Bump the dependencies group across 1 directory with 12 updates

[dependabot]

Bumps the dependencies group with 12 updates in the / directory:

Package	From	To
software.amazon.awssdk:secretsmanager	2.20.93	2.29.24
org.projectlombok:lombok	1.18.28	1.18.36
com.fasterxml.jackson.core:jackson-databind	2.15.2	2.18.2
com.github.spotbugs:spotbugs-annotations	4.7.3	4.8.6
org.apache.maven.plugins:maven-compiler-plugin	3.11.0	3.13.0
org.apache.maven.plugins:maven-source-plugin	3.3.0	3.3.1
org.apache.maven.plugins:maven-javadoc-plugin	3.5.0	3.11.1
org.apache.maven.plugins:maven-checkstyle-plugin	3.3.0	3.6.0
com.github.spotbugs:spotbugs-maven-plugin	4.7.3.5	4.8.6.6
org.jacoco:jacoco-maven-plugin	0.8.10	0.8.12
org.apache.maven.plugins:maven-gpg-plugin	3.1.0	3.2.7
org.sonatype.plugins:nexus-staging-maven-plugin	1.6.13	1.7.0

Updates software.amazon.awssdk:secretsmanager from 2.20.93 to 2.29.24

Updates org.projectlombok:lombok from 1.18.28 to 1.18.36

Changelog

Sourced from org.projectlombok:lombok's changelog.

v1.18.36 (November 15th, 2024)

• PLATFORM: JDK23 support added.
• BUGFIX: Eclipse projects using the com.pro-crafting.tools:jasperreports-maven-plugin will now compile.

v1.18.34 (June 28th, 2024)

• PLATFORM: Added support for Eclipse 2024-06; you'd get some NoSuchMethodError traces in your logs if using @Builder or @Singular prior to this fix. [Issue #3638](projectlombok/lombok#3638).
• IMPROBABLE BREAKING CHANGE: Lombok now adds @lombok.Generated by default to methods and types it generates. This may result in accidentally increasing your test coverage percentage. [Issue #3667](projectlombok/lombok#3667).
• IMPROBABLE BREAKING CHANGE: When lombok.config contains lombok.onX.flagUsage = WARNING, from now on warnings will actually be generated if onX is used.[Issue #2848](projectlombok/lombok#2848)
• BUGFIX: When @SuperBuilder was used on a type with an generic array type, it would error wrong number of type arguments. [Issue #3694](projectlombok/lombok#3694).
• FEATURE: Lombok generates javadoc for you for most of the methods it adds; with this release, javadoc is also added to generated constructors. [Issue #933](projectlombok/lombok#933).

v1.18.32 (March 20th, 2024)

• PLATFORM: Initial JDK22 support added.
• PLAFTORM Added support for Eclipse 2024-03. [Issue #3620](projectlombok/lombok#3620).
• PLATFORM: Added support for recent versions of eclipse (released Q4 2023 or later or so) which would cause failures in the eclipse logs such as java.lang.NoSuchMethodError: 'java.lang.StringBuffer org.eclipse.jdt…. [Issue #3564](projectlombok/lombok#3564).
• FEATURE: @Locked has been introduced. Like @Synchronized but with java.util.concurrent.locks locks instead of the synchronized primitive. Thanks, Pim van der Loos for the PR! [Issue #3506](projectlombok/lombok#3506).
• NECROMANCY: Inlining a generated getter in eclipse would result in eclipse incorrectly replacing calls with @Getter instead of the actual field's name. [Issue #562](projectlombok/lombok#562). This issue is almost old enough to drink. Points for dedication go to Rawi for fixing this one.
• BUGFIX: When @SuperBuilder was used on a type with an annotated generic type, it would error wrong number of type arguments. [Issue #3592](projectlombok/lombok#3592).
• BUGFIX: It was possible to create an infinite build loop using @ExtensionMethod. [Issue #3225](projectlombok/lombok#3225).
• BUGFIX: Using @Getter(lazy=true) would fail if the expression contained a variable called value. [Issue #2917](projectlombok/lombok#2917).
• BUGFIX: Many lombok features wouldn't work properly on records contained within an outer type unless you explicitly marked it static. [Issue #3497](projectlombok/lombok#3497) [Issue #3559](projectlombok/lombok#3559).
• BUGFIX: Eclipse projects using the com.pro-crafting.tools:jasperreports-plugin will now compile.
• BUGFIX: @FieldNameConstants now works when generated fields are involved. [Issue #3529](projectlombok/lombok#3529).
• IMPROBABLE BREAKING CHANGE: For JSpecify, the package name changed from org.jspecify.nullness to org.jspecify.annotations, which might lead to a different null analysis. [Issue #3608](projectlombok/lombok#3608).

v1.18.30 (September 20th, 2023)

• PLATFORM: Initial JDK21 support added. [Issue #3393](projectlombok/lombok#3393).
• BUGFIX: Any @Helper class directly in a method (and not nested more deeply) wouldn't work. [Issue #3370](projectlombok/lombok#3370).
• BUGFIX: If using the module system and lombok is on the runtime classpath (shouldn't be, but happens), you'd get a split package error: Package org.objectweb.asm in both module lombok and module org.objectweb.asm. [Issue #3474](projectlombok/lombok#3474).
• BUGFIX: Lombok wasn't properly copying the annotations it should be copying when generating methods in records. [Issue #3315](projectlombok/lombok#3315).
• BUGFIX: Delomboking anything with @lombok.Singular in it wouldn't remove that annotation. [Issue #1377](projectlombok/lombok#1377).
• BUGFIX: Calling extension methods such that automatic widening is applied (i.e. calling void ext(long arg) with an int) would fail at runtime. [Issue #3463](projectlombok/lombok#3463).
• BUGFIX: Extension methods can now be used in records. [Issue #3450](projectlombok/lombok#3450).
• BUGFIX: @Getter(lazy=true) with complicated initialization expressions would fail on javac. [Issue #3314](projectlombok/lombok#3314).
• BUGFIX: Using the maven surefire plugin with a module-info.java based project would fail with a SurefireBooterForkException. [Issue #3474](projectlombok/lombok#3474).

Commits

• 91d79ff [release] pre-release version bump
• e8db33a Merge pull request #3768 from tamila-krashtan/fix/with-html
• 0338705 Revert "[fixes #3116] Add multi round support for mapstruct":
• 9af596e Fix typo in With.html
• 3394b6e eclipse downloader: When downloading sources, accept failure.
• 03cd61a Merge branch 'eclipse-tests-fix'
• 7a9f3a8 Fix resource management in the eclipse downloader:
• 87bc91a Merge pull request #3764 from Rawi01/update-index
• d21d551 Close ZipOutputStream in eclipse dependency downloader
• 5caea32 [fixes #3761] Update annotation value index
• Additional commits viewable in compare view

Updates com.fasterxml.jackson.core:jackson-databind from 2.15.2 to 2.18.2

Commits

• See full diff in compare view

Updates com.github.spotbugs:spotbugs-annotations from 4.7.3 to 4.8.6

Release notes

Sourced from com.github.spotbugs:spotbugs-annotations's releases.

SpotBugs 4.8.6

CHANGELOG

Fixed

• Do not report BC_UNCONFIRMED_CAST for Java 21's type switches when the switch instruction is TABLESWITCH (#2782)
• Do not throw exception when inspecting empty switch statements (#2995)
• Adjust priority since relaxed mode reports even IGNORED_PRIORITY (#2994)
• Fix duplicated log4j2 jar in distribution (#3001)

CHECKSUM

file	checksum (sha256)
spotbugs-4.8.6-javadoc.jar	e0af15063395b5eb8002a896dad1d02da869dbc53a7a4b1eee76e9e0f0444fbc
spotbugs-4.8.6-sources.jar	fc38f6b06cf134a6b065e4e73747b17a8d9b107d935c828ebb1b8bee89527da1
spotbugs-4.8.6.tgz	b9d4d25e53cd4202b2dc19c549c0ff54f8a72fc76a71a8c40dee94422c67ebea
spotbugs-4.8.6.zip	67cdc52cceb17eae394f8fc3660f21659cf354908f818e4d1f45a6935c2e4425
spotbugs-annotations-4.8.6-javadoc.jar	0f095f2d0c766b3e2c21ebc226b4f228898fa8c141736f7615a47a2e3be14ba7
spotbugs-annotations-4.8.6-sources.jar	b5d0110b70b9c44915f2c3375d1b700acb6d409152baf70030787d17a684469b
spotbugs-annotations.jar	4548b74a815ed44f5480ca4f06204a8b00809dc7e5f6a825a9edf18f40377b65
spotbugs-ant-4.8.6-javadoc.jar	58f477c4fc59d8355a6c3ec972f216537baa2d30cb9afd38f16b511a31baaa89
spotbugs-ant-4.8.6-sources.jar	9f1431331363f45ceb9b91c0e5246eab574fbff81c56eff0e385f572d346de61
spotbugs-ant.jar	a798346790437cdc18217379fa54a7e6b044ba2070891ebe01faee28af79af6c
spotbugs.jar	69fde8787971a26b2372d416015d806bf7df4f847f7121bd5eeef239324cf180
test-harness-4.8.6-javadoc.jar	1a220e01369a892e765f5956a38c7ebf1b54111eba623f5f79f430dd0336f901
test-harness-4.8.6-sources.jar	76788749afa9e2a8d6c39231f683bd8e3faab26947975c751c0ab0fbdfc3c17a
test-harness-4.8.6.jar	04c7c8e778a1688ab9636ab58b55f1236ae99bb5428a934a7ba0f54857263c74
test-harness-core-4.8.6-javadoc.jar	4a88789a52b52b4227d1f8384caa59f12e503dbb4ae266d4b5c3270e977afa35
test-harness-core-4.8.6-sources.jar	f5db3e4ebf3f90c9bbf4815824c9d94f93fb740c9610b6f70a64bf7896a4e082
test-harness-core-4.8.6.jar	30c2b71900f38b77fb0e4a788b8ae1ea5b9e54f42636111576e338085c9c53dd
test-harness-jupiter-4.8.6-javadoc.jar	49ae6407f1ff6a72a6d49a19b3de55eae791223129ff3b56079f26b3f3a85b1f
test-harness-jupiter-4.8.6-sources.jar	0aefbc5c8bd406e5dc0b1d59bc3afc6889c02010d486b22242f4f19a1a935800
test-harness-jupiter-4.8.6.jar	94c5ceecb79b93f5e357b5d9805f0a7a22536a52c70a376182faa14923d86021

SpotBugs 4.8.5

CHANGELOG

Fixed

• Fix FP SING_SINGLETON_GETTER_NOT_SYNCHRONIZED with eager instances (spotbugs/spotbugs#2932)
• Fix FPs when looking for multiple initialization of Singletons (spotbugs/spotbugs#2934)
• Do not report DLS_DEAD_LOCAL_STORE for Java 21's type switches when switch instruction is TABLESWITCH(spotbugs/spotbugs#2736)
• Fix FP SE_BAD_FIELD for record fields (spotbugs/spotbugs#2935)

CHECKSUM

file	checksum (sha256)
spotbugs-4.8.5-javadoc.jar	c8abae80768a5cd98bb09d13ae8baee1258efaf673e4c21688a581a8bc55cbe6
spotbugs-4.8.5-sources.jar	c21daa57e931c0ea342de685884251e198ea3a48993a6d4c0ac8a9513fc8dd89
spotbugs-4.8.5.tgz	c514054fd8f81f242ac6d64871d30bdb7b79cb49be7bd6b58067484efae8bfa0
spotbugs-4.8.5.zip	a4b7bad5bb8d2d3cdc42b07d6cdd2a0d7864c0b24732120426d0002df4a9dd0f
spotbugs-annotations-4.8.5-javadoc.jar	5e35895e56ea0c2c4beb71a5b6962070d7a7092a79297419482c123c14324096

... (truncated)

Changelog

Sourced from com.github.spotbugs:spotbugs-annotations's changelog.

4.8.6 - 2024-06-17

Fixed

• Do not report BC_UNCONFIRMED_CAST for Java 21's type switches when the switch instruction is TABLESWITCH (#2782)
• Do not throw exception when inspecting empty switch statements (#2995)
• Adjust priority since relaxed mode reports even IGNORED_PRIORITY (#2994)
• Fix duplicated log4j2 jar in distribution (#3001)

4.8.5 - 2024-05-03

Fixed

• Fix FP SING_SINGLETON_GETTER_NOT_SYNCHRONIZED with eager instances (#2932)
• Fix FPs when looking for multiple initialization of Singletons (#2934)
• Do not report DLS_DEAD_LOCAL_STORE for Java 21's type switches when switch instruction is TABLESWITCH(#2736)
• Fix FP SE_BAD_FIELD for record fields (#2935)

4.8.4 - 2024-04-07

Fixed

• Fix FP in SE_PREVENT_EXT_OBJ_OVERWRITE when the if statement checking for null value, checking multiple variables or the method exiting in the if branch with an exception. (#2750)
• Fix possible null value in taxonomies of SARIF output (#2744)
• Fix executionSuccessful flag in SARIF report being set to false when bugs were found (#2116)
• Move information contained in the SARIF property exitSignalName to exitCodeDescription (#2739)
• Do not report SE_NO_SERIALVERSIONID or other serialization issues for records (#2793)
• Added support for CONSTANT_Dynamic (#2759)
• Ignore generic variable types when looking for BC_UNCONFIRMED_CAST_OF_RETURN_VALUE (#1219)
• Do not report BC_UNCONFIRMED_CAST for Java 21's type switches (#2813)
• Remove AppleExtension library (note: menus slightly changed) (#2823)
• Fix false positive NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE even if Objects.requireNonNull is used. (#651, #456)
• Fixed error preventing SpotBugs from reporting FE_FLOATING_POINT_EQUALITY (#2843)
• Fixed NP_LOAD_OF_KNOWN_NULL_VALUE and RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE false positives in try-with-resources generated finally blocks (#2844)
• Do not report DLS_DEAD_LOCAL_STORE for Java 21's type switches (#2828)
• Update UnreadFields detector to ignore warnings for fields with certain annotations (#574)
• Do not report UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR for fields initialized in method annotated with @​PostConstruct, @​BeforeEach, etc. (#2872 #2870 #453)
• Do not report DLS_DEAD_LOCAL_STORE for Hibernate bytecode enhancements (#2865)
• Fixed NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE false positives due to source code formatting (#2874)
• Added more nullability annotations in TypeQualifierResolver (#2558 #2694)
• Improved the bug description for VA_FORMAT_STRING_USES_NEWLINE when using text blocks, check the usage of String.formatted() (#2881)
• Fixed crash in ValueRangeAnalysisFactory when looking for redundant conditions used in assertions #2887)
• Revert again commons-text from 1.11.0 to 1.10.0 to resolve a version conflict (#2686)
• Fixed false positive MC_OVERRIDABLE_METHOD_CALL_IN_CONSTRUCTOR when referencing but not calling an overridable method (#2837)
• Update the filter XSD namespace and location for the upcoming 4.8.4 release (#2909)

Added

• New detector MultipleInstantiationsOfSingletons and introduced new bug types:
  • SING_SINGLETON_HAS_NONPRIVATE_CONSTRUCTOR is reported in case of a non-private constructor,
  • SING_SINGLETON_IMPLEMENTS_CLONEABLE is reported in case of a class directly implementing the Cloneable interface,
  • SING_SINGLETON_INDIRECTLY_IMPLEMENTS_CLONEABLE is reported when a class indirectly implements the Cloneable interface,
  • SING_SINGLETON_IMPLEMENTS_CLONE_METHOD is reported when a class does not implement the Cloneable interface, but has a clone() method,
  • SING_SINGLETON_IMPLEMENTS_SERIALIZABLE is reported when a class directly or indirectly implements the Serializable interface and
  • SING_SINGLETON_GETTER_NOT_SYNCHRONIZED is reported when the instance-getter method of the singleton class is not synchronized. (See SEI CERT MSC07-J)
• Extend FindOverridableMethodCall detector with new bug type: MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT. It's reported when an overridable method is called from readObject(), according to SEI CERT rule SER09-J. Do not invoke overridable methods from the readObject() method.

... (truncated)

Commits

• 6cf7b2c release v4.8.6
• 760571c [sonatype] Use token for sonatype as now enforced
• 7f4ea03 prepare for the next release
• d419a05 release v4.8.6
• 8db7979 Release/4.8.6 (#3015)
• c5d4ca0 chore(deps): update plugin com.github.spotbugs to v6.0.17 (#3009)
• bd2fe15 Update spotbugs plugin to 6.0.16 (#3013)
• 6aecbaf fix: incorrect formatting for links and moved 3001 to unreleased (#3012)
• c246473 fix(deps): update dependency org.springframework:spring-core to v5.3.37 (#3011)
• 4deffa6 chore(deps): update plugin com.gradle.develocity to v3.17.5 (#3010)
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-compiler-plugin from 3.11.0 to 3.13.0

Release notes

Sourced from org.apache.maven.plugins:maven-compiler-plugin's releases.

3.13.0

🚀 New features and improvements

• [MCOMPILER-574] - Propagate cause of exception in AbstractCompilerMojo (#232) @​slawekjaranowski
• [MCOMPILER-582] - Automatic detection of release option for JDK < 9 (#228) @​slawekjaranowski
• [MCOMPILER-583] - Require Maven 3.6.3 (#229) @​slawekjaranowski
• [MCOMPILER-577] - Rename parameter "forceJavacCompilerUse" (#225) @​kwin
• [MCOMPILER-570] - Add links to javac documentation of JDK17 (#224) @​kwin
• [MCOMPILER-576] - Deprecate parameter "compilerVersion" (#223) @​kwin

📦 Dependency updates

• [MCOMPILER-575] - Bump plexusCompilerVersion from 2.14.2 to 2.15.0 (#227) @​dependabot
• Bump apache/maven-gh-actions-shared from 3 to 4 (#226) @​dependabot

📝 Documentation updates

• [MCOMPILER-548] - JDK 21 throws annotations processing warning that can not be turned off (#200) @​hgschmie

👻 Maintenance

• [MCOMPILER-584] - Refresh page - Using Non-Javac Compilers (#231) @​slawekjaranowski
• [MCOMPILER-585] - Refresh plugins versions in ITs (#230) @​slawekjaranowski
• subject verb agreement (#221) @​elharo

3.12.1

🐛 Bug Fixes

• [MCOMPILER-567] - Fail to compile if the generated-sources/annotation… (#218) @​jorsol

📦 Dependency updates

• [MCOMPILER-568] - Bump plexusCompilerVersion from 2.14.1 to 2.14.2 (#220) @​dependabot

3.12.0

🚀 New features and improvements

• [MCOMPILER-562] - Add property maven.compiler.outputDirectory to CompilerMojo (#213) @​jGauravGupta
• [MCOMPILER-381] - Refactor incremental detection (#181) @​jorsol
• [MCOMPILER-542] - Clean JDK patch version in module-info.class (#208) @​jorsol
• [MCOMPILER-558] - compileSourceRoots in testCompile should be writable (#209) @​lorenzsimon
• [MCOMPILER-559] - Warn if overwriting the project's artifact's file to a different value (#211) @​gnodet
• [MCOMPILER-550] - make outputDirectory writable (#202) @​bmarwell
• [MCOMPILER-549] - Improve log message in case of recompilation - fix jenkins build (#203) @​slawekjaranowski
• [MCOMPILER-549] - Improve log message in case of recompilation (#201) @​BrowneMonke
• [MCOMPILER-391] - Use dep mgmt when resolving annotation processors and their deps (#180) @​psiroky
• [MCOMPILER-531] - Prepare for Java 20(-ea) (#184) @​slachiewicz

... (truncated)

Commits

• a1415aa [maven-release-plugin] prepare release maven-compiler-plugin-3.13.0
• b2b9196 [MCOMPILER-574] Propagate cause of exception in AbstractCompilerMojo
• 6d2ce5a [MCOMPILER-584] Refresh page - Using Non-Javac Compilers
• eebad60 [MCOMPILER-585] Refresh plugins versions in ITs
• ceacf68 [MCOMPILER-582] Automatic detection of release option for JDK < 9
• 110293f [MCOMPILER-583] Require Maven 3.6.3
• 90131df [MCOMPILER-575] Bump plexusCompilerVersion from 2.14.2 to 2.15.0 (#227)
• 74cfc72 [MCOMPILER-548] JDK 21 throws annotations processing warning that can not be ...
• f85aa27 Bump apache/maven-gh-actions-shared from 3 to 4
• d59ef49 extract Maven 3.3.1 specific method call
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-source-plugin from 3.3.0 to 3.3.1

Commits

• f80596e [maven-release-plugin] prepare release maven-source-plugin-3.3.1
• 7626998 Bump apache/maven-gh-actions-shared from 3 to 4
• 83c963c Bump org.apache.maven.plugins:maven-plugins from 39 to 41 (#18)
• 40ae495 Bump org.codehaus.plexus:plexus-archiver from 4.8.0 to 4.9.1 (#20)
• 073462b Bump org.apache.maven:maven-archiver from 3.6.0 to 3.6.1 (#21)
• 0b1c823 Fix typos in AbstractSourceJarMojo exception
• 099c65a [MSOURCES-142] Bump org.codehaus.plexus:plexus-archiver from 4.7.1 to 4.8.0 (...
• 1edeea4 [MSOURCES-139] Fix typo in AbstractSourceJarMojo exception
• 436966e [maven-release-plugin] prepare for next development iteration
• See full diff in compare view

Updates org.apache.maven.plugins:maven-javadoc-plugin from 3.5.0 to 3.11.1

Release notes

Sourced from org.apache.maven.plugins:maven-javadoc-plugin's releases.

maven-javadoc-plugin-3.11.1

What's Changed

• [MJAVADOC-821] Align toolchain discovery code with Maven Compiler Plugin by @​michael-o in apache/maven-javadoc-plugin#334

Full Changelog: apache/maven-javadoc-plugin@maven-javadoc-plugin-3.11.0...maven-javadoc-plugin-3.11.1

maven-javadoc-plugin-3.10.1

What's Changed

• [MJAVADOC-810] [REGRESSION] MJAVADOC-791 causes forked Maven execution fail if any toolchains or settings file isn't present by @​cstamas in apache/maven-javadoc-plugin#313
• Bump org.apache.commons:commons-lang3 from 3.16.0 to 3.17.0 by @​dependabot in apache/maven-javadoc-plugin#314
• Bump org.codehaus.plexus:plexus-io from 3.5.0 to 3.5.1 by @​dependabot in apache/maven-javadoc-plugin#315
• Bump commons-io:commons-io from 2.16.1 to 2.17.0 by @​dependabot in apache/maven-javadoc-plugin#319
• [MJAVADOC-812] [REGRESSION] maven-javadoc-plugin 3.10.0 creates empty… by @​michael-o in apache/maven-javadoc-plugin#320

Full Changelog: apache/maven-javadoc-plugin@maven-javadoc-plugin-3.10.0...maven-javadoc-plugin-3.10.1

maven-javadoc-plugin-3.10.0

❗ NOTICE

Due to Doxia 2.x stack maven-site-plugin 3.20+ is requred.

What's Changed

• Add test for custom FixJavadocMojo#defaultVersion by @​Marcono1234 in apache/maven-javadoc-plugin#305
• Bump org.apache.commons:commons-lang3 from 3.14.0 to 3.15.0 by @​dependabot in apache/maven-javadoc-plugin#304
• Improve URL handling by @​michael-o in apache/maven-javadoc-plugin#310
• Bump org.apache.commons:commons-lang3 from 3.15.0 to 3.16.0 by @​dependabot in apache/maven-javadoc-plugin#307
• Bump org.hamcrest:hamcrest-core from 2.2 to 3.0 by @​dependabot in apache/maven-javadoc-plugin#306
• Improve ITs by @​michael-o in apache/maven-javadoc-plugin#311
• Bump org.apache.maven.plugins:maven-plugins from 42 to 43 by @​dependabot in apache/maven-javadoc-plugin#294
• [MJAVADOC-809] Align Mojo class names by @​michael-o in apache/maven-javadoc-plugin#312
• [MJAVADOC-784] Upgrade to Doxia 2.0.0 Milestone Stack by @​michael-o in apache/maven-javadoc-plugin#204

Full Changelog: apache/maven-javadoc-plugin@maven-javadoc-plugin-3.8.0...maven-javadoc-plugin-3.10.0

maven-javadoc-plugin-3.8.0

What's Changed

• Bump org.springframework:spring-context from 4.3.29.RELEASE to 5.2.21.RELEASE in /src/it/projects/MJAVADOC-434_fixcompile by @​dependabot in apache/maven-javadoc-plugin#280
• Fix usage documentation mentioning nohelp default value by @​indyteo in apache/maven-javadoc-plugin#286
• [MJAVADOC-796] Do not follow links for Java 12+ by @​michael-o in apache/maven-javadoc-plugin#287
• [MJAVADOC-800] Bump org.codehaus.plexus:plexus-io from 3.4.2 to 3.5.0 by @​dependabot in apache/maven-javadoc-plugin#291
• Remove outdated invoker conditions by @​michael-o in apache/maven-javadoc-plugin#292
• Bump org.assertj:assertj-core from 3.26.0 to 3.26.3 by @​dependabot in apache/maven-javadoc-plugin#293
• Bump org.apache.maven.shared:maven-common-artifact-filters from 3.2.0 to 3.4.0 by @​dependabot in apache/maven-javadoc-plugin#288
• [MJAVADOC-799] Remove inconsistent AbstractFixJavadocMojo#defaultVersion default value by @​Marcono1234 in apache/maven-javadoc-plugin#295
• [MJAVADOC-801] Upgrade to Clirr Maven Plugin 2.8 in fix goals by @​michael-o in apache/maven-javadoc-plugin#296
• [MJAVADOC-803] Add default parameter to force root locale by @​michael-o in apache/maven-javadoc-plugin#298
• [MJAVADOC-783] Invalid path when using TagletArtifact and TagletPath by @​michael-o in apache/maven-javadoc-plugin#300

... (truncated)

Commits

• 619650c [maven-release-plugin] prepare release maven-javadoc-plugin-3.11.1
• e314da0 [MJAVADOC-821] Align toolchain discovery code with Maven Compiler Plugin
• 62a6861 [MJAVADOC-820] [REGRESSION] MJAVADOC-787 was merged incompletely
• d1090c5 [maven-release-plugin] prepare for next development iteration
• ee030f7 [maven-release-plugin] prepare release maven-javadoc-plugin-3.11.0
• 6c5fdc0 [MJAVADOC-819] Align archive generation code with Maven Source Plugin
• 3a90de5 [MJAVADOC-787] Automatic detection of release option for JDK < 9
• 373172d [MJAVADOC-817] Upgrade to Doxia 2.0.0 GA Stack
• ba266c0 Fix SCM tag
• 5775ce1 Fix typo
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-checkstyle-plugin from 3.3.0 to 3.6.0

Commits

• dd1abd9 [maven-release-plugin] prepare release maven-checkstyle-plugin-3.6.0
• 9ccb06e fix
• 6ac89b8 [MCHECKSTYLE-452] Upgrade to Doxia 2.0.0 GA Stack
• ff1a1b7 Bump org.apache.commons:commons-lang3 from 3.16.0 to 3.17.0
• 13e16c5 Remove unecessary test dependency on plexus-container-default
• a7c962a [maven-release-plugin] prepare for next development iteration
• 868abc9 [maven-release-plugin] prepare release maven-checkstyle-plugin-3.5.0
• 9043f8a [MCHECKSTYLE-446] Dynamically calculate xrefLocation/xrefTestLocation
• 0e7bd00 [MCHECKSTYLE-445] Upgrade to Doxia 2.0.0 Milestone Stack
• b92666d Bump org.apache.maven.plugins:maven-plugins from 42 to 43
• Additional commits viewable in compare view

Updates com.github.spotbugs:spotbugs-maven-plugin from 4.7.3.5 to 4.8.6.6

Release notes

Sourced from com.github.spotbugs:spotbugs-maven-plugin's releases.

Spotbugs Maven Plugin 4.8.6.6

• Cleanup groovy code
• Cleanup character encoding
• Update deprecated maven calls
• Groovy moved to 4.0.24

Compatibility remains with 4.8.6 of spotbugs

Spotbugs Maven Plugin 4.8.6.5

• Moved most 'read' only maven injections to read data from maven session instead to overcome many deprecated usage. This puts it on their api and thus if things are internally deprecated, its then maven's issue rather than this plugin to figure out.
• remove obsolete script source roots as no longer support in maven 4 and technically I've never seen them used. Please let me know if this negatively affects you as there are other manually coded items like kotlin / groovy that are in the code there so scripts could be manually added back.
• Remove some of the read only attributes for maven injection that were not actually used.
• More def to object type
• Various lib / plugin updates
• Enable partial formatting (mostly removing trailing whitespace)

Compatibility remains with 4.8.6 of spotbugs

Spotbugs Maven Plugin 4.8.6.4

• Groovy set to 4.0.23
• Drop maven site plugin 3.6 and before support.

Spotbugs Maven Plugin 4.8.6.3

• Ability to disable logs in quite mode (spotbugs.quiet) #842
• Fix output directory per #807
• Update plugins / dependencies
• Fix tag used to build spotbugs during GHA
• Use inject annotation from jsr330 instead of deprecated component annotation

Build

• Remove old overrides from pom as addressed
• Cleanup javadocs
• Remove snapshot from javadocs at 2.1 as non existent
• Order attribute order of annotations
• Use log commonly throughout (newer coded used getLog in one place)
• Sort imports
• Add opens for java.lang and java.util for site build as needed on newer jdks
• Correct GHA for site distribution
• Delete duplicate codeql github action
• Speed up github actions

Spotbugs Maven Plugin 4.8.6.2

• Supports spotbugs 4.8.6
• Uses groovy 4.0.22

Spotbugs Maven Plugin 4.8.6.1

• Supports spotbugs 4.8.6
• Restore java 8 support

Spotbugs Maven Plugin 4.8.6.0

... (truncated)

Commits

• 9895d2e [maven-release-plugin] prepare release spotbugs-maven-plugin-4.8.6.6
• 028a1a3 Merge pull request #924 from hazendaz/next-up
• 1b6f4bf [ci] Gstring to string
• cf9ebd1 [ci] Run eclipse formatter against the code
• 62ddea0 Merge pull request #923 from hazendaz/charset
• 559b0ca [logging] Use correct quoting in log line
• f2baf85 [maven] Update deprecated code from current project call for reports plugin
• e5fd7e7 [groovy] Use less gstrings when not needed and sort parameter attributes
• 260a4da Merge pull request #922 from hazendaz/charset
• 192e8f2 Revert "[github] Bump to maven 4.0.0-beta-5"
• Additional commits viewable in compare view

Updates org.jacoco:jacoco-maven-plugin from 0.8.10 to 0.8.12

Release notes

Sourced from org.jacoco:jacoco-maven-plugin's releases.

0.8.12

New Features

• JaCoCo now officially supports Java 22 (GitHub #1596).
• Experimental support for Java 23 class files (GitHub #1553).

Fixed bugs

• Branches added by the Kotlin compiler for functions with default arguments and having more than 32 parameters are filtered out during generation of report (GitHub #1556).
• Branch added by the Kotlin compiler version 1.5.0 and above for reading from lateinit property is filtered out during generation of report (GitHub #1568).

Non-functional Changes

• JaCoCo now depends on ASM 9.7 (GitHub #1600).

0.8.11

New Features

• JaCoCo now officially supports Java 21 (GitHub #1520).
• Experimental support for Java 22 class files (GitHub #1479).
• Part of bytecode generated by the Java compilers for exhaustive switch expressions is filtered out during generation of report (GitHub #1472).
• Part of bytecode generated by the Java compilers for record patterns is filtered out during generation of report (GitHub #1473).

Fixed bugs

• Instrumentation should not cause VerifyError when the last local variable of method parameters is overridden in the method body to store a value of type long or double (GitHub #893).
• Restore exec file compatibility with versions from 0.7.5 to 0.8.8 in case of class files with zero line numbers (GitHub #1492).

Non-functional Changes

• jacoco-maven-plugin now requires at least Java 8 (GitHub #1466, #1468).
• JaCoCo build now requires at least Maven 3.5.4 (GitHub #1467).
• Maven 3.9.2 should not produce warnings for jacoco-maven-plugin (GitHub #1468).
• JaCoCo build now requires JDK 17 (GitHub #1482).
• JaCoCo now depends on ASM 9.6 (GitHub #1518).

Commits

• dbfb6f2 Prepare release 0.8.12
• a50585b Upgrade maven-plugin-plugin to 3.6.4 (#1604)
• fd63cc5 Configure labels that Dependabot assigns to PRs (#1603)
• 03a5333 Add configuration for Dependabot to simplify updates of ASM (#1601)
• 40ff9fb Upgrade ASM to 9.7 (#1600)
• 9077178 Happy birthday Java 22! (#1596)
• 7edd1b5 Bump actions/setup-java from 4.1.0 to 4.2.1 (#1594)
• e50b547 Upgrade ECJ to 3.37.0 (#1590)
• a1144d0 Upgrade maven-site-plugin to 3.12.1 (#1586)
• 04b0141 Bump actions/setup-java from 4.0.0 to 4.1.0 (#1587)
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-gpg-plugin from 3.1.0 to 3.2.7

Release notes

Sourced from org.apache.maven.plugins:maven-gpg-plugin's releases.

3.2.7

Fixes a lingering issue affecting whole 3.2.x lineage, that resulted in "bad passphrase" on Windows OS with GPG...

Description has been truncated

[dependabot]

Superseded by #251.