Skip to content

chore(deps): bump the maven-plugins group with 5 updates#108

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/maven/maven-plugins-a7db372a88
Open

chore(deps): bump the maven-plugins group with 5 updates#108
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/maven/maven-plugins-a7db372a88

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 15, 2026

Copy link
Copy Markdown
Contributor

Bumps the maven-plugins group with 5 updates:

Package From To
com.puppycrawl.tools:checkstyle 13.4.0 13.5.0
org.apache.maven.plugins:maven-surefire-plugin 3.5.5 3.5.6
org.apache.maven.plugins:maven-enforcer-plugin 3.6.2 3.6.3
org.jacoco:jacoco-maven-plugin 0.8.14 0.8.15
com.github.spotbugs:spotbugs-maven-plugin 4.9.8.3 4.10.2.0

Updates com.puppycrawl.tools:checkstyle from 13.4.0 to 13.5.0

Release notes

Sourced from com.puppycrawl.tools:checkstyle's releases.

checkstyle-13.5.0

Checkstyle 13.5.0 - https://checkstyle.org/releasenotes.html#Release_13.5.0

New:

#19496 - AvoidStarImport: new property maxAllowedStarImports to allow atmost one star import in a file. #14782 - LITERAL_DEFAULT token support in RightCurlyCheck. #15484 - New Check UnusedTryResourceShouldBeUnnamed.

Bug fixes:

#17697 - Google style: Disallow comments enclosed in boxes. #19641 - Add checks for OpenJDK Style §3.10 - Variable Declarations. #19640 - Add checks for OpenJDK Style §4.1 - Package Names. #18227 - Extend TextBlockGoogleStyleFormatting to check indentation of each line in the blocks. #19770 - JavadocTypeCheck incorrectly matches record component @param tags using prefix instead of exact match. #17052 - Add support for flexible constructor bodies (JEP 513) targeted for JDK25. #17464 - RequireThis false positive inside annotation definition. #19623 - Add checks for OpenJDK Style §3.3 - Import statements. #17203 - PatternVariableAssignment check false negative when pattern variable extends beyond the statement of introduction. #19716 - False Negative: SimplifyBooleanExpression does not report with paranthesized boolean literals in ternary operators. #19617 - Add checks for OpenJDK Style §2 - Java Source Files. #17253 - Google-style: Illegal to break the line before or after the lambda arrow. #19149 - update MissingJavadocTypeCheck to use AST of javadoc. #2629 - IndentationCheck: incorrect validation for class definition. #5685 - Indentation: false positive for try child on the same line. #11822 - RequireThisCheck giving multiple violation for classes nested in lambdas. #19622 - Add checks for OpenJDK Style §3.2 - Package declaration.

... (truncated)

Commits
  • 110e63e [maven-release-plugin] prepare release checkstyle-13.5.0
  • 47d9268 doc: release notes for 13.5.0
  • 2ae101f Issue #19793: Anchor IndentationCheck regex in google_checks.xml SuppressWith...
  • fb3c9e9 Issue #19827: Complete removal of chapter numbers
  • e2b0411 Issue #18435: Fix xdocs Examples AST Consistency Test - nowhitespacebefore
  • 096df1d Issue #19764: Move violation comment out of Javadoc
  • 4d69a3f Issue #19993: Regexp check for unnecessary // ok comments is configured under...
  • 035297e dependency: bump org.pitest:pitest-maven from 1.25.2 to 1.25.3
  • 6b82789 supplemental: Fixes Overloaded Methods Order
  • d9306da Issue #18435: Fix xdocs Examples AST Consistency Test - linelength
  • Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-surefire-plugin from 3.5.5 to 3.5.6

Release notes

Sourced from org.apache.maven.plugins:maven-surefire-plugin's releases.

3.5.6

🚀 New features and improvements

  • Introduce reportTestTimestamp option and include timestamp for test sets and test cases (#3261) (#3302) @​olamy

🐛 Bug Fixes

👻 Maintenance

📦 Dependency updates

Commits
  • 25ea054 [maven-release-plugin] prepare release surefire-3.5.6
  • e5f374c Bump org.fusesource.jansi:jansi from 2.4.2 to 2.4.3
  • dadd55b Issue #2613 Debugging failsafe tests: Message 'Listening for transport dt_soc...
  • 39dd250 Bump commons-io:commons-io from 2.21.0 to 2.22.0
  • 2774273 Ensure that the statistics filename is calculated only once. (#3326) (#3327)
  • 0d5df8a 3.5.x/bug/cherry pick embedded mode its (#3328)
  • 04ad9a2 Use surefire 3.5.5 by project itself for testing
  • 37e8f69 Add flakes attribute to use in testsuite report (#3306) (#3308)
  • a970fef Introduce reportTestTimestamp option and include timestamp for test sets and ...
  • e838393 deploy 3.5.x branch to nexus
  • Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-enforcer-plugin from 3.6.2 to 3.6.3

Release notes

Sourced from org.apache.maven.plugins:maven-enforcer-plugin's releases.

3.6.3

🚀 New features and improvements

  • Make bannedDependencies report root and transitive dependency in case both are banned. (#940) @​hvoynov
  • Add enforceBytecodeVersion rule based on mojohaus (#968) @​cstamas
  • Improve formatting of deprecated API warning (#951) @​mthmulders

🐛 Bug Fixes

📝 Documentation updates

  • Document the banMavenDefaults option for the requirePluginVersions rule. (#936) @​rpkrajewski

👻 Maintenance

📦 Dependency updates

Commits
  • c7daff3 [maven-release-plugin] prepare release enforcer-3.6.3
  • ee46e78 Make bannedDependencies report root and transitive dependency in case both ar...
  • 0806924 Document the banMavenDefaults option for the requirePluginVersions rule. (#936)
  • 8e4f5b9 Add better enforceBytecodeVersion rule based on mojohaus (#968)
  • fd4b148 Add fix for 21.0.10.0.1 issue (#967)
  • f32d597 Deps: Parent POM 48 and align deps (#979)
  • df0f2a6 Bump commons-codec:commons-codec from 1.21.0 to 1.22.0 (#976)
  • 2da7a68 Add null checks for modelId in PluginWrapper
  • 91eb4d9 Bump commons-io:commons-io from 2.21.0 to 2.22.0 (#975)
  • b622245 Bump mavenVersion from 3.9.14 to 3.9.15 (#973)
  • Additional commits viewable in compare view

Updates org.jacoco:jacoco-maven-plugin from 0.8.14 to 0.8.15

Release notes

Sourced from org.jacoco:jacoco-maven-plugin's releases.

0.8.15

New Features

  • JaCoCo now officially supports Java 26 (GitHub #2076).
  • Experimental support for Java 27 class files (GitHub #2004).
  • Compatibility methods generated by Kotlin compiler for functions defined in interfaces are filtered out during generation of report (GitHub #1905).
  • Compatibility methods generated by Kotlin compiler for exposed boxed inline value classes (JvmExposeBoxed annotation) are filtered out during generation of report (GitHub #1944).
  • Methods generated by the Kotlin compiler for functions with JvmStatic annotation are filtered out during generation of report (GitHub #2097).
  • Improved filtering of bytecode generated by Kotlin compiler for when expressions and statements with kotlin.String subject where first branch condition contains string with largest hash (GitHub #2098).
  • Part of bytecode that javac versions from 24 to 26 generate for switch statements and expressions with selector expression of type java.lang.String inside lambdas is filtered out during generation of report (GitHub #2023).
  • Improved performance of Kotlin files analysis by parsing SMAPs only once per class (GitHub #2114).
  • For better performance agent output methods tcpclient and tcpserver use BufferedOutputStream to write execution data to socket. Maven plugin, Ant tasks, CLI, API usage examples, and ExecDumpClient API use BufferedInputStream to read execution data from socket. Third-party integrations should do the same to benefit from this change in agent (GitHub #2089).

Fixed bugs

  • Fixed processing of Kotlin SMAP in synthetic classes (GitHub #1985).
  • Multiple JaCoCo runtimes within one JVM writing to the same output file should not cause data corruption when running on JDK versions from 6 to 10 affected by JDK-8166253 (GitHub #2065, #2074).
  • For better performance agent writes to output file via BufferedOutputStream, this fixes regression introduced in version 0.6.2 (GitHub #2073).
  • Fixed NullPointerException when JaCoCo agent is loaded by non system class loader, for example when loaded by JBoss Modules (GitHub #1651).

Non-functional Changes

  • JaCoCo now depends on ASM 9.10.1 (GitHub #2134).
Commits
  • 6c5260a Prepare release v0.8.15
  • 5c05141 Transfer of execution data through socket should use buffered stream (#2089)
  • ab5efa9 Remove from Azure Pipelines all builds except with JDK 5 and JDK EA (#2148)
  • 5f6ea38 Use Windows 2025 image in GitHub Actions (#2130)
  • 35a8af2 Use Renovate instead of Dependabot for updates of ASM (#2137)
  • 85b8ddf Upgrade ASM to 9.10.1 (#2134)
  • 2988647 AgentModule should use ClassLoader of agent instead of SystemClassLoader (#1651)
  • 75a4e31 Add filter for Kotlin @JvmExposeBoxed (#1944)
  • 691fa1d Use Renovate instead of Dependabot for updates of GitHub Actions (#2132)
  • 3e18f17 Require at least JDK 21 for build (#2128)
  • Additional commits viewable in compare view

Updates com.github.spotbugs:spotbugs-maven-plugin from 4.9.8.3 to 4.10.2.0

Release notes

Sourced from com.github.spotbugs:spotbugs-maven-plugin's releases.

Spotbugs Maven Plugin 4.10.2.0

  • Support spotbugs 4.10.2

What's Changed

Full Changelog: spotbugs/spotbugs-maven-plugin@spotbugs-maven-plugin-4.9.8.5...spotbugs-maven-plugin-4.10.2.0

Spotbugs Maven Plugin 4.9.8.5

What's Changed

Full Changelog: spotbugs/spotbugs-maven-plugin@spotbugs-maven-plugin-4.9.8.4...spotbugs-maven-plugin-4.9.8.5

Spotbugs Maven Plugin 4.9.8.4

  • build support for maven 4 with maven 4 plugins
  • spotbugs extensions jars now moved to target/spotbugs instead of root
  • new spotbugs-aggregate mojo for multi module
  • support maven toolchains
  • block gui when environment is headless
  • all spotbug extensions as regular dependencies
  • learn to map spotbug extensions to their source project documentation
  • in auxiliary class path exclude java.* packages
  • improve code coverage

note: This release was done on older spotbugs (not the new 4.10.1) on purpose to keep these changes separate from that of spotbugs. The spotbugs 4.10.1 support release will be available in a day or two and users can otherwise override the core module as there are no changes to be done internally.

Commits
  • 2d39b75 [maven-release-plugin] prepare release spotbugs-maven-plugin-4.10.2.0
  • 6c300e6 [pom] Bump internal spotbugs to 4.9.8.5
  • 250d685 Merge pull request #1425 from spotbugs/renovate/spotbugs.version
  • 12f6fb3 Merge pull request #1429 from spotbugs/hazendaz-patch-1
  • aaf0a09 Update ci.yaml
  • 8b5dff4 Merge branch 'master' into renovate/spotbugs.version
  • c83698d Update pom.xml
  • b8788fd [maven-release-plugin] prepare for next development iteration
  • f758cb5 [maven-release-plugin] prepare release spotbugs-maven-plugin-4.9.8.5
  • cec6af5 Update pom.xml
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the maven-plugins group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [com.puppycrawl.tools:checkstyle](https://github.com/checkstyle/checkstyle) | `13.4.0` | `13.5.0` |
| [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.5.5` | `3.5.6` |
| [org.apache.maven.plugins:maven-enforcer-plugin](https://github.com/apache/maven-enforcer) | `3.6.2` | `3.6.3` |
| [org.jacoco:jacoco-maven-plugin](https://github.com/jacoco/jacoco) | `0.8.14` | `0.8.15` |
| [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) | `4.9.8.3` | `4.10.2.0` |


Updates `com.puppycrawl.tools:checkstyle` from 13.4.0 to 13.5.0
- [Release notes](https://github.com/checkstyle/checkstyle/releases)
- [Commits](checkstyle/checkstyle@checkstyle-13.4.0...checkstyle-13.5.0)

Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.5.5 to 3.5.6
- [Release notes](https://github.com/apache/maven-surefire/releases)
- [Commits](apache/maven-surefire@surefire-3.5.5...surefire-3.5.6)

Updates `org.apache.maven.plugins:maven-enforcer-plugin` from 3.6.2 to 3.6.3
- [Release notes](https://github.com/apache/maven-enforcer/releases)
- [Commits](apache/maven-enforcer@enforcer-3.6.2...enforcer-3.6.3)

Updates `org.jacoco:jacoco-maven-plugin` from 0.8.14 to 0.8.15
- [Release notes](https://github.com/jacoco/jacoco/releases)
- [Commits](jacoco/jacoco@v0.8.14...v0.8.15)

Updates `com.github.spotbugs:spotbugs-maven-plugin` from 4.9.8.3 to 4.10.2.0
- [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases)
- [Commits](spotbugs/spotbugs-maven-plugin@spotbugs-maven-plugin-4.9.8.3...spotbugs-maven-plugin-4.10.2.0)

---
updated-dependencies:
- dependency-name: com.puppycrawl.tools:checkstyle
  dependency-version: 13.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-plugins
- dependency-name: org.apache.maven.plugins:maven-surefire-plugin
  dependency-version: 3.5.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven-plugins
- dependency-name: org.apache.maven.plugins:maven-enforcer-plugin
  dependency-version: 3.6.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven-plugins
- dependency-name: org.jacoco:jacoco-maven-plugin
  dependency-version: 0.8.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven-plugins
- dependency-name: com.github.spotbugs:spotbugs-maven-plugin
  dependency-version: 4.10.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven-plugins
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Jun 15, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants