Skip to content

Add boundary tests for BinaryCodec.fromAscii partial-bit inputs#425

Merged
garydgregory merged 2 commits intoapache:masterfrom
pdtx:binarycodec-boundary-tests
Feb 27, 2026
Merged

Add boundary tests for BinaryCodec.fromAscii partial-bit inputs#425
garydgregory merged 2 commits intoapache:masterfrom
pdtx:binarycodec-boundary-tests

Conversation

@pdtx
Copy link
Copy Markdown
Contributor

@pdtx pdtx commented Feb 27, 2026

Summary

  • Add boundary tests for BinaryCodec.fromAscii(byte[]) and BinaryCodec.fromAscii(char[]) when input length is less than 8 bits.
  • Add boundary tests for non-multiple-of-8 input lengths to assert the current decoding behavior where extra leading bits are ignored.
  • Add a direct null-contract test for BinaryCodec.toAsciiString(byte[]).

Why

Current tests cover null/empty and exact 8-bit aligned inputs, but do not explicitly cover short non-empty inputs or partial-bit-length inputs.
These boundary cases are easy to regress (for example, through off-by-one or grouping changes), so explicit tests improve behavioral stability.

Verification

  • Ran mvn -Dtest=BinaryCodecTest test
  • Result: all tests passed

garydgregory
garydgregory requested changes Feb 27, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@garydgregory garydgregory left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hello @pdtx

Thank you for your PR.

Update the existing testFromAsciiCharArray(), testFromAsciiByteArray(), and testToAsciiString().

Thank you!

Comment thread src/test/java/org/apache/commons/codec/binary/BinaryCodecTest.java Outdated

@Test
void testToAsciiStringNullReturnsEmptyString() {
assertEquals("", BinaryCodec.toAsciiString(null));
Copy link
Copy Markdown
Member

@garydgregory garydgregory Feb 27, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Make this edge case the first assertion in testToAsciiString().

@pdtx
Copy link
Copy Markdown
Contributor Author

pdtx commented Feb 27, 2026

Thanks for the review. Updated as requested: I folded the new assertions into the existing testFromAsciiCharArray(), testFromAsciiByteArray(), and testToAsciiString() methods, and removed the standalone test methods.

@pdtx pdtx force-pushed the binarycodec-boundary-tests branch from 70436c2 to 3da6d7a Compare February 27, 2026 14:23
@garydgregory
Copy link
Copy Markdown
Member

garydgregory commented Feb 27, 2026

Hello @pdtx

Thank you for the update.

Please rebate on git master.

@pdtx
Copy link
Copy Markdown
Contributor Author

pdtx commented Feb 27, 2026

Thanks for the note. Rebased on the latest master, resolved conflicts, and force-pushed the branch.

@garydgregory garydgregory merged commit 7789636 into apache:master Feb 27, 2026
9 checks passed
@garydgregory
Copy link
Copy Markdown
Member

garydgregory commented Feb 27, 2026
edited
Loading

@pdtx
Merged, ty! 👍

garydgregory added a commit that referenced this pull request Feb 27, 2026
@garydgregory
Add boundary tests for BinaryCodec.fromAscii partial-bit inputs #425.
10c2121
ACANX pushed a commit to ACANX/MetaOpen that referenced this pull request Apr 26, 2026
@dependabot
chore(deps): bump commons-codec:commons-codec from 1.21.0 to 1.22.0 (#…
e1052c5 
…1422)

Bumps
[commons-codec:commons-codec](https://github.com/apache/commons-codec)
from 1.21.0 to 1.22.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt">commons-codec:commons-codec's
changelog</a>.</em></p>
<blockquote>
<h2>Apache Commons Codec 1.22.0 Release Notes</h2>
<p>The Apache Commons Codec team is pleased to announce the release of
Apache Commons Codec 1.22.0.</p>
<p>The Apache Commons Codec component contains encoders and decoders for
formats such as Base16, Base32, Base64, digest, and Hexadecimal. In
addition to these
widely used encoders and decoders, the codec package also maintains a
collection of phonetic encoding utilities.</p>
<p>This is a feature and maintenance release. Java 8 or later is
required.</p>
<h2>New features</h2>
<ul>
<li>CODEC-326: Add Base58 support. Thanks to Inkeet, Gary Gregory, Wolff
Bock von Wuelfingen.</li>
<li>
<pre><code> Add
BaseNCodecInputStream.AbstracBuilder.setByteArray(byte[]). Thanks to
Gary Gregory.
</code></pre>
</li>
<li>CODEC-335: Add GitIdentifiers to compute Git blob and tree object
identifiers. Thanks to Piotr P. Karwasz, Gary Gregory.</li>
</ul>
<h2>Fixed Bugs</h2>
<ul>
<li>CODEC-249: Fix Incorrect transform of CH digraph according Metaphone
basic rules <a
href="https://redirect.github.com/apache/commons-codec/issues/423">#423</a>.
Thanks to Shalu Jha, Andrey, Gary Gregory.</li>
<li>CODEC-317: ColognePhonetic can create duplicate consecutive codes in
some cases. Thanks to DRUser123, Shalu Jha, Gary Gregory.</li>
<li>
<pre><code> Add boundary tests for BinaryCodec.fromAscii partial-bit
inputs [#425](apache/commons-codec#425).
Thanks to fancying, Gary Gregory.
</code></pre>
</li>
<li>CODEC-336: Base64.Builder.setUrlSafe(boolean) Javadoc incorrectly
states null is accepted for primitive boolean parameter. Thanks to
Partha Paul, Gary Gregory.</li>
</ul>
<h2>Changes</h2>
<ul>
<li>
<pre><code> Bump org.apache.commons:commons-parent from 96 to 98. Thanks
to Gary Gregory.
</code></pre>
</li>
</ul>
<p>For complete information on Apache Commons Codec, including
instructions on how to submit bug reports,
patches, or suggestions for improvement, see the Apache Commons Codec
website:</p>
<p><a
href="https://commons.apache.org/proper/commons-codec/">https://commons.apache.org/proper/commons-codec/</a></p>
<p>Download page: <a
href="https://commons.apache.org/proper/commons-codec/download_codec.cgi">https://commons.apache.org/proper/commons-codec/download_codec.cgi</a></p>
<hr />
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/apache/commons-codec/commit/81a6295f071df5819893422a397d94bc396f2edd"><code>81a6295</code></a>
Prepare for the release candidate 1.22.0 RC1</li>
<li><a
href="https://github.com/apache/commons-codec/commit/73104b011a9758896904831f9b1bd29aad077f11"><code>73104b0</code></a>
Prepare for the next release candidate</li>
<li><a
href="https://github.com/apache/commons-codec/commit/8e36214fa2760d37e4e9c83336ed5bb324c23482"><code>8e36214</code></a>
In-line single use test local variables</li>
<li><a
href="https://github.com/apache/commons-codec/commit/9bd67e787d88705baa26e85f3a9609dec015ba5b"><code>9bd67e7</code></a>
Use vararg syntax</li>
<li><a
href="https://github.com/apache/commons-codec/commit/25e52b06a3c24dc06216e7d29321a2f01c60ec6f"><code>25e52b0</code></a>
Use vararg syntax</li>
<li><a
href="https://github.com/apache/commons-codec/commit/e2ebaca8b30d1d04d0eb6a4e811a6d26631f4d31"><code>e2ebaca</code></a>
Bump github/codeql-action from 4.35.1 to 4.35.2</li>
<li><a
href="https://github.com/apache/commons-codec/commit/33998a05a8adc84ca944bad2e5c7215309d1477b"><code>33998a0</code></a>
Bump actions/upload-artifact from 7.0.0 to 7.0.1</li>
<li><a
href="https://github.com/apache/commons-codec/commit/50c6583280cb3ed67407dcaeb31df4f8fa8ede20"><code>50c6583</code></a>
Bump actions/cache from 5.0.4 to 5.0.5</li>
<li><a
href="https://github.com/apache/commons-codec/commit/b2be3a82b2d0902e89718a56c6afb5850d020668"><code>b2be3a8</code></a>
Add <a
href="https://github.com/Override"><code>@​Override</code></a></li>
<li><a
href="https://github.com/apache/commons-codec/commit/20f09bfcfdce88760ec9be095b848e85d9084acf"><code>20f09bf</code></a>
Use final.</li>
<li>Additional commits viewable in <a
href="https://github.com/apache/commons-codec/compare/rel/commons-codec-1.21.0...rel/commons-codec-1.22.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-codec:commons-codec&package-manager=maven&previous-version=1.21.0&new-version=1.22.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
jolarsen pushed a commit to navikt/fp-bom that referenced this pull request Apr 26, 2026
@dependabot
build(deps): bump commons-codec:commons-codec from 1.21.0 to 1.22.0 (#…
ef4d527 
…1285)

Bumps
[commons-codec:commons-codec](https://github.com/apache/commons-codec)
from 1.21.0 to 1.22.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt">commons-codec:commons-codec's
changelog</a>.</em></p>
<blockquote>
<h2>Apache Commons Codec 1.22.0 Release Notes</h2>
<p>The Apache Commons Codec team is pleased to announce the release of
Apache Commons Codec 1.22.0.</p>
<p>The Apache Commons Codec component contains encoders and decoders for
formats such as Base16, Base32, Base64, digest, and Hexadecimal. In
addition to these
widely used encoders and decoders, the codec package also maintains a
collection of phonetic encoding utilities.</p>
<p>This is a feature and maintenance release. Java 8 or later is
required.</p>
<h2>New features</h2>
<ul>
<li>CODEC-326: Add Base58 support. Thanks to Inkeet, Gary Gregory, Wolff
Bock von Wuelfingen.</li>
<li>
<pre><code> Add
BaseNCodecInputStream.AbstracBuilder.setByteArray(byte[]). Thanks to
Gary Gregory.
</code></pre>
</li>
<li>CODEC-335: Add GitIdentifiers to compute Git blob and tree object
identifiers. Thanks to Piotr P. Karwasz, Gary Gregory.</li>
</ul>
<h2>Fixed Bugs</h2>
<ul>
<li>CODEC-249: Fix Incorrect transform of CH digraph according Metaphone
basic rules <a
href="https://redirect.github.com/apache/commons-codec/issues/423">#423</a>.
Thanks to Shalu Jha, Andrey, Gary Gregory.</li>
<li>CODEC-317: ColognePhonetic can create duplicate consecutive codes in
some cases. Thanks to DRUser123, Shalu Jha, Gary Gregory.</li>
<li>
<pre><code> Add boundary tests for BinaryCodec.fromAscii partial-bit
inputs [#425](apache/commons-codec#425).
Thanks to fancying, Gary Gregory.
</code></pre>
</li>
<li>CODEC-336: Base64.Builder.setUrlSafe(boolean) Javadoc incorrectly
states null is accepted for primitive boolean parameter. Thanks to
Partha Paul, Gary Gregory.</li>
</ul>
<h2>Changes</h2>
<ul>
<li>
<pre><code> Bump org.apache.commons:commons-parent from 96 to 98. Thanks
to Gary Gregory.
</code></pre>
</li>
</ul>
<p>For complete information on Apache Commons Codec, including
instructions on how to submit bug reports,
patches, or suggestions for improvement, see the Apache Commons Codec
website:</p>
<p><a
href="https://commons.apache.org/proper/commons-codec/">https://commons.apache.org/proper/commons-codec/</a></p>
<p>Download page: <a
href="https://commons.apache.org/proper/commons-codec/download_codec.cgi">https://commons.apache.org/proper/commons-codec/download_codec.cgi</a></p>
<hr />
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/apache/commons-codec/commit/81a6295f071df5819893422a397d94bc396f2edd"><code>81a6295</code></a>
Prepare for the release candidate 1.22.0 RC1</li>
<li><a
href="https://github.com/apache/commons-codec/commit/73104b011a9758896904831f9b1bd29aad077f11"><code>73104b0</code></a>
Prepare for the next release candidate</li>
<li><a
href="https://github.com/apache/commons-codec/commit/8e36214fa2760d37e4e9c83336ed5bb324c23482"><code>8e36214</code></a>
In-line single use test local variables</li>
<li><a
href="https://github.com/apache/commons-codec/commit/9bd67e787d88705baa26e85f3a9609dec015ba5b"><code>9bd67e7</code></a>
Use vararg syntax</li>
<li><a
href="https://github.com/apache/commons-codec/commit/25e52b06a3c24dc06216e7d29321a2f01c60ec6f"><code>25e52b0</code></a>
Use vararg syntax</li>
<li><a
href="https://github.com/apache/commons-codec/commit/e2ebaca8b30d1d04d0eb6a4e811a6d26631f4d31"><code>e2ebaca</code></a>
Bump github/codeql-action from 4.35.1 to 4.35.2</li>
<li><a
href="https://github.com/apache/commons-codec/commit/33998a05a8adc84ca944bad2e5c7215309d1477b"><code>33998a0</code></a>
Bump actions/upload-artifact from 7.0.0 to 7.0.1</li>
<li><a
href="https://github.com/apache/commons-codec/commit/50c6583280cb3ed67407dcaeb31df4f8fa8ede20"><code>50c6583</code></a>
Bump actions/cache from 5.0.4 to 5.0.5</li>
<li><a
href="https://github.com/apache/commons-codec/commit/b2be3a82b2d0902e89718a56c6afb5850d020668"><code>b2be3a8</code></a>
Add <a
href="https://github.com/Override"><code>@​Override</code></a></li>
<li><a
href="https://github.com/apache/commons-codec/commit/20f09bfcfdce88760ec9be095b848e85d9084acf"><code>20f09bf</code></a>
Use final.</li>
<li>Additional commits viewable in <a
href="https://github.com/apache/commons-codec/compare/rel/commons-codec-1.21.0...rel/commons-codec-1.22.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-codec:commons-codec&package-manager=maven&previous-version=1.21.0&new-version=1.22.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
github-actions Bot pushed a commit to B3Partners/brmo that referenced this pull request Apr 28, 2026
@dependabot
Bump commons-codec:commons-codec from 1.21.0 to 1.22.0 (#2692)
dc410e0 
Bumps
[commons-codec:commons-codec](https://github.com/apache/commons-codec)
from 1.21.0 to 1.22.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt">commons-codec:commons-codec's
changelog</a>.</em></p>
<blockquote>
<h2>Apache Commons Codec 1.22.0 Release Notes</h2>
<p>The Apache Commons Codec team is pleased to announce the release of
Apache Commons Codec 1.22.0.</p>
<p>The Apache Commons Codec component contains encoders and decoders for
formats such as Base16, Base32, Base64, digest, and Hexadecimal. In
addition to these
widely used encoders and decoders, the codec package also maintains a
collection of phonetic encoding utilities.</p>
<p>This is a feature and maintenance release. Java 8 or later is
required.</p>
<h2>New features</h2>
<ul>
<li>CODEC-326: Add Base58 support. Thanks to Inkeet, Gary Gregory, Wolff
Bock von Wuelfingen.</li>
<li>
<pre><code> Add
BaseNCodecInputStream.AbstracBuilder.setByteArray(byte[]). Thanks to
Gary Gregory.
</code></pre>
</li>
<li>CODEC-335: Add GitIdentifiers to compute Git blob and tree object
identifiers. Thanks to Piotr P. Karwasz, Gary Gregory.</li>
</ul>
<h2>Fixed Bugs</h2>
<ul>
<li>CODEC-249: Fix Incorrect transform of CH digraph according Metaphone
basic rules <a
href="https://redirect.github.com/apache/commons-codec/issues/423">#423</a>.
Thanks to Shalu Jha, Andrey, Gary Gregory.</li>
<li>CODEC-317: ColognePhonetic can create duplicate consecutive codes in
some cases. Thanks to DRUser123, Shalu Jha, Gary Gregory.</li>
<li>
<pre><code> Add boundary tests for BinaryCodec.fromAscii partial-bit
inputs [#425](apache/commons-codec#425).
Thanks to fancying, Gary Gregory.
</code></pre>
</li>
<li>CODEC-336: Base64.Builder.setUrlSafe(boolean) Javadoc incorrectly
states null is accepted for primitive boolean parameter. Thanks to
Partha Paul, Gary Gregory.</li>
</ul>
<h2>Changes</h2>
<ul>
<li>
<pre><code> Bump org.apache.commons:commons-parent from 96 to 98. Thanks
to Gary Gregory.
</code></pre>
</li>
</ul>
<p>For complete information on Apache Commons Codec, including
instructions on how to submit bug reports,
patches, or suggestions for improvement, see the Apache Commons Codec
website:</p>
<p><a
href="https://commons.apache.org/proper/commons-codec/">https://commons.apache.org/proper/commons-codec/</a></p>
<p>Download page: <a
href="https://commons.apache.org/proper/commons-codec/download_codec.cgi">https://commons.apache.org/proper/commons-codec/download_codec.cgi</a></p>
<hr />
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/apache/commons-codec/commit/81a6295f071df5819893422a397d94bc396f2edd"><code>81a6295</code></a>
Prepare for the release candidate 1.22.0 RC1</li>
<li><a
href="https://github.com/apache/commons-codec/commit/73104b011a9758896904831f9b1bd29aad077f11"><code>73104b0</code></a>
Prepare for the next release candidate</li>
<li><a
href="https://github.com/apache/commons-codec/commit/8e36214fa2760d37e4e9c83336ed5bb324c23482"><code>8e36214</code></a>
In-line single use test local variables</li>
<li><a
href="https://github.com/apache/commons-codec/commit/9bd67e787d88705baa26e85f3a9609dec015ba5b"><code>9bd67e7</code></a>
Use vararg syntax</li>
<li><a
href="https://github.com/apache/commons-codec/commit/25e52b06a3c24dc06216e7d29321a2f01c60ec6f"><code>25e52b0</code></a>
Use vararg syntax</li>
<li><a
href="https://github.com/apache/commons-codec/commit/e2ebaca8b30d1d04d0eb6a4e811a6d26631f4d31"><code>e2ebaca</code></a>
Bump github/codeql-action from 4.35.1 to 4.35.2</li>
<li><a
href="https://github.com/apache/commons-codec/commit/33998a05a8adc84ca944bad2e5c7215309d1477b"><code>33998a0</code></a>
Bump actions/upload-artifact from 7.0.0 to 7.0.1</li>
<li><a
href="https://github.com/apache/commons-codec/commit/50c6583280cb3ed67407dcaeb31df4f8fa8ede20"><code>50c6583</code></a>
Bump actions/cache from 5.0.4 to 5.0.5</li>
<li><a
href="https://github.com/apache/commons-codec/commit/b2be3a82b2d0902e89718a56c6afb5850d020668"><code>b2be3a8</code></a>
Add <a
href="https://github.com/Override"><code>@​Override</code></a></li>
<li><a
href="https://github.com/apache/commons-codec/commit/20f09bfcfdce88760ec9be095b848e85d9084acf"><code>20f09bf</code></a>
Use final.</li>
<li>Additional commits viewable in <a
href="https://github.com/apache/commons-codec/compare/rel/commons-codec-1.21.0...rel/commons-codec-1.22.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-codec:commons-codec&package-manager=maven&previous-version=1.21.0&new-version=1.22.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
baskevold pushed a commit to navikt/ung-sak that referenced this pull request Apr 28, 2026
@dependabot
Build(deps): Bump the annet-deps group across 1 directory with 4 upda…
8c7b81f 
…tes (#1321)

Bumps the annet-deps group with 4 updates in the / directory:
commons-io:commons-io,
[commons-codec:commons-codec](https://github.com/apache/commons-codec),
[org.javassist:javassist](https://github.com/jboss-javassist/javassist)
and [org.jsoup:jsoup](https://github.com/jhy/jsoup).

Updates `commons-io:commons-io` from 2.21.0 to 2.22.0

Updates `commons-codec:commons-codec` from 1.21.0 to 1.22.0
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt">commons-codec:commons-codec's
changelog</a>.</em></p>
<blockquote>
<h2>Apache Commons Codec 1.22.0 Release Notes</h2>
<p>The Apache Commons Codec team is pleased to announce the release of
Apache Commons Codec 1.22.0.</p>
<p>The Apache Commons Codec component contains encoders and decoders for
formats such as Base16, Base32, Base64, digest, and Hexadecimal. In
addition to these
widely used encoders and decoders, the codec package also maintains a
collection of phonetic encoding utilities.</p>
<p>This is a feature and maintenance release. Java 8 or later is
required.</p>
<h2>New features</h2>
<ul>
<li>CODEC-326: Add Base58 support. Thanks to Inkeet, Gary Gregory, Wolff
Bock von Wuelfingen.</li>
<li>
<pre><code> Add
BaseNCodecInputStream.AbstracBuilder.setByteArray(byte[]). Thanks to
Gary Gregory.
</code></pre>
</li>
<li>CODEC-335: Add GitIdentifiers to compute Git blob and tree object
identifiers. Thanks to Piotr P. Karwasz, Gary Gregory.</li>
</ul>
<h2>Fixed Bugs</h2>
<ul>
<li>CODEC-249: Fix Incorrect transform of CH digraph according Metaphone
basic rules <a
href="https://redirect.github.com/apache/commons-codec/issues/423">#423</a>.
Thanks to Shalu Jha, Andrey, Gary Gregory.</li>
<li>CODEC-317: ColognePhonetic can create duplicate consecutive codes in
some cases. Thanks to DRUser123, Shalu Jha, Gary Gregory.</li>
<li>
<pre><code> Add boundary tests for BinaryCodec.fromAscii partial-bit
inputs [#425](apache/commons-codec#425).
Thanks to fancying, Gary Gregory.
</code></pre>
</li>
<li>CODEC-336: Base64.Builder.setUrlSafe(boolean) Javadoc incorrectly
states null is accepted for primitive boolean parameter. Thanks to
Partha Paul, Gary Gregory.</li>
</ul>
<h2>Changes</h2>
<ul>
<li>
<pre><code> Bump org.apache.commons:commons-parent from 96 to 98. Thanks
to Gary Gregory.
</code></pre>
</li>
</ul>
<p>For complete information on Apache Commons Codec, including
instructions on how to submit bug reports,
patches, or suggestions for improvement, see the Apache Commons Codec
website:</p>
<p><a
href="https://commons.apache.org/proper/commons-codec/">https://commons.apache.org/proper/commons-codec/</a></p>
<p>Download page: <a
href="https://commons.apache.org/proper/commons-codec/download_codec.cgi">https://commons.apache.org/proper/commons-codec/download_codec.cgi</a></p>
<hr />
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/apache/commons-codec/commit/81a6295f071df5819893422a397d94bc396f2edd"><code>81a6295</code></a>
Prepare for the release candidate 1.22.0 RC1</li>
<li><a
href="https://github.com/apache/commons-codec/commit/73104b011a9758896904831f9b1bd29aad077f11"><code>73104b0</code></a>
Prepare for the next release candidate</li>
<li><a
href="https://github.com/apache/commons-codec/commit/8e36214fa2760d37e4e9c83336ed5bb324c23482"><code>8e36214</code></a>
In-line single use test local variables</li>
<li><a
href="https://github.com/apache/commons-codec/commit/9bd67e787d88705baa26e85f3a9609dec015ba5b"><code>9bd67e7</code></a>
Use vararg syntax</li>
<li><a
href="https://github.com/apache/commons-codec/commit/25e52b06a3c24dc06216e7d29321a2f01c60ec6f"><code>25e52b0</code></a>
Use vararg syntax</li>
<li><a
href="https://github.com/apache/commons-codec/commit/e2ebaca8b30d1d04d0eb6a4e811a6d26631f4d31"><code>e2ebaca</code></a>
Bump github/codeql-action from 4.35.1 to 4.35.2</li>
<li><a
href="https://github.com/apache/commons-codec/commit/33998a05a8adc84ca944bad2e5c7215309d1477b"><code>33998a0</code></a>
Bump actions/upload-artifact from 7.0.0 to 7.0.1</li>
<li><a
href="https://github.com/apache/commons-codec/commit/50c6583280cb3ed67407dcaeb31df4f8fa8ede20"><code>50c6583</code></a>
Bump actions/cache from 5.0.4 to 5.0.5</li>
<li><a
href="https://github.com/apache/commons-codec/commit/b2be3a82b2d0902e89718a56c6afb5850d020668"><code>b2be3a8</code></a>
Add <a
href="https://github.com/Override"><code>@​Override</code></a></li>
<li><a
href="https://github.com/apache/commons-codec/commit/20f09bfcfdce88760ec9be095b848e85d9084acf"><code>20f09bf</code></a>
Use final.</li>
<li>Additional commits viewable in <a
href="https://github.com/apache/commons-codec/compare/rel/commons-codec-1.21.0...rel/commons-codec-1.22.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.javassist:javassist` from 3.30.2-GA to 3.31.0-GA
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jboss-javassist/javassist/releases">org.javassist:javassist's
releases</a>.</em></p>
<blockquote>
<h2>Javassist 3.31.0-GA</h2>
<h2>What's Changed</h2>
<ul>
<li>improve pom by <a
href="https://github.com/oldratlee"><code>@​oldratlee</code></a> in <a
href="https://redirect.github.com/jboss-javassist/javassist/pull/477">jboss-javassist/javassist#477</a></li>
<li>support bootstrap method coping when using code coping by <a
href="https://github.com/likey3"><code>@​likey3</code></a> in <a
href="https://redirect.github.com/jboss-javassist/javassist/pull/480">jboss-javassist/javassist#480</a></li>
<li>Line numbers support by <a
href="https://github.com/kuznet1"><code>@​kuznet1</code></a> in <a
href="https://redirect.github.com/jboss-javassist/javassist/pull/484">jboss-javassist/javassist#484</a></li>
<li>[bugfix]fix TransformCallToStatic with invokeinterface or
invokedynamic by <a
href="https://github.com/catsalty"><code>@​catsalty</code></a> in <a
href="https://redirect.github.com/jboss-javassist/javassist/pull/486">jboss-javassist/javassist#486</a></li>
<li>reduced InnerClasses propagation by <a
href="https://github.com/jbellenger"><code>@​jbellenger</code></a> in <a
href="https://redirect.github.com/jboss-javassist/javassist/pull/491">jboss-javassist/javassist#491</a></li>
<li>Fix wrong line numbers in some cases by <a
href="https://github.com/kuznet1"><code>@​kuznet1</code></a> in <a
href="https://redirect.github.com/jboss-javassist/javassist/pull/492">jboss-javassist/javassist#492</a></li>
<li>ignoring unnecessarily generated surefire report by <a
href="https://github.com/Talank"><code>@​Talank</code></a> in <a
href="https://redirect.github.com/jboss-javassist/javassist/pull/506">jboss-javassist/javassist#506</a></li>
<li>Add Record and PermittedSubclasses (sealed) Attributes by <a
href="https://github.com/Asbestosstar"><code>@​Asbestosstar</code></a>
in <a
href="https://redirect.github.com/jboss-javassist/javassist/pull/495">jboss-javassist/javassist#495</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/likey3"><code>@​likey3</code></a> made
their first contribution in <a
href="https://redirect.github.com/jboss-javassist/javassist/pull/480">jboss-javassist/javassist#480</a></li>
<li><a href="https://github.com/kuznet1"><code>@​kuznet1</code></a> made
their first contribution in <a
href="https://redirect.github.com/jboss-javassist/javassist/pull/484">jboss-javassist/javassist#484</a></li>
<li><a
href="https://github.com/jbellenger"><code>@​jbellenger</code></a> made
their first contribution in <a
href="https://redirect.github.com/jboss-javassist/javassist/pull/491">jboss-javassist/javassist#491</a></li>
<li><a href="https://github.com/Talank"><code>@​Talank</code></a> made
their first contribution in <a
href="https://redirect.github.com/jboss-javassist/javassist/pull/506">jboss-javassist/javassist#506</a></li>
<li><a
href="https://github.com/Asbestosstar"><code>@​Asbestosstar</code></a>
made their first contribution in <a
href="https://redirect.github.com/jboss-javassist/javassist/pull/495">jboss-javassist/javassist#495</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/jboss-javassist/javassist/compare/rel_3_30_2_ga...rel_3_31_0_ga">https://github.com/jboss-javassist/javassist/compare/rel_3_30_2_ga...rel_3_31_0_ga</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jboss-javassist/javassist/blob/master/Changes.md">org.javassist:javassist's
changelog</a>.</em></p>
<blockquote>
<h3>Changes</h3>
<h3>version 3.31.0 on April 20, 2026</h3>
<ul>
<li>GitHub PR <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/480">#480</a>,
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/484">#484</a>,
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/486">#486</a>,
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/491">#491</a>,
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/492">#492</a>,
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/495">#495</a>,
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/506">#506</a></li>
</ul>
<h3>version 3.30.2 on December 25, 2023</h3>
<ul>
<li>GitHub PR <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/473">#473</a>,
475, 476</li>
</ul>
<h4>version 3.30.1 on December 17, 2023</h4>
<ul>
<li>GitHub Issue <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/471">#471</a></li>
</ul>
<h4>version 3.30 on December 17, 2023</h4>
<ul>
<li>GitHub PR <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/434">#434</a>,
448, 463 (Issue <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/462">#462</a>),
466, 467, 468, 469, 470,</li>
</ul>
<h4>version 3.29.2 on September 14, 2022</h4>
<ul>
<li>GitHub Issue <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/427">#427</a>.</li>
</ul>
<h4>version 3.29.1 on August 11, 2022</h4>
<ul>
<li>
<p>GitHub Issue <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/423">#423</a>.</p>
</li>
<li>
<p><code>Readme.html</code> was deleted (GitHub Issue <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/414">#414</a>).</p>
</li>
</ul>
<h4>version 3.29 on May 13, 2022</h4>
<ul>
<li>GitHub Issue <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/378">#378</a>,
PR <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/278">#278</a>,
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/299">#299</a>,
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/382">#382</a>,
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/383">#383</a>,
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/390">#390</a>,
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/391">#391</a>,
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/395">#395</a>,
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/399">#399</a>,
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/409">#409</a>.</li>
</ul>
<h4>version 3.28 on May 8, 2021</h4>
<ul>
<li>GitHub Issue <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/305">#305</a>,
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/328">#328</a>,
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/339">#339</a>,
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/350">#350</a>,
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/357">#357</a>,
and PR <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/363">#363</a>.</li>
</ul>
<h4>version 3.27 on March 19, 2020</h4>
<ul>
<li>GitHub Issue <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/271">#271</a>
(PR <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/279">#279</a>),
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/280">#280</a>
(PR <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/281">#281</a>),
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/282">#282</a>,
and PR <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/294">#294</a>.</li>
</ul>
<h4>version 3.26 on October 3, 2019</h4>
<ul>
<li>GitHub Issue <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/270">#270</a>
(PR <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/272">#272</a>),
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/265">#265</a>
(PR <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/267">#267</a>),
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/271">#271</a>,
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/222">#222</a>,
and <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/275">#275</a>.</li>
</ul>
<h4>version 3.25 on April 16, 2019</h4>
<ul>
<li>GitHub Issue <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/72">#72</a>
(PR <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/231">#231</a>),
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/241">#241</a>,
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/242">#242</a>
(PR <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/243">#243</a>),
PR <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/244">#244</a>,
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/246">#246</a>
(PR <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/247">#247</a>),
PR <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/250">#250</a>,
<a
href="https://redirect.github.com/jboss-javassist/javassist/issues/252">#252</a>
(PR <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/253">#253</a>),
PR <a
href="https://redirect.github.com/jboss-javassist/javassist/issues/254">#254</a>.</li>
</ul>
<h4>version 3.24.1 on December 9, 2018</h4>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/jboss-javassist/javassist/commits">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.jsoup:jsoup` from 1.22.1 to 1.22.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jhy/jsoup/releases">org.jsoup:jsoup's
releases</a>.</em></p>
<blockquote>
<h2>jsoup Java HTML Parser release 1.22.2</h2>
<p><strong>jsoup 1.22.2</strong> is out now, with fixes and refinements
across the library. It makes editing the DOM during traversal more
predictable, refreshes the default HTML tag definitions with newer
elements and better text boundaries, and improves reliability in parsing
and HTTP transport. The release also fixes a number of edge cases in
cleaning, stream parsing, XML doctype handling, and Android
packaging.</p>
<p><strong>jsoup</strong> is a Java library for working with real-world
HTML and XML. It provides a very convenient API for extracting and
manipulating data, using the best of HTML5 DOM methods and CSS
selectors.</p>
<p><a
href="https://github.com/jhy/jsoup/blob/HEAD/download"><strong>Download</strong></a>
jsoup now.</p>
<h2>Improvements</h2>
<ul>
<li>Expanded and clarified <code>NodeTraversor</code> support for
in-place DOM rewrites during <code>NodeVisitor.head()</code>.
Current-node edits such as <code>remove</code>, <code>replace</code>,
and <code>unwrap</code> now recover more predictably, while traversal
stays within the original root subtree. This makes single-pass tree
cleanup and normalization visitors easier to write, for example when
unwrapping presentational elements or replacing text nodes as you walk
the DOM. <!-- raw HTML omitted --><a
href="https://redirect.github.com/jhy/jsoup/issues/2472">#2472</a><!--
raw HTML omitted --></li>
<li>Documentation: clarified that a configured <code>Cleaner</code> may
be reused across concurrent threads, and that shared
<code>Safelist</code> instances should not be mutated while in use. <!--
raw HTML omitted --><a
href="https://redirect.github.com/jhy/jsoup/issues/2473">#2473</a><!--
raw HTML omitted --></li>
<li>Updated the default HTML <code>TagSet</code> for current HTML
elements: added <code>dialog</code>, <code>search</code>,
<code>picture</code>, and <code>slot</code>; made <code>ins</code>,
<code>del</code>, <code>button</code>, <code>audio</code>,
<code>video</code>, and <code>canvas</code> inline by default
(<code>Tag#isInline()</code>, aligned to phrasing content in the spec);
and added readable <code>Element.text()</code> boundaries for controls
and embedded objects via the new <code>Tag.TextBoundary</code> option.
This improves pretty-printing and keeps normalized text from running
adjacent words together. <!-- raw HTML omitted --><a
href="https://redirect.github.com/jhy/jsoup/pull/2493">#2493</a><!-- raw
HTML omitted --></li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li>Android (R8/ProGuard): added a rule to ignore the optional
<code>re2j</code> dependency when not present. <!-- raw HTML omitted
--><a
href="https://redirect.github.com/jhy/jsoup/issues/2459">#2459</a><!--
raw HTML omitted --></li>
<li>Fixed a <code>NodeTraversor</code> regression in 1.21.2 where
removing or replacing the current node during <code>head()</code> could
revisit the replacement node and loop indefinitely. The traversal docs
now also clarify which inserted nodes are visited in the current pass.
<!-- raw HTML omitted --><a
href="https://redirect.github.com/jhy/jsoup/issues/2472">#2472</a><!--
raw HTML omitted --></li>
<li>Parsing during charset sniffing no longer fails if an advisory
<code>available()</code> call throws <code>IOException</code>, as seen
on JDK 8 <code>HttpURLConnection</code>. <!-- raw HTML omitted --><a
href="https://redirect.github.com/jhy/jsoup/issues/2474">#2474</a><!--
raw HTML omitted --></li>
<li><code>Cleaner</code> no longer makes relative URL attributes in the
input document absolute when cleaning or validating a
<code>Document</code>. URL normalization now applies only to the cleaned
output, and <code>Safelist.isSafeAttribute()</code> is side effect free.
<!-- raw HTML omitted --><a
href="https://redirect.github.com/jhy/jsoup/issues/2475">#2475</a><!--
raw HTML omitted --></li>
<li><code>Cleaner</code> no longer duplicates enforced attributes when
the input <code>Document</code> preserves attribute case. A case-variant
source attribute is now replaced by the enforced attribute in the
cleaned output. <!-- raw HTML omitted --><a
href="https://redirect.github.com/jhy/jsoup/issues/2476">#2476</a><!--
raw HTML omitted --></li>
<li>If a per-request SOCKS proxy is configured, jsoup now avoids using
the JDK <code>HttpClient</code>, because the JDK would silently ignore
that proxy and attempt to connect directly. Those requests now fall back
to the legacy <code>HttpURLConnection</code> transport instead, which
does support SOCKS. <!-- raw HTML omitted --><a
href="https://redirect.github.com/jhy/jsoup/issues/2468">#2468</a><!--
raw HTML omitted --></li>
<li><code>Connection.Response.streamParser()</code> and
<code>DataUtil.streamParser(Path, ...)</code> could fail on small inputs
without a declared charset, if the initial 5 KB charset sniff fully
consumed the input and closed it before the stream parse began. <!-- raw
HTML omitted --><a
href="https://redirect.github.com/jhy/jsoup/issues/2483">#2483</a><!--
raw HTML omitted --></li>
<li>In XML mode, doctypes with an internal subset, such as
<code>&lt;!DOCTYPE root [&lt;!ENTITY name
&quot;value&quot;&gt;]&gt;</code>, now round-trip correctly. The subset
is preserved as raw text only; entities are not expanded and external
DTDs are not loaded. <!-- raw HTML omitted --><a
href="https://redirect.github.com/jhy/jsoup/issues/2486">#2486</a><!--
raw HTML omitted --></li>
</ul>
<h2>Build Changes</h2>
<ul>
<li>Migrated the integration test server from Jetty to Netty, which
actively maintains support for our minimum JDK target (8). <!-- raw HTML
omitted --><a
href="https://redirect.github.com/jhy/jsoup/pull/2491">#2491</a><!-- raw
HTML omitted --></li>
</ul>
<hr />
<p>My sincere thanks to everyone who contributed to this release!
If you have any suggestions for the next release, I would love to hear
them; please get in touch via <a
href="https://github.com/jhy/jsoup/discussions">jsoup discussions</a>,
or with me <a href="https://jhedley.com/">directly</a>.</p>
<p>You can also <!-- raw HTML omitted -->follow me<!-- raw HTML omitted
--> (<!-- raw HTML omitted --><!-- raw HTML omitted -->@<a
href="mailto:jhy@tilde.zone">jhy@tilde.zone</a><!-- raw HTML omitted
--><!-- raw HTML omitted -->) on Mastodon / Fediverse to receive
occasional notes about jsoup releases.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/jhy/jsoup/blob/master/CHANGES.md">org.jsoup:jsoup's
changelog</a>.</em></p>
<blockquote>
<h2>1.22.2 (2026-Apr-20)</h2>
<h3>Improvements</h3>
<ul>
<li>Expanded and clarified <code>NodeTraversor</code> support for
in-place DOM rewrites during <code>NodeVisitor.head()</code>.
Current-node edits such as <code>remove</code>, <code>replace</code>,
and <code>unwrap</code> now recover more predictably, while traversal
stays within the original root subtree. This makes single-pass tree
cleanup and normalization visitors easier to write, for example when
unwrapping presentational elements or replacing text nodes as you walk
the DOM. <a
href="https://redirect.github.com/jhy/jsoup/issues/2472">#2472</a></li>
<li>Documentation: clarified that a configured <code>Cleaner</code> may
be reused across concurrent threads, and that shared
<code>Safelist</code> instances should not be mutated while in use. <a
href="https://redirect.github.com/jhy/jsoup/issues/2473">#2473</a></li>
<li>Updated the default HTML <code>TagSet</code> for current HTML
elements: added <code>dialog</code>, <code>search</code>,
<code>picture</code>, and <code>slot</code>; made <code>ins</code>,
<code>del</code>, <code>button</code>, <code>audio</code>,
<code>video</code>, and <code>canvas</code> inline by default
(<code>Tag#isInline()</code>, aligned to phrasing content in the spec);
and added readable <code>Element.text()</code> boundaries for controls
and embedded objects via the new <code>Tag.TextBoundary</code> option.
This improves pretty-printing and keeps normalized text from running
adjacent words together. <a
href="https://redirect.github.com/jhy/jsoup/pull/2493">#2493</a></li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>Android (R8/ProGuard): added a rule to ignore the optional
<code>re2j</code> dependency when not present. <a
href="https://redirect.github.com/jhy/jsoup/issues/2459">#2459</a></li>
<li>Fixed a <code>NodeTraversor</code> regression in 1.21.2 where
removing or replacing the current node during <code>head()</code> could
revisit the replacement node and loop indefinitely. The traversal docs
now also clarify which inserted nodes are visited in the current pass.
<a
href="https://redirect.github.com/jhy/jsoup/issues/2472">#2472</a></li>
<li>Parsing during charset sniffing no longer fails if an advisory
<code>available()</code> call throws <code>IOException</code>, as seen
on JDK 8 <code>HttpURLConnection</code>. <a
href="https://redirect.github.com/jhy/jsoup/issues/2474">#2474</a></li>
<li><code>Cleaner</code> no longer makes relative URL attributes in the
input document absolute when cleaning or validating a
<code>Document</code>. URL normalization now applies only to the cleaned
output, and <code>Safelist.isSafeAttribute()</code> is side effect free.
<a
href="https://redirect.github.com/jhy/jsoup/issues/2475">#2475</a></li>
<li><code>Cleaner</code> no longer duplicates enforced attributes when
the input <code>Document</code> preserves attribute case. A case-variant
source attribute is now replaced by the enforced attribute in the
cleaned output. <a
href="https://redirect.github.com/jhy/jsoup/issues/2476">#2476</a></li>
<li>If a per-request SOCKS proxy is configured, jsoup now avoids using
the JDK <code>HttpClient</code>, because the JDK would silently ignore
that proxy and attempt to connect directly. Those requests now fall back
to the legacy <code>HttpURLConnection</code> transport instead, which
does support SOCKS. <a
href="https://redirect.github.com/jhy/jsoup/issues/2468">#2468</a></li>
<li><code>Connection.Response.streamParser()</code> and
<code>DataUtil.streamParser(Path, ...)</code> could fail on small inputs
without a declared charset, if the initial 5 KB charset sniff fully
consumed the input and closed it before the stream parse began. <a
href="https://redirect.github.com/jhy/jsoup/issues/2483">#2483</a></li>
<li>In XML mode, doctypes with an internal subset, such as
<code>&lt;!DOCTYPE root [&lt;!ENTITY name
&quot;value&quot;&gt;]&gt;</code>, now round-trip correctly. The subset
is preserved as raw text only; entities are not expanded and external
DTDs are not loaded. <a
href="https://redirect.github.com/jhy/jsoup/issues/2486">#2486</a></li>
</ul>
<h3>Build Changes</h3>
<ul>
<li>Migrated the integration test server from Jetty to Netty, which
actively maintains support for our minimum JDK target (8). <a
href="https://redirect.github.com/jhy/jsoup/pull/2491">#2491</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/jhy/jsoup/commit/ac28afe6e5bf96d39fd17c3e0a797a7585e1958c"><code>ac28afe</code></a>
[maven-release-plugin] prepare release jsoup-1.22.2</li>
<li><a
href="https://github.com/jhy/jsoup/commit/52f2cd3ea2004b9be0e0a09021bac7ce2daf8ae4"><code>52f2cd3</code></a>
Improve entity example in changelog</li>
<li><a
href="https://github.com/jhy/jsoup/commit/cf6ffe08616f8633ee6113b91f9d6a07acef38c6"><code>cf6ffe0</code></a>
Add Tag#TextBoundary option; bring TagSet to spec (<a
href="https://redirect.github.com/jhy/jsoup/issues/2493">#2493</a>)</li>
<li><a
href="https://github.com/jhy/jsoup/commit/2be739c1c659a1592c402a5441f8be6f7881280c"><code>2be739c</code></a>
Bump github/codeql-action from 4 to 4.35.1 (<a
href="https://redirect.github.com/jhy/jsoup/issues/2492">#2492</a>)</li>
<li><a
href="https://github.com/jhy/jsoup/commit/45de7cbc215eb3f1189d23eaf57acf6f7b1a5edf"><code>45de7cb</code></a>
Migrate integration test server from Jetty to Netty (<a
href="https://redirect.github.com/jhy/jsoup/issues/2491">#2491</a>)</li>
<li><a
href="https://github.com/jhy/jsoup/commit/1df14edbfc327a1ef309142ef5e8ed68324de320"><code>1df14ed</code></a>
Preserve XML doctype internal subset</li>
<li><a
href="https://github.com/jhy/jsoup/commit/06fa52d15a22003b67dfdb3f8220cc025d493a43"><code>06fa52d</code></a>
Adding Contribution Guide</li>
<li><a
href="https://github.com/jhy/jsoup/commit/d4a8941820c037327538c30a8723ec715b67b6f6"><code>d4a8941</code></a>
Simplify the test; doesn't need the buffer</li>
<li><a
href="https://github.com/jhy/jsoup/commit/823709f519995492d9a092fe315af389616e58f8"><code>823709f</code></a>
Don't reuse a fully read sniffed doc for StreamParser</li>
<li><a
href="https://github.com/jhy/jsoup/commit/e1b0df5fec53710214cd700de38d82e1ca92bd79"><code>e1b0df5</code></a>
NodeFilter javadoc tweak</li>
<li>Additional commits viewable in <a
href="https://github.com/jhy/jsoup/compare/jsoup-1.22.1...jsoup-1.22.2">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
ACANX pushed a commit to ACANX/MetaOpen that referenced this pull request Apr 28, 2026
@dependabot
chore(deps): 依赖构件版本升级[commons-codec:commons-codec][1.17.1 => 1.22.0] (#…
059c954 
…1423)

Bumps
[commons-codec:commons-codec](https://github.com/apache/commons-codec)
from 1.17.1 to 1.22.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt">commons-codec:commons-codec's
changelog</a>.</em></p>
<blockquote>
<h2>Apache Commons Codec 1.22.0 Release Notes</h2>
<p>The Apache Commons Codec team is pleased to announce the release of
Apache Commons Codec 1.22.0.</p>
<p>The Apache Commons Codec component contains encoders and decoders for
formats such as Base16, Base32, Base64, digest, and Hexadecimal. In
addition to these
widely used encoders and decoders, the codec package also maintains a
collection of phonetic encoding utilities.</p>
<p>This is a feature and maintenance release. Java 8 or later is
required.</p>
<h2>New features</h2>
<ul>
<li>CODEC-326: Add Base58 support. Thanks to Inkeet, Gary Gregory, Wolff
Bock von Wuelfingen.</li>
<li>
<pre><code> Add
BaseNCodecInputStream.AbstracBuilder.setByteArray(byte[]). Thanks to
Gary Gregory.
</code></pre>
</li>
<li>CODEC-335: Add GitIdentifiers to compute Git blob and tree object
identifiers. Thanks to Piotr P. Karwasz, Gary Gregory.</li>
</ul>
<h2>Fixed Bugs</h2>
<ul>
<li>CODEC-249: Fix Incorrect transform of CH digraph according Metaphone
basic rules <a
href="https://redirect.github.com/apache/commons-codec/issues/423">#423</a>.
Thanks to Shalu Jha, Andrey, Gary Gregory.</li>
<li>CODEC-317: ColognePhonetic can create duplicate consecutive codes in
some cases. Thanks to DRUser123, Shalu Jha, Gary Gregory.</li>
<li>
<pre><code> Add boundary tests for BinaryCodec.fromAscii partial-bit
inputs [#425](apache/commons-codec#425).
Thanks to fancying, Gary Gregory.
</code></pre>
</li>
<li>CODEC-336: Base64.Builder.setUrlSafe(boolean) Javadoc incorrectly
states null is accepted for primitive boolean parameter. Thanks to
Partha Paul, Gary Gregory.</li>
</ul>
<h2>Changes</h2>
<ul>
<li>
<pre><code> Bump org.apache.commons:commons-parent from 96 to 98. Thanks
to Gary Gregory.
</code></pre>
</li>
</ul>
<p>For complete information on Apache Commons Codec, including
instructions on how to submit bug reports,
patches, or suggestions for improvement, see the Apache Commons Codec
website:</p>
<p><a
href="https://commons.apache.org/proper/commons-codec/">https://commons.apache.org/proper/commons-codec/</a></p>
<p>Download page: <a
href="https://commons.apache.org/proper/commons-codec/download_codec.cgi">https://commons.apache.org/proper/commons-codec/download_codec.cgi</a></p>
<hr />
<h2>Apache Commons Codec 1.21.0 Release Notes</h2>
<p>The Apache Commons Codec team is pleased to announce the release of
Apache Commons Codec 1.21.0.</p>
<p>The Apache Commons Codec component contains encoders and decoders for
formats such as Base16, Base32, Base64, digest, and Hexadecimal. In
addition to these
widely used encoders and decoders, the codec package also maintains
a</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/apache/commons-codec/commit/81a6295f071df5819893422a397d94bc396f2edd"><code>81a6295</code></a>
Prepare for the release candidate 1.22.0 RC1</li>
<li><a
href="https://github.com/apache/commons-codec/commit/73104b011a9758896904831f9b1bd29aad077f11"><code>73104b0</code></a>
Prepare for the next release candidate</li>
<li><a
href="https://github.com/apache/commons-codec/commit/8e36214fa2760d37e4e9c83336ed5bb324c23482"><code>8e36214</code></a>
In-line single use test local variables</li>
<li><a
href="https://github.com/apache/commons-codec/commit/9bd67e787d88705baa26e85f3a9609dec015ba5b"><code>9bd67e7</code></a>
Use vararg syntax</li>
<li><a
href="https://github.com/apache/commons-codec/commit/25e52b06a3c24dc06216e7d29321a2f01c60ec6f"><code>25e52b0</code></a>
Use vararg syntax</li>
<li><a
href="https://github.com/apache/commons-codec/commit/e2ebaca8b30d1d04d0eb6a4e811a6d26631f4d31"><code>e2ebaca</code></a>
Bump github/codeql-action from 4.35.1 to 4.35.2</li>
<li><a
href="https://github.com/apache/commons-codec/commit/33998a05a8adc84ca944bad2e5c7215309d1477b"><code>33998a0</code></a>
Bump actions/upload-artifact from 7.0.0 to 7.0.1</li>
<li><a
href="https://github.com/apache/commons-codec/commit/50c6583280cb3ed67407dcaeb31df4f8fa8ede20"><code>50c6583</code></a>
Bump actions/cache from 5.0.4 to 5.0.5</li>
<li><a
href="https://github.com/apache/commons-codec/commit/b2be3a82b2d0902e89718a56c6afb5850d020668"><code>b2be3a8</code></a>
Add <a
href="https://github.com/Override"><code>@​Override</code></a></li>
<li><a
href="https://github.com/apache/commons-codec/commit/20f09bfcfdce88760ec9be095b848e85d9084acf"><code>20f09bf</code></a>
Use final.</li>
<li>Additional commits viewable in <a
href="https://github.com/apache/commons-codec/compare/rel/commons-codec-1.17.1...rel/commons-codec-1.22.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-codec:commons-codec&package-manager=maven&previous-version=1.17.1&new-version=1.22.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
ACANX pushed a commit to ACANX/MetaOpen that referenced this pull request Apr 28, 2026
@dependabot
chore(deps): 依赖构件版本升级[commons-codec:commons-codec][1.21.0 => 1.22.0] (#…
93af3e3 
…1427)

Bumps
[commons-codec:commons-codec](https://github.com/apache/commons-codec)
from 1.21.0 to 1.22.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt">commons-codec:commons-codec's
changelog</a>.</em></p>
<blockquote>
<h2>Apache Commons Codec 1.22.0 Release Notes</h2>
<p>The Apache Commons Codec team is pleased to announce the release of
Apache Commons Codec 1.22.0.</p>
<p>The Apache Commons Codec component contains encoders and decoders for
formats such as Base16, Base32, Base64, digest, and Hexadecimal. In
addition to these
widely used encoders and decoders, the codec package also maintains a
collection of phonetic encoding utilities.</p>
<p>This is a feature and maintenance release. Java 8 or later is
required.</p>
<h2>New features</h2>
<ul>
<li>CODEC-326: Add Base58 support. Thanks to Inkeet, Gary Gregory, Wolff
Bock von Wuelfingen.</li>
<li>
<pre><code> Add
BaseNCodecInputStream.AbstracBuilder.setByteArray(byte[]). Thanks to
Gary Gregory.
</code></pre>
</li>
<li>CODEC-335: Add GitIdentifiers to compute Git blob and tree object
identifiers. Thanks to Piotr P. Karwasz, Gary Gregory.</li>
</ul>
<h2>Fixed Bugs</h2>
<ul>
<li>CODEC-249: Fix Incorrect transform of CH digraph according Metaphone
basic rules <a
href="https://redirect.github.com/apache/commons-codec/issues/423">#423</a>.
Thanks to Shalu Jha, Andrey, Gary Gregory.</li>
<li>CODEC-317: ColognePhonetic can create duplicate consecutive codes in
some cases. Thanks to DRUser123, Shalu Jha, Gary Gregory.</li>
<li>
<pre><code> Add boundary tests for BinaryCodec.fromAscii partial-bit
inputs [#425](apache/commons-codec#425).
Thanks to fancying, Gary Gregory.
</code></pre>
</li>
<li>CODEC-336: Base64.Builder.setUrlSafe(boolean) Javadoc incorrectly
states null is accepted for primitive boolean parameter. Thanks to
Partha Paul, Gary Gregory.</li>
</ul>
<h2>Changes</h2>
<ul>
<li>
<pre><code> Bump org.apache.commons:commons-parent from 96 to 98. Thanks
to Gary Gregory.
</code></pre>
</li>
</ul>
<p>For complete information on Apache Commons Codec, including
instructions on how to submit bug reports,
patches, or suggestions for improvement, see the Apache Commons Codec
website:</p>
<p><a
href="https://commons.apache.org/proper/commons-codec/">https://commons.apache.org/proper/commons-codec/</a></p>
<p>Download page: <a
href="https://commons.apache.org/proper/commons-codec/download_codec.cgi">https://commons.apache.org/proper/commons-codec/download_codec.cgi</a></p>
<hr />
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/apache/commons-codec/commit/81a6295f071df5819893422a397d94bc396f2edd"><code>81a6295</code></a>
Prepare for the release candidate 1.22.0 RC1</li>
<li><a
href="https://github.com/apache/commons-codec/commit/73104b011a9758896904831f9b1bd29aad077f11"><code>73104b0</code></a>
Prepare for the next release candidate</li>
<li><a
href="https://github.com/apache/commons-codec/commit/8e36214fa2760d37e4e9c83336ed5bb324c23482"><code>8e36214</code></a>
In-line single use test local variables</li>
<li><a
href="https://github.com/apache/commons-codec/commit/9bd67e787d88705baa26e85f3a9609dec015ba5b"><code>9bd67e7</code></a>
Use vararg syntax</li>
<li><a
href="https://github.com/apache/commons-codec/commit/25e52b06a3c24dc06216e7d29321a2f01c60ec6f"><code>25e52b0</code></a>
Use vararg syntax</li>
<li><a
href="https://github.com/apache/commons-codec/commit/e2ebaca8b30d1d04d0eb6a4e811a6d26631f4d31"><code>e2ebaca</code></a>
Bump github/codeql-action from 4.35.1 to 4.35.2</li>
<li><a
href="https://github.com/apache/commons-codec/commit/33998a05a8adc84ca944bad2e5c7215309d1477b"><code>33998a0</code></a>
Bump actions/upload-artifact from 7.0.0 to 7.0.1</li>
<li><a
href="https://github.com/apache/commons-codec/commit/50c6583280cb3ed67407dcaeb31df4f8fa8ede20"><code>50c6583</code></a>
Bump actions/cache from 5.0.4 to 5.0.5</li>
<li><a
href="https://github.com/apache/commons-codec/commit/b2be3a82b2d0902e89718a56c6afb5850d020668"><code>b2be3a8</code></a>
Add <a
href="https://github.com/Override"><code>@​Override</code></a></li>
<li><a
href="https://github.com/apache/commons-codec/commit/20f09bfcfdce88760ec9be095b848e85d9084acf"><code>20f09bf</code></a>
Use final.</li>
<li>Additional commits viewable in <a
href="https://github.com/apache/commons-codec/compare/rel/commons-codec-1.21.0...rel/commons-codec-1.22.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-codec:commons-codec&package-manager=maven&previous-version=1.21.0&new-version=1.22.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
fabieu added a commit to fabieu/simdesk that referenced this pull request May 1, 2026
@dependabot @fabieu
Bump the minor-updates group with 12 updates (#300)
d0ce127 
Bumps the minor-updates group with 12 updates:

| Package | From | To |
| --- | --- | --- |
| com.vaadin:vaadin-bom | `25.1.1` | `25.1.4` |
| [org.postgresql:postgresql](https://github.com/pgjdbc/pgjdbc) |
`42.7.10` | `42.7.11` |
| [org.xerial:sqlite-jdbc](https://github.com/xerial/sqlite-jdbc) |
`3.51.3.0` | `3.53.0.0` |
| [commons-codec:commons-codec](https://github.com/apache/commons-codec)
| `1.21.0` | `1.22.0` |
| commons-io:commons-io | `2.21.0` | `2.22.0` |
| [com.discord4j:discord4j-core](https://github.com/Discord4J/Discord4J)
| `3.3.1` | `3.3.2` |
|
[org.springdoc:springdoc-openapi-starter-webmvc-ui](https://github.com/springdoc/springdoc-openapi)
| `3.0.2` | `3.0.3` |
| [org.projectlombok:lombok](https://github.com/projectlombok/lombok) |
`1.18.44` | `1.18.46` |
|
[org.springframework.boot](https://github.com/spring-projects/spring-boot)
| `4.0.5` | `4.0.6` |
| [com.vaadin](https://github.com/vaadin/platform) | `25.1.1` | `25.1.4`
|
| org.flywaydb.flyway | `12.3.0` | `12.5.0` |
| [gradle-wrapper](https://github.com/gradle/gradle) | `9.4.1` | `9.5.0`
|

Updates `com.vaadin:vaadin-bom` from 25.1.1 to 25.1.4

Updates `org.postgresql:postgresql` from 42.7.10 to 42.7.11
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pgjdbc/pgjdbc/releases">org.postgresql:postgresql's
releases</a>.</em></p>
<blockquote>
<h2>v42.7.11</h2>
<h2>Security</h2>
<ul>
<li>fix: Limit SCRAM PBKDF2 iterations accepted from the server.
pgjdbc was vulnerable to a client-side denial of service in
SCRAM-SHA-256 authentication, where a malicious or compromised
PostgreSQL server could specify an extremely large PBKDF2 iteration
count, causing the client to consume unbounded CPU and potentially
exhaust connection pools. The fix introduces a new scramMaxIterations
connection property (defaulting to 100,000) to cap iteration counts
before computation begins.
See the <a
href="https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-98qh-xjc8-98pq">Security
Advisory</a> for more detail.
The following <a
href="https://nvd.nist.gov/vuln/detail/CVE-2026-42198">CVE-2026-42198</a>
has been issued.</li>
</ul>
<h2>Changes</h2>
<ul>
<li>fix: Add sources and javadocs to shaded published lib generation <a
href="https://github.com/sehrope"><code>@​sehrope</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/4043">#4043</a>)</li>
<li>update Changelog and website for release of 42.7.11 <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/4042">#4042</a>)</li>
<li>Fix scram fix location in changelog and update published artifact
developer list <a
href="https://github.com/sehrope"><code>@​sehrope</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/4041">#4041</a>)</li>
<li>Restrict test with scram_iterations to v16+ and release notes <a
href="https://github.com/sehrope"><code>@​sehrope</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/4040">#4040</a>)</li>
<li>chore(deps): update ubuntu:24.04 docker digest to 84e77de <a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/4017">#4017</a>)</li>
<li>test: add tests for QueryExecutor#getTransactionState <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/4006">#4006</a>)</li>
<li>chore(deps): update actions/create-github-app-token action to v2.2.2
<a
href="https://github.com/renovate-bot"><code>@​renovate-bot</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3983">#3983</a>)</li>
<li>fix: fix flaky CopyBothResponseTest by using WAL flush LSN <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3979">#3979</a>)</li>
<li>fix: fix flaky replication restart tests by waiting for
confirmed_flush_lsn <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3975">#3975</a>)</li>
<li>test: fix flaky LogicalReplicationStatusTest by polling
pg_stat_replication <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3974">#3974</a>)</li>
<li>chore: replace Appveyor with ikalnytskyi/action-setup-postgres <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3966">#3966</a>)</li>
<li>test: move test table creation from <a
href="https://github.com/BeforeEach"><code>@​BeforeEach</code></a> to <a
href="https://github.com/BeforeAll"><code>@​BeforeAll</code></a> <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3967">#3967</a>)</li>
<li>Return jsonb as PGObject fixes Issue <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3926">#3926</a>
<a href="https://github.com/davecramer"><code>@​davecramer</code></a>
(<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3956">#3956</a>)</li>
<li>Update docker scripts <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3958">#3958</a>)</li>
<li>implement require_auth, this is pretty much how libpq does this. <a
href="https://github.com/davecramer"><code>@​davecramer</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3895">#3895</a>)</li>
<li>docs: add SCRAM authentication test setup section to TESTING.md <a
href="https://github.com/emmaeng700"><code>@​emmaeng700</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3945">#3945</a>)</li>
<li>Add RequireServerVersion annotation for tests <a
href="https://github.com/sehrope"><code>@​sehrope</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3939">#3939</a>)</li>
</ul>
<h2>🐛 Bug Fixes</h2>
<ul>
<li>fix: ensure extended protocol messages end with Sync message <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3728">#3728</a>)</li>
<li>fix: enable cursor-based fetching in extended protocol when
transaction started via SQL command <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3996">#3996</a>)</li>
<li>fix: retry with SSL on IOException when sslMode=ALLOW <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3973">#3973</a>)</li>
<li>fix: allow fallback to non-SSL connection when sslMode=prefer and
sslResponseTimeout kicks in <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3968">#3968</a>)</li>
<li>fix: catch SecurityException from setContextClassLoader on
ForkJoinPool workers <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3962">#3962</a>)</li>
<li>fix: use compareTo for LogSequenceNumber comparison <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3961">#3961</a>)</li>
<li>fix: release COPY lock on IOException to prevent connection hang (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3957">#3957</a>)
<a href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3960">#3960</a>)</li>
</ul>
<h2>🧰 Maintenance</h2>
<ul>
<li>style: replace <a
href="https://github.com/exception"><code>@​exception</code></a> with <a
href="https://github.com/throws"><code>@​throws</code></a> in getBoolean
javadoc <a href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/4035">#4035</a>)</li>
<li>chore: use <code>@​vlsi/github-actions-random-matrix</code> npm
package <a href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/4008">#4008</a>)</li>
<li>chore: use tag names for pinning github actions, pin
ikalnytskyi/action-setup-postgres <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/4007">#4007</a>)</li>
<li>chore: bump errorprone to 2.48.0 <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/4005">#4005</a>)</li>
<li>test: add <a
href="https://github.com/DisableLogger"><code>@​DisableLogger</code></a>
annotation to suppress expected log warnings in tests <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3971">#3971</a>)</li>
<li>chore: suppress deprecations in test code to reduce build verbosity
<a href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3972">#3972</a>)</li>
<li>chore: replace log warning in ConnectionFactory.closeStream with
Throwable.addSuppressed <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3970">#3970</a>)</li>
<li>chore: use greedy pairwise coverage for CI matrix generation <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3965">#3965</a>)</li>
<li>chore: use full version tags in GitHub Actions comments <a
href="https://github.com/vlsi"><code>@​vlsi</code></a> (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3963">#3963</a>)</li>
</ul>
<h2>⬆️ Dependencies</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md">org.postgresql:postgresql's
changelog</a>.</em></p>
<blockquote>
<h2>[42.7.11] (2026-04-28)</h2>
<h3>Security</h3>
<ul>
<li>fix: Limit SCRAM PBKDF2 iterations accepted from the server.
pgjdbc was vulnerable to a client-side denial of service in
SCRAM-SHA-256 authentication, where a malicious or compromised
PostgreSQL server could specify an extremely large PBKDF2 iteration
count, causing the client to consume unbounded CPU and potentially
exhaust connection pools. The fix introduces a new scramMaxIterations
connection property (defaulting to 100,000) to cap iteration counts
before computation begins.
See the <a
href="https://github.com/pgjdbc/pgjdbc/security/advisories/GHSA-98qh-xjc8-98pq">Security
Advisory</a> for more detail.
The following <a
href="https://nvd.nist.gov/vuln/detail/CVE-2026-42198">CVE-2026-42198</a>
has been issued.</li>
</ul>
<h3>Added</h3>
<ul>
<li>feat: implement require_auth connection property, aligning with
libpq behavior [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3895">#3895</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3895">pgjdbc/pgjdbc#3895</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>chore: replace Appveyor CI with ikalnytskyi/action-setup-postgres
[PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3966">#3966</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3966">pgjdbc/pgjdbc#3966</a>)</li>
<li>chore: upgrade Gradle to v9 [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3978">#3978</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3978">pgjdbc/pgjdbc#3978</a>)</li>
</ul>
<h3>Fixed</h3>
<ul>
<li>fix: ensure extended protocol messages end with Sync message [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3728">#3728</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3728">pgjdbc/pgjdbc#3728</a>)</li>
<li>fix: enable cursor-based fetching in extended protocol when
transaction started via SQL command [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3996">#3996</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3996">pgjdbc/pgjdbc#3996</a>)</li>
<li>fix: retry with SSL on IOException when sslMode=ALLOW [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3973">#3973</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3973">pgjdbc/pgjdbc#3973</a>)</li>
<li>fix: make sure the driver honours connectTimeout when retrying the
connection [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3968">#3968</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3968">pgjdbc/pgjdbc#3968</a>)</li>
<li>fix: allow fallback to non-SSL connection when sslMode=prefer and
sslResponseTimeout kicks in [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3968">#3968</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3968">pgjdbc/pgjdbc#3968</a>)</li>
<li>fix: catch SecurityException from setContextClassLoader on
ForkJoinPool workers [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3962">#3962</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3962">pgjdbc/pgjdbc#3962</a>)</li>
<li>fix: use compareTo for LogSequenceNumber comparison to handle
unsigned values correctly [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3961">#3961</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3961">pgjdbc/pgjdbc#3961</a>)</li>
<li>fix: release COPY lock on IOException to prevent connection hang [PR
<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3957">#3957</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3957">pgjdbc/pgjdbc#3957</a>)</li>
<li>fix: return jsonb as PGObject instead of String [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3956">#3956</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3956">pgjdbc/pgjdbc#3956</a>)</li>
<li>fix: align SSL key file permission check with libpq [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3952">#3952</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3952">pgjdbc/pgjdbc#3952</a>)</li>
<li>fix: guard connection closed flag with a reentrant lock to protect
against concurrent close [PR <a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/3905">#3905</a>](<a
href="https://redirect.github.com/pgjdbc/pgjdbc/pull/3905">pgjdbc/pgjdbc#3905</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/78e261ff2a7f16a37bdceb2204f67e484387da2f"><code>78e261f</code></a>
fix: Add sources and javadocs to shaded published lib generation</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/1e09fa0496377296c9e2ef3bfd2b409945fba17a"><code>1e09fa0</code></a>
update Changelog and website for release of 42.7.11 (<a
href="https://redirect.github.com/pgjdbc/pgjdbc/issues/4042">#4042</a>)</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/d479fa5b8c8c915a441ce1f2448f69f23dd0b66c"><code>d479fa5</code></a>
Fix scram fix location in changelog and update published artifact
developer l...</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/b04fc46af6c207bc7ce9e788fea8c43d18b73d0f"><code>b04fc46</code></a>
docs: Add scram max iters fix to changelog</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/cf548225b4078db954765339720ffdf3bc94e5a6"><code>cf54822</code></a>
test: Disable scram test on older version without scram_iterations
GUC</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/7dbcc79b2b4adf7b71458c9434d2c43cec7713b9"><code>7dbcc79</code></a>
test: Add SCRAM max iteration tests</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/c9d41d1332a7426fcef19ff89f2e6b1116429143"><code>c9d41d1</code></a>
fix: Limit SCRAM PBKDF2 iterations accepted from the server</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/a340cb2b0ae24c0d98ad9dec569200ebb704d6aa"><code>a340cb2</code></a>
style: replace <a
href="https://github.com/exception"><code>@​exception</code></a> with <a
href="https://github.com/throws"><code>@​throws</code></a> in getBoolean
javadoc</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/77837f80c0c20a9f33f9e21b091f4d4552f8e753"><code>77837f8</code></a>
fix(deps): update dependency
org.openrewrite.rewrite:org.openrewrite.rewrite....</li>
<li><a
href="https://github.com/pgjdbc/pgjdbc/commit/23af03bc839af5217ea141946ae41e648264061c"><code>23af03b</code></a>
chore(deps): update actions/checkout action to v6</li>
<li>Additional commits viewable in <a
href="https://github.com/pgjdbc/pgjdbc/compare/REL42.7.10...REL42.7.11">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.xerial:sqlite-jdbc` from 3.51.3.0 to 3.53.0.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/xerial/sqlite-jdbc/releases">org.xerial:sqlite-jdbc's
releases</a>.</em></p>
<blockquote>
<h2>Release 3.53.0.0</h2>
<h2>Changelog</h2>
<h2>🚀 Features</h2>
<p><strong>jdbc</strong></p>
<ul>
<li>expose wal_autocheckpoint pragma in SQLiteConfig (<a
href="https://github.com/xerial/sqlite-jdbc/commits/dd2adcc">dd2adcc</a>),
closes <a
href="https://redirect.github.com/xerial/sqlite-jdbc/issues/1397">#1397</a></li>
</ul>
<p><strong>sqlite</strong></p>
<ul>
<li>upgrade to sqlite 3.53.0 (<a
href="https://github.com/xerial/sqlite-jdbc/commits/baaf087">baaf087</a>)</li>
</ul>
<p><strong>unscoped</strong></p>
<ul>
<li>publish multiple classifer jars (<a
href="https://github.com/xerial/sqlite-jdbc/commits/bdd2b64">bdd2b64</a>),
closes <a
href="https://redirect.github.com/xerial/sqlite-jdbc/issues/1273">#1273</a></li>
<li>better Android support (<a
href="https://github.com/xerial/sqlite-jdbc/commits/7eb6f3f">7eb6f3f</a>),
closes <a
href="https://redirect.github.com/xerial/sqlite-jdbc/issues/1378">#1378</a></li>
</ul>
<h2>🛠  Build</h2>
<p><strong>deps</strong></p>
<ul>
<li>bump org.sonatype.central:central-publishing-maven-plugin (<a
href="https://github.com/xerial/sqlite-jdbc/commits/19259e5">19259e5</a>)</li>
<li>bump EndBug/add-and-commit from 9 to 10 (<a
href="https://github.com/xerial/sqlite-jdbc/commits/f572217">f572217</a>)</li>
</ul>
<p><strong>deps-dev</strong></p>
<ul>
<li>bump surefire.version from 3.5.4 to 3.5.5 (<a
href="https://github.com/xerial/sqlite-jdbc/commits/b649d25">b649d25</a>)</li>
<li>bump org.assertj:assertj-core from 3.27.6 to 3.27.7 (<a
href="https://github.com/xerial/sqlite-jdbc/commits/857a754">857a754</a>)</li>
<li>bump org.mockito:mockito-core from 5.21.0 to 5.23.0 (<a
href="https://github.com/xerial/sqlite-jdbc/commits/a597952">a597952</a>)</li>
</ul>
<h2>Contributors</h2>
<p>We'd like to thank the following people for their contributions:
Gauthier, Karl-Michael Edlinger, kju2</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/xerial/sqlite-jdbc/commit/f88e9c7b4d71a443fc9ce80c43e34cd85ceef338"><code>f88e9c7</code></a>
chore(release): 3.53.0.0 [skip ci]</li>
<li><a
href="https://github.com/xerial/sqlite-jdbc/commit/bdd2b64a107ef3aef2168a4446cb2b1c59992ddf"><code>bdd2b64</code></a>
feat: publish multiple classifer jars</li>
<li><a
href="https://github.com/xerial/sqlite-jdbc/commit/7eb6f3fb57c21e2d18a8145e2996caa0cdd398c3"><code>7eb6f3f</code></a>
feat: better Android support</li>
<li><a
href="https://github.com/xerial/sqlite-jdbc/commit/23ead2e027a9868184ab5d363c66652f7d6c64ca"><code>23ead2e</code></a>
chore: update native libraries</li>
<li><a
href="https://github.com/xerial/sqlite-jdbc/commit/baaf0870311ce780c7d15598fc080f3b31079aea"><code>baaf087</code></a>
feat(sqlite): upgrade to sqlite 3.53.0</li>
<li><a
href="https://github.com/xerial/sqlite-jdbc/commit/dd2adcc879a3b9914f3953629536f3d53473f275"><code>dd2adcc</code></a>
feat(jdbc): expose wal_autocheckpoint pragma in SQLiteConfig</li>
<li><a
href="https://github.com/xerial/sqlite-jdbc/commit/b649d257cbb030969cdbf2cf74d2a05b590ebf86"><code>b649d25</code></a>
build(deps-dev): bump surefire.version from 3.5.4 to 3.5.5</li>
<li><a
href="https://github.com/xerial/sqlite-jdbc/commit/857a754356614e2705b1ce1a955b47b0333fedeb"><code>857a754</code></a>
build(deps-dev): bump org.assertj:assertj-core from 3.27.6 to
3.27.7</li>
<li><a
href="https://github.com/xerial/sqlite-jdbc/commit/19259e5f34ed5a99515a0ae43711cddde0ef9158"><code>19259e5</code></a>
build(deps): bump
org.sonatype.central:central-publishing-maven-plugin</li>
<li><a
href="https://github.com/xerial/sqlite-jdbc/commit/a5979522b3a4b04020edda625891d2593638316a"><code>a597952</code></a>
build(deps-dev): bump org.mockito:mockito-core from 5.21.0 to
5.23.0</li>
<li>Additional commits viewable in <a
href="https://github.com/xerial/sqlite-jdbc/compare/3.51.3.0...3.53.0.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `commons-codec:commons-codec` from 1.21.0 to 1.22.0
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/apache/commons-codec/blob/master/RELEASE-NOTES.txt">commons-codec:commons-codec's
changelog</a>.</em></p>
<blockquote>
<h2>Apache Commons Codec 1.22.0 Release Notes</h2>
<p>The Apache Commons Codec team is pleased to announce the release of
Apache Commons Codec 1.22.0.</p>
<p>The Apache Commons Codec component contains encoders and decoders for
formats such as Base16, Base32, Base64, digest, and Hexadecimal. In
addition to these
widely used encoders and decoders, the codec package also maintains a
collection of phonetic encoding utilities.</p>
<p>This is a feature and maintenance release. Java 8 or later is
required.</p>
<h2>New features</h2>
<ul>
<li>CODEC-326: Add Base58 support. Thanks to Inkeet, Gary Gregory, Wolff
Bock von Wuelfingen.</li>
<li>
<pre><code> Add
BaseNCodecInputStream.AbstracBuilder.setByteArray(byte[]). Thanks to
Gary Gregory.
</code></pre>
</li>
<li>CODEC-335: Add GitIdentifiers to compute Git blob and tree object
identifiers. Thanks to Piotr P. Karwasz, Gary Gregory.</li>
</ul>
<h2>Fixed Bugs</h2>
<ul>
<li>CODEC-249: Fix Incorrect transform of CH digraph according Metaphone
basic rules <a
href="https://redirect.github.com/apache/commons-codec/issues/423">#423</a>.
Thanks to Shalu Jha, Andrey, Gary Gregory.</li>
<li>CODEC-317: ColognePhonetic can create duplicate consecutive codes in
some cases. Thanks to DRUser123, Shalu Jha, Gary Gregory.</li>
<li>
<pre><code> Add boundary tests for BinaryCodec.fromAscii partial-bit
inputs [#425](https://github.com/apache/commons-codec/issues/425).
Thanks to fancying, Gary Gregory.
</code></pre>
</li>
<li>CODEC-336: Base64.Builder.setUrlSafe(boolean) Javadoc incorrectly
states null is accepted for primitive boolean parameter. Thanks to
Partha Paul, Gary Gregory.</li>
</ul>
<h2>Changes</h2>
<ul>
<li>
<pre><code> Bump org.apache.commons:commons-parent from 96 to 98. Thanks
to Gary Gregory.
</code></pre>
</li>
</ul>
<p>For complete information on Apache Commons Codec, including
instructions on how to submit bug reports,
patches, or suggestions for improvement, see the Apache Commons Codec
website:</p>
<p><a
href="https://commons.apache.org/proper/commons-codec/">https://commons.apache.org/proper/commons-codec/</a></p>
<p>Download page: <a
href="https://commons.apache.org/proper/commons-codec/download_codec.cgi">https://commons.apache.org/proper/commons-codec/download_codec.cgi</a></p>
<hr />
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/apache/commons-codec/commit/81a6295f071df5819893422a397d94bc396f2edd"><code>81a6295</code></a>
Prepare for the release candidate 1.22.0 RC1</li>
<li><a
href="https://github.com/apache/commons-codec/commit/73104b011a9758896904831f9b1bd29aad077f11"><code>73104b0</code></a>
Prepare for the next release candidate</li>
<li><a
href="https://github.com/apache/commons-codec/commit/8e36214fa2760d37e4e9c83336ed5bb324c23482"><code>8e36214</code></a>
In-line single use test local variables</li>
<li><a
href="https://github.com/apache/commons-codec/commit/9bd67e787d88705baa26e85f3a9609dec015ba5b"><code>9bd67e7</code></a>
Use vararg syntax</li>
<li><a
href="https://github.com/apache/commons-codec/commit/25e52b06a3c24dc06216e7d29321a2f01c60ec6f"><code>25e52b0</code></a>
Use vararg syntax</li>
<li><a
href="https://github.com/apache/commons-codec/commit/e2ebaca8b30d1d04d0eb6a4e811a6d26631f4d31"><code>e2ebaca</code></a>
Bump github/codeql-action from 4.35.1 to 4.35.2</li>
<li><a
href="https://github.com/apache/commons-codec/commit/33998a05a8adc84ca944bad2e5c7215309d1477b"><code>33998a0</code></a>
Bump actions/upload-artifact from 7.0.0 to 7.0.1</li>
<li><a
href="https://github.com/apache/commons-codec/commit/50c6583280cb3ed67407dcaeb31df4f8fa8ede20"><code>50c6583</code></a>
Bump actions/cache from 5.0.4 to 5.0.5</li>
<li><a
href="https://github.com/apache/commons-codec/commit/b2be3a82b2d0902e89718a56c6afb5850d020668"><code>b2be3a8</code></a>
Add <a
href="https://github.com/Override"><code>@​Override</code></a></li>
<li><a
href="https://github.com/apache/commons-codec/commit/20f09bfcfdce88760ec9be095b848e85d9084acf"><code>20f09bf</code></a>
Use final.</li>
<li>Additional commits viewable in <a
href="https://github.com/apache/commons-codec/compare/rel/commons-codec-1.21.0...rel/commons-codec-1.22.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `commons-io:commons-io` from 2.21.0 to 2.22.0

Updates `com.discord4j:discord4j-core` from 3.3.1 to 3.3.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/Discord4J/Discord4J/releases">com.discord4j:discord4j-core's
releases</a>.</em></p>
<blockquote>
<h2>v3.3.2</h2>
<h2><strong>Discord4J v3.3.2</strong></h2>
<p><strong>Discord4J v3.3.2</strong> is now available on Maven Central
with bugfixes, new features and improvements.</p>
<p><strong>Commits</strong>: <a
href="https://github.com/Discord4J/Discord4J/compare/3.3.1...3.3.2">https://github.com/Discord4J/Discord4J/compare/3.3.1...3.3.2</a></p>
<h2>⚠️ Update considerations (API or behavior changes)</h2>
<ul>
<li>If your bot use voice features please check <a
href="https://github.com/Discord4J/Discord4J/blob/master/voice/README.md">https://github.com/Discord4J/Discord4J/blob/master/voice/README.md</a>
for how handle the necesary steps for make your bot works with DAVE
Protocol</li>
<li>This update consider using REST/Gateway V10 with all the
requirements by discord (ref: <a
href="https://docs.discord.com/developers/change-log#api-v10">https://docs.discord.com/developers/change-log#api-v10</a>)</li>
<li>The MultipartRequest used for upload of files was updated for handle
the V10 requeriments and also handle new rules for another API usades
like Community Invites (<a
href="https://github.com/Discord4J/Discord4J/commit/b60f40c7ede48e0a4ff8d9094d494af9a08d38fe">https://github.com/Discord4J/Discord4J/commit/b60f40c7ede48e0a4ff8d9094d494af9a08d38fe</a>)</li>
<li><code>MessageCreateFields.File</code> has a new field called
&quot;description&quot; related to how fiels can have this value added,
this make any <code>addFile(String name, InputStream stream)</code>
method now become <code>addFile(String name, String description,
InputStream stream)</code> where this new field is required unless you
use <code>MessageCreateFields.File#of</code> static method</li>
</ul>
<h2>⭐️ New features</h2>
<ul>
<li>Add support for Targeted Invites (<a
href="https://redirect.github.com/Discord4J/Discord4J/issues/1341">#1341</a>)</li>
<li>Add support for DAVE Protocol (<a
href="https://redirect.github.com/Discord4J/Discord4J/issues/1344">#1344</a>)</li>
</ul>
<h2>📔 Documentation</h2>
<ul>
<li>Fix mention of deprecated permissions (<a
href="https://github.com/Discord4J/Discord4J/commit/23d3b851f4173240d104e5b9b4dbaff5f2082b37">https://github.com/Discord4J/Discord4J/commit/23d3b851f4173240d104e5b9b4dbaff5f2082b37</a>)</li>
<li>Fix format warnings in docs (<a
href="https://github.com/Discord4J/Discord4J/commit/b57ca9e479f34231af5040ab4c1d005a48ba6cb7">https://github.com/Discord4J/Discord4J/commit/b57ca9e479f34231af5040ab4c1d005a48ba6cb7</a>)</li>
</ul>
<h2>🔨 Dependency upgrades</h2>
<ul>
<li>Update Gradle Wrapper and Build with JDK 25 (the target still is
1.8) (<a
href="https://github.com/Discord4J/Discord4J/commit/e88aa79cfd4df0209fc063a858bd508579d83500">https://github.com/Discord4J/Discord4J/commit/e88aa79cfd4df0209fc063a858bd508579d83500</a>)</li>
<li>Include JSpecify (in favor of deprecated Reactor Nullable
annotations) (<a
href="https://github.com/Discord4J/Discord4J/commit/b0aa7d76e19973462e8e6723ad6ca5e4cbe80e1b">https://github.com/Discord4J/Discord4J/commit/b0aa7d76e19973462e8e6723ad6ca5e4cbe80e1b</a>)</li>
<li>Update Immutables to <a
href="https://github.com/Discord4J/Discord4J/commit/fdb461cf9657cde8e5fde1eff04c4493c1d3293b">2.12.1</a></li>
<li>Update discord-json to <a
href="https://github.com/Discord4J/Discord4J/commit/ac4c0ee96a850cf45c5dd46db4caeea8a4dd0d62">1.7.22</a></li>
</ul>
<h2>💜 Contributors</h2>
<p>Thanks to all contributors and collaborators involved in this
release.
<a href="https://github.com/Azn9"><code>@​Azn9</code></a> <a
href="https://github.com/baskwo"><code>@​baskwo</code></a> <a
href="https://github.com/Doc94"><code>@​Doc94</code></a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/Discord4J/Discord4J/commit/d88a39615efbf838c4dfd71869ea484ba32b880d"><code>d88a396</code></a>
Release version '3.3.2'.</li>
<li><a
href="https://github.com/Discord4J/Discord4J/commit/7c6b2adc2b93b7bcd84990e4d81a7bf438ac19e0"><code>7c6b2ad</code></a>
chore: update gradle wrapper [ci skip]</li>
<li><a
href="https://github.com/Discord4J/Discord4J/commit/38c7872a4c40521ec2940512023b6dad5bc6d747"><code>38c7872</code></a>
feat(voice): DAVE Support with libdave-jvm (<a
href="https://redirect.github.com/Discord4J/Discord4J/issues/1344">#1344</a>)</li>
<li><a
href="https://github.com/Discord4J/Discord4J/commit/4efcd131650ad55a8bb8ceb2854a8fd7671b1845"><code>4efcd13</code></a>
docs: fix warning for code in Channel docs</li>
<li><a
href="https://github.com/Discord4J/Discord4J/commit/aaf9f919ef31d363287c659610c490ed6e4e4b8a"><code>aaf9f91</code></a>
chore: update .gitignore for internal tests [ci skip]</li>
<li><a
href="https://github.com/Discord4J/Discord4J/commit/7da228cb2edfc3b1eedeae871fdaa30990a0b61d"><code>7da228c</code></a>
feat: Support Targeted Invites (<a
href="https://redirect.github.com/Discord4J/Discord4J/issues/1341">#1341</a>)</li>
<li><a
href="https://github.com/Discord4J/Discord4J/commit/f1439b68af6cb8852a5e813358cb167cfe9981f0"><code>f1439b6</code></a>
feat: Enforce v10 for Discord API (<a
href="https://redirect.github.com/Discord4J/Discord4J/issues/1342">#1342</a>)</li>
<li><a
href="https://github.com/Discord4J/Discord4J/commit/0a103a5dbe66839db2d6695fb6abb76a534598cf"><code>0a103a5</code></a>
chore: update com.gorylenko.gradle-git-properties version to 2.5.7</li>
<li><a
href="https://github.com/Discord4J/Discord4J/commit/fdb461cf9657cde8e5fde1eff04c4493c1d3293b"><code>fdb461c</code></a>
chore(deps): update immutables version to 2.12.1</li>
<li><a
href="https://github.com/Discord4J/Discord4J/commit/ac4c0ee96a850cf45c5dd46db4caeea8a4dd0d62"><code>ac4c0ee</code></a>
chore(deps): update discordJsonVersion to 1.7.22</li>
<li>Additional commits viewable in <a
href="https://github.com/Discord4J/Discord4J/compare/3.3.1...3.3.2">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.springdoc:springdoc-openapi-starter-webmvc-ui` from 3.0.2
to 3.0.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/springdoc/springdoc-openapi/releases">org.springdoc:springdoc-openapi-starter-webmvc-ui's
releases</a>.</em></p>
<blockquote>
<h2>springdoc-openapi v3.0.3 released!</h2>
<h3>Added</h3>
<ul>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3246">#3246</a>
– Add Springdoc OpenAPI MCP (Model Context Protocol) support</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3256">#3256</a>
– Auto-set <code>nullable: true</code> for Kotlin nullable types in
schema properties</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3239">#3239</a>
– Add support for the <code>@Range</code> constraint validation
annotation</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3244">#3244</a>
– Handle default values for <code>LocalDate</code></li>
</ul>
<h3>Changed</h3>
<ul>
<li>Upgrade Spring Boot to version <strong>4.0.5</strong></li>
<li>Upgrade swagger-core to version <strong>2.2.47</strong></li>
<li>Upgrade swagger-ui to version <strong>5.32.2</strong></li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3260">#3260</a>
– <code>@ConditionalOnClass(HateoasProperties.class)</code> in
<code>SpringDocHateoasConfiguration</code></li>
<li>Forwards all MCP non-transport headers to downstream methods</li>
<li>Dynamically resolve the base path from
<code>window.location.pathname</code> for MCP UI</li>
</ul>
<h3>Fixed</h3>
<ul>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3258">#3258</a>
– Setting API Version Required when using WebFlux breaks the Swagger
UI</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3259">#3259</a>
– Annotated Generic properties getting applied to sibling
properties</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3255">#3255</a>
– <code>Direction</code> enum: fixed visibility scope of group order so
that <code>setGroupsOrder</code> method can be used</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3247">#3247</a>
– Preserve YAML group URLs in Swagger UI</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3245">#3245</a>
– Upgrade swagger-core from version 2.2.43 to 2.2.45</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3235">#3235</a>
– <code>PropertyResolverUtils</code> retains a <code>JsonNode</code>
when reading an <code>ExtensionProperty</code> annotation</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3226">#3226</a>
– Propagate <code>JsonView</code> context when resolving
<code>Page&lt;T&gt;</code> schema</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/seregamorph"><code>@​seregamorph</code></a>
made their first contribution in <a
href="https://redirect.github.com/springdoc/springdoc-openapi/pull/3260">springdoc/springdoc-openapi#3260</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/springdoc/springdoc-openapi/compare/v3.0.2...v3.0.3">https://github.com/springdoc/springdoc-openapi/compare/v3.0.2...v3.0.3</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/springdoc/springdoc-openapi/blob/v3.0.3/CHANGELOG.md">org.springdoc:springdoc-openapi-starter-webmvc-ui's
changelog</a>.</em></p>
<blockquote>
<h2>[3.0.3] - 2026-04-12</h2>
<h3>Added</h3>
<ul>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3246">#3246</a>
– Add Springdoc OpenAPI MCP (Model Context Protocol) support</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3256">#3256</a>
– Auto-set <code>nullable: true</code> for Kotlin nullable types in
schema properties</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3239">#3239</a>
– Add support for the <code>@Range</code> constraint validation
annotation</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3244">#3244</a>
– Handle default values for <code>LocalDate</code></li>
</ul>
<h3>Changed</h3>
<ul>
<li>Upgrade Spring Boot to version <strong>4.0.5</strong></li>
<li>Upgrade swagger-core to version <strong>2.2.47</strong></li>
<li>Upgrade swagger-ui to version <strong>5.32.2</strong></li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3260">#3260</a>
– <code>@ConditionalOnClass(HateoasProperties.class)</code> in
<code>SpringDocHateoasConfiguration</code></li>
<li>Forwards all MCP non-transport headers to downstream methods</li>
<li>Dynamically resolve the base path from
<code>window.location.pathname</code> for MCP UI</li>
</ul>
<h3>Fixed</h3>
<ul>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3258">#3258</a>
– Setting API Version Required when using WebFlux breaks the Swagger
UI</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3259">#3259</a>
– Annotated Generic properties getting applied to sibling
properties</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3255">#3255</a>
– <code>Direction</code> enum: fixed visibility scope of group order so
that <code>setGroupsOrder</code> method can be used</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3247">#3247</a>
– Preserve YAML group URLs in Swagger UI</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3245">#3245</a>
– Upgrade swagger-core from version 2.2.43 to 2.2.45</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3235">#3235</a>
– <code>PropertyResolverUtils</code> retains a <code>JsonNode</code>
when reading an <code>ExtensionProperty</code> annotation</li>
<li><a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3226">#3226</a>
– Propagate <code>JsonView</code> context when resolving
<code>Page&lt;T&gt;</code> schema</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/springdoc/springdoc-openapi/commit/3c30283fb33ced3b8368c7a890ee05d23119322a"><code>3c30283</code></a>
[maven-release-plugin] prepare release v3.0.3</li>
<li><a
href="https://github.com/springdoc/springdoc-openapi/commit/4184c05db39e96e8d1ce1287d5f58f242a4c8165"><code>4184c05</code></a>
update .gitignore</li>
<li><a
href="https://github.com/springdoc/springdoc-openapi/commit/89745c20c3695b9b934cbf77f96ef1cd1df9fac7"><code>89745c2</code></a>
CHANGELOG.md update</li>
<li><a
href="https://github.com/springdoc/springdoc-openapi/commit/4d1a730134720740ed3b9a2831d14e97dbe28780"><code>4d1a730</code></a>
Merge pull request <a
href="https://redirect.github.com/springdoc/springdoc-openapi/issues/3260">#3260</a>
from seregamorph/SpringDocHateoasConfiguration-class...</li>
<li><a
href="https://github.com/springdoc/springdoc-openapi/commit/54e765036d9d49935a97e3ccebd875581efcc8ed"><code>54e7650</code></a>
ConditionalOnClass (HateoasProperties.class) in
SpringDocHateoasConfiguration</li>
<li><a
href="https://github.com/springdoc/springdoc-openapi/commit/9f354b2a3cb92a8caa1d0518b1916ac4f79fbd71"><code>9f354b2</code></a>
Spring-boot upgrade to version 4.0.5</li>
<li><a
href="https://github.com/springdoc/springdoc-openapi/commit/14df32f99179db89967a6260562775cd6b883128"><code>14df32f</code></a>
Forwards all MCP non-transport headers, to downstream methods</li>
<li><a
href="https://github.com/springdoc/springdoc-openapi/commit/3ee9a44547f44fb4982c98b7a5dbc1f6f9aff1a3"><code>3ee9a44</code></a>
Forwards all MCP non-transport headers, to downstream methods</li>
<li><a
href="https://github.com/springdoc/springdoc-openapi/commit/df99408a7674af5ea3fc40f79d81bfef372e7c0e"><code>df99408</code></a>
upgrade swagger-ui to version 5.32.2</li>
<li><a
href="https://github.com/springdoc/springdoc-openapi/commit/6ee70f4074e76d3d8554487e4318681d95e444d7"><code>6ee70f4</code></a>
upgrade swagger-api to version 2.2.47</li>
<li>Additional commits viewable in <a
href="https://github.com/springdoc/springdoc-openapi/compare/v3.0.2...v3.0.3">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.projectlombok:lombok` from 1.18.44 to 1.18.46
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/projectlombok/lombok/blob/master/doc/changelog.markdown">org.projectlombok:lombok's
changelog</a>.</em></p>
<blockquote>
<h3>v1.18.46 (April 22nd, 2026)</h3>
<ul>
<li>PLATFORM: JDK26 support added <a
href="https://redirect.github.com/projectlombok/lombok/issues/4019">#4019</a>.</li>
<li>PLATFORM: Spring Tools Suite 5 supported <a
href="https://redirect.github.com/projectlombok/lombok/issues/3985">#3985</a>.</li>
<li>BUGFIX: <code>@Jacksonized</code> no longer stops generating
<code>@JsonProperty</code> once an explicit <code>@JsonIgnore</code>
annotations is encountered <a
href="https://redirect.github.com/projectlombok/lombok/issues/4022">#4022</a>.</li>
<li>BUGFIX: In eclipse, mixing <code>@Jacksonized</code> and
<code>fluent = true</code> no longer causes the error
<code>com.fasterxml.jackson.annotation.JsonProperty is not a repeatable
annotation interface</code>. <a
href="https://redirect.github.com/projectlombok/lombok/issues/3934">#3934</a>.</li>
<li>BUGFIX: Some finishing touches for v1.18.44's support of Jackson3 <a
href="https://redirect.github.com/projectlombok/lombok/issues/4004">#4004</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/projectlombok/lombok/commit/936ca59baf844fd6c0ad641974295498785d8091"><code>936ca59</code></a>
[build] lombok's launcher is still intended to be 1.4 compatible, or at
least...</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/fcdab3f29e1b48c8f4b33ef9231ec2587a43d122"><code>fcdab3f</code></a>
[version] pre-release version bump</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/1cb7d49c5d2dc98af7a66413d8119dec285d0666"><code>1cb7d49</code></a>
[changelog]<a
href="https://redirect.github.com/projectlombok/lombok/issues/4004">#4004</a>
Mention Jackson3 final touches in changelog.</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/12a15b00555ec8097eca2bf7d77c2c2124e13e0e"><code>12a15b0</code></a>
Fix: Bump EA_JDK to 27 (25 and 26 have been released)</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/2be766cfc2ef56f2d986f28f734c98535d611aee"><code>2be766c</code></a>
Merge branch 'jackson3-final-touches'</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/290fa4c8539c7e97b47f7e80033e078127050eb5"><code>290fa4c</code></a>
[trivial] constantize the warning we spit out for ambiguous jackson2/3,
and m...</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/e6567b6621f86b43033ab4a75e0273780e18e998"><code>e6567b6</code></a>
test: Add Jackson 3 test cases and version ambiguity warnings</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/45e72e241abe98dcfb66408402da825dd2b8e925"><code>45e72e2</code></a>
feat: Add Jackson 3 databind/dataformat annotations to HandlerUtil copy
lists</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/184d42363d86446a63b6270ac1eb352dc43ae76c"><code>184d423</code></a>
feat: Add Jackson 3 support to <a
href="https://github.com/Jacksonized"><code>@​Jacksonized</code></a>
handlers</li>
<li><a
href="https://github.com/projectlombok/lombok/commit/e027ad0f1515bd33d4d329d90e59dccbaf44651e"><code>e027ad0</code></a>
refactored to ShadowClassLoader use Collections::enumeration instead of
Vector</li>
<li>Additional commits viewable in <a
href="https://github.com/projectlombok/lombok/compare/v1.18.44...v1.18.46">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.springframework.boot` from 4.0.5 to 4.0.6
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spring-projects/spring-boot/releases">org.springframework.boot's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.6</h2>
<h2>:lady_beetle: Bug Fixes</h2>
<ul>
<li>Default security is misconfigured when
spring-boot-actuator-autoconfigure is present and spring-boot-health is
not <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50188">#50188</a></li>
<li>Elasticsearch Rest5Client auto-configuration misconfigures
underlying HTTP client <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50187">#50187</a></li>
<li>ApplicationPidFileWriter does not handle symlinks correctly <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50185">#50185</a></li>
<li>RandomValuePropertySource is not suitable for secrets <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50183">#50183</a></li>
<li>Cassandra auto-configuration misconfigures CqlSessionBuilder <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50180">#50180</a></li>
<li>ApplicationTemp does not handle symlinks correctly <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50178">#50178</a></li>
<li>Remote DevTools performs comparison incorrectly <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50176">#50176</a></li>
<li>spring.rabbitmq.ssl.verify-hostname is applied inconsistently <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50174">#50174</a></li>
<li>Whole number values are ignored when configuring min and max
expected values and SLO boundaries for a distribution summary meter <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50077">#50077</a></li>
<li>Classic starters are missing several modules <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50071">#50071</a></li>
<li>Module spring-boot-resttestclient is missing from
spring-boot-starter-test-classic <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/50069">#50069</a></li>
<li>Annotations like <code>@Ssl</code> don't work on <code>@Bean</code>
methods when using <code>@ServiceConnection</code> <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50064">#50064</a></li>
<li>EnversRevisionRepositoriesRegistrar should reuse
<code>@EnableEnversRepositories</code> rather than configuring the JPA
counterpart <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50039">#50039</a></li>
<li>WebFlux Cloud Foundry links endpoint includes query string from
received request in resolved links <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50017">#50017</a></li>
<li>Imports on a containing test class are ignored when a nested class
has imports <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50012">#50012</a></li>
<li>With spring.jackson.use-jackson2-defaults set to true,
FAIL_ON_UNKNOWN_PROPERTIES is enabled <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/49951">#49951</a></li>
<li>500 response from env endpoint when supplied pattern is invalid <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/49946">#49946</a></li>
<li>Reactive MongoDB starter has a transitive dependency on the
synchronous MongoDB driver <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/49945">#49945</a></li>
<li>HTTP method is lost when configuring excludes in EndpointRequest <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/49943">#49943</a></li>
<li>Honor HttpMethod for reactive additional endpoint paths <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/49880">#49880</a></li>
<li>Docker Compose support doesn't work with apache/artemis image <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/49869">#49869</a></li>
<li>Docker Compose support doesn't work with apache/activemq image <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/49866">#49866</a></li>
<li>Spring Security's PathPatternRequestMatcher.Builder is not
auto-configured when using WebMvcTest and spring-boot-security-test <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/49854">#49854</a></li>
<li>API versioning path strategy should be applied path last as it is
not meant to yield <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/49800">#49800</a></li>
</ul>
<h2>:notebook_with_decorative_cover: Documentation</h2>
<ul>
<li>Update docs to encourage Java fundamentals for beginners that prefer
to learn that way <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50146">#50146</a></li>
<li>HTTP Service Interface Clients still document that API versioning
can be configured via properties <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50126">#50126</a></li>
<li>Link to the observability section of the Lettuce documentation is
broken <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50097">#50097</a></li>
<li>Javadoc for StaticResourceLocation.FAVICON doesn't describe icons
location <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50085">#50085</a></li>
<li>MySamlRelyingPartyConfiguration is missing a Kotlin sample <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50024">#50024</a></li>
<li>Incorrect default value for
management.httpexchanges.recording.include in configuration metadata <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50019">#50019</a></li>
<li>Link to the Kubernetes documentation when discussing startup probes
<a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50015">#50015</a></li>
<li>Typo in JdbcSessionAutoConfiguration Javadoc <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/49873">#49873</a></li>
<li>Clarify that configuration property default values are not available
through the Environment <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/49851">#49851</a></li>
<li>Document the need for Liquibase and Flyway starters <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/49839">#49839</a></li>
<li>Kafka documentation refers to deprecated JSON serializer and
deserializer classes <a
href="https://redirect.github.com/spring-projects/spring-boot/pull/49826">#49826</a></li>
</ul>
<h2>:hammer: Dependency Upgrades</h2>
<ul>
<li>Upgrade to Elasticsearch Client 9.2.8 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50027">#50027</a></li>
<li>Upgrade to Groovy 5.0.5 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/49911">#49911</a></li>
<li>Upgrade to Hibernate 7.2.12.Final <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50134">#50134</a></li>
<li>Upgrade to Jackson Bom 3.1.2 <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50051">#50051</a></li>
<li>Upgrade to <a
href="https://github.com/jaxen-xpath/jaxen/releases/tag/v2.0.1">Jaxen
2.0.1</a> <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/50104">#50104</a></li>
<li>Upgrade to <a
href="https://github.com/FirebirdSQL/jaybird/releases/tag/v6.0.5">Jaybird
6.0.5</a> <a
href="https://redirect.github.com/spring-projects/spring-boot/issues/49914">#49914</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/8821ad2cd381bb4b9615a61479e1de7305a8ba39"><code>8821ad2</code></a>
Release v4.0.6</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/9e4048a03f17adfe78057a3c4d5b4693305c0ae0"><code>9e4048a</code></a>
Merge branch '3.5.x' into 4.0.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/20bb11c3984802990572ddbeae8b66885a8f2462"><code>20bb11c</code></a>
Next development version (v3.5.15-SNAPSHOT)</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/98daa8ea30f39a5b0ca6768b5cbc2dc8698ef4e1"><code>98daa8e</code></a>
Merge branch '3.5.x' into 4.0.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/9dc5aa2863f598a15d3dfa116f4b89249daba7e7"><code>9dc5aa2</code></a>
Polish</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/874f6294b91da18367b8b5ab7b2fad3fa23cfba6"><code>874f629</code></a>
Fix default security with actuator but without health</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/e41b3bf731d1134bc18ec1f68ac01e0fe1c54923"><code>e41b3bf</code></a>
Enable hostname verification for SSL connections to Elasticsearch</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/ef8527bb0ef8f564f4f9c57a7be99a7aa96c6ab0"><code>ef8527b</code></a>
Merge branch '3.5.x' into 4.0.x</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/f533a4549c3999aac30cb5830f07dc304933e93d"><code>f533a45</code></a>
Do not follow symlinks when writing PID file</li>
<li><a
href="https://github.com/spring-projects/spring-boot/commit/4a7bd332b6d19fef1aa4cf28434985f2b03a2e0f"><code>4a7bd33</code></a>
Merge branch '3.5.x' into 4.0.x</li>
<li>Additional commits viewable in <a
href="https://github.com/spring-projects/spring-boot/compare/v4.0.5...v4.0.6">compare
view</a></li>
</ul>
</details>
<br />

Updates `com.vaadin` from 25.1.1 to 25.1.4
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/vaadin/platform/releases">com.vaadin's
releases</a>.</em></p>
<blockquote>
<h2>Vaadin 25.1.4</h2>
<p><em>This is a maintenance release for Vaadin 25.1. See <a
href="https://github.com/vaadin/platform/releases/tag/25.1.0">25.1.0
release notes</a> for details and resources.</em></p>
<h2>Changelogs</h2>
<!-- raw HTML omitted -->
<ul>
<li>Flow (<a
href="https://github.com/vaadin/flow/releases/tag/25.1.4">25.1.4</a>)
and Hilla (<a
href="https://github.com/vaadin/hilla/releases/tag/25.1.3">25.1.3</a>)</li>
<li>Design System
<ul>
<li>Web Components (<a
href="https://github.com/vaadin/web-components/releases/tag/v25.1.2">25.1.2</a>)</li>
<li>Flow Components (<a
href="https://github.com/vaadin/flow-components/releases/tag/25.1.4">25.1.4</a>)</li>
</ul>
</li>
<li>TestBench (<a
href="https://github.com/vaadin/testbench/releases/tag/10.1.1">10.1.1</a>)</li>
<li>Browserless Test(<a
href="https://vaadin.com/docs/next/flow/testing/browserless">1.0.0</a>)</li>
<li>Feature Pack(<a
href="https://vaadin.com/docs/latest/tools/modernization-toolkit/feature-pack">25.0.0</a>)</li>
<li>Modernization Toolkit (<a
href="https://vaadin.com/docs/latest/tools/modernization-toolkit">Documentation</a>)
<ul>
<li>Feature Pack (<a
href="https://vaadin.com/docs/latest/tools/modernization-toolkit/feature-pack">Documentation</a>)</li>
<li>Dragonfly (<a
href="https://vaadin.com/docs/latest/tools/modernization-toolkit/dragonfly">Documentation</a>)</li>
<li>Modernization Toolkit Analyzer (<a
href="https://vaadin.com/docs/latest/tools/modernization-toolkit/analyzer-for-eclipse">Analyzer
for Eclipse</a>, <a
href="https://vaadin.com/docs/latest/tools/modernization-toolkit/analyzer-for-maven">Analyzer
for Maven</a>)</li>
</ul>
</li>
<li>Multiplatform Runtime (MPR) (<a
href="https://github.com/vaadin/multiplatform-runtime/releases/tag/8.0.1">8.0.1</a>)</li>
<li>Router (<a
href="https://github.com/vaadin/vaadin-router/releases/tag/v2.0.1">2.0.1</a>)</li>
<li>Vaadin Kits
<ul>
<li>AppSec Kit (<a
href="https://vaadin.com/docs/latest/tools/appsec">4.0.2</a>)</li>
<li>Azure Kit (<a
href="https://vaadin.com/docs/latest/tools/azure-cloud">1.0.0</a>)</li>
<li>Collaboration Engine (<a
href="https://github.com/vaadin/collaboration-kit/releases/tag/7.0.0">7.0.0</a>)</li>
<li>Copilot (<a
href="https://vaadin.com/docs/latest/tools/copilot">25.1.3</a>)</li>
<li>Kubernetes Kit (<a
href="https://github.com/vaadin/kubernetes-kit/releases/tag/3.1.0">3.1.0</a>)</li>
<li>Observability Kit (<a
href="https://github.com/vaadin/observability-kit/releases/tag/4.1.0">4.1.0</a>)</li>
<li>SSO Kit (<a
href="https://github.com/vaadin/sso-kit/releases/tag/4.1.1">4.1.1</a>)</li>
<li>Swing Kit (<a
href="https://vaadin.com/docs/latest/tools/swing">3.0.1</a>)</li>
</ul>
</li>
</ul>
<p><strong>Official add-ons and plugins:</strong></p>
<ul>
<li>Spring add-on (25.1.4)</li>
<li>CDI add-on (<a
href="https://github.com/vaadin/cdi/releases/tag/16.0.1">16.0.1</a>)</li>
<li>Maven plugin (25.1.4)</li>
<li>Gradle plugin (25.1.4)</li>
<li>Quarkus plugin (<a
href="https://github.com/vaadin/quarkus/releases/tag/3.1.1">3.1.1</a>)</li>
</ul>
<h2>Vaadin 25.1.3</h2>
<p><em>This is a maintenance release for Vaadin 25.1. See <a
href="https://github.com/vaadin/platform/releases/tag/25.1.0">25.1.0
release notes</a> for details and resources.</em></p>
<h2>Changelogs</h2>
<!-- raw HTML omitted -->
<ul>
<li>Flow (<a
href="https://github.com/vaadin/flow/releases/tag/25.1.3">25.1.3</a>)
and Hilla (<a
href="https://github.com/vaadin/hilla/releases/tag/25.1.2">25.1.2</a>)</li>
<li>Design System
<ul>
<li>Web Components (<a
href="https://github.com/vaadin/web-components/releases/tag/v25.1.1">25.1.1</a>)</li>
<li>Flow Components (<a
href="https://github.com/vaadin/flow-components/releases/tag/25.1.3">25.1.3</a>)</li>
</ul>
</li>
<li>TestBench (<a
href="https://github.com/vaadin/testbench/releases/tag/10.1.1">10.1.1</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/vaadin/platform/commit/b4151e84b5c54bb9ab74781ff47b55575d685a56"><code>b4151e8</code></a>
update copilot to 25.1.3 (<a
href="https://redirect.github.com/vaadin/platform/issues/8844">#8844</a>)</li>
<li><a
href="https://github.com/vaadin/platform/commit/b66b7f8bd05955e7d2a89c280f67302b850d2e71"><code>b66b7f8</code></a>
chore: upgrade cdi plugin to 16.0.1 (<a
href="https://redirect.github.com/vaadin/platform/issues/8838">#8838</a>)
(<a
href="https://redirect.github.com/vaadin/platform/issues/8842">#8842</a>)</li>
<li><a
href="https://github.com/vaadin/platform/commit/88ddcd89410a62226668200d19ac8be5a1bb507d"><code>88ddcd8</code></a>
update hilla to 25.1.3 (<a
href="https://redirect.github.com/vaadin/platform/issues/8827">#8827</a>)</li>
<li><a
href="https://github.com/vaadin/platform/commit/82e3c0c4d41639b389efe63543ce5e30d4710f8b"><code>82e3c0c</code></a>
Update flow to 25.1.4 (<a
href="https://redirect.github.com/vaadin/platform/issues/8823">#8823</a>)</li>
<li><a
href="https://github.com/vaadin/platform/commit/803dc04f74f8d44a23c0ec29c2544c186b49b90b"><code>803dc04</code></a>
chore: update versions.json in 25.1 with latest WC (<a
href="https://redirect.github.com/vaadin/platform/issues/8811">#8811</a>)</li>
<li><a
href="https://github.com/vaadin/platform/commit/7476c9f0789ed3ff0e2a7732362552255be1ee10"><code>7476c9f</code></a>
chore: upgrade springboot to 4.0.6 (<a
href="https://redirect.github.com/vaadin/platform/issues/8805">#8805</a>)
(<a
href="https://redirect.github.com/vaadin/platform/issues/8806">#8806</a>)</li>
<li><a
href="https://github.com/vaadin/platform/commit/6fa87785afd521a817d98783e6e477357986fb42"><code>6fa8778</code></a>
chore: testbench 10.1.1 (25.1) (<a
href="https://redirect.github.com/vaadin/platform/issues/8778">#8778</a>)</li>
<li><a
href="https://github.com/vaadin/platform/commit/32089a7789ecebc57f2144b680ac847cf6e8eca3"><code>32089a7</code></a>
Update flow to 25.1.3 (<a
href="https://redirect.github.com/vaadin/platform/issues/8776">#8776</a>)</li>
<li><a
href="https://github.com/vaadin/platform/commit/4952a7a3d544c56275f986031c5ec52e79d310f4"><code>4952a7a</code></a>
chore: fix wrong version number and link in maintenance release
note</li>
<li><a
href="https://github.com/vaadin/platform/commit/a61b52078a0be351ff52f4449c10d8a8d1265c20"><code>a61b520</code></a>
update copilot to 25.1.2 (<a
href="https://redirect.github.com/vaadin/platform/issues/8775">#8775</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/vaadin/platform/compare/25.1.1...25.1.4">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.flywaydb.flyway` from 12.3.0 to 12.5.0

Updates `gradle-wrapper` from 9.4.1 to 9.5.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gradle/gradle/releases">gradle-wrapper's
releases</a>.</em></p>
<blockquote>
<h2>9.5.0</h2>
<p>The Gradle team is excited to announce Gradle 9.5.0.</p>
<p>Here are the highlights of this release:</p>
<ul>
<li>Task provenance in reports and failure messages</li>
<li>Type-safe accessors for precompiled Kotlin Settings plugins</li>
</ul>
<p><a href="https://docs.gradle.org/9.5.0/release-notes.html">Read the
Release Notes</a></p>
<p>We would like to thank the following community members for their
contributions to this release of Gradle:
<a href="https://github.com/atm1020">atm1020</a>,
<a href="https://github.com/mataha">mataha</a>,
<a href="https://github.com/aSemy">Adam</a>,
<a href="https://github.com/kelemen">Attila Kelemen</a>,
<a href="https://github.com/britter">Benedikt Ritter</a>,
<a href="https://github.com/Vampire">Björn Kautler</a>,
<a href="https://github.com/budindepunk">Caro Silva Rode</a>,
<a href="https://github.com/chanani">CHANHAN</a>,
<a href="https://github.com/DmitryNez">Dmitry Nezavitin</a>,
<a href="https://github.com/Juneezee">Eng Zer Jun</a>,
<a href="https://github.com/KugelLibelle">KugelLibelle</a>,
<a href="https://github.com/vmadalin">Madalin Valceleanu</a>,
<a href="https://github.com/quijote">Markus Gaisbauer</a>,
<a href="https://github.com/koppor">Oliver Kopp</a>,
<a href="https://github.com/hfhbd">Philip Wedemann</a>,
<a href="https://github.com/ploober">ploober</a>,
<a href="https://github.com/rpalcolea">Roberto Perez Alcolea</a>,
<a href="https://github.com/R0h1tAnand">Rohit Anand</a>,
<a href="https://github.com/Suvrat1629">Suvrat Acharya</a>,
<a href="https://github.com/usv240">Ujwal Suresh Vanjare</a>,
<a href="https://github.com/urdak">Victor Merkulov</a></p>
<h2>Upgrade instructions</h2>
<p>Switch your build to use Gradle 9.5.0 by updating your wrapper:</p>
<pre><code>./gradlew wrapper --gradle-version=9.5.0 &amp;&amp; ./gradlew
wrapper
</code></pre>
<p>See the Gradle <a
href="https://docs.gradle.org/9.5.0/userguide/upgrading_version_9.html">9.x
upgrade guide</a> to learn about deprecations, breaking changes and
other considerations when upgrading.</p>
<p>For Java, Groovy, Kotlin and Android compatibility, see the <a
href="https://docs.gradle.org/9.5.0/userguide/compatibility.html">full
compatibility notes</a>.</p>
<h2>Reporting problems</h2>
<p>If you find a problem with this release, please file a bug on <a
href="https://github.com/gradle/gradle/issues">GitHub Issues</a>
adhering to our issue guidelines.
If you're not sure you're encountering a bug, please use the <a
href="https://discuss.gradle.org/c/help-discuss">forum</a>.</p>
<p>We hope you will build happiness with Gradle, and we look forward to
your feedback via <a href="https://twitter.com/gradle">Twitter</a> or on
<a href="https://github.com/gradle">GitHub</a>.</p>
<h2>9.5.0 RC4</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/gradle/gradle/commit/3fe117d68f3907790f3809f121aa36303a9151f8"><code>3fe117d</code></a>
Update jdks.yaml (<a
href="https://redirect.github.com/gradle/gradle/issues/37703">#37703</a>)</li>
<li><a
href="https://github.com/gradle/gradle/commit/33d145af6fbe7cf7c9d84646b6d7f32fea91d5e2"><code>33d145a</code></a>
Update jdks.yaml</li>
<li><a
href="https://github.com/gradle/gradle/commit/f7a05d1ed48442eb5da4d6e2b6593da55cdec1da"><code>f7a05d1</code></a>
Update Gradle wrapper to version 9.5.0-rc-4 (<a
href="https://redirect.github.com/gradle/gradle/issues/37654">#37654</a>)</li>
<li><a
href="https://github.com/gradle/gradle/commit/266facdcbcb0b4c60120cc118eaf0f652bfcdfe5"><code>266facd</code></a>
Update Gradle wrapper to version 9.5.0-rc-4</li>
<li><a
href="https://github.com/gradle/gradle/commit/0ad6dd8e143455707e444aa7e3d38327a3366513"><code>0ad6dd8</code></a>
Suppress OSC taskbar reset on plain/piped stdout (<a
href="https://redirect.github.com/gradle/gradle/issues/37646">#37646</a>)</li>
<li><a
href="https://github.com/gradle/gradle/commit/966025d5850d46c9158a2f25e4096222277ecf57"><code>966025d</code></a>
Suppress OSC taskbar reset on plain/piped stdout</li>
<li><a
href="https://github.com/gradle/gradle/commit/e7455734449e422accebf44cf7b31bf93e3a770c"><code>e745573</code></a>
Polish IP docs (<a
href="https://redirect.github.com/gradle/gradle/issues/37642">#37642</a>)</li>
<li><a
href="https://github.com/gradle/gradle/commit/d5cfd079acd2c8f1182edd6ec23dbab571132d0a"><code>d5cfd07</code></a>
Ensure BuildOperationQueue will progress without extra leases (<a
href="https://redirect.github.com/gradle/gradle/issues/37629">#37629</a>)</li>
<li><a
href="https://github.com/gradle/gradle/commit/acdf0c36fa13ba09a7ff5b51f79b9af4b1a097ee"><code>acdf0c3</code></a>
Ensure BuildOperationQueue will progress without extra leases</li>
<li><a
href="https://github.com/gradle/gradle/commit/f7d0e4f6f7896426a8b24091388e4c252b62faef"><code>f7d0e4f</code></a>
Rename anchor</li>
<li>Additional commits viewable in <a
href="https://github.com/gradle/gradle/compare/v9.4.1...v9.5.0">compare
view</a></li>
</ul>
</details>
<br />

<details>
<summary>Most Recent Ignore Conditions Applied to This Pull
Request</summary>

| Dependency Name | Ignore Conditions |
| --- | --- |
| com.vaadin | [>= 24.7.0.a, < 24.7.1] |
</details>


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can …
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@garydgregory garydgregory garydgregory requested changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@pdtx @garydgregory @Fancy