Bump the maven-build-plugins group across 1 directory with 4 updates #68

dependabot · 2025-09-16T15:37:17Z

Bumps the maven-build-plugins group with 4 updates in the / directory: org.apache.maven.plugins:maven-surefire-plugin, org.apache.maven.plugins:maven-javadoc-plugin, org.apache.maven.plugins:maven-gpg-plugin and org.sonatype.central:central-publishing-maven-plugin.

Updates org.apache.maven.plugins:maven-surefire-plugin from 3.5.3 to 3.5.4

Release notes

Sourced from org.apache.maven.plugins:maven-surefire-plugin's releases.

3.5.4

🚀 New features and improvements

Name the shutdown hook (#3170) @cstamas

Implement fail-fast behavior for JUnit Platform provider (#3155) @marcphilipp

Create a single LauncherSession for invocations of JUnitPlatformProvider (#863) @marcphilipp

🐛 Bug Fixes

[SUREFIRE-2298] - fix xml output with junit 5 nested classes (fix integration with Cucumber and Archunit) (#828) @olamy

👻 Maintenance

feat: enable prevent branch protection rules (#3168) @sparsick

Get rid of plexus-annotations (#3163) @olamy

Remove maven-changes-plugin (#861) @sparsick

Enable GitHub Issues (#831) @Bukama

📦 Dependency updates

Bump org.htmlunit:htmlunit from 4.15.0 to 4.16.0 (#3173) @dependabot[bot]

Bump org.codehaus.plexus:plexus-i18n from 1.0-beta-10 to 1.0.0 (#3172) @dependabot[bot]

Bump org.htmlunit:htmlunit from 4.13.0 to 4.15.0 (#3171) @dependabot[bot]

Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 (#3167) @dependabot[bot]

Bump org.apache.commons:commons-compress from 1.27.1 to 1.28.0 (#3165) @dependabot[bot]

Bump commons-io:commons-io from 2.19.0 to 2.20.0 (#3161) @dependabot[bot]

Bump org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0 (#3158) @dependabot[bot]

Bump org.htmlunit:htmlunit from 4.12.0 to 4.13.0 (#856) @dependabot[bot]

Bump org.xmlunit:xmlunit-core from 2.10.2 to 2.10.3 (#860) @dependabot[bot]

Bump commons-beanutils:commons-beanutils from 1.7.0 to 1.11.0 in /surefire-its/src/test/resources/webapp (#851) @dependabot[bot]

Bump org.htmlunit:htmlunit from 4.11.1 to 4.12.0 (#844) @dependabot[bot]

Bump org.fusesource.jansi:jansi from 2.4.1 to 2.4.2 (#836) @dependabot[bot]

Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#833) @dependabot[bot]

Bump org.codehaus.plexus:plexus-interpolation from 1.27 to 1.28 (#829) @dependabot[bot]

Bump org.codehaus.plexus:plexus-java from 1.4.0 to 1.5.0 (#830) @dependabot[bot]

Bump jacocoVersion from 0.8.12 to 0.8.13 (#827) @dependabot[bot]

Commits

88513d8 [maven-release-plugin] prepare release surefire-3.5.4
9c48828 Simplify cuncumber IT configuration and make windows build working again (#3174)
74b2d8c Bump org.htmlunit:htmlunit from 4.15.0 to 4.16.0 (#3173)
6c30bf1 [SUREFIRE-2298] fix xml output with junit 5 nested classes (#828)
9f49866 Bump org.codehaus.plexus:plexus-i18n from 1.0-beta-10 to 1.0.0 (#3172)
fb96954 Bump org.htmlunit:htmlunit from 4.13.0 to 4.15.0 (#3171)
1e63159 Name the shutdown hook (#3170)
76e806a feat: enable prevent branch protection rules (#3168)
0fbfb27 Implement fail-fast behavior for JUnit Platform provider (#3155)
98d081e Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 (#3167)
Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-javadoc-plugin from 3.11.2 to 3.11.3

Release notes

Sourced from org.apache.maven.plugins:maven-javadoc-plugin's releases.

3.11.3

🚨 Removed

Remove workaround for long patched CVE in javadoc (#388) @elharo

🚀 New features and improvements

Issue #369 Support --no-fonts option per default for jdk 23+ (#375) @olamy

🐛 Bug Fixes

Make the legacyMode consistent (Filter out all of the module-info.java files in legacy mode, do not use --source-path in legacy mode) (#1217) @fridrich

[MJAVADOC-826] - Don't try to modify project source roots (#358) @oehme

📝 Documentation updates

Correct javadoc-no-fork description on index-page (#368) @Bukama

[MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#360) @Bukama

(doc) Close links tag in links parameter javadoc example (#355) @sixcorners

👻 Maintenance

Be consistent about data encoding when copying files (#1215) @fridrich

Clean up JavadocUtilTest (#1210) @elharo

Use Java 7 relativization instead of hand-rolled code (#385) @elharo

Rephrase source code fix interactive messages for clarity (#390) @elharo

Reduce non-debug logging (#389) @elharo

Delete duplicate @throws clause (#384) @elharo

Use Java 7 relativization instead of our hand-rolled code (#381) @elharo

Clean up comments and argument names (#386) @elharo

Remove workaround for long patched CVE in javadoc (#388) @elharo

Issue #378 Cleanup of code related to old non supported Java version (#382) @olamy

Cure deprecation warning (#383) @elharo

[MJAVADOC-773] - deprecate toRelative (#379) @elharo

Issue #373 Fix JDK 23 build (#374) @olamy

Fix aggregate Javadoc typo (#371) @JackPGreen

Enable GH issues (#365) @Bukama

[MJAVADOC-825] - Prefer NullPointerExceptions for null arguments (#350) @elharo

📦 Dependency updates

Bump commons-io:commons-io from 2.19.0 to 2.20.0 (#1221) @dependabot[bot]

Bump org.apache.commons:commons-text from 1.13.1 to 1.14.0 (#1222) @dependabot[bot]

Bump org.apache.commons:commons-lang3 from 3.6 to 3.18.0 in /src/it/projects/MJAVADOC-787 (#1227) @dependabot[bot]

Maven Archiver 3.6.4 (#1226) @olamy

Bump org.apache.commons:commons-lang3 from 3.6 to 3.18.0 in /src/it/projects/MJAVADOC-575_source8-module-info (#1224) @dependabot[bot]

Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 (#1223) @dependabot[bot]

Bump org.apache.commons:commons-lang3 from 3.6 to 3.18.0 in /src/it/projects/MJAVADOC-506_excl-module-info (#1218) @dependabot[bot]

Bump org.codehaus.plexus:plexus-java from 1.3.0 to 1.5.0 (#363) @dependabot[bot]

... (truncated)

Commits

8357bc2 [maven-release-plugin] prepare release maven-javadoc-plugin-3.11.3
ab6e97e Bump commons-io:commons-io from 2.19.0 to 2.20.0
83788c1 Bump org.apache.commons:commons-text from 1.13.1 to 1.14.0
99ee1fc Bump org.apache.commons:commons-lang3 in /src/it/projects/MJAVADOC-787
18bfeb8 Maven Archiver 3.6.4 (#1226)
63618bb Bump org.apache.commons:commons-lang3 (#1224)
81afff9 Bump org.assertj:assertj-core from 3.27.3 to 3.27.4 (#1223)
8bcdebf Add Apache 2.0 LICENSE file (#1220)
2299072 Make the legacyMode consistent and actually useful (#1217)
33c9f01 Be consistent about data encoding when copying files (#1215)
Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-gpg-plugin from 3.2.7 to 3.2.8

Release notes

Sourced from org.apache.maven.plugins:maven-gpg-plugin's releases.

3.2.8

🐛 Bug Fixes

Make empty classifier null (not empty string) (#287) @cstamas

📝 Documentation updates

[MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#129) @Bukama

Describe how to prime a specific GPG key (#128) @kwin

👻 Maintenance

Enable GitHub issues (#134) @Bukama

Prefer Guice constructor injection (#126) @elharo

📦 Dependency updates

Update parent POM to 45 (#284) @cstamas

Bump bouncycastleVersion from 1.78.1 to 1.80 (#127) @dependabot[bot]

Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#133) @dependabot[bot]

Bump org.apache.maven.plugins:maven-invoker-plugin from 3.8.0 to 3.9.0 (#125) @dependabot[bot]

Bump org.simplify4u.plugins:pgpverify-maven-plugin from 1.18.2 to 1.19.1 (#131) @dependabot[bot]

Bump commons-io:commons-io from 2.17.0 to 2.18.0 (#124) @dependabot[bot]

Commits

8a46455 [maven-release-plugin] prepare release maven-gpg-plugin-3.2.8
7012821 Fix issueManagement, ciManagement system and url
a9a8c84 Make empty classifier null (not empty string) (#287)
a8368b0 Add .mvn
f0e45e0 Update parent POM to 45 (#284)
cb1236c Bump bouncycastleVersion from 1.78.1 to 1.80 (#127)
5377a10 Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#133)
8b63932 Bump org.apache.maven.plugins:maven-invoker-plugin from 3.8.0 to 3.9.0 (#125)
54ea518 Bump org.simplify4u.plugins:pgpverify-maven-plugin from 1.18.2 to 1.19.1
a6a412d Remove old JIRA issue link
Additional commits viewable in compare view

Updates org.sonatype.central:central-publishing-maven-plugin from 0.7.0 to 0.8.0

Commits

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the maven-build-plugins group with 4 updates in the / directory: [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire), [org.apache.maven.plugins:maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin), [org.apache.maven.plugins:maven-gpg-plugin](https://github.com/apache/maven-gpg-plugin) and [org.sonatype.central:central-publishing-maven-plugin](https://github.com/sonatype/central-publishing-maven-plugin). Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.5.3 to 3.5.4 - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](apache/maven-surefire@surefire-3.5.3...surefire-3.5.4) Updates `org.apache.maven.plugins:maven-javadoc-plugin` from 3.11.2 to 3.11.3 - [Release notes](https://github.com/apache/maven-javadoc-plugin/releases) - [Commits](apache/maven-javadoc-plugin@maven-javadoc-plugin-3.11.2...maven-javadoc-plugin-3.11.3) Updates `org.apache.maven.plugins:maven-gpg-plugin` from 3.2.7 to 3.2.8 - [Release notes](https://github.com/apache/maven-gpg-plugin/releases) - [Commits](apache/maven-gpg-plugin@maven-gpg-plugin-3.2.7...maven-gpg-plugin-3.2.8) Updates `org.sonatype.central:central-publishing-maven-plugin` from 0.7.0 to 0.8.0 - [Commits](https://github.com/sonatype/central-publishing-maven-plugin/commits) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-version: 3.5.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven-build-plugins - dependency-name: org.apache.maven.plugins:maven-javadoc-plugin dependency-version: 3.11.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven-build-plugins - dependency-name: org.apache.maven.plugins:maven-gpg-plugin dependency-version: 3.2.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: maven-build-plugins - dependency-name: org.sonatype.central:central-publishing-maven-plugin dependency-version: 0.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: maven-build-plugins ... Signed-off-by: dependabot[bot] <[email protected]>

infeo · 2025-09-16T15:39:48Z

@dependabot squash & merge

dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Sep 16, 2025

infeo added this to the next milestone Sep 16, 2025

dependabot bot merged commit 59665e3 into develop Sep 16, 2025
9 checks passed

dependabot bot deleted the dependabot/maven/maven-build-plugins-b0617ff623 branch September 16, 2025 15:39

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the maven-build-plugins group across 1 directory with 4 updates #68

Bump the maven-build-plugins group across 1 directory with 4 updates #68

Uh oh!

dependabot bot commented on behalf of github Sep 16, 2025

Uh oh!

infeo commented Sep 16, 2025

Uh oh!

Uh oh!

Uh oh!

Bump the maven-build-plugins group across 1 directory with 4 updates #68

Bump the maven-build-plugins group across 1 directory with 4 updates #68

Uh oh!

Conversation

dependabot bot commented on behalf of github Sep 16, 2025

3.5.4

🚀 New features and improvements

🐛 Bug Fixes

👻 Maintenance

📦 Dependency updates

3.11.3

🚨 Removed

🚀 New features and improvements

🐛 Bug Fixes

📝 Documentation updates

👻 Maintenance

📦 Dependency updates

3.2.8

🐛 Bug Fixes

📝 Documentation updates

👻 Maintenance

📦 Dependency updates

Uh oh!

infeo commented Sep 16, 2025

Uh oh!

Uh oh!

Uh oh!