Skip to content

Bump the build-dependencies group with 5 updates #1754

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 18, 2025
Merged

Bump the build-dependencies group with 5 updates #1754

merged 1 commit into from
Nov 18, 2025
+5 −5

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 18, 2025

Bumps the build-dependencies group with 5 updates:

Package From To
net.bytebuddy:byte-buddy 1.18.0 1.18.1
org.springframework:spring-expression 6.2.12 7.0.0
com.puppycrawl.tools:checkstyle 12.1.1 12.1.2
org.apache.maven.plugins:maven-jar-plugin 3.4.2 3.5.0
com.gradle:common-custom-user-data-maven-extension 2.0.7 2.1.0

Updates net.bytebuddy:byte-buddy from 1.18.0 to 1.18.1

Release notes

Sourced from net.bytebuddy:byte-buddy's releases.

Byte Buddy 1.18.1

  • Fix generated module-info to include new package.
Changelog

Sourced from net.bytebuddy:byte-buddy's changelog.

12. November 2025: version 1.18.1

  • Fix generated module-info to include new package.
Commits
  • c02a715 [maven-release-plugin] prepare release byte-buddy-1.18.1
  • b2f5714 [release] Add missing package to module info.
  • 55029ee Update release notes and internal Byte Buddy.
  • e2f4e78 [maven-release-plugin] prepare for next development iteration
  • See full diff in compare view

Updates org.springframework:spring-expression from 6.2.12 to 7.0.0

Release notes

Sourced from org.springframework:spring-expression's releases.

v7.0.0

🍃 Please read the official release notes and upgrade guide

⭐ New Features

  • Make SessionHolder publicly accessible for external resource management #35799
  • RouterFunctions Builders do not support ServerResponse subtypes #35791
  • Configure Jackson CBOR codecs by default if present #35787
  • Rename maxAttempts to maxRetries in @Retryable and RetryPolicy #35772
  • Prevent Kotlin Serialization side effects #35761
  • Add default API version to the list of supported versions #35755
  • Improve user check in TransportHandlingSockJsService #35753
  • Update ApiVersionDeprecationHandler to provide access to handler #35750
  • Use dedicated classes for ApiVersionResolver implementations #35747
  • Provide AOT support for @Nested classes in a @ParameterizedClass #35744
  • AssertJ support for WebTestClient #35737
  • Reject attempt to use @MockitoSpyBean with a scoped proxy #35722
  • Provide a way to supply the client builder for an HttpServiceGroup #35707
  • Review HttpMessageConverters.Builder to improve readability of code using the API #35704
  • Configure custom Kotlin Serialization converter on HttpMessageConverters #35733

🐞 Bug Fixes

  • Missing support for UnprocessableContent in WebClientResponseException.create(HttpStatusCode, ..) methods #35802
  • Relax media type checks in HttpMessageConverters #35801
  • Fix HttpHeaders and WebSocketHttpHeaders interop issues #35792
  • @ConcurrencyLimit weird behavior when combined with @Async and @Transactional #35788
  • buildSrc:test failing on JDKs before JDK 25 #35777
  • Add jar validation and fix multi-release jar #35768
  • Upgrade to JUnit 6.0.1 and prevent AOT test scanning failure for JUnit 4 tests #35740
  • Fix port handling in HtmlUnitRequestBuilder #35709
  • RestTestClient.mutate() should not have side effects #35698

📔 Documentation

  • Document workaround for @PersistenceContext and @PersistenceUnit in test classes in AOT #31442

🔨 Dependency Upgrades

  • Upgrade to Jetty 12.1.4 #35805
  • Upgrade to Micrometer 1.16.0 #35811
  • Upgrade to Reactor 2025.0.0 #35779

❤️ Contributors

Thank you to all the contributors who worked on this release:

@​Sineaggi and @​UpStreamThomas

v7.0.0-RC3

... (truncated)

Commits
  • fe00848 Release v7.0.0
  • 333031e Merge branch '6.2.x'
  • ed444eb Next development version (v6.2.14-SNAPSHOT)
  • 888d0f9 Upgrade to Micrometer 1.16.0
  • 08798e0 Merge branch '6.2.x'
  • da31750 Upgrade to Micrometer 1.14.13
  • b853203 Upgrade to Reactor 2024.0.12
  • 89e0273 Fix UnprocessableContent support in WebClientResponseException
  • 8c4b30a Merge branch '6.2.x'
  • 2b04df0 Upgrade to Jetty 12.0.30
  • Additional commits viewable in compare view

Updates com.puppycrawl.tools:checkstyle from 12.1.1 to 12.1.2

Release notes

Sourced from com.puppycrawl.tools:checkstyle's releases.

checkstyle-12.1.2

Checkstyle 12.1.2 - https://checkstyle.org/releasenotes.html#Release_12.1.2

Bug fixes:

#18074 - JAR for 12.1.1 is missing org.slf4j package #8396 - Indent issue with multiline method call with array element

Commits
  • 5319e08 [maven-release-plugin] prepare release checkstyle-12.1.2
  • 2a2365c doc: release notes for 12.1.2
  • 64edf2a Issue #18074: Align slf4j version to the version reflections uses, and mark a...
  • bfd8fea Issue #17045: UI Flickering on Checkstyle.org – Panel Resizes Erratically on ...
  • ededac2 dependency: bump nl.jqno.equalsverifier:equalsverifier
  • 5aff117 Issue #18000: Add Smooth Scrolling to Anchor Links
  • 5dab627 Issue #18062: Remove broken link to Maven Snapshot repository in README
  • 263dc04 infra: Refactor Cirrus CI to use jdk21 #17851
  • 2b40d03 dependency: bump pmd.version from 7.17.0 to 7.18.0
  • 9cb3cc3 minor: reduce line-height for code blocks
  • Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-jar-plugin from 3.4.2 to 3.5.0

Release notes

Sourced from org.apache.maven.plugins:maven-jar-plugin's releases.

3.5.0

🚀 New features and improvements

🐛 Bug Fixes

👻 Maintenance

🔧 Build

📦 Dependency updates

Commits
  • 68d00f1 [maven-release-plugin] prepare release maven-jar-plugin-3.5.0
  • 357b9bf Update site descriptor to 2.0.0
  • 340249c Fix detecting java version for toolchains and JDK 1.8
  • 06a6245 chore: remove junit3 references
  • d302b2c Bump commons-io:commons-io from 2.20.0 to 2.21.0
  • 6081bdb Bump org.codehaus.plexus:plexus-archiver from 4.10.3 to 4.10.4
  • ef8ed4c Migrate component injection to JSR-330
  • 704a35c Ignore stderr when parsing javac version from toolchain (#471)
  • 0beb969 Use maven-plugin-testing-harness version 3.4.0
  • c2624c8 Bump org.apache.maven.plugin-tools:maven-plugin-annotations (#488)
  • Additional commits viewable in compare view

Updates com.gradle:common-custom-user-data-maven-extension from 2.0.7 to 2.1.0

Release notes

Sourced from com.gradle:common-custom-user-data-maven-extension's releases.

2.1.0

  • [NEW] Add support for evaluating one or more Groovy scripts in the Develocity storage directory
Commits
  • 0bb5838 [maven-release-plugin] prepare release v2.1.0
  • 4b1a27c Update changes.md
  • b9010d0 Merge pull request #329 from gradle/erichaagdev/groovy-scripts-m2-directory
  • 82281ec Switch Groovy script evaluation order
  • 7cdb3cc Clarify script locations in README
  • 2c511ae Add support for evaluating one or more Groovy scripts in the Develocity stora...
  • f02dbca Update to use version 2.0.7 of the Common Custom User Data Maven Extension
  • 88e0f41 Prepare for next round of development
  • 36edaf8 [maven-release-plugin] prepare for next development iteration
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the build-dependencies group with 5 updates
419d820 
Bumps the build-dependencies group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy) | `1.18.0` | `1.18.1` |
| [org.springframework:spring-expression](https://github.com/spring-projects/spring-framework) | `6.2.12` | `7.0.0` |
| [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) | `12.1.1` | `12.1.2` |
| [org.apache.maven.plugins:maven-jar-plugin](https://github.com/apache/maven-jar-plugin) | `3.4.2` | `3.5.0` |
| [com.gradle:common-custom-user-data-maven-extension](https://github.com/gradle/common-custom-user-data-maven-extension) | `2.0.7` | `2.1.0` |


Updates `net.bytebuddy:byte-buddy` from 1.18.0 to 1.18.1
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](raphw/byte-buddy@byte-buddy-1.18.0...byte-buddy-1.18.1)

Updates `org.springframework:spring-expression` from 6.2.12 to 7.0.0
- [Release notes](https://github.com/spring-projects/spring-framework/releases)
- [Commits](spring-projects/spring-framework@v6.2.12...v7.0.0)

Updates `com.puppycrawl.tools:checkstyle` from 12.1.1 to 12.1.2
- [Release notes](https://github.com/checkstyle/checkstyle/releases)
- [Commits](checkstyle/checkstyle@checkstyle-12.1.1...checkstyle-12.1.2)

Updates `org.apache.maven.plugins:maven-jar-plugin` from 3.4.2 to 3.5.0
- [Release notes](https://github.com/apache/maven-jar-plugin/releases)
- [Commits](apache/maven-jar-plugin@maven-jar-plugin-3.4.2...maven-jar-plugin-3.5.0)

Updates `com.gradle:common-custom-user-data-maven-extension` from 2.0.7 to 2.1.0
- [Release notes](https://github.com/gradle/common-custom-user-data-maven-extension/releases)
- [Commits](gradle/common-custom-user-data-maven-extension@v2.0.7...v2.1.0)

---
updated-dependencies:
- dependency-name: net.bytebuddy:byte-buddy
  dependency-version: 1.18.1
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: org.springframework:spring-expression
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: build-dependencies
- dependency-name: com.puppycrawl.tools:checkstyle
  dependency-version: 12.1.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: build-dependencies
- dependency-name: org.apache.maven.plugins:maven-jar-plugin
  dependency-version: 3.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
- dependency-name: com.gradle:common-custom-user-data-maven-extension
  dependency-version: 2.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: build-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Nov 18, 2025
@marko-bekhta marko-bekhta merged commit c8bc377 into main Nov 18, 2025
9 checks passed
@dependabot dependabot bot deleted the dependabot/maven/build-dependencies-9c08affa94 branch November 18, 2025 11:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@marko-bekhta marko-bekhta marko-bekhta approved these changes

Assignees

@marko-bekhta marko-bekhta

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@marko-bekhta