e\n\u003ch2\u003ev2.0.0\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href\u003d\"https://github.com/sigstore/sigstore-java/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for more details.\u003c/p\u003e \u003ch2\u003ev2.0.0-rc2\u003c/h2\u003e\n\u003cp\u003eSee \u003ca href\u003d\"https://github.com/sigstore/sigstore-java/blob/main/CHANGELOG.md\"\u003eCHANGELOG.md\u003c/a\u003e for more details.\u003c/p\u003e \u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdates after 2.0.0-rc1 release by \u003ca href\u003d\"https://github.com/loosebazooka\"\u003e\u003ccode\u003e@​loosebazooka\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1050\"\u003esigstore/sigstore-java#1050\u003c/a\u003e\u003c/li\u003e \u003cli\u003eUpdate README.md by \u003ca href\u003d\"https://github.com/loosebazooka\"\u003e\u003ccode\u003e@​loosebazooka\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1051\"\u003esigstore/sigstore-java#1051\u003c/a\u003e\u003c/li\u003e \u003cli\u003eUpdate google-github-actions/get-secretmanager-secrets action to v2.2.4 by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1057\"\u003esigstore/sigstore-java#1057\u003c/a\u003e\u003c/li\u003e \u003cli\u003eUpdate dependency org.assertj:assertj-core to v3.27.4 by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1056\"\u003esigstore/sigstore-java#1056\u003c/a\u003e\u003c/li\u003e \u003cli\u003eUpdate dependency com.github.autostyle:com.github.autostyle.gradle.plugin to v4.0.1 by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1054\"\u003esigstore/sigstore-java#1054\u003c/a\u003e\u003c/li\u003e \u003cli\u003eUpdate sigstore/community digest to ff42fd8 by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1053\"\u003esigstore/sigstore-java#1053\u003c/a\u003e\u003c/li\u003e \u003cli\u003eUpdate dependency com.gradleup.nmcp:com.gradleup.nmcp.gradle.plugin to v1.0.3 by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1055\"\u003esigstore/sigstore-java#1055\u003c/a\u003e\u003c/li\u003e \u003cli\u003eUpdate google-github-actions/auth digest to dac4e13 by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1052\"\u003esigstore/sigstore-java#1052\u003c/a\u003e\u003c/li\u003e \u003cli\u003eGroup gradleup.nmcp in renovate.json by \u003ca href\u003d\"https://github.com/loosebazooka\"\u003e\u003ccode\u003e@​loosebazooka\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1058\"\u003esigstore/sigstore-java#1058\u003c/a\u003e\u003c/li\u003e \u003cli\u003eUpdate conformance with new xfail by \u003ca href\u003d\"https://github.com/loosebazooka\"\u003e\u003ccode\u003e@​loosebazooka\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1060\"\u003esigstore/sigstore-java#1060\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003etuf Updater: fix snapshot version rollback case by \u003ca href\u003d\"https://github.com/jku\"\u003e\u003ccode\u003e@​jku\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1061\"\u003esigstore/sigstore-java#1061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ecli: Add working directory and enable Rekor v2 by \u003ca href\u003d\"https://github.com/aaronlew02\"\u003e\u003ccode\u003e@​aaronlew02\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1062\"\u003esigstore/sigstore-java#1062\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUse HTTP server for TUF conformance testing by \u003ca href\u003d\"https://github.com/aaronlew02\"\u003e\u003ccode\u003e@​aaronlew02\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1045\"\u003esigstore/sigstore-java#1045\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eref: Simplify hashedrekord and DSSE parsing exceptions by \u003ca href\u003d\"https://github.com/aaronlew02\"\u003e\u003ccode\u003e@​aaronlew02\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1064\"\u003esigstore/sigstore-java#1064\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Reject unsupported DSSE version by \u003ca href\u003d\"https://github.com/aaronlew02\"\u003e\u003ccode\u003e@​aaronlew02\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1063\"\u003esigstore/sigstore-java#1063\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix userAgent string in requests by \u003ca href\u003d\"https://github.com/loosebazooka\"\u003e\u003ccode\u003e@​loosebazooka\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1066\"\u003esigstore/sigstore-java#1066\u003c/a\u003e\u003c/li\u003e \u003cli\u003eAdd Rekor v2 types to RekorTypes by \u003ca href\u003d\"https://github.com/aaronlew02\"\u003e\u003ccode\u003e@​aaronlew02\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1073\"\u003esigstore/sigstore-java#1073\u003c/a\u003e\u003c/li\u003e \u003cli\u003eHandle null inputs parsing rekor entry by \u003ca href\u003d\"https://github.com/loosebazooka\"\u003e\u003ccode\u003e@​loosebazooka\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1074\"\u003esigstore/sigstore-java#1074\u003c/a\u003e\u003c/li\u003e \u003cli\u003eCatch json parse error from gson by \u003ca href\u003d\"https://github.com/loosebazooka\"\u003e\u003ccode\u003e@​loosebazooka\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1075\"\u003esigstore/sigstore-java#1075\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update sigstore/community digest to d7264e2 by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1067\"\u003esigstore/sigstore-java#1067\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update google-github-actions/auth action to v2.1.13 by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1068\"\u003esigstore/sigstore-java#1068\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update gradle/actions action to v4.4.3 by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1070\"\u003esigstore/sigstore-java#1070\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update google-github-actions/get-secretmanager-secrets action to v2.2.5 by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1069\"\u003esigstore/sigstore-java#1069\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update sigstore/sigstore-conformance action to v0.0.20 by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1071\"\u003esigstore/sigstore-java#1071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update jetty monorepo to v11.0.26 - autoclosed by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1072\"\u003esigstore/sigstore-java#1072\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update sigstore/sigstore-conformance action to v0.0.21 by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1078\"\u003esigstore/sigstore-java#1078\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update sigstore/community digest to f539f57 by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1077\"\u003esigstore/sigstore-java#1077\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency com.google.code.gson:gson to v2.13.2 by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1079\"\u003esigstore/sigstore-java#1079\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency org.assertj:assertj-core to v3.27.6 by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1080\"\u003esigstore/sigstore-java#1080\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update actions/checkout action to v4.3.0 by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1081\"\u003esigstore/sigstore-java#1081\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency go to 1.25.x by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1082\"\u003esigstore/sigstore-java#1082\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eremove oidc config from gradle plugin by \u003ca href\u003d\"https://github.com/loosebazooka\"\u003e\u003ccode\u003e@​loosebazooka\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1076\"\u003esigstore/sigstore-java#1076\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency com.google.guava:guava to v33.5.0-jre by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1090\"\u003esigstore/sigstore-java#1090\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency com.google.errorprone:error_prone_core to v2.42.0 by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1089\"\u003esigstore/sigstore-java#1089\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update bouncycastle to v1.82 by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1087\"\u003esigstore/sigstore-java#1087\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update sigstore/community digest to f09be1d by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1085\"\u003esigstore/sigstore-java#1085\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update gradle/actions action to v4.4.4 by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1086\"\u003esigstore/sigstore-java#1086\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency com.code-intelligence:jazzer-api to v0.26.0 by \u003ca href\u003d\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1088\"\u003esigstore/sigstore-java#1088\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/jku\"\u003e\u003ccode\u003e@​jku\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1061\"\u003esigstore/sigstore-java#1061\u003c/a\u003e\u003c/li\u003e \u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href\u003d\"https://github.com/sigstore/sigstore-java/compare/v2.0.0-rc1...v2.0.0-rc2\"\u003ehttps://github.com/sigstore/sigstore-java/compare/v2.0.0-rc1...v2.0.0-rc2\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href\u003d\"https://github.com/sigstore/sigstore-java/blob/main/CHANGELOG.md\"\u003edev.sigstore:sigstore-java\u0027s changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e \u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable changes to \u003ccode\u003esigstore-java\u003c/code\u003e will be documented in this file.\u003c/p\u003e \u003cp\u003eThe format is based on \u003ca href\u003d\"https://keepachangelog.com/en/1.0.0/\"\u003eKeep a Changelog\u003c/a\u003e.\u003c/p\u003e \u003cp\u003eAll versions prior to 1.0.0 are untracked\u003c/p\u003e\n\u003ch2\u003e[Unreleased]\u003c/h2\u003e\n\u003ch1\u003e[2.0.0-rc2] - 2025-10-21\u003c/h1\u003e\n\u003ch2\u003eFixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix TUF snapshot version rollback case: \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1061\"\u003esigstore/sigstore-java#1061\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix userAgent string in requests: \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1066\"\u003esigstore/sigstore-java#1066\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHandle parsing/format failures: \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1063\"\u003esigstore/sigstore-java#1063\u003c/a\u003e, \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1064\"\u003esigstore/sigstore-java#1064\u003c/a\u003e, \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1073\"\u003esigstore/sigstore-java#1073\u003c/a\u003e, \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1074\"\u003esigstore/sigstore-java#1074\u003c/a\u003e, \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1075\"\u003esigstore/sigstore-java#1075\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChanged\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRemove oidc config from gradle plugin: \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1076\"\u003esigstore/sigstore-java#1076\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003e[2.0.0-rc1] - 2025-08-14\u003c/h1\u003e\n\u003ch2\u003eAdded\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for rekor v2 logs \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/990\"\u003esigstore/sigstore-java#990\u003c/a\u003e, \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1016\"\u003esigstore/sigstore-java#1016\u003c/a\u003e, \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1017\"\u003esigstore/sigstore-java#1017\u003c/a\u003e, \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1008\"\u003esigstore/sigstore-java#1008\u003c/a\u003e, \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1031\"\u003esigstore/sigstore-java#1031\u003c/a\u003e, \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1040\"\u003esigstore/sigstore-java#1040\u003c/a\u003e\u003c/li\u003e \u003cli\u003eAdd support for timestamps \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/960\"\u003esigstore/sigstore-java#960\u003c/a\u003e, \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/975\"\u003esigstore/sigstore-java#975\u003c/a\u003e, \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/977\"\u003esigstore/sigstore-java#977\u003c/a\u003e, \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/978\"\u003esigstore/sigstore-java#978\u003c/a\u003e, \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/979\"\u003esigstore/sigstore-java#979\u003c/a\u003e\u003c/li\u003e \u003cli\u003eLibrary support for token string auth \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/925\"\u003esigstore/sigstore-java#925\u003c/a\u003e\u003c/li\u003e \u003cli\u003eED25519 support in trusted_root \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/983\"\u003esigstore/sigstore-java#983\u003c/a\u003e\u003c/li\u003e \u003c/ul\u003e\n\u003ch2\u003eFixed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed windows support \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/974\"\u003esigstore/sigstore-java#974\u003c/a\u003e\u003c/li\u003e \u003cli\u003eParsing json with unknown fields \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/966\"\u003esigstore/sigstore-java#966\u003c/a\u003e\u003c/li\u003e \u003c/ul\u003e\n\u003ch2\u003eChanged\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUsers can no longer specify signer object in KeylessSigner, use Algorithm Registry instead \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/1027\"\u003esigstore/sigstore-java#1027\u003c/a\u003e\u003c/li\u003e \u003cli\u003eUsers with custom sigstore infrastructure deployments must specify a SigningConfig to configure the KeylessSigner, individual urls for infrastructure pieces are removed \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/956\"\u003esigstore/sigstore-java#956\u003c/a\u003e, \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/965\"\u003esigstore/sigstore-java#965\u003c/a\u003e, \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/pull/981\"\u003esigstore/sigstore-java#981\u003c/a\u003e\u003c/li\u003e \u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/sigstore/sigstore-java/commit/411721f4879abebd95bd9ab6ed3724366b13cdce\"\u003e\u003ccode\u003e411721f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/issues/1117\"\u003e#1117\u003c/a\u003e from sigstore/prep200\u003c/li\u003e \u003cli\u003e\u003ca href\u003d\"https://github.com/sigstore/sigstore-java/commit/735ab1056e88f474579cc658ea74030bf530acb6\"\u003e\u003ccode\u003e735ab10\u003c/code\u003e\u003c/a\u003e Prepare for 2.0.0\u003c/li\u003e \u003cli\u003e\u003ca href\u003d\"https://github.com/sigstore/sigstore-java/commit/69cbe67ce5db4c847b56c3c0728acf0f6e30079e\"\u003e\u003ccode\u003e69cbe67\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/issues/1010\"\u003e#1010\u003c/a\u003e from sigstore/renovate/maven\u003c/li\u003e \u003cli\u003e\u003ca href\u003d\"https://github.com/sigstore/sigstore-java/commit/f90015d7105e60032d2496b2b3451d2ec1dafac5\"\u003e\u003ccode\u003ef90015d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/issues/1115\"\u003e#1115\u003c/a\u003e from sigstore/fix-funky-exception\u003c/li\u003e \u003cli\u003e\u003ca href\u003d\"https://github.com/sigstore/sigstore-java/commit/b81ab3e2aba8b8d9bedd5cd8164ccdb932309f0d\"\u003e\u003ccode\u003eb81ab3e\u003c/code\u003e\u003c/a\u003e Wrap json operations for checked exceptions\u003c/li\u003e \u003cli\u003e\u003ca href\u003d\"https://github.com/sigstore/sigstore-java/commit/e2f2f2b701d8db36ab69e67a8e77ed56911fa55a\"\u003e\u003ccode\u003ee2f2f2b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/issues/1114\"\u003e#1114\u003c/a\u003e from sigstore/maven-badge\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/sigstore/sigstore-java/commit/0ffa58e20401d1a54fac65b4882fc9ad062621a0\"\u003e\u003ccode\u003e0ffa58e\u003c/code\u003e\u003c/a\u003e docs: Update Maven Central badge URL in README\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/sigstore/sigstore-java/commit/da48db2ef95a79b7a174a1fb2b2570eb21f7a632\"\u003e\u003ccode\u003eda48db2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/issues/1109\"\u003e#1109\u003c/a\u003e from jku/run-tuf-conformance-in-parallel\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/sigstore/sigstore-java/commit/6c1941340c1707ff491f22777c23fa8758686c68\"\u003e\u003ccode\u003e6c19413\u003c/code\u003e\u003c/a\u003e workflows: Run conformance in parallel\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/sigstore/sigstore-java/commit/11c2d22773705dc89d8fb2a1346e5e6fff113abd\"\u003e\u003ccode\u003e11c2d22\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/sigstore/sigstore-java/issues/1111\"\u003e#1111\u003c/a\u003e from sigstore/jetty-12\u003c/li\u003e \u003cli\u003eAdditional commits viewable in \u003ca href\u003d\"https://github.com/sigstore/sigstore-java/compare/v1.3.0...v2.0.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e \u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003ddev.sigstore:sigstore-java\u0026package-manager\u003dmaven\u0026previous-version\u003d1.3.0\u0026new-version\u003d2.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e \u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\u003c/details\u003e\n" }, { "commit": "2b0edb35202937c50f03041d642bd65a1fb165f2", "tree": "59a0f07ea60c95dd1bfe8952377a1386ee1e00ad", "parents": [ "a9fae9e30f088ece2c62477c6c2a2b96614f35c7" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Mon Nov 24 12:02:14 2025 +0100" }, "committer": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Mon Nov 24 12:02:14 2025 +0100" }, "message": "Use properties for roaster version\n" }, { "commit": "a9fae9e30f088ece2c62477c6c2a2b96614f35c7", "tree": "ca4e0129fbc6f8ffd72c2d64f60a6c40aa624257", "parents": [ "475e24dcdd64f27ed9d6db2ef759b1adb7833e00" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Nov 24 11:57:41 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Nov 24 11:57:41 2025 +0100" }, "message": "Bump org.jboss.forge.roaster:roaster-api (#1687)\n\nBumps [org.jboss.forge.roaster:roaster-api](https://github.com/forge/roaster) from 2.30.1.Final to 2.30.3.Final.\n- [Release notes](https://github.com/forge/roaster/releases)\n- [Commits](https://github.com/forge/roaster/compare/2.30.1.Final...2.30.3.Final)\n\n---\nupdated-dependencies:\n- dependency-name: org.jboss.forge.roaster:roaster-api\n dependency-version: 2.30.3.Final\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "475e24dcdd64f27ed9d6db2ef759b1adb7833e00", "tree": "89c07540f1b2130fb246e4dd0c35bbbca7eae0c5", "parents": [ "84301d46be820f157ed603b9f8ae032a51a23bd0" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Nov 24 11:57:34 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Nov 24 11:57:34 2025 +0100" }, "message": "Bump org.jboss.forge.roaster:roaster-jdt (#1688)\n\nBumps org.jboss.forge.roaster:roaster-jdt from 2.30.1.Final to 2.30.3.Final.\n\n---\nupdated-dependencies:\n- dependency-name: org.jboss.forge.roaster:roaster-jdt\n dependency-version: 2.30.3.Final\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "84301d46be820f157ed603b9f8ae032a51a23bd0", "tree": "959f8c7ce9c4828773d86990c65c9945f26acda0", "parents": [ "60b06783b2a34255bf43eb8870e37e7668de3086" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Nov 24 11:57:16 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Nov 24 11:57:16 2025 +0100" }, "message": "Bump com.github.siom79.japicmp:japicmp-maven-plugin (#1689)\n\nBumps [com.github.siom79.japicmp:japicmp-maven-plugin](https://github.com/siom79/japicmp) from 0.24.2 to 0.25.0.\n- [Release notes](https://github.com/siom79/japicmp/releases)\n- [Changelog](https://github.com/siom79/japicmp/blob/master/release.py)\n- [Commits](https://github.com/siom79/japicmp/compare/japicmp-base-0.24.2...japicmp-base-0.25.0)\n\n---\nupdated-dependencies:\n- dependency-name: com.github.siom79.japicmp:japicmp-maven-plugin\n dependency-version: 0.25.0\n dependency-type: direct:production\n update-type: version-update:semver-minor\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "60b06783b2a34255bf43eb8870e37e7668de3086", "tree": "1d79ef0cbc281ab62df13d5aed3bb76c027c8fe3", "parents": [ "3b15101d6f33edfd52a43f3f49cfd597c74294fb" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Nov 20 21:13:41 2025 +0100" }, "committer": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Nov 20 21:13:41 2025 +0100" }, "message": "Remove intent from RemoteRepository toString\n\nThe method output is meant for human consumption anyway,\nand intent is irrelevant.\n" }, { "commit": "3b15101d6f33edfd52a43f3f49cfd597c74294fb", "tree": "6ea87fabe59eb4cd42efd35de08a4e15af511f50", "parents": [ "425fb0b36d88eb41b2a5ca549edaa249aa6dde9e" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Nov 20 17:48:34 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Nov 20 17:48:34 2025 +0100" }, "message": "Remote repository intent (#1680)\n\nAdd new API to reflect the \"intent\" with given remote repository. Also, _within session_ remote repositories may be used as keys (ie in a map), but then use of new method IS MUST.\n\n(This _immediately_ revealed bug in 2.0.13: triggered #1667; not after fixes got merged)" }, { "commit": "425fb0b36d88eb41b2a5ca549edaa249aa6dde9e", "tree": "910b26ea3dffbf6a132f8f599c6016c346dbc9b3", "parents": [ "e767edc8679c197d3579ad3911c9bd1f288c9254" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Nov 20 17:41:16 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Nov 20 17:41:16 2025 +0100" }, "message": "Make filters daemon friendly (#1681)\n\nFilters are not daemon friendly; move everything under session. Components are singletons, and use of `RemoteRepository` as key across sessions is something not recommended. For that GURK is needed.\n" }, { "commit": "e767edc8679c197d3579ad3911c9bd1f288c9254", "tree": "cade740050fd7f5390ffd3eb9f4d75b7c59e0c32", "parents": [ "f299b25d31f20954497bb7f05249b351848ef7b4" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Nov 20 16:41:47 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Nov 20 16:41:47 2025 +0100" }, "message": "Name mappers cleanup and new GAECV mapper (#1677)\n\nCleanup name mappers usage and introduce new, more selective mapper GAECV.\n\nChanges:\n* introduce GAECV next to existing GAV name mapper.\n* make default GAECV" }, { "commit": "f299b25d31f20954497bb7f05249b351848ef7b4", "tree": "a191d512231f36243b8f6fafd34e9627a0d0ec6c", "parents": [ "0362881a8f10fc7674c3e922977f9750b60ecab3" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Nov 20 16:26:08 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Nov 20 16:26:08 2025 +0100" }, "message": "Remove hack from Basic connector (#1676)\n\nSimilar as in 1.9.x, but here the Executor may be null (threading and pooling has been reworked) so we need to check for executor being non-null.\n" }, { "commit": "0362881a8f10fc7674c3e922977f9750b60ecab3", "tree": "c6b66e0d78ce85b5e7ee46ddfe1234a99511f075", "parents": [ "5bca4bbe69f57df906d278c8d0e5b98e59da9c66" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Nov 20 16:25:49 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Nov 20 16:25:49 2025 +0100" }, "message": "Cleanup prefix and others (#1670)\n\nJust rename things to reflect what they are, and do not perform work if not needed." }, { "commit": "5bca4bbe69f57df906d278c8d0e5b98e59da9c66", "tree": "7ec0fe7c10db5cf93cb41332b181f37a205f5142", "parents": [ "170b043336c9e26262a7e58db5b0f175db9a4f59" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Nov 20 16:16:40 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Nov 20 16:16:40 2025 +0100" }, "message": "Fix locking issues (#1660)\n\nChanges:\n* introduce dedicated ex on timeout\n* up default timeouts (from 30s to 900s)\n* improve message by listing all lock subjects\n* improve message by mentioning the property that user should use to increase timeouts (there is no one size fits all; we could go with \"infinite\" timeouts. but am unsure about that)\n\n" }, { "commit": "170b043336c9e26262a7e58db5b0f175db9a4f59", "tree": "540db46ad2c08783cea94124cb8653e9f130d975", "parents": [ "471c7f498ad195a6f94e4613b260742ed14bec3d" ], "author": { "name": "Tamas Cservenak", "email": "tamas@cservenak.net", "time": "Thu Nov 20 16:16:25 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Nov 20 16:16:25 2025 +0100" }, "message": "Bug: Filter fixes (#1655)\n\nThree major issues: \n* (prefix) one was that it tried to fix the Maven issue of remote repository uniqueness (globally), and that attempt was in fact wrong, fix is elsewhere. The reason it tried to do this is in fact to circumvent locking issues #1644.\n* (manager) other issue was filter lifecycle, manager did it wrongly (data is _inherited on customized sessions_): the bug caused that one session was used to acquire filters and same filter got used for potentially other (maybe even reconfigured) session. This overlook forced filters to implement hoops and loops (to prevent recursion), but also prevented any third party code to have saying in filter operation.\n* (both filters) make sure RemoteRepositories used as keys for prefixes are _same_ (normalized as bare)\n\nChanges:\n* fix manager to make sure filters and session are aligned\n* fix/simplify prefix filter recursion prevention\n* introduce public and documented way to inhibit prefix discovery\n\nNote: as this PR now removes the \"hack\" (that in fact tried to circumvent #1644) we are now back at state we were before https://github.com/apache/maven-resolver/pull/1575 (the \"by make repositories unique\" bit). As we see, this change (without locking fix) will cause Maven IT failures, as ITs are executed in parallel, and \"prefix discovery\" initiated over same local repository will/may cause locking conflicts and hence timeouts (result is sporadically failing ITs due locking timeouts). Hence, this fix is to be followed by fix for #1644 \n\nFixes #1654 \nFixes #1667 \n" }, { "commit": "471c7f498ad195a6f94e4613b260742ed14bec3d", "tree": "2f320d57b9e37c9c65b7ba40b425c8613ca513e3", "parents": [ "9e07b1b7e2bac253c0f4b7a2675ca395a85b22a3" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed Nov 19 11:28:46 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Nov 19 11:28:46 2025 +0100" }, "message": "Bump okhttpVersion from 5.3.1 to 5.3.2 (#1678)\n\nBumps `okhttpVersion` from 5.3.1 to 5.3.2.\n\nUpdates `com.squareup.okhttp3:okhttp-bom` from 5.3.1 to 5.3.2\n- [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md)\n- [Commits](https://github.com/square/okhttp/compare/parent-5.3.1...parent-5.3.2)\n\nUpdates `com.squareup.okhttp3:okhttp-jvm` from 5.3.1 to 5.3.2\n- [Changelog](https://github.com/square/okhttp/blob/master/CHANGELOG.md)\n- [Commits](https://github.com/square/okhttp/compare/parent-5.3.1...parent-5.3.2)\n\n---\nupdated-dependencies:\n- dependency-name: com.squareup.okhttp3:okhttp-bom\n dependency-version: 5.3.2\n dependency-type: direct:production\n update-type: version-update:semver-patch\n- dependency-name: com.squareup.okhttp3:okhttp-jvm\n dependency-version: 5.3.2\n dependency-type: direct:production\n update-type: version-update:semver-patch\n...\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" } ], "next": "9e07b1b7e2bac253c0f4b7a2675ca395a85b22a3" }