Bump the dependencies group across 1 directory with 12 updates

[dependabot]

Bumps the dependencies group with 12 updates in the / directory:

Package	From	To
software.amazon.awssdk:secretsmanager	2.20.93	2.30.21
org.projectlombok:lombok	1.18.28	1.18.36
com.fasterxml.jackson.core:jackson-databind	2.15.2	2.18.2
com.github.spotbugs:spotbugs-annotations	4.7.3	4.9.1
org.apache.maven.plugins:maven-compiler-plugin	3.11.0	3.13.0
org.apache.maven.plugins:maven-source-plugin	3.3.0	3.3.1
org.apache.maven.plugins:maven-javadoc-plugin	3.5.0	3.11.2
org.apache.maven.plugins:maven-checkstyle-plugin	3.3.0	3.6.0
com.github.spotbugs:spotbugs-maven-plugin	4.7.3.5	4.9.1.0
org.jacoco:jacoco-maven-plugin	0.8.10	0.8.12
org.apache.maven.plugins:maven-gpg-plugin	3.1.0	3.2.7
org.sonatype.plugins:nexus-staging-maven-plugin	1.6.13	1.7.0

Updates software.amazon.awssdk:secretsmanager from 2.20.93 to 2.30.21

Updates org.projectlombok:lombok from 1.18.28 to 1.18.36

Changelog

Sourced from org.projectlombok:lombok's changelog.

v1.18.36 (November 15th, 2024)

• PLATFORM: JDK23 support added.
• BUGFIX: Eclipse projects using the com.pro-crafting.tools:jasperreports-maven-plugin will now compile.

v1.18.34 (June 28th, 2024)

• PLATFORM: Added support for Eclipse 2024-06; you'd get some NoSuchMethodError traces in your logs if using @Builder or @Singular prior to this fix. [Issue #3638](projectlombok/lombok#3638).
• IMPROBABLE BREAKING CHANGE: Lombok now adds @lombok.Generated by default to methods and types it generates. This may result in accidentally increasing your test coverage percentage. [Issue #3667](projectlombok/lombok#3667).
• IMPROBABLE BREAKING CHANGE: When lombok.config contains lombok.onX.flagUsage = WARNING, from now on warnings will actually be generated if onX is used.[Issue #2848](projectlombok/lombok#2848)
• BUGFIX: When @SuperBuilder was used on a type with an generic array type, it would error wrong number of type arguments. [Issue #3694](projectlombok/lombok#3694).
• FEATURE: Lombok generates javadoc for you for most of the methods it adds; with this release, javadoc is also added to generated constructors. [Issue #933](projectlombok/lombok#933).

v1.18.32 (March 20th, 2024)

• PLATFORM: Initial JDK22 support added.
• PLAFTORM Added support for Eclipse 2024-03. [Issue #3620](projectlombok/lombok#3620).
• PLATFORM: Added support for recent versions of eclipse (released Q4 2023 or later or so) which would cause failures in the eclipse logs such as java.lang.NoSuchMethodError: 'java.lang.StringBuffer org.eclipse.jdt…. [Issue #3564](projectlombok/lombok#3564).
• FEATURE: @Locked has been introduced. Like @Synchronized but with java.util.concurrent.locks locks instead of the synchronized primitive. Thanks, Pim van der Loos for the PR! [Issue #3506](projectlombok/lombok#3506).
• NECROMANCY: Inlining a generated getter in eclipse would result in eclipse incorrectly replacing calls with @Getter instead of the actual field's name. [Issue #562](projectlombok/lombok#562). This issue is almost old enough to drink. Points for dedication go to Rawi for fixing this one.
• BUGFIX: When @SuperBuilder was used on a type with an annotated generic type, it would error wrong number of type arguments. [Issue #3592](projectlombok/lombok#3592).
• BUGFIX: It was possible to create an infinite build loop using @ExtensionMethod. [Issue #3225](projectlombok/lombok#3225).
• BUGFIX: Using @Getter(lazy=true) would fail if the expression contained a variable called value. [Issue #2917](projectlombok/lombok#2917).
• BUGFIX: Many lombok features wouldn't work properly on records contained within an outer type unless you explicitly marked it static. [Issue #3497](projectlombok/lombok#3497) [Issue #3559](projectlombok/lombok#3559).
• BUGFIX: Eclipse projects using the com.pro-crafting.tools:jasperreports-plugin will now compile.
• BUGFIX: @FieldNameConstants now works when generated fields are involved. [Issue #3529](projectlombok/lombok#3529).
• IMPROBABLE BREAKING CHANGE: For JSpecify, the package name changed from org.jspecify.nullness to org.jspecify.annotations, which might lead to a different null analysis. [Issue #3608](projectlombok/lombok#3608).

v1.18.30 (September 20th, 2023)

• PLATFORM: Initial JDK21 support added. [Issue #3393](projectlombok/lombok#3393).
• BUGFIX: Any @Helper class directly in a method (and not nested more deeply) wouldn't work. [Issue #3370](projectlombok/lombok#3370).
• BUGFIX: If using the module system and lombok is on the runtime classpath (shouldn't be, but happens), you'd get a split package error: Package org.objectweb.asm in both module lombok and module org.objectweb.asm. [Issue #3474](projectlombok/lombok#3474).
• BUGFIX: Lombok wasn't properly copying the annotations it should be copying when generating methods in records. [Issue #3315](projectlombok/lombok#3315).
• BUGFIX: Delomboking anything with @lombok.Singular in it wouldn't remove that annotation. [Issue #1377](projectlombok/lombok#1377).
• BUGFIX: Calling extension methods such that automatic widening is applied (i.e. calling void ext(long arg) with an int) would fail at runtime. [Issue #3463](projectlombok/lombok#3463).
• BUGFIX: Extension methods can now be used in records. [Issue #3450](projectlombok/lombok#3450).
• BUGFIX: @Getter(lazy=true) with complicated initialization expressions would fail on javac. [Issue #3314](projectlombok/lombok#3314).
• BUGFIX: Using the maven surefire plugin with a module-info.java based project would fail with a SurefireBooterForkException. [Issue #3474](projectlombok/lombok#3474).

Commits

• 91d79ff [release] pre-release version bump
• e8db33a Merge pull request #3768 from tamila-krashtan/fix/with-html
• 0338705 Revert "[fixes #3116] Add multi round support for mapstruct":
• 9af596e Fix typo in With.html
• 3394b6e eclipse downloader: When downloading sources, accept failure.
• 03cd61a Merge branch 'eclipse-tests-fix'
• 7a9f3a8 Fix resource management in the eclipse downloader:
• 87bc91a Merge pull request #3764 from Rawi01/update-index
• d21d551 Close ZipOutputStream in eclipse dependency downloader
• 5caea32 [fixes #3761] Update annotation value index
• Additional commits viewable in compare view

Updates com.fasterxml.jackson.core:jackson-databind from 2.15.2 to 2.18.2

Commits

• See full diff in compare view

Updates com.github.spotbugs:spotbugs-annotations from 4.7.3 to 4.9.1

Release notes

Sourced from com.github.spotbugs:spotbugs-annotations's releases.

SpotBugs 4.9.1

CHANGELOG

Added

• New detector SharedVariableAtomicityDetector for new bug types AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE, AT_NONATOMIC_64BIT_PRIMITIVE and AT_STALE_THREAD_WRITE_OF_PRIMITIVE (See SEI CERT rules VNA00-J, VNA02-J and VNA05-J).
• New detector FindHiddenMethod for bug type HSM_HIDING_METHOD. This bug is reported whenever a subclass method hides the static method of super class. (See SEI CERT MET07-J).

Fixed

• Fixed the parsing of generics methods in ThrowingExceptions (#3267)
• Accept the 1st parameter of java.util.concurrent.CompletableFuture's completeOnTimeout(), getNow() and obtrudeValue() functions as nullable (#1001).
• Fixed the analysis error when FindReturnRef was checking instructions corresponding to a CFG branch that was optimized away (#3266)
• Added execute file permission to files in the distribution archive (#3274)
• Fixed a stack overflow in MultipleInstantiationsOfSingletons when a singleton initializer makes recursive calls (#3280)
• Fixed NPE in FindReturnRef on inner class fields (#3283)
• Fixed NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE false positive when add edu.umd.cs.findbugs.annotations.Nullable (#3243)

CHECKSUM

file	checksum (sha256)
spotbugs-4.9.1-javadoc.jar	23ac58ad28f3d0914f0f151ab98b1bc2572b0ea80f14e653086cc82dedb96269
spotbugs-4.9.1-sources.jar	8fe4015f36346bef7ba66b038faad9563f133ad64615e45c7132ef721da5d48f
spotbugs-4.9.1.tgz	4f992d7d204c1b23c031b4282c2e8638bafe91c50fc58324d9dbf71f556687b3
spotbugs-4.9.1.zip	f7ee284368d64d33f97e142f33e8251cddeacf366df20853fefa342be281f31a
spotbugs-annotations-4.9.1-javadoc.jar	6dcf2bd7634c56975d851a4edc5c273854b09857efc0ba5c52731fe0deb5b113
spotbugs-annotations-4.9.1-sources.jar	990ad9f3500499a99466b7c1e01284f4f41d1499358e7dc38c8defc59dab114c
spotbugs-annotations.jar	7ff76e691441580bc26589eaf1c3be18a8c01a593e32bcce257c44491c2a61cc
spotbugs-ant-4.9.1-javadoc.jar	f661c6055e7bc5667bbbfa596efca02f390ef3fe3744a46219da588125513eda
spotbugs-ant-4.9.1-sources.jar	591073402e4110093a380169acd3f33b26c2f893c2eaed5a6460d9be0b26014e
spotbugs-ant.jar	3a6f453696294d5314e648d4891d35e34315e11cb63c758a1601021cc0d803d1
spotbugs.jar	f983f79cdee9d567f05886006cd42ce7489d990fb7175bcc5792541a00057549
test-harness-4.9.1-javadoc.jar	d5ac152ea55383267dbe14460d41f36acd6dca7c76d0430b4a422c52f2f8ad2a
test-harness-4.9.1-sources.jar	22688f14ef808cde65cc46e86d41c617fc397fc4967516006a73ce8bad658b9f
test-harness-4.9.1.jar	9bf5bba9546e4f89032006261dd2921a79fc3044e473ee1fa73af870cb43da15
test-harness-core-4.9.1-javadoc.jar	09c0156df759dd15ad98527cdc5dd9faf0e920007a0c9841ad83224fe9f77b51
test-harness-core-4.9.1-sources.jar	13825de35190089490c7e290b52bafe6a9b08ab431177c0191dae9cf2a88a55d
test-harness-core-4.9.1.jar	3c74cc6d2d6f999d403f00f97685587e617d2bf1bfc348bbd0597e785c83feec
test-harness-jupiter-4.9.1-javadoc.jar	d62f86e4b2a2162a0c06b545bf52df2350a95a3917c692fb4ea6970aeaf5eb96
test-harness-jupiter-4.9.1-sources.jar	0aefbc5c8bd406e5dc0b1d59bc3afc6889c02010d486b22242f4f19a1a935800
test-harness-jupiter-4.9.1.jar	0e9509de32f8fbc94cf088dbee80394fa93807a766532568e652cd622ce737c8

SpotBugs 4.9.0

CHANGELOG

Added

• Updated the SuppressFBWarnings annotation to support finer grained bug suppressions (#3102)
• SimpleDateFormat, DateTimeFormatter, FastDateFormat string check for bad combinations of flag formatting (#637)
• New detector ResourceInMultipleThreadsDetector and introduced new bug type:
  • AT_UNSAFE_RESOURCE_ACCESS_IN_THREAD is reported in case of unsafe resource access in multiple threads.

Fixed

• Do not consider Records as Singletons (#2981)

... (truncated)

Changelog

Sourced from com.github.spotbugs:spotbugs-annotations's changelog.

4.9.1 - 2025-02-02

Added

• New detector SharedVariableAtomicityDetector for new bug types AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE, AT_NONATOMIC_64BIT_PRIMITIVE and AT_STALE_THREAD_WRITE_OF_PRIMITIVE (See SEI CERT rules VNA00-J, VNA02-J and VNA05-J).
• New detector FindHiddenMethod for bug type HSM_HIDING_METHOD. This bug is reported whenever a subclass method hides the static method of super class. (See SEI CERT MET07-J).

Fixed

• Fixed the parsing of generics methods in ThrowingExceptions (#3267)
• Accept the 1st parameter of java.util.concurrent.CompletableFuture's completeOnTimeout(), getNow() and obtrudeValue() functions as nullable (#1001).
• Fixed the analysis error when FindReturnRef was checking instructions corresponding to a CFG branch that was optimized away (#3266)
• Added execute file permission to files in the distribution archive (#3274)
• Fixed a stack overflow in MultipleInstantiationsOfSingletons when a singleton initializer makes recursive calls (#3280)
• Fixed NPE in FindReturnRef on inner class fields (#3283)
• Fixed NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE false positive when add edu.umd.cs.findbugs.annotations.Nullable (#3243)

4.9.0 - 2025-01-15

Added

• Updated the SuppressFBWarnings annotation to support finer grained bug suppressions (#3102)
• SimpleDateFormat, DateTimeFormatter, FastDateFormat string check for bad combinations of flag formatting (#637)
• New detector ResourceInMultipleThreadsDetector and introduced new bug type:
  • AT_UNSAFE_RESOURCE_ACCESS_IN_THREAD is reported in case of unsafe resource access in multiple threads.

Fixed

• Do not consider Records as Singletons (#2981)
• Keep a maximum of 10000 cached analysis entries for plugin's analysis engines (#3025)
• Only report MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT when calling own methods (#2957)
• Check the actual caught exceptions (instead of their common type) when analyzing multi-catch blocks (#2968)
• System property findbugs.refcomp.reportAll is now being used. For some new conditions, it will emit an experimental warning (#2988)
• -version flag prints the version to the standard output (#2797)
• Revert the changes from (#2894) to get HTML stylesheets to work again (#2969)
• Fix FP SING_SINGLETON_GETTER_NOT_SYNCHRONIZED report when the synchronization is in a called method (#3045)
• Let BetterCFGBuilder2.isPEI handle dup2 bytecode used by Spring AOT (#3059)
• Detect failure to close RocksDB's ReadOptions (#3069)
• Fix FP EI_EXPOSE_REP when there are multiple immutable assignments (#3023)
• Fixed false positive NP_NONNULL_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR for Kotlin, handle Kotlin's Intrinsics.checkNotNullParameter() (#3094)
• Fixed some CWE mappings (#3124)
• Recognize some classes as immutable, fixing EI_EXPOSE and MS_EXPOSE FPs (#3137)
• Do not report UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR for fields initialized in method annotated with TestNG's @​BeforeClass. (#3152)
• Fixed detector FindReturnRef not finding references exposed from nested and inner classes (#2042)
• Fix call graph, include non-parametric void methods (#3160)
• Fix multiple reporting of identical bugs messing up statistics (#3185)
• Added missing comma between line number and confidence when describing matching and mismatching bugs for tests (#3187)
• Fixed method matchers with array types (#3203)
• Fix SARIF report's message property in Exception to meet the standard (#3197)
• Fixed FI_FINALIZER_NULLS_FIELDS FPs for functions called finalize() but not with the correct signature. (#3207)
• Fixed an error in the detection of bridge methods causing analysis crashes (#3208)
• Fixed detector ThrowingExceptions by removing false positive reports, such as synthetic methods (lambdas), methods which inherited their exception specifications and methods which call throwing methods (#2040)
• Do not report DP_DO_INSIDE_DO_PRIVILEGED, DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED and USC_POTENTIAL_SECURITY_CHECK_BASED_ON_UNTRUSTED_SOURCE in code targeting Java 17 and above, since it advises the usage of deprecated method (#1515).
• Fixed a RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT false positive for a builder delegating to another builder (#3235)

Cleanup

... (truncated)

Commits

• b1bd255 release v4.9.1
• 7587254 Fix bad end of file markers / ignore equo gradle plugin migration for eclipse...
• c1094dd Update .gitignore adding .vscode
• b813eb4 Correct changelog for 4.9.1 release
• b686b86 Add new detector for atomicity related issues (#3224)
• a959257 Move spotbugs annotations to java 11 - it was already as it ignored the setti...
• a9f0806 New detector for MET07-J (#2467)
• 7cdc988 Fix deprecate space based equals in gradle files (#3293)
• 3321564 Fixed NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE false positive when add edu.umd....
• 823e400 change gha macos-latest to macos-13 (#3214)
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-compiler-plugin from 3.11.0 to 3.13.0

Release notes

Sourced from org.apache.maven.plugins:maven-compiler-plugin's releases.

3.13.0

🚀 New features and improvements

• [MCOMPILER-574] - Propagate cause of exception in AbstractCompilerMojo (#232) @​slawekjaranowski
• [MCOMPILER-582] - Automatic detection of release option for JDK < 9 (#228) @​slawekjaranowski
• [MCOMPILER-583] - Require Maven 3.6.3 (#229) @​slawekjaranowski
• [MCOMPILER-577] - Rename parameter "forceJavacCompilerUse" (#225) @​kwin
• [MCOMPILER-570] - Add links to javac documentation of JDK17 (#224) @​kwin
• [MCOMPILER-576] - Deprecate parameter "compilerVersion" (#223) @​kwin

📦 Dependency updates

• [MCOMPILER-575] - Bump plexusCompilerVersion from 2.14.2 to 2.15.0 (#227) @​dependabot
• Bump apache/maven-gh-actions-shared from 3 to 4 (#226) @​dependabot

📝 Documentation updates

• [MCOMPILER-548] - JDK 21 throws annotations processing warning that can not be turned off (#200) @​hgschmie

👻 Maintenance

• [MCOMPILER-584] - Refresh page - Using Non-Javac Compilers (#231) @​slawekjaranowski
• [MCOMPILER-585] - Refresh plugins versions in ITs (#230) @​slawekjaranowski
• subject verb agreement (#221) @​elharo

3.12.1

🐛 Bug Fixes

• [MCOMPILER-567] - Fail to compile if the generated-sources/annotation… (#218) @​jorsol

📦 Dependency updates

• [MCOMPILER-568] - Bump plexusCompilerVersion from 2.14.1 to 2.14.2 (#220) @​dependabot

3.12.0

🚀 New features and improvements

• [MCOMPILER-562] - Add property maven.compiler.outputDirectory to CompilerMojo (#213) @​jGauravGupta
• [MCOMPILER-381] - Refactor incremental detection (#181) @​jorsol
• [MCOMPILER-542] - Clean JDK patch version in module-info.class (#208) @​jorsol
• [MCOMPILER-558] - compileSourceRoots in testCompile should be writable (#209) @​lorenzsimon
• [MCOMPILER-559] - Warn if overwriting the project's artifact's file to a different value (#211) @​gnodet
• [MCOMPILER-550] - make outputDirectory writable (#202) @​bmarwell
• [MCOMPILER-549] - Improve log message in case of recompilation - fix jenkins build (#203) @​slawekjaranowski
• [MCOMPILER-549] - Improve log message in case of recompilation (#201) @​BrowneMonke
• [MCOMPILER-391] - Use dep mgmt when resolving annotation processors and their deps (#180) @​psiroky
• [MCOMPILER-531] - Prepare for Java 20(-ea) (#184) @​slachiewicz

... (truncated)

Commits

• a1415aa [maven-release-plugin] prepare release maven-compiler-plugin-3.13.0
• b2b9196 [MCOMPILER-574] Propagate cause of exception in AbstractCompilerMojo
• 6d2ce5a [MCOMPILER-584] Refresh page - Using Non-Javac Compilers
• eebad60 [MCOMPILER-585] Refresh plugins versions in ITs
• ceacf68 [MCOMPILER-582] Automatic detection of release option for JDK < 9
• 110293f [MCOMPILER-583] Require Maven 3.6.3
• 90131df [MCOMPILER-575] Bump plexusCompilerVersion from 2.14.2 to 2.15.0 (#227)
• 74cfc72 [MCOMPILER-548] JDK 21 throws annotations processing warning that can not be ...
• f85aa27 Bump apache/maven-gh-actions-shared from 3 to 4
• d59ef49 extract Maven 3.3.1 specific method call
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-source-plugin from 3.3.0 to 3.3.1

Commits

• f80596e [maven-release-plugin] prepare release maven-source-plugin-3.3.1
• 7626998 Bump apache/maven-gh-actions-shared from 3 to 4
• 83c963c Bump org.apache.maven.plugins:maven-plugins from 39 to 41 (#18)
• 40ae495 Bump org.codehaus.plexus:plexus-archiver from 4.8.0 to 4.9.1 (#20)
• 073462b Bump org.apache.maven:maven-archiver from 3.6.0 to 3.6.1 (#21)
• 0b1c823 Fix typos in AbstractSourceJarMojo exception
• 099c65a [MSOURCES-142] Bump org.codehaus.plexus:plexus-archiver from 4.7.1 to 4.8.0 (...
• 1edeea4 [MSOURCES-139] Fix typo in AbstractSourceJarMojo exception
• 436966e [maven-release-plugin] prepare for next development iteration
• See full diff in compare view

Updates org.apache.maven.plugins:maven-javadoc-plugin from 3.5.0 to 3.11.2

Release notes

Sourced from org.apache.maven.plugins:maven-javadoc-plugin's releases.

3.11.2

🚀 New features and improvements

• [MJAVADOC-823] - legacyMode keeps using module-info.java (-sourcedirectory still use as well as java files input) (#343) @​olamy
• [MJAVADOC-814] - handle parameters such packages with multi lines (#337) @​olamy
• [MJAVADOC-822] - skippedModules should be more scalable and support regex (#336) @​olamy

📦 Dependency updates

• Bump com.thoughtworks.qdox:qdox from 2.1.0 to 2.2.0 (#344) @​dependabot
• Bump commons-io:commons-io from 2.17.0 to 2.18.0 (#342) @​dependabot
• Bump org.codehaus.mojo:l10n-maven-plugin from 1.0.0 to 1.1.0 (#335) @​dependabot

👻 Maintenance

• refactor: Replace Plexus AbstractLogEnabled with SLF4J (#338) @​timtebeek

maven-javadoc-plugin-3.11.1

What's Changed

• [MJAVADOC-821] Align toolchain discovery code with Maven Compiler Plugin by @​michael-o in apache/maven-javadoc-plugin#334

Full Changelog: apache/maven-javadoc-plugin@maven-javadoc-plugin-3.11.0...maven-javadoc-plugin-3.11.1

maven-javadoc-plugin-3.10.1

What's Changed

• [MJAVADOC-810] [REGRESSION] MJAVADOC-791 causes forked Maven execution fail if any toolchains or settings file isn't present by @​cstamas in apache/maven-javadoc-plugin#313
• Bump org.apache.commons:commons-lang3 from 3.16.0 to 3.17.0 by @​dependabot in apache/maven-javadoc-plugin#314
• Bump org.codehaus.plexus:plexus-io from 3.5.0 to 3.5.1 by @​dependabot in apache/maven-javadoc-plugin#315
• Bump commons-io:commons-io from 2.16.1 to 2.17.0 by @​dependabot in apache/maven-javadoc-plugin#319
• [MJAVADOC-812] [REGRESSION] maven-javadoc-plugin 3.10.0 creates empty… by @​michael-o in apache/maven-javadoc-plugin#320

Full Changelog: apache/maven-javadoc-plugin@maven-javadoc-plugin-3.10.0...maven-javadoc-plugin-3.10.1

maven-javadoc-plugin-3.10.0

❗ NOTICE

Due to Doxia 2.x stack maven-site-plugin 3.20+ is requred.

What's Changed

• Add test for custom FixJavadocMojo#defaultVersion by @​Marcono1234 in apache/maven-javadoc-plugin#305
• Bump org.apache.commons:commons-lang3 from 3.14.0 to 3.15.0 by @​dependabot in apache/maven-javadoc-plugin#304
• Improve URL handling by @​michael-o in apache/maven-javadoc-plugin#310
• Bump org.apache.commons:commons-lang3 from 3.15.0 to 3.16.0 by @​dependabot in apache/maven-javadoc-plugin#307
• Bump org.hamcrest:hamcrest-core from 2.2 to 3.0 by @​dependabot in apache/maven-javadoc-plugin#306
• Improve ITs by @​michael-o in apache/maven-javadoc-plugin#311
• Bump org.apache.maven.plugins:maven-plugins from 42 to 43 by @​dependabot in apache/maven-javadoc-plugin#294
• [MJAVADOC-809] Align Mojo class names by @​michael-o in apache/maven-javadoc-plugin#312

... (truncated)

Commits

• 44cbab7 [maven-release-plugin] prepare release maven-javadoc-plugin-3.11.2
• 3de45d8 use github for scm
• 45ccf06 Bump com.thoughtworks.qdox:qdox from 2.1.0 to 2.2.0
• 530fa01 [MJAVADOC-823] legacyMode keeps using module-info.java (-sourcedirectory stil...
• 3a16d92 Bump commons-io:commons-io from 2.17.0 to 2.18.0
• 69c1ba7 Migrate from Plexus to Sisu Guice (#341)
• 39857ea Remove usages of deprecated ReaderFactory class (#339)
• 314203a [MJAVADOC-814] handle parameters such packages with multi lines (#337)
• 3bb982d refactor: Replace Plexus AbstractLogEnabled with SLF4J (#338)
• 76826c8 [MJAVADOC-822] skippedModules should be more scalable and support regex (#336)
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-checkstyle-plugin from 3.3.0 to 3.6.0

Commits

• dd1abd9 [maven-release-plugin] prepare release maven-checkstyle-plugin-3.6.0
• 9ccb06e fix
• 6ac89b8 [MCHECKSTYLE-452] Upgrade to Doxia 2.0.0 GA Stack
• ff1a1b7 Bump org.apache.commons:commons-lang3 from 3.16.0 to 3.17.0
• 13e16c5 Remove unecessary test dependency on plexus-container-default
• a7c962a [maven-release-plugin] prepare for next development iteration
• 868abc9 [maven-release-plugin] prepare release maven-checkstyle-plugin-3.5.0
• 9043f8a [MCHECKSTYLE-446] Dynamically calculate xrefLocation/xrefTestLocation
• 0e7bd00 [MCHECKSTYLE-445] Upgrade to Doxia 2.0.0 Milestone Stack
• b92666d Bump org.apache.maven.plugins:maven-plugins from 42 to 43
• Additional commits viewable in compare view

Updates com.github.spotbugs:spotbugs-maven-plugin from 4.7.3.5 to 4.9.1.0

Release notes

Sourced from com.github.spotbugs:spotbugs-maven-plugin's releases.

Spotbugs Maven Plugin 4.9.1.0

• Supports spotbugs 4.9.1

build

• Move plugin configuration from reporting section to plugin management

Spotbugs Maven Plugin 4.9.0.0

Project

• Requires java 11 now
• Support spotbugs 4.9.0
• Update plugins / dependencies
• cleanup some output logging that occurs during usage
• Use more concrete object definitions instead of 'def'
• Use Path.of instead of Paths.get
• Update javadoc that default character encoding is utf-8 not the system default. This has not been true in a very long time.

Build 33

• Add information on how to override with newer spotbugs as its rare that the maven plugin has any specific changes related to the spotbugs core updates.
• github action updates
• restructure entire pom to make use of dependency management to make it more clear we ware overriding libraries rather than using then and check dependency analyzer to see its decreasing invalid setup. This is intended to help when moving to doxia 2 which is still in progress.
• Use more dependency management setup
• reduce spotbugs variables so that renovate updates in fact update fully
• override any plugins from parent that now require doxia 2 back to their doxia 1 counterparts
• avoid transfer progress output throughout
• cleanup many warnings inside integration tests

note: Before this release, we had been forked off the original findbugs-maven-plugin. As that plugin points back here and give so many commits ahead, github was used to break the fork and retain all information otherwise which also updated all forks.

Spotbugs Maven Plugin 4.8.6.6

• Cleanup groovy code
• Cleanup character encoding
• Update deprecated maven calls
• Groovy moved to 4.0.24

Compatibility remains with 4.8.6 of spotbugs

Spotbugs Maven Plugin 4.8.6.5

• Moved most 'read' only maven injections to read data from maven session instead to overcome many deprecated usage. This puts it on their api and thus if things are internally deprecated, its then maven's issue rather than this plugin to figure out.
• remove obsolete script source roots as no longer support in maven 4 and technically I've never seen them used. Please let me know if this negatively affects you as there are other manually coded items like kotlin / groovy that are in the code there so scripts could be manually added back.
• Remove some of the read only attributes for maven injection that were not actually used.
• More def to object type
• Various lib / plugin updates
• Enable partial formatting (mostly removing trailing whitespace)

Compatibility remains with 4.8.6 of spotbugs

Spotbugs Maven Plugin 4.8.6.4

• Groovy set to 4.0.23
• Drop maven site plugin 3.6 and before support.

... (truncated)

Commits

• a94d831 [maven-release-plugin] prepare release spotbugs-maven-plugin-4.9.1.0
• fa361ca [pom] Formatting
• 5f9e363 [pom] Bump project to spotbugs 4.9.1.0-SNAPSHOT
• 557df81 Merge pull request #986 from spotbugs/renovate/spotbugs.version
• 334187e Update spotbugs.version to v4.9.1
• 0711f0b Merge pull request #997 from spotbugs/release/4.9.0
• 60cfbe0 [pom] Move reporting configuration to plugin management
• 95a8eea [maven-release-plugin] prepare for next development iteration
• bda340a [maven-release-plugin] prepare release spotbugs-maven-plugin-4.9.0.0
• c1dd4d9 Merge pull request #995 from spotbugs/renovate/beanutils.version
• Additional commits viewable in compare view

Updates org.jacoco:jacoco-maven-plugin from 0.8.10 to 0.8.12

Release notes

Sourced from org.jacoco:jacoco-maven-plugin's releases.

0.8.12

New Features

• JaCoCo now officially supports Java 22 (GitHub #1596).
• Experimental support for Java 23 class files (GitHub #1553).

Fixed bugs

• Branches added by the Kotlin compiler for functions with default arguments and having more than 32 parameters are filtered out during generation of report (GitHub #1556).
• Branch added by the Kotlin compiler version 1.5.0 and above for reading from lateinit property is filtered out during generation of report (GitHub #1568).

Non-functional Changes

• JaCoCo now depends on ASM 9.7 (GitHub #1600).

0.8.11

New Features

• JaCoCo now officially supports Java 21 (GitHub #1520).
• Experimental support for Java 22 class files (GitHub #1479).
• Part of bytecode generated by the Java compilers for exhaustive switch expressions is filtered out during generation of report (GitHub #1472).
• Part of bytecode generated by the Java compilers for record patterns is filtered out during generation of report (GitHub #1473).

Fixed bugs

• Instrumentation should not cause VerifyError when the last local variable of method parameters is overridden in the method body to store a value of type long or double (GitHub #893).
• Restore exec file compatibility with versions from 0.7.5 to 0.8.8 in case of class files with zero line numbers (GitHub #1492).

Non-functional Changes

• jacoco-maven-plugin now requires at least Java 8 (GitHub #1466, #1468).
• JaCoCo build now requires at least Maven 3.5.4 (GitHub #1467).
• Maven 3.9.2 should not produce warnings for jacoco-maven-plugin (GitHub #1468).
• JaCoCo build now requires JDK 17 (GitHub #1482).
• JaCoCo now depends on ASM 9.6 (GitHub #1518).

Commits

• dbfb6f2 Prepare release 0.8.12
• a50585b Upgrade maven-plugin-plugin to 3.6.4 (#1604)
• fd63cc5 Configure labels that Dependabot assigns to PRs (#1603)
• 03a5333 Add configuration for Dependabot to simplify updates of ASM (#1601)
• 40ff9fb Upgrade ASM to 9.7 (#1600)
• 9077178 Happy birthday Java 22! (#1596)
• 7edd1b5 Bump actions/setup-java from 4.1.0 to 4.2.1 (#1594)
• e50b547 Upgrade ECJ to 3.37.0 (#1590)