Skip to content

chore(deps): bump the maven-version-updates group across 1 directory with 25 updates#121

Open
dependabot[bot] wants to merge 1 commit intobetafrom
dependabot/maven/maven-version-updates-eceb29eeb0
Open

chore(deps): bump the maven-version-updates group across 1 directory with 25 updates#121
dependabot[bot] wants to merge 1 commit intobetafrom
dependabot/maven/maven-version-updates-eceb29eeb0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 2, 2026

Bumps the maven-version-updates group with 25 updates in the / directory:

Package From To
org.bouncycastle:bcprov-jdk18on 1.81 1.83
org.bouncycastle:bcpkix-jdk18on 1.81 1.83
com.google.errorprone:error_prone_core 2.40.0 2.48.0
com.uber.nullaway:nullaway 0.12.7 0.13.1
com.nimbusds:nimbus-jose-jwt 10.4 10.8
com.nimbusds:oauth2-oidc-sdk 11.26 11.33
org.apache.httpcomponents.client5:httpclient5 5.5 5.6
org.openapitools:jackson-databind-nullable 0.2.6 0.2.9
org.junit.jupiter:junit-jupiter-api 5.13.4 6.0.3
org.testcontainers:testcontainers 1.21.4 2.0.3
io.github.classgraph:classgraph 4.8.181 4.8.184
org.jetbrains.kotlin:kotlin-stdlib 2.1.10 2.3.10
org.apache.commons:commons-compress 1.27.1 1.28.0
com.google.errorprone:error_prone_annotations 2.40.0 2.48.0
com.github.spotbugs:spotbugs-maven-plugin 4.9.3.2 4.9.8.2
org.apache.maven.plugins:maven-compiler-plugin 3.14.0 3.15.0
org.apache.maven.plugins:maven-enforcer-plugin 3.6.1 3.6.2
org.apache.maven.plugins:maven-surefire-plugin 3.5.3 3.5.5
org.apache.maven.plugins:maven-jar-plugin 3.4.2 3.5.0
org.apache.maven.plugins:maven-javadoc-plugin 3.11.2 3.12.0
org.apache.maven.plugins:maven-source-plugin 3.3.1 3.4.0
org.jacoco:jacoco-maven-plugin 0.8.13 0.8.14
org.apache.maven.plugins:maven-failsafe-plugin 3.5.3 3.5.5
com.diffplug.spotless:spotless-maven-plugin 2.46.0 3.3.0
org.sonatype.central:central-publishing-maven-plugin 0.8.0 0.10.0

Updates org.bouncycastle:bcprov-jdk18on from 1.81 to 1.83

Changelog

Sourced from org.bouncycastle:bcprov-jdk18on's changelog.

2.1.1 Version Release: 1.84 Date:      TBD

2.2.1 Version Release: 1.83 Date:      2025, November 27th.

... (truncated)

Commits

Updates org.bouncycastle:bcpkix-jdk18on from 1.81 to 1.83

Changelog

Sourced from org.bouncycastle:bcpkix-jdk18on's changelog.

2.1.1 Version Release: 1.84 Date:      TBD

2.2.1 Version Release: 1.83 Date:      2025, November 27th.

... (truncated)

Commits

Updates com.google.errorprone:error_prone_core from 2.40.0 to 2.48.0

Release notes

Sourced from com.google.errorprone:error_prone_core's releases.

Error Prone 2.48.0

Changes:

New checks:

Closed issues: #5529, #5537, #5522, #5521

Full changelog: google/error-prone@v2.47.0...v2.48.0

Error Prone 2.47.0

New checks:

Closed issues: #1811, #4168, #5459, #5460

Full changelog: google/error-prone@v2.46.0...v2.47.0

Error Prone 2.46.0

Changes:

New checks:

Full changelog: google/error-prone@v2.45.0...v2.46.0

Error Prone 2.45.0

Changes:

  • Improved compatibility with latest JDK 26 EA builds.

New checks:

... (truncated)

Commits
  • 7cec0a0 Release Error Prone 2.48.0
  • 01c603a Extend MissingTestCall to check for member references.
  • 3d817b0 Handle var in UnnecessaryBoxedVariable
  • ad26f3e Add ConcurrentHashMap.keys() and ConcurrentHashMap.elements() to `JdkObso...
  • 7926dbc Fix MustBeClosedChecker crash on flexible constructors.
  • d08f003 Check for jakarta annotations in DI checks
  • 171448c Add android internal GuardedBy to ACCEPTED_GUARDED_BY_ANNOTATIONS
  • 5cb6075 Remove the MissingTestCall:MatchGraphVerify flag.
  • ab81681 Improve crash messages for fixes that don't apply
  • fe9bb21 Add a test to confirm that TimeUnitMismatch catches `seconds * 1000 + nanos /...
  • Additional commits viewable in compare view

Updates com.uber.nullaway:nullaway from 0.12.7 to 0.13.1

Release notes

Sourced from com.uber.nullaway:nullaway's releases.

NullAway 0.13.1

  • Improve verification of !null -> !null contracts (#1441)
  • Substitute inferred @NonNull types for generic method inference (#1445)
  • Better support for some contracts with boolean argument constraints (#1447)
  • Maintenance
    • Add junit-framework as another integration test (#1446)

NullAway 0.13.0

NullAway now requires a minimum of JDK 17 and Error Prone 2.36.0 to run; we bump the version to 0.13.0 to reflect these updated requirements. There are also many improvements to JSpecify mode support, and several nice changes and improvements from first-time contributors.

  • Support added for JUnit's @​TempDir by @​romainmoreau (#1387)
  • Use OptimizedLibraryModels for method type variable upper bounds (#1388)
  • Add @​InjectWireMock as known excluded field annotation (#1391)
  • Require JDK 17 to run NullAway (#1394)
  • Support adding nested nullability annotations in library models (#1407)
  • Add library model for AtomicReferenceFieldUpdater (#1409)
  • Correctly get parameter types for a lambda whose type was inferred (#1348)
  • Add Mockito annotations to default excluded field annotations by @​murdos (#1418)
  • Properly identify annotations directly on the array element type of a Symbol (#1419)
  • Update to Checker Framework 3.53.0 (#1429)
  • JSpecify: Apply annotations on type variables to lambdas in more cases (#1428)
  • Migrate AutoValue to Records by @​rishikraj990 (#1415)
  • Bump minimum Error Prone version to 2.36.0, and add detection of nullable dereference by switch expressions (#1427)
  • JSpecify: Improve handling of method references (#1430)
  • Allow suppressing nullaway on individual parameters by @​jackwickham (#1436)
  • Update jdk-javac-plugin to contain nested annotations by @​haewiful (#1432)
  • Maintenance
    • Delete code to generate library models from source (#1385)
    • Refactor: Migration to Version Catalog completed by @​vitinh0z (#1386)
    • Bump Gradle to 9.2.1 (#1392)
    • Update to Error Prone 2.45.0 (#1401)
    • Stop matching switch expression kind using strings (#1404)
    • Refactoring: clarify docs and naming for RestoreNullnessAnnotationsVisitor (#1406)
    • Refactoring: rename method and field (#1405)
    • Run NullAway on jdk-javac-plugin code (#1408)
    • Clarify comment in test (#1411)
    • Enable PatternMatchingInstanceOf check and fix all warnings (#1412)
    • Enable StatementSwitchToExpressionSwitch check and fix all warnings (#1413)
    • bump and remove some dependencies (#1414)
    • Update minimum supported Error Prone version to 2.25.0 (#1421)
    • Update CI to run builds on JDK 25 (#1422)
    • Various cleanups suggested by IntelliJ (#1423)
    • Convert test data in main NullAway tests to use text blocks (#1424)
    • Refactor CoreTests and UnannotatedTests to use addSourceLines and inline test data by @​cobayo (#1426)
    • Refactor ContractsTests to use Java text blocks by @​cobayo (#1435)
    • Update Error Prone and errorprone-plugin versions (#1434)

NullAway 0.12.15

... (truncated)

Changelog

Sourced from com.uber.nullaway:nullaway's changelog.

Version 0.13.1

  • Improve verification of !null -> !null contracts (#1441)
  • Substitute inferred @NonNull types for generic method inference (#1445)
  • Better support for some contracts with boolean argument constraints (#1447)
  • Maintenance
    • Add junit-framework as another integration test (#1446)

Version 0.13.0

NullAway now requires a minimum of JDK 17 and Error Prone 2.36.0 to run; we bump the version to 0.13.0 to reflect these updated requirements. There are also many improvements to JSpecify mode support, and several nice changes and improvements from first-time contributors.

  • Support added for JUnit's @​TempDir by @​romainmoreau (#1387)
  • Use OptimizedLibraryModels for method type variable upper bounds (#1388)
  • Add @​InjectWireMock as known excluded field annotation (#1391)
  • Require JDK 17 to run NullAway (#1394)
  • Support adding nested nullability annotations in library models (#1407)
  • Add library model for AtomicReferenceFieldUpdater (#1409)
  • Correctly get parameter types for a lambda whose type was inferred (#1348)
  • Add Mockito annotations to default excluded field annotations by @​murdos (#1418)
  • Properly identify annotations directly on the array element type of a Symbol (#1419)
  • Update to Checker Framework 3.53.0 (#1429)
  • JSpecify: Apply annotations on type variables to lambdas in more cases (#1428)
  • Migrate AutoValue to Records by @​rishikraj990 (#1415)
  • Bump minimum Error Prone version to 2.36.0, and add detection of nullable dereference by switch expressions (#1427)
  • JSpecify: Improve handling of method references (#1430)
  • Allow suppressing nullaway on individual parameters by @​jackwickham (#1436)
  • Update jdk-javac-plugin to contain nested annotations by @​haewiful (#1432)
  • Maintenance
    • Delete code to generate library models from source (#1385)
    • Refactor: Migration to Version Catalog completed by @​vitinh0z (#1386)
    • Bump Gradle to 9.2.1 (#1392)
    • Update to Error Prone 2.45.0 (#1401)
    • Stop matching switch expression kind using strings (#1404)
    • Refactoring: clarify docs and naming for RestoreNullnessAnnotationsVisitor (#1406)
    • Refactoring: rename method and field (#1405)
    • Run NullAway on jdk-javac-plugin code (#1408)
    • Clarify comment in test (#1411)
    • Enable PatternMatchingInstanceOf check and fix all warnings (#1412)
    • Enable StatementSwitchToExpressionSwitch check and fix all warnings (#1413)
    • bump and remove some dependencies (#1414)
    • Update minimum supported Error Prone version to 2.25.0 (#1421)
    • Update CI to run builds on JDK 25 (#1422)
    • Various cleanups suggested by IntelliJ (#1423)
    • Convert test data in main NullAway tests to use text blocks (#1424)
    • Refactor CoreTests and UnannotatedTests to use addSourceLines and inline test data by @​cobayo (#1426)

... (truncated)

Commits
  • cc9dab8 Prepare for release 0.13.1.
  • 99025e4 Changelog for release 0.13.1 (#1449)
  • b27f13d Better support for some contracts with boolean argument constraints (#1447)
  • 4c619e8 Add junit-framework as another integration test (#1446)
  • c27f3f4 Substitute inferred @NonNull types for generic method inference (#1445)
  • fc6d956 Improve verification of !null -> !null contracts (#1441)
  • 7f8bbca Prepare next development version.
  • 36403f3 Prepare for release 0.13.0.
  • 12fe2a1 Changelog for release 0.13.0 (#1439)
  • 32febbd Update jdk-javac-plugin to contain nested annotations (#1432)
  • Additional commits viewable in compare view

Updates com.nimbusds:nimbus-jose-jwt from 10.4 to 10.8

Changelog

Sourced from com.nimbusds:nimbus-jose-jwt's changelog.

10.4 (2025-07-19) * Creates a hierarchy of Option interfaces, extended by JWSSignerOption, JWEEncrypterOption and JWEDecrypterOption. Intended to provide optional configuration parameters to RSASSASigner, ECDSASigner, RSADecrypter, etc. * Introduces CipherMode implementing JWEEncrypterOption and JWEDecrypterOption, to specify a preferred JCA Cipher mode, such as MODE_ENCRYPT / MODE_DECRYPT when the default MODE_WRAP / MODE_UNWRAP is not supported by the JCA provider (iss #576). * Updates RSAEncrypter and RSADecrypter to support the JWEEncrypterOption CipherMode.ENCRYPT_DECRYPT (iss #576). * Factors out OptionUtils.ensureMinRSAPrivateKeySize. * Deprecates OptionUtils.optionIsPresent.

10.4.1 (2025-08-05) * Adds "requires java.sql" to module com.nimbusds.jose.jwt (iss #595).

10.4.2 (2025-08-14) * Updates GSon to 2.13.1. * Updates BouncyCastle to 1.81.

10.5 (2025-09-05) * Support for specifying a ScheduledExecutorService instance in RefreshAheadCachingJWKSetSource and JWKSourceBuilder (iss #592).

10.6 (2025-11-06) * Adds static CollectionUtils.containsNull(Set) method. * DefaultJWTClaimsVerifier accepted "aud" (audience) argument must be compatible with Set.of (iss #499). * The DefaultJWTClaimsVerifier must not include JWT claim values in BadJWTException messages (iss #605).

10.7 (2026-01-08) * Adds MaxCompressedCipherTextLength that implements JWEDecrypterOption, to to configure the maximum allowed length of compressed cipher text. * Adds JWEObject.decrypt(JWEDecrypter, Set) method to support the MaxCompressedCipherTextLength option.

10.8 (2026-02-19) * Adds a PasswordBasedDecrypter(byte[], Set) constructor to specify names of the critical header parameters that are deferred to the application for processing. Aligns with other JWEDecrypter and CriticalHeaderParamsAware implementations (iss #610). * Fixes getDeferredCriticalHeaderParams() in AESDecrypter, DirectDecrypter, RSADecrypter, ECDHDecrypter, X25519Decrypter, ECDH1PUDecrypter, ECDH1PUX25519Decrypter, MultiDecrypter, MACVerifier, ECDSAVerifier and Ed25519Verifier. Must internally call critPolicy.getDeferredCriticalHeaderParams(), not critPolicy.getProcessedCriticalHeaderParams() (iss #612).

11.0 (2026-03-01)

... (truncated)

Commits
  • 584951f Adds support for specifying the ScheduledExecutorService-instance in RefreshA...
  • adf2576 [maven-release-plugin] prepare for next development iteration
  • 436fb18 Add tests for JWKSourceBuilder and RefreshAheadCachingJWKSetSource
  • d4137db Adds "requires java.sql" to module com.nimbusds.jose.jwt (iss #595)
  • c6c8025 [maven-release-plugin] prepare release 10.4.1
  • e7c7a8c [maven-release-plugin] prepare for next development iteration
  • b33b54b Bumps GSon and BouncyCastle
  • 3eeaada [maven-release-plugin] prepare release 10.4.2
  • 2aa473f [maven-release-plugin] prepare for next development iteration
  • d52acf5 Merged in iss592 (pull request #129)
  • Additional commits viewable in compare view

Updates com.nimbusds:oauth2-oidc-sdk from 11.26 to 11.33

Changelog

Sourced from com.nimbusds:oauth2-oidc-sdk's changelog.

version 1.0 (2012-05-29) * First official release with authorisation endpoint, token endpoint, check ID endpoint and UserInfo endpoint support. * JSON Web Tokens (JWTs) support through the Nimbus-JWT library. * Language Tags (RFC 5646) support through the Nimbus-LangTag library. * JSON support through the JSON Smart library.

version 2.0 (2013-05-13) * Intermediary development release with Maven build, published to Maven Central.

version 2.1 (2013-06-06) * Updates the APIs to OpenID Connect Messages draft 20, OpenID Connect Standard draft 21, OpenID Connect Discovery draft 17 and OpenID Connect Registration draft 19. * Major refactoring of the APIs for greater simplicity. * Adds JUnit tests.

version 2.2 (2013-06-18) * Refactors dynamic OpenID Connect client registration. * Adds partial support of the OAuth 2.0 Dynamic Client Registration Protocol (draft-ietf-oauth-dyn-reg-12). * Optimises parsing of request parameters consisting of one or more tokens (scope, response type, etc).

version 2.3 (2013-06-19) * Renames OAuth 2.0 dynamic client registration package. * Adds ClientInformation.getClientMetadata() method. * Adds OIDCClientInformation class.

version 2.4 (2013-06-20) * Adds static OIDCClientInformation.parse(JSONObject) method.

version 2.5 (2013-06-22) * Adds support OAuth 2.0 dynamic client update. * Adds OpenID Connect dynamic client registration classes.

version 2.6 (2013-06-25) * Enforces order of preference of ACR values in OpenID Connect client metadata, as required by the specification. * Documentation and performance improvements.

version 2.7 (2013-06-26) * Switches Identifier generation to java.security.SecureRandom.

version 2.8 (2013-06-30) * Fixes serialisation and assignment bugs in ClientMetadata. * Switches Secret generation to java.security.SecureRandom.

version 2.9 (2013-09-17)

... (truncated)

Commits
  • c6ca158 IDTokenClaimsVerifier must not require the "azp" claim when the "aud" claim c...
  • 2e9c1d5 [maven-release-plugin] prepare release 11.30
  • a86718b ClientAuthenticationVerifier, JWTAssertionDetailsVerifier, DPoPProofClaimsSet...
  • 6f749d7 pom.xml version must be -SNAPSHOT
  • f662882 [maven-release-plugin] prepare release 11.30.1
  • 1f9b28e [maven-release-plugin] prepare for next development iteration
  • 668f6d8 The ParseException message thrown by Prompt.Type.parse must not include parse...
  • 75cde87 Updates test sample X.509 cert chain resource
  • a7a9623 [maven-release-plugin] prepare release 11.30.2
  • e03c9bb [maven-release-plugin] prepare for next development iteration
  • Additional commits viewable in compare view

Updates org.apache.httpcomponents.client5:httpclient5 from 5.5 to 5.6

Changelog

Sourced from org.apache.httpcomponents.client5:httpclient5's changelog.

Release 5.6 ALPHA1

This is the first ALPHA release in the 5.6 release series. It adds several features such as transport content decompression and content compression for the async transport, support for Unix sockets, experimental support for SCRAM-SHA-256 authentication scheme, and Micrometer/OTel observations & metrics.

Commons Compress, Brotli codec, and ZStd codec are optional dependencies and get wired into the execution pipeline only if present on the classpath.

Notable changes and features included in the 5.6 series:

  • Unix domain socket support.

  • Support for pluggable content codecs via Commons-Compress in the classic transport. (optional).

  • Support for transparent content decompression and content compression with deflate, gzip, zstd (optional), and brotli (optional) codecs in the async transport.

  • Micrometer/OTel observations & metrics (optinal).

  • Off-lock connection disposal by the classic pooling connection manager. Experimental.

  • SCRAM-SHA-256 authentication scheme (RFC 7804). Experimental.

  • Request Priority support (RFC 9218). Experimental.

Compatibility notes:

  • As of this version, HttpClient uses BUILTIN HostnameVerificationPolicy by default, delegating host verification to JSSE security manager. One must explicitly configure the TLS strategy to continue using the hostname verifier shipped with HttpClient.

  • Five-second TCP keep-alive is now enabled by default.

Change Log

  • RequestConfig: Un-deprecate #setProxy. Contributed by Ryan Schmitt

  • Stale connection check support in PoolingAsyncClientConnectionManager. Contributed by Ryan Schmitt

  • ConnectionConfig: #idleTimeout support. Contributed by Ryan Schmitt

... (truncated)

Commits
  • decd193 HttpClient 5.6 release
  • 11ea8e5 Updated release notes for HttpClient 5.6 release
  • 77fa61a Limit the length of content codec list that can be processed automatically
  • 81b7971 Upgraded HttpCore to version 5.4
  • 2c7fe0f Add OFFLOCK pool concurrency policy backed by RouteSegmentedConnPool (#765)
  • 1f4dea7 Fixed Micrometer and OpenTelemetry dependency declaration
  • d2fadd2 Tag TLS handshake timeout tests with slow
  • e52e466 TestTlsHandshakeTimeout: Disable assertions on Java 8
  • 77f52f0 Upgraded HttpClient version to 5.6-alpha2-SNAPSHOT
  • 48e0f25 HttpClient 5.6-alpha1 release
  • Additional commits viewable in compare view

Updates org.openapitools:jackson-databind-nullable from 0.2.6 to 0.2.9

Release notes

Sourced from org.openapitools:jackson-databind-nullable's releases.

v0.2.9 released

What's Changed

Full Changelog: OpenAPITools/jackson-databind-nullable@v0.2.8...v0.2.9

v0.2.8 released

What's Changed

New Contributors

... (truncated)

Commits
  • a011299 v0.2.9 release (#119)
  • 2c90374 Bump org.apache.maven.plugins:maven-compiler-plugin (#118)
  • 37205f8 Fix module path in JDK 24 and older (#101)
  • ecd2d0d Bump com.fasterxml.jackson:jackson-bom from 2.20.1 to 2.21.0 (#113)
  • de7369e Bump com.fasterxml.jackson:jackson-base from 2.20.1 to 2.21.0 (#112)
  • fd45306 Bump actions/checkout from 6.0.1 to 6.0.2 (#115)
  • dd4c43c Bump actions/setup-java from 5.1.0 to 5.2.0 (#114)
  • 59a64ba Bump actions/cache from 5.0.2 to 5.0.3 (#116)
  • d0afaa6 Bump actions/cache from 5.0.1 to 5.0.2 (#111)
  • 8d54604 Bump org.sonatype.central:central-publishing-maven-plugin (#110)
  • Additional commits viewable in compare view

Updates org.junit.jupiter:junit-jupiter-api from 5.13.4 to 6.0.3

Release notes

Sourced from org.junit.jupiter:junit-jupiter-api's releases.

JUnit 6.0.3 = Platform 6.0.3 + Jupiter 6.0.3 + Vintage 6.0.3

See Release Notes.

Full Changelog: junit-team/junit-framework@r6.0.2...r6.0.3

JUnit 6.0.2 = Platform 6.0.2 + Jupiter 6.0.2 + Vintage 6.0.2

See Release Notes.

Full Changelog: junit-team/junit-framework@r6.0.1...r6.0.2

JUnit 6.0.1 = Platform 6.0.1 + Jupiter 6.0.1 + Vintage 6.0.1

See Release Notes.

Full Changelog: junit-team/junit-framework@r6.0.0...r6.0.1

JUnit 6.0.0 = Platform 6.0.0 + Jupiter 6.0.0 + Vintage 6.0.0

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r5.14.0...r6.0.0

JUnit 6.0.0-RC3 = Platform 6.0.0-RC3 + Jupiter 6.0.0-RC3 + Vintage 6.0.0-RC3

See Release Notes.

New Contributors

Full Changelog: junit-team/junit-framework@r6.0.0-RC2...r6.0.0-RC3

JUnit 6.0.0-RC2 = Platform 6.0.0-RC2 + Jupiter 6.0.0-RC2 + Vintage 6.0.0-RC2

See Release Notes.

Full Changelog: junit-team/junit-framework@r6.0.0-RC1...r6.0.0-RC2

JUnit 6.0.0-RC1 = Platform 6.0.0-RC1 + Jupiter 6.0.0-RC1 + Vintage 6.0.0-RC1

... (truncated)

Commits
  • 36e3253 Release 6.0.3
  • 295561f Finalize 6.0.3 release notes
  • ea18076 Fix deadlock in NamespacedHierarchicalStore.computeIfAbsent() (#5348)
  • 869e232 Add 5.14.3 release notes
  • d4b34c4 Fix links to User Guide
  • 5c8fb0f Reliably support JRE.OTHER with @⁠EnabledOnJre and @⁠DisabledOnJre
  • febb13f Check out entire repo so switching to main branch works in last step
  • 71fba90 Install poppler-utils for pdfinfo
  • 740e9e0 Update API baseline
  • 2ba535f Use release branch of examples repo
  • Additional commits viewable in compare view

Updates org.testcontainers:testcontainers from 1.21.4 to 2.0.3

Release notes

Sourced from org.testcontainers:testcontainers's releases.

2.0.3

What's Changed

@dependabot
chore(deps): bump the maven-version-updates group across 1 directory …
efe0b97 
…with 25 updates

Bumps the maven-version-updates group with 25 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [org.bouncycastle:bcprov-jdk18on](https://github.com/bcgit/bc-java) | `1.81` | `1.83` |
| [org.bouncycastle:bcpkix-jdk18on](https://github.com/bcgit/bc-java) | `1.81` | `1.83` |
| [com.google.errorprone:error_prone_core](https://github.com/google/error-prone) | `2.40.0` | `2.48.0` |
| [com.uber.nullaway:nullaway](https://github.com/uber/NullAway) | `0.12.7` | `0.13.1` |
| [com.nimbusds:nimbus-jose-jwt](https://bitbucket.org/connect2id/nimbus-jose-jwt) | `10.4` | `10.8` |
| [com.nimbusds:oauth2-oidc-sdk](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions) | `11.26` | `11.33` |
| [org.apache.httpcomponents.client5:httpclient5](https://github.com/apache/httpcomponents-client) | `5.5` | `5.6` |
| [org.openapitools:jackson-databind-nullable](https://github.com/OpenAPITools/jackson-databind-nullable) | `0.2.6` | `0.2.9` |
| [org.junit.jupiter:junit-jupiter-api](https://github.com/junit-team/junit-framework) | `5.13.4` | `6.0.3` |
| [org.testcontainers:testcontainers](https://github.com/testcontainers/testcontainers-java) | `1.21.4` | `2.0.3` |
| [io.github.classgraph:classgraph](https://github.com/classgraph/classgraph) | `4.8.181` | `4.8.184` |
| [org.jetbrains.kotlin:kotlin-stdlib](https://github.com/JetBrains/kotlin) | `2.1.10` | `2.3.10` |
| [org.apache.commons:commons-compress](https://github.com/apache/commons-compress) | `1.27.1` | `1.28.0` |
| [com.google.errorprone:error_prone_annotations](https://github.com/google/error-prone) | `2.40.0` | `2.48.0` |
| [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) | `4.9.3.2` | `4.9.8.2` |
| [org.apache.maven.plugins:maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) | `3.14.0` | `3.15.0` |
| [org.apache.maven.plugins:maven-enforcer-plugin](https://github.com/apache/maven-enforcer) | `3.6.1` | `3.6.2` |
| [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.5.3` | `3.5.5` |
| [org.apache.maven.plugins:maven-jar-plugin](https://github.com/apache/maven-jar-plugin) | `3.4.2` | `3.5.0` |
| [org.apache.maven.plugins:maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) | `3.11.2` | `3.12.0` |
| [org.apache.maven.plugins:maven-source-plugin](https://github.com/apache/maven-source-plugin) | `3.3.1` | `3.4.0` |
| [org.jacoco:jacoco-maven-plugin](https://github.com/jacoco/jacoco) | `0.8.13` | `0.8.14` |
| [org.apache.maven.plugins:maven-failsafe-plugin](https://github.com/apache/maven-surefire) | `3.5.3` | `3.5.5` |
| [com.diffplug.spotless:spotless-maven-plugin](https://github.com/diffplug/spotless) | `2.46.0` | `3.3.0` |
| [org.sonatype.central:central-publishing-maven-plugin](https://github.com/sonatype/central-publishing-maven-plugin) | `0.8.0` | `0.10.0` |



Updates `org.bouncycastle:bcprov-jdk18on` from 1.81 to 1.83
- [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html)
- [Commits](https://github.com/bcgit/bc-java/commits)

Updates `org.bouncycastle:bcpkix-jdk18on` from 1.81 to 1.83
- [Changelog](https://github.com/bcgit/bc-java/blob/main/docs/releasenotes.html)
- [Commits](https://github.com/bcgit/bc-java/commits)

Updates `com.google.errorprone:error_prone_core` from 2.40.0 to 2.48.0
- [Release notes](https://github.com/google/error-prone/releases)
- [Commits](google/error-prone@v2.40.0...v2.48.0)

Updates `com.uber.nullaway:nullaway` from 0.12.7 to 0.13.1
- [Release notes](https://github.com/uber/NullAway/releases)
- [Changelog](https://github.com/uber/NullAway/blob/master/CHANGELOG.md)
- [Commits](uber/NullAway@v0.12.7...v0.13.1)

Updates `com.nimbusds:nimbus-jose-jwt` from 10.4 to 10.8
- [Changelog](https://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/CHANGELOG.txt)
- [Commits](https://bitbucket.org/connect2id/nimbus-jose-jwt/branches/compare/10.8..10.4)

Updates `com.nimbusds:oauth2-oidc-sdk` from 11.26 to 11.33
- [Changelog](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/src/master/CHANGELOG.txt)
- [Commits](https://bitbucket.org/connect2id/oauth-2.0-sdk-with-openid-connect-extensions/branches/compare/11.33..11.26)

Updates `org.apache.httpcomponents.client5:httpclient5` from 5.5 to 5.6
- [Changelog](https://github.com/apache/httpcomponents-client/blob/master/RELEASE_NOTES.txt)
- [Commits](apache/httpcomponents-client@rel/v5.5...rel/v5.6)

Updates `org.openapitools:jackson-databind-nullable` from 0.2.6 to 0.2.9
- [Release notes](https://github.com/OpenAPITools/jackson-databind-nullable/releases)
- [Commits](OpenAPITools/jackson-databind-nullable@v0.2.6...v0.2.9)

Updates `org.junit.jupiter:junit-jupiter-api` from 5.13.4 to 6.0.3
- [Release notes](https://github.com/junit-team/junit-framework/releases)
- [Commits](junit-team/junit-framework@r5.13.4...r6.0.3)

Updates `org.testcontainers:testcontainers` from 1.21.4 to 2.0.3
- [Release notes](https://github.com/testcontainers/testcontainers-java/releases)
- [Changelog](https://github.com/testcontainers/testcontainers-java/blob/main/CHANGELOG.md)
- [Commits](testcontainers/testcontainers-java@1.21.4...2.0.3)

Updates `io.github.classgraph:classgraph` from 4.8.181 to 4.8.184
- [Release notes](https://github.com/classgraph/classgraph/releases)
- [Commits](classgraph/classgraph@classgraph-4.8.181...classgraph-4.8.184)

Updates `org.jetbrains.kotlin:kotlin-stdlib` from 2.1.10 to 2.3.10
- [Release notes](https://github.com/JetBrains/kotlin/releases)
- [Changelog](https://github.com/JetBrains/kotlin/blob/master/ChangeLog.md)
- [Commits](JetBrains/kotlin@v2.1.10...v2.3.10)

Updates `org.apache.commons:commons-compress` from 1.27.1 to 1.28.0
- [Changelog](https://github.com/apache/commons-compress/blob/master/RELEASE-NOTES.txt)
- [Commits](apache/commons-compress@rel/commons-compress-1.27.1...rel/commons-compress-1.28.0)

Updates `com.google.errorprone:error_prone_annotations` from 2.40.0 to 2.48.0
- [Release notes](https://github.com/google/error-prone/releases)
- [Commits](google/error-prone@v2.40.0...v2.48.0)

Updates `com.github.spotbugs:spotbugs-maven-plugin` from 4.9.3.2 to 4.9.8.2
- [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases)
- [Commits](spotbugs/spotbugs-maven-plugin@spotbugs-maven-plugin-4.9.3.2...spotbugs-maven-plugin-4.9.8.2)

Updates `org.apache.maven.plugins:maven-compiler-plugin` from 3.14.0 to 3.15.0
- [Release notes](https://github.com/apache/maven-compiler-plugin/releases)
- [Commits](apache/maven-compiler-plugin@maven-compiler-plugin-3.14.0...maven-compiler-plugin-3.15.0)

Updates `org.apache.maven.plugins:maven-enforcer-plugin` from 3.6.1 to 3.6.2
- [Release notes](https://github.com/apache/maven-enforcer/releases)
- [Commits](apache/maven-enforcer@enforcer-3.6.1...enforcer-3.6.2)

Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.5.3 to 3.5.5
- [Release notes](https://github.com/apache/maven-surefire/releases)
- [Commits](apache/maven-surefire@surefire-3.5.3...surefire-3.5.5)

Updates `org.apache.maven.plugins:maven-jar-plugin` from 3.4.2 to 3.5.0
- [Release notes](https://github.com/apache/maven-jar-plugin/releases)
- [Commits](apache/maven-jar-plugin@maven-jar-plugin-3.4.2...maven-jar-plugin-3.5.0)

Updates `org.apache.maven.plugins:maven-javadoc-plugin` from 3.11.2 to 3.12.0
- [Release notes](https://github.com/apache/maven-javadoc-plugin/releases)
- [Commits](apache/maven-javadoc-plugin@maven-javadoc-plugin-3.11.2...maven-javadoc-plugin-3.12.0)

Updates `org.apache.maven.plugins:maven-source-plugin` from 3.3.1 to 3.4.0
- [Release notes](https://github.com/apache/maven-source-plugin/releases)
- [Commits](apache/maven-source-plugin@maven-source-plugin-3.3.1...maven-source-plugin-3.4.0)

Updates `org.jacoco:jacoco-maven-plugin` from 0.8.13 to 0.8.14
- [Release notes](https://github.com/jacoco/jacoco/releases)
- [Commits](jacoco/jacoco@v0.8.13...v0.8.14)

Updates `org.apache.maven.plugins:maven-failsafe-plugin` from 3.5.3 to 3.5.5
- [Release notes](https://github.com/apache/maven-surefire/releases)
- [Commits](apache/maven-surefire@surefire-3.5.3...surefire-3.5.5)

Updates `com.diffplug.spotless:spotless-maven-plugin` from 2.46.0 to 3.3.0
- [Release notes](https://github.com/diffplug/spotless/releases)
- [Changelog](https://github.com/diffplug/spotless/blob/main/CHANGES.md)
- [Commits](diffplug/spotless@maven/2.46.0...lib/3.3.0)

Updates `org.sonatype.central:central-publishing-maven-plugin` from 0.8.0 to 0.10.0
- [Commits](https://github.com/sonatype/central-publishing-maven-plugin/commits)

---
updated-dependencies:
- dependency-name: org.bouncycastle:bcprov-jdk18on
  dependency-version: '1.83'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-version-updates
- dependency-name: org.bouncycastle:bcpkix-jdk18on
  dependency-version: '1.83'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-version-updates
- dependency-name: com.google.errorprone:error_prone_core
  dependency-version: 2.48.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-version-updates
- dependency-name: com.uber.nullaway:nullaway
  dependency-version: 0.13.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-version-updates
- dependency-name: com.nimbusds:nimbus-jose-jwt
  dependency-version: '10.8'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-version-updates
- dependency-name: com.nimbusds:oauth2-oidc-sdk
  dependency-version: '11.33'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-version-updates
- dependency-name: org.apache.httpcomponents.client5:httpclient5
  dependency-version: '5.6'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-version-updates
- dependency-name: org.openapitools:jackson-databind-nullable
  dependency-version: 0.2.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven-version-updates
- dependency-name: org.junit.jupiter:junit-jupiter-api
  dependency-version: 6.0.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: maven-version-updates
- dependency-name: org.testcontainers:testcontainers
  dependency-version: 2.0.3
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: maven-version-updates
- dependency-name: io.github.classgraph:classgraph
  dependency-version: 4.8.184
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: maven-version-updates
- dependency-name: org.jetbrains.kotlin:kotlin-stdlib
  dependency-version: 2.3.10
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: maven-version-updates
- dependency-name: org.apache.commons:commons-compress
  dependency-version: 1.28.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: maven-version-updates
- dependency-name: com.google.errorprone:error_prone_annotations
  dependency-version: 2.48.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-version-updates
- dependency-name: com.github.spotbugs:spotbugs-maven-plugin
  dependency-version: 4.9.8.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: maven-version-updates
- dependency-name: org.apache.maven.plugins:maven-compiler-plugin
  dependency-version: 3.15.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-version-updates
- dependency-name: org.apache.maven.plugins:maven-enforcer-plugin
  dependency-version: 3.6.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: maven-version-updates
- dependency-name: org.apache.maven.plugins:maven-surefire-plugin
  dependency-version: 3.5.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: maven-version-updates
- dependency-name: org.apache.maven.plugins:maven-jar-plugin
  dependency-version: 3.5.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: maven-version-updates
- dependency-name: org.apache.maven.plugins:maven-javadoc-plugin
  dependency-version: 3.12.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: maven-version-updates
- dependency-name: org.apache.maven.plugins:maven-source-plugin
  dependency-version: 3.4.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: maven-version-updates
- dependency-name: org.jacoco:jacoco-maven-plugin
  dependency-version: 0.8.14
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: maven-version-updates
- dependency-name: org.apache.maven.plugins:maven-failsafe-plugin
  dependency-version: 3.5.5
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: maven-version-updates
- dependency-name: com.diffplug.spotless:spotless-maven-plugin
  dependency-version: 3.3.0
  dependency-type: direct:development
  update-type: version-update:semver-major
  dependency-group: maven-version-updates
- dependency-name: org.sonatype.central:central-publishing-maven-plugin
  dependency-version: 0.10.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: maven-version-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Mar 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants