Bump the minor-java-dependencies group with 9 updates by dependabot[bot] · Pull Request #48 · jchambers/java-otp

dependabot · 2026-04-14T02:19:34Z

Bumps the minor-java-dependencies group with 9 updates:

Package	From	To
org.openjdk.jmh:jmh-core	`1.32`	`1.37`
org.openjdk.jmh:jmh-generator-annprocess	`1.32`	`1.37`
org.apache.maven.plugins:maven-surefire-plugin	`3.0.0-M5`	`3.5.5`
org.codehaus.mojo:build-helper-maven-plugin	`3.0.0`	`3.6.1`
org.apache.maven.plugins:maven-compiler-plugin	`3.8.1`	`3.15.0`
org.apache.maven.plugins:maven-assembly-plugin	`3.1.1`	`3.8.0`
org.apache.maven.plugins:maven-jar-plugin	`3.2.0`	`3.5.0`
org.sonatype.plugins:nexus-staging-maven-plugin	`1.6.13`	`1.7.0`
org.apache.maven.plugins:maven-gpg-plugin	`3.0.1`	`3.2.8`

Updates org.openjdk.jmh:jmh-core from 1.32 to 1.37

Commits

2effa2c JMH v1.37.
09c78d5 7903508: JMH: Remove the Unicode dot prefix from secondary results
843f641 7903510: JMH: Add core performance checking tests
8bc325b 7903511: JMH: Add score stability performance tests
6b09724 7903450: JMH: Improve -prof perfnorm accuracy with robust estimations
d88f901 7903504: JMH: Fix new Sonar warnings
47f651b 7903498: JMH: Reset worker interrupt status after iteration
482561a 7903492: JMH: Infrastructure code should yield occasionally for virtual execu...
9a97557 7903490: JMH: The interrupt to time-outing benchmark can be delivered to work...
bf8db38 7903487: JMH: Make sure JMH profilers work on all tested configurations
Additional commits viewable in compare view

Updates org.openjdk.jmh:jmh-generator-annprocess from 1.32 to 1.37

Commits

2effa2c JMH v1.37.
09c78d5 7903508: JMH: Remove the Unicode dot prefix from secondary results
843f641 7903510: JMH: Add core performance checking tests
8bc325b 7903511: JMH: Add score stability performance tests
6b09724 7903450: JMH: Improve -prof perfnorm accuracy with robust estimations
d88f901 7903504: JMH: Fix new Sonar warnings
47f651b 7903498: JMH: Reset worker interrupt status after iteration
482561a 7903492: JMH: Infrastructure code should yield occasionally for virtual execu...
9a97557 7903490: JMH: The interrupt to time-outing benchmark can be delivered to work...
bf8db38 7903487: JMH: Make sure JMH profilers work on all tested configurations
Additional commits viewable in compare view

Updates org.openjdk.jmh:jmh-generator-annprocess from 1.32 to 1.37

Commits

2effa2c JMH v1.37.
09c78d5 7903508: JMH: Remove the Unicode dot prefix from secondary results
843f641 7903510: JMH: Add core performance checking tests
8bc325b 7903511: JMH: Add score stability performance tests
6b09724 7903450: JMH: Improve -prof perfnorm accuracy with robust estimations
d88f901 7903504: JMH: Fix new Sonar warnings
47f651b 7903498: JMH: Reset worker interrupt status after iteration
482561a 7903492: JMH: Infrastructure code should yield occasionally for virtual execu...
9a97557 7903490: JMH: The interrupt to time-outing benchmark can be delivered to work...
bf8db38 7903487: JMH: Make sure JMH profilers work on all tested configurations
Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-surefire-plugin from 3.0.0-M5 to 3.5.5

Release notes

Sourced from org.apache.maven.plugins:maven-surefire-plugin's releases.

3.5.5

🚀 New features and improvements

Replace runing external process and parsing output with simple ProcessHandle if available (Java9+) (#3252) @olamy

Pass slf4j context to spawned thread (#3241) @scottrw93

[SUREFIRE-3239] - allow override of statistics file checksum (#3247) @XN137

Reduce log level for skipped tests result to info (#3232) @strangelookingnerd

🐛 Bug Fixes

Use PowerShell instead of WMIC for detecting zombie process on Windows (#3258) @jbliznak. Please note if you are using Windows with Java 8 and not PowerShell (you have options to: use Java 9+, install PowerShell or stay on Surefire 3.5.4)

Properly work with test failures caused during beforeAll phase (#3194) @Frawless

📝 Documentation updates

Clarify how late placeholder replacement (@{...}) deals with (#3208) @kwin

👻 Maintenance

Fix Jenkin badges in README (#3254) @slawekjaranowski

Use JUnit5 in failsafe ITs (#3251) @slawekjaranowski

Remove long-deprecated unused encoding property from VerifyMojo (#3198) @Tomlincoln

Add IT and deal with corner cases of handling beforeAll failures (#3200) @Frawless

Revert PR #3194 that handle beforeAll failures to follow proper contributing rules (#3211) @Frawless

🔧 Build

Missing many files in the GH Artifacts of CI ex-post. (#3219) @Tibor17

📦 Dependency updates

Bump org.xmlunit:xmlunit-core from 2.10.4 to 2.11.0 (#3209) @dependabot[bot]

Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness from 3.4.0 to 3.5.1 (#3260) @dependabot[bot]

Bump parent from 44 to 47 (#3253) @slawekjaranowski

Bump org.assertj:assertj-core from 3.16.1 to 3.27.7 in /surefire-its/src/test/resources/surefire-1733-testng (#3246) @dependabot[bot]

Bump org.assertj:assertj-core from 3.27.6 to 3.27.7 (#3245) @dependabot[bot]

Bump org.codehaus.mojo:animal-sniffer-maven-plugin from 1.26 to 1.27 (#3243) @dependabot[bot]

Bump org.htmlunit:htmlunit from 4.20.0 to 4.21.0 (#3236) @dependabot[bot]

Bump org.codehaus.plexus:plexus-java from 1.5.1 to 1.5.2 (#3235) @dependabot[bot]

Bump org.apache.logging.log4j:log4j-core from 2.17.1 to 2.25.3 in /surefire-its/src/test/resources/surefire-1659-stream-corruption (#3234) @dependabot[bot]

Bump org.htmlunit:htmlunit from 4.19.0 to 4.20.0 (#3228) @dependabot[bot]

Bump org.htmlunit:htmlunit from 4.18.0 to 4.19.0 (#3224) @dependabot[bot]

Bump org.apache.commons:commons-lang3 from 3.19.0 to 3.20.0 (#3223) @dependabot[bot]

Bump org.codehaus.plexus:plexus-interpolation from 1.28 to 1.29 (#3221) @dependabot[bot]

Bump org.codehaus.plexus:plexus-i18n from 1.0.0 to 1.1.0 (#3220) @dependabot[bot]

Bump commons-io:commons-io from 2.20.0 to 2.21.0 (#3217) @dependabot[bot]

Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness from 3.3.0 to 3.4.0 (#3214) @dependabot[bot]

Bump org.codehaus.plexus:plexus-java from 1.5.0 to 1.5.1 (#3218) @dependabot[bot]

Bump org.htmlunit:htmlunit from 4.16.0 to 4.18.0 (#3213) @dependabot[bot]

... (truncated)

Commits

968cb38 [maven-release-plugin] prepare release surefire-3.5.5
8e7dc41 Reapply "Replace runing external process and parsing output with simple Proce...
4ced57c Revert "Replace runing external process and parsing output with simple Proces…"
8496d9a Bump org.xmlunit:xmlunit-core from 2.10.4 to 2.11.0 (#3209)
68265e5 Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness (#3260)
0b19014 Replace runing external process and parsing output with simple ProcessHandle ...
688f8c4 Use PowerShell instead of WMIC for detecting zombie process on Windows (#3258)
e5c01a6 Build only by the latest Maven on Jenkins (#3255)
9c99e97 Fix Jenkin badges in README (#3254)
20930ea Bump parent from 44 to 47 (#3253)
Additional commits viewable in compare view

Updates org.codehaus.mojo:build-helper-maven-plugin from 3.0.0 to 3.6.1

Release notes

Sourced from org.codehaus.mojo:build-helper-maven-plugin's releases.

3.6.1

📝 Documentation updates

Rename Goals to Plugin Documentation in the site menu (#229) @slawekjaranowski

update the documentation for adding more resource directories (#213) @mjj042

👻 Maintenance

Use common release-drafter configuration (#230) @slawekjaranowski

📦 Dependency updates

Bump org.codehaus.mojo:mojo-parent from 87 to 91 (#228) @dependabot[bot]

Bump org.apache.maven.shared:file-management from 3.1.0 to 3.2.0 (#222) @dependabot[bot]

Bump org.codehaus.mojo:mojo-parent from 86 to 87 (#221) @dependabot[bot]

Bump org.codehaus.mojo:mojo-parent from 85 to 86 (#219) @dependabot[bot]

Bump org.codehaus.plexus:plexus-utils from 4.0.1 to 4.0.2 (#220) @dependabot[bot]

Bump org.codehaus.mojo:mojo-parent from 84 to 85 (#217) @dependabot[bot]

Bump org.codehaus.mojo:mojo-parent from 82 to 84 (#214) @dependabot[bot]

3.6.0

Changes

🚀 New features and improvements

Deprecate remove-project-artifact goal (#205) @slawekjaranowski

Parallel execution of uptodate-properties (#201) @mkarg

📦 Dependency updates

Bump org.codehaus.mojo:mojo-parent from 81 to 82 (#206) @dependabot

Bump org.codehaus.mojo:mojo-parent from 78 to 81 (#204) @dependabot

Bump org.codehaus.plexus:plexus-utils from 4.0.0 to 4.0.1 (#202) @dependabot

Bump apache/maven-gh-actions-shared from 3 to 4 (#200) @dependabot

Bump release-drafter/release-drafter from 5 to 6 (#195) @dependabot

Bump org.codehaus.mojo:mojo-parent from 77 to 78 (#193) @dependabot

👻 Maintenance

Delete link to remove-project-artifact as is deprecated (#210) @slawekjaranowski

Cleanups dependencies (#209) @slawekjaranowski

Remove public modifiers from JUnit 5 tests (#208) @slawekjaranowski

Delete example about remove-project-artifact as is deprecated (#207) @slawekjaranowski

Fix goal in usage add-test-resource example (#199) @mfussenegger

🔧 Build

Use shared action for release drafter (#203) @slawekjaranowski

... (truncated)

Commits

908df59 [maven-release-plugin] prepare release 3.6.1
faafd8f Use common release-drafter configuration
a91b402 Rename Goals to Plugin Documentation in the site menu
1e9136d Bump org.codehaus.mojo:mojo-parent from 87 to 91
8700ddc Bump org.apache.maven.shared:file-management from 3.1.0 to 3.2.0
ab2c635 Bump org.codehaus.mojo:mojo-parent from 86 to 87
611ce40 Typos.
02d2b8e Bump org.codehaus.mojo:mojo-parent from 85 to 86
d742e5c Update site.xml to Doxia 2
80b89b8 Bump org.codehaus.plexus:plexus-utils from 4.0.1 to 4.0.2
Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-compiler-plugin from 3.8.1 to 3.15.0

Release notes

Sourced from org.apache.maven.plugins:maven-compiler-plugin's releases.

3.15.0

🐛 Bug Fixes

Fix Java 25 compatibility during integration tests (#1020) @desruisseaux

[MCOMPILER-540] - useIncrementalCompilation=false may add generated sources to the sources list (#192) @mensinda

👻 Maintenance

Bump org.apache.maven.plugins:maven-plugins from 45 to 46 (#1015) @slachiewicz

Remove declaration of "plexus-snapshots" repository (#1010) @desruisseaux

Works only with Maven 4.0.0 rc4 (#996) @slachiewicz

Enable Java 25 and Maven 4 in CI (#975) @slachiewicz

📦 Dependency updates

Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness from 3.4.0 to 3.5.0 (#1016) @dependabot[bot]

Bump plexusCompilerVersion from 2.16.1 to 2.16.2 (#1021) @dependabot[bot]

Bump org.apache.maven.plugins:maven-plugins from 46 to 47 (#1019) @dependabot[bot]

Bump org.codehaus.plexus:plexus-java from 1.5.1 to 1.5.2 (#1008) @dependabot[bot]

Bump org.ow2.asm:asm from 9.9 to 9.9.1 (#1005) @dependabot[bot]

Bump mavenVersion from 3.9.11 to 3.9.12 (#1007) @dependabot[bot]

Bump maven-plugin-testing-harness to 3.4.0 (#1001) @slawekjaranowski

Bump plexusCompilerVersion from 2.16.0 to 2.16.1 (#999) @dependabot[bot]

Bump org.codehaus.plexus:plexus-java from 1.5.0 to 1.5.1 (#993) @dependabot[bot]

Bump plexusCompilerVersion from 2.15.0 to 2.16.0 (#992) @dependabot[bot]

Bump org.ow2.asm:asm from 9.8 to 9.9 (#981) @dependabot[bot]

3.14.1

🚀 New features and improvements

Improve DeltaList behavior for large projects (#335) @gsmet

Allow to not use --module-version for the Java compiler (#331) @pzygielo

🐛 Bug Fixes

Add generatedSourcesPath back to the maven project (#312) @mensinda

[MCOMPILER-538] - Do not add target/generated-sources/annotations to the source roots (#191) @mensinda

📦 Dependency updates

Enforce asm version used here, to not depend on brittle transitive (#964) @olamy

Bump mavenVersion from 3.9.10 to 3.9.11 (#952) @dependabot[bot]

Bump org.apache.maven.plugins:maven-plugins from 44 to 45 (#935) @dependabot[bot]

Bump mavenVersion from 3.9.9 to 3.9.10 (#336) @dependabot[bot]

Bump org.codehaus.plexus:plexus-java from 1.4.0 to 1.5.0 (#324) @dependabot[bot]

Bump org.apache.maven.plugins:maven-plugins from 43 to 44 (#316) @dependabot[bot]

3.14.0

... (truncated)

Commits

9290cb3 [maven-release-plugin] prepare release maven-compiler-plugin-3.15.0
3657d40 Bump org.apache.maven.plugin-testing:maven-plugin-testing-harness
7bbf805 Bump plexusCompilerVersion from 2.16.1 to 2.16.2
57fa938 Bump org.apache.maven.plugins:maven-plugins from 46 to 47
385e3f2 Fix Java 25 compatibility during integration tests (#1020)
6b34423 Bump org.apache.maven.plugins:maven-plugins from 45 to 46
aaeb9c6 [MCOMPILER-540] useIncrementalCompilation=false may add generated sources to ...
6e3db9d Bump org.codehaus.plexus:plexus-java from 1.5.1 to 1.5.2
0fe9b84 Remove declaration of "plexus-snapshots" repository (#1010)
35f6800 Bump org.ow2.asm:asm from 9.9 to 9.9.1
Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-assembly-plugin from 3.1.1 to 3.8.0

Release notes

Sourced from org.apache.maven.plugins:maven-assembly-plugin's releases.

3.8.0

🐛 Bug Fixes

[MASSEMBLY-1030] - Manifest entries from archive configuration are not added in final MANIFEST (#205) @olamy

[MASSEMBLY-1029] - Use minimal level for model validation (#204) @gnodet

📝 Documentation updates

[MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#215) @Bukama

👻 Maintenance

chore: migrate junit3/4 to junit5 (#1260) @sparsick

feat: enable prevent branch protection rules (#1252) @sebtiem

Enable Github Issues (#219) @Bukama

📦 Dependency updates

Bump Maven to 3.9.11. Prerequisite still 3.6.3 (#1270) @slachiewicz

Bump org.apache.commons:commons-lang3 from 3.19.0 to 3.20.0 (#1269) @dependabot[bot]

Bump org.codehaus.plexus:plexus-io from 3.5.2 to 3.6.0 (#1264) @dependabot[bot]

Bump org.codehaus.plexus:plexus-interpolation from 1.28 to 1.29 (#1266) @dependabot[bot]

Bump commons-io:commons-io from 2.20.0 to 2.21.0 (#1267) @dependabot[bot]

Bump org.codehaus.plexus:plexus-archiver from 4.10.3 to 4.10.4 (#1265) @dependabot[bot]

Bump org.apache.maven:maven-archiver from 3.6.4 to 3.6.5 (#1258) @dependabot[bot]

Bump com.github.luben:zstd-jni from 1.5.7-5 to 1.5.7-6 (#1259) @dependabot[bot]

Bump plexus-archiver to 4.10.3 (#1255) @slachiewicz

Bump m-invoker-p to 3.9.1 for Java 25 (#1256) @slachiewicz

Bump com.github.luben:zstd-jni from 1.5.7-4 to 1.5.7-5 (#1254) @dependabot[bot]

Bump org.apache.maven.plugins:maven-plugins from 44 to 45 (#1251) @dependabot[bot]

Bump org.apache.maven.plugins:maven-plugins from 42 to 44 (#216) @dependabot[bot]

Bump org.apache.commons:commons-compress from 1.27.1 to 1.28.0 (#1248) @dependabot[bot]

Bump org.apache.maven:maven-archiver from 3.6.3 to 3.6.4 (#1249) @dependabot[bot]

Bump org.codehaus.plexus:plexus-archiver from 4.10.0 to 4.10.1 (#1250) @dependabot[bot]

Bump commons-io:commons-io from 2.19.0 to 2.20.0 (#1247) @dependabot[bot]

Bump com.github.luben:zstd-jni from 1.5.7-3 to 1.5.7-4 (#1244) @dependabot[bot]

Bump commons-fileupload:commons-fileupload from 1.5 to 1.6.0 in /src/it/projects/bugs/massembly-580 (#1245) @dependabot[bot]

Bump com.github.luben:zstd-jni from 1.5.7-2 to 1.5.7-3 (#225) @dependabot[bot]

Bump org.codehaus.plexus:plexus-archiver from 4.9.2 to 4.10.0 (#209) @dependabot[bot]

Bump org.apache.maven.shared:maven-common-artifact-filters from 3.3.2 to 3.4.0 (#207) @dependabot[bot]

Bump commons-io:commons-io from 2.16.1 to 2.19.0 (#224) @dependabot[bot]

Bump org.codehaus.plexus:plexus-interpolation from 1.27 to 1.28 (#223) @dependabot[bot]

Bump com.github.luben:zstd-jni from 1.5.6-3 to 1.5.7-2 (#222) @dependabot[bot]

Bump org.apache.maven:maven-archiver from 3.6.2 to 3.6.3 (#221) @dependabot[bot]

Bump org.apache.commons:commons-compress from 1.27.0 to 1.27.1 (#213) @dependabot[bot]

Bump org.apache.maven.shared:maven-filtering from 3.3.2 to 3.4.0 (#220) @dependabot[bot]

Bump org.codehaus.plexus:plexus-io from 3.4.2 to 3.5.1 (#214) @dependabot[bot]

Bump org.hamcrest:hamcrest from 2.2 to 3.0 (#212) @dependabot[bot]

Bump org.apache.commons:commons-compress from 1.26.1 to 1.27.0 (#211) @dependabot[bot]

... (truncated)

Commits

53dcfc0 Remove redundant escaping (#1277)
04cbbb3 some nits (#1279)
7c9e58a Plug ThreadLocal memory leak (#1276)
ceef4b0 commons-io version is now the same (#1274)
0a06350 Declare used dependencies (#1271)
31ac192 Remove commented code (#1273)
c5b8aff Document regex support in include/exclude patterns (#1243)
bd8cafc [maven-release-plugin] prepare for next development iteration
434b3aa [maven-release-plugin] prepare release maven-assembly-plugin-3.8.0
43666c3 Bump Maven to 3.9.11. Prerequisite still 3.6.3
Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-jar-plugin from 3.2.0 to 3.5.0

Release notes

Sourced from org.apache.maven.plugins:maven-jar-plugin's releases.

3.5.0

🚀 New features and improvements

Add new "attach" configuration parameter (3.x port of #482) (#483) @hgschmie

add Java-Version to MANIFEST.MF (#465) @hboutemy

🐛 Bug Fixes

Fix detecting java version for toolchains and JDK 1.8 (#500) @slawekjaranowski

Ignore stderr when parsing javac version from toolchain (#471) @jaredstehler

👻 Maintenance

Update site descriptor to 2.0.0 (#501) @slawekjaranowski

chore: remove junit3 references (#494) @slawekjaranowski

Migrate component injection to JSR-330 (#492) @slawekjaranowski

Add PR Automation to 3.x (#132) @slawekjaranowski

Improve release-drafter configuration (#128) @slawekjaranowski

Fix for Maven 4.0.0-rc-3 (#130) @slawekjaranowski

[MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#119) @Bukama

🔧 Build

Bump m-invoker-p to 3.9.1 for Java 25 (#480) @hboutemy

📦 Dependency updates

Bump commons-io:commons-io from 2.20.0 to 2.21.0 (#499) @dependabot[bot]

Bump org.codehaus.plexus:plexus-archiver from 4.10.3 to 4.10.4 (#498) @dependabot[bot]

Use maven-plugin-testing-harness version 3.4.0 (#491) @slawekjaranowski

Bump org.apache.maven.plugin-tools:maven-plugin-annotations from 3.15.1 to 3.15.2 (#488) @dependabot[bot]

Bump org.codehaus.plexus:plexus-archiver from 4.10.1 to 4.10.3 (#478) @dependabot[bot]

Bump org.codehaus.plexus:plexus-archiver from 4.10.0 to 4.10.1 (#464) @dependabot[bot]

Bump org.apache.maven.plugins:maven-plugins from 42 to 45 (#452) @dependabot[bot]

Bump org.apache.maven:maven-archiver from 3.6.2 to 3.6.4 (#461) @dependabot[bot]

Bump commons-io:commons-io from 2.19.0 to 2.20.0 (#457) @dependabot[bot]

Bump mavenVersion from 3.9.10 to 3.9.11 (#456) @dependabot[bot]

Bump mavenVersion from 3.9.9 to 3.9.10 (#146) @dependabot[bot]

Bump org.apache.maven.shared:file-management from 3.1.0 to 3.2.0 (#143) @dependabot[bot]

Bump mavenVersion from 3.6.3 to 3.9.9 (#107) @dependabot[bot]

Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#140) @dependabot[bot]

Bump commons-io:commons-io from 2.16.1 to 2.18.0 (#114) @dependabot[bot]

Bump org.codehaus.plexus:plexus-archiver from 4.9.2 to 4.10.0 (#109) @dependabot[bot]

3.4.2

🐛 Bug Fixes

... (truncated)

Commits

68d00f1 [maven-release-plugin] prepare release maven-jar-plugin-3.5.0
357b9bf Update site descriptor to 2.0.0
340249c Fix detecting java version for toolchains and JDK 1.8
06a6245 chore: remove junit3 references
d302b2c Bump commons-io:commons-io from 2.20.0 to 2.21.0
6081bdb Bump org.codehaus.plexus:plexus-archiver from 4.10.3 to 4.10.4
ef8ed4c Migrate component injection to JSR-330
704a35c Ignore stderr when parsing javac version from toolchain (#471)
0beb969 Use maven-plugin-testing-harness version 3.4.0
c2624c8 Bump org.apache.maven.plugin-tools:maven-plugin-annotations (#488)
Additional commits viewable in compare view

Updates org.sonatype.plugins:nexus-staging-maven-plugin from 1.6.13 to 1.7.0

Updates org.apache.maven.plugins:maven-gpg-plugin from 3.0.1 to 3.2.8

Release notes

Sourced from org.apache.maven.plugins:maven-gpg-plugin's releases.

3.2.8

🐛 Bug Fixes

Make empty classifier null (not empty string) (#287) @cstamas

📝 Documentation updates

[MNGSITE-529] - Rename "Goals" to "Plugin Documentation" (#129) @Bukama

Describe how to prime a specific GPG key (#128) @kwin

👻 Maintenance

Enable GitHub issues (#134) @Bukama

Prefer Guice constructor injection (#126) @elharo

📦 Dependency updates

Update parent POM to 45 (#284) @cstamas

Bump bouncycastleVersion from 1.78.1 to 1.80 (#127) @dependabot[bot]

Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#133) @dependabot[bot]

Bump org.apache.maven.plugins:maven-invoker-plugin from 3.8.0 to 3.9.0 (#125) @dependabot[bot]

Bump org.simplify4u.plugins:pgpverify-maven-plugin from 1.18.2 to 1.19.1 (#131) @dependabot[bot]

Bump commons-io:commons-io from 2.17.0 to 2.18.0 (#124) @dependabot[bot]

3.2.7

Fixes a lingering issue affecting whole 3.2.x lineage, that resulted in "bad passphrase" on Windows OS with GPG signer (see MGPG-136 for details).

What's Changed

[MGPG-136] Windows passphrase corruption by @cstamas in apache/maven-gpg-plugin#120

Bump com.kohlschutter.junixsocket:junixsocket-core from 2.10.0 to 2.10.1 by @dependabot in apache/maven-gpg-plugin#121

Bump commons-io:commons-io from 2.16.1 to 2.17.0 by @dependabot in apache/maven-gpg-plugin#119

Full Changelog: apache/maven-gpg-plugin@maven-gpg-plugin-3.2.6...maven-gpg-plugin-3.2.7

3.2.6

Release Notes - Maven GPG Plugin - Version 3.2.6

... (truncated)

Commits

8a46455 [maven-release-plugin] prepare release maven-gpg-plugin-3.2.8
7012821 Fix issueManagement, ciManagement system and url
a9a8c84 Make empty classifier null (not empty string) (#287)
a8368b0 Add .mvn
f0e45e0 Update parent POM to 45 (#284)
cb1236c Bump bouncycastleVersion from 1.78.1 to 1.80 (#127)
5377a10 Bump commons-io:commons-io from 2.18.0 to 2.19.0 (#133)
8b63932 Bump org.apache.maven.plugins:maven-invoker-plugin from 3.8.0 to 3.9.0 (#125)
54ea518 Bump org.simplify4u.plugins:pgpverify-maven-plugin from 1.18.2 to 1.19.1
a6a412d Remove old JIRA issue link
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the minor-java-dependencies group with 9 updates: | Package | From | To | | --- | --- | --- | | [org.openjdk.jmh:jmh-core](https://github.com/openjdk/jmh) | `1.32` | `1.37` | | [org.openjdk.jmh:jmh-generator-annprocess](https://github.com/openjdk/jmh) | `1.32` | `1.37` | | [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.0.0-M5` | `3.5.5` | | [org.codehaus.mojo:build-helper-maven-plugin](https://github.com/mojohaus/build-helper-maven-plugin) | `3.0.0` | `3.6.1` | | [org.apache.maven.plugins:maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) | `3.8.1` | `3.15.0` | | [org.apache.maven.plugins:maven-assembly-plugin](https://github.com/apache/maven-assembly-plugin) | `3.1.1` | `3.8.0` | | [org.apache.maven.plugins:maven-jar-plugin](https://github.com/apache/maven-jar-plugin) | `3.2.0` | `3.5.0` | | org.sonatype.plugins:nexus-staging-maven-plugin | `1.6.13` | `1.7.0` | | [org.apache.maven.plugins:maven-gpg-plugin](https://github.com/apache/maven-gpg-plugin) | `3.0.1` | `3.2.8` | Updates `org.openjdk.jmh:jmh-core` from 1.32 to 1.37 - [Commits](openjdk/jmh@1.32...1.37) Updates `org.openjdk.jmh:jmh-generator-annprocess` from 1.32 to 1.37 - [Commits](openjdk/jmh@1.32...1.37) Updates `org.openjdk.jmh:jmh-generator-annprocess` from 1.32 to 1.37 - [Commits](openjdk/jmh@1.32...1.37) Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.0.0-M5 to 3.5.5 - [Release notes](https://github.com/apache/maven-surefire/releases) - [Commits](apache/maven-surefire@surefire-3.0.0-M5...surefire-3.5.5) Updates `org.codehaus.mojo:build-helper-maven-plugin` from 3.0.0 to 3.6.1 - [Release notes](https://github.com/mojohaus/build-helper-maven-plugin/releases) - [Commits](mojohaus/build-helper-maven-plugin@build-helper-maven-plugin-3.0.0...3.6.1) Updates `org.apache.maven.plugins:maven-compiler-plugin` from 3.8.1 to 3.15.0 - [Release notes](https://github.com/apache/maven-compiler-plugin/releases) - [Commits](apache/maven-compiler-plugin@maven-compiler-plugin-3.8.1...maven-compiler-plugin-3.15.0) Updates `org.apache.maven.plugins:maven-assembly-plugin` from 3.1.1 to 3.8.0 - [Release notes](https://github.com/apache/maven-assembly-plugin/releases) - [Commits](apache/maven-assembly-plugin@maven-assembly-plugin-3.1.1...v3.8.0) Updates `org.apache.maven.plugins:maven-jar-plugin` from 3.2.0 to 3.5.0 - [Release notes](https://github.com/apache/maven-jar-plugin/releases) - [Commits](apache/maven-jar-plugin@maven-jar-plugin-3.2.0...maven-jar-plugin-3.5.0) Updates `org.sonatype.plugins:nexus-staging-maven-plugin` from 1.6.13 to 1.7.0 Updates `org.apache.maven.plugins:maven-gpg-plugin` from 3.0.1 to 3.2.8 - [Release notes](https://github.com/apache/maven-gpg-plugin/releases) - [Commits](apache/maven-gpg-plugin@maven-gpg-plugin-3.0.1...maven-gpg-plugin-3.2.8) --- updated-dependencies: - dependency-name: org.openjdk.jmh:jmh-core dependency-version: '1.37' dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-java-dependencies - dependency-name: org.openjdk.jmh:jmh-generator-annprocess dependency-version: '1.37' dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-java-dependencies - dependency-name: org.openjdk.jmh:jmh-generator-annprocess dependency-version: '1.37' dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-java-dependencies - dependency-name: org.apache.maven.plugins:maven-surefire-plugin dependency-version: 3.5.5 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-java-dependencies - dependency-name: org.codehaus.mojo:build-helper-maven-plugin dependency-version: 3.6.1 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-java-dependencies - dependency-name: org.apache.maven.plugins:maven-compiler-plugin dependency-version: 3.15.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-java-dependencies - dependency-name: org.apache.maven.plugins:maven-assembly-plugin dependency-version: 3.8.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-java-dependencies - dependency-name: org.apache.maven.plugins:maven-jar-plugin dependency-version: 3.5.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-java-dependencies - dependency-name: org.sonatype.plugins:nexus-staging-maven-plugin dependency-version: 1.7.0 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-java-dependencies - dependency-name: org.apache.maven.plugins:maven-gpg-plugin dependency-version: 3.2.8 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: minor-java-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Apr 14, 2026

jchambers merged commit 4c62935 into main Apr 14, 2026
8 checks passed

jchambers deleted the dependabot/maven/minor-java-dependencies-956f2d4a2a branch April 14, 2026 02:21

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the minor-java-dependencies group with 9 updates#48

Bump the minor-java-dependencies group with 9 updates#48
jchambers merged 1 commit intomainfrom
dependabot/maven/minor-java-dependencies-956f2d4a2a

dependabot Bot commented on behalf of github Apr 14, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github Apr 14, 2026

3.5.5

🚀 New features and improvements

🐛 Bug Fixes

📝 Documentation updates

👻 Maintenance

🔧 Build

📦 Dependency updates

3.6.1

📝 Documentation updates

👻 Maintenance

📦 Dependency updates

3.6.0

Changes

🚀 New features and improvements

📦 Dependency updates

👻 Maintenance

🔧 Build

3.15.0

🐛 Bug Fixes

👻 Maintenance

📦 Dependency updates

3.14.1

🚀 New features and improvements

🐛 Bug Fixes

📦 Dependency updates

3.14.0

3.8.0

🐛 Bug Fixes

📝 Documentation updates

👻 Maintenance

📦 Dependency updates

3.5.0

🚀 New features and improvements

🐛 Bug Fixes

👻 Maintenance

🔧 Build

📦 Dependency updates

3.4.2

🐛 Bug Fixes

3.2.8

🐛 Bug Fixes

📝 Documentation updates

👻 Maintenance

📦 Dependency updates

3.2.7

What's Changed

3.2.6

Release Notes - Maven GPG Plugin - Version 3.2.6

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant