Bump org.docx4j:docx4j-core from 11.5.12 to 11.5.13

[dependabot]

Bumps org.docx4j:docx4j-core from 11.5.12 to 11.5.13.

Changelog

Sourced from org.docx4j:docx4j-core's changelog.

Version 11.5.13

Release date

13 May 2026

Contributors to this release

GaoSSR Jason Harrop matthiaso

Changes in Version 11.5.13

PDF via FO: improved handling of temp files created from embedded fonts for multi-threaded environments.
The only docx4j.openpackaging.parts.WordprocessingML.ObfuscatedFontPart property which now has any effect is tmpFontDir. Files are now not deleted until exit, unless you explicitly invoke FontTablePart's deleteEmbeddedFontTempFiles().

Misc fixes:

• Fields: respect uppercase date formatting switches for days and years (#671)
• Don't overwrite WordCompatSetting (#668)
• Reduce StAX warning noise (#673)

Bump deps:

• commons-codec:commons-codec ......................... 1.21.0 -> 1.22.0
• commons-io:commons-io ............................... 2.21.0 -> 2.22.0
• org.slf4j:slf4j-api ................................. 2.0.17 -> 2.0.18
• org.slf4j:jcl-over-slf4j ............................ 2.0.17 -> 2.0.18

Reference Impl

• org.glassfish.jaxb:jaxb-core .......................... 4.0.6 -> 4.0.8
• org.glassfish.jaxb:jaxb-runtime ....................... 4.0.6 -> 4.0.8

MOXy

• com.sun.xml.bind:jaxb-xjc ............................. 4.0.6 -> 4.0.8
• org.eclipse.persistence:org.eclipse.persistence.moxy .. 4.0.4 -> 4.0.9

Commits

• 9f14081 prepare for 11.5.13 release
• 51ce364 ignore this dir
• 9b735e7 bump deps
• 68d8d59 Action dependency-check-reports
• 5892f3e comment only
• f09aac5 Remove redundant property
• b085f69 New sample
• 8dce821 Tighten w:vAlign BIRT rule.
• 34ca0b4 Remove superfluous likely AI generated test
• ea45b2e Merge remote-tracking branch 'origin/VERSION_11_5_13' into VERSION_11_5_13
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)