{"id":20127,"name":"org.apache.xmlbeans:xmlbeans","ecosystem":"maven","repository_url":"https://svn.apache.org/repos/asf/xmlbeans/","issues_count":7,"created_at":"2025-06-07T01:59:49.154Z","updated_at":"2025-06-07T01:59:49.154Z","purl":"pkg:maven/org.apache.xmlbeans:xmlbeans","metadata":{"id":4906023,"name":"org.apache.xmlbeans:xmlbeans","ecosystem":"maven","description":"XmlBeans main jar","homepage":"https://xmlbeans.apache.org/","licenses":"The Apache Software License, Version 2.0","normalized_licenses":["Apache-2.0"],"repository_url":"https://svn.apache.org/repos/asf/xmlbeans/","keywords_array":[],"namespace":"org.apache.xmlbeans","versions_count":15,"first_release_published_at":"2018-06-20T20:35:54.000Z","latest_release_published_at":"2024-12-04T08:44:08.000Z","latest_release_number":"5.3.0","last_synced_at":"2025-06-06T13:30:59.596Z","created_at":"2022-07-26T23:51:01.591Z","updated_at":"2025-06-06T13:30:59.596Z","registry_url":"https://central.sonatype.com/artifact/org.apache.xmlbeans/xmlbeans/","install_command":null,"documentation_url":"https://appdoc.app/artifact/org.apache.xmlbeans/xmlbeans/","metadata":{},"repo_metadata":{},"repo_metadata_updated_at":"2023-03-22T02:36:36.721Z","dependent_packages_count":633,"downloads":null,"downloads_period":null,"dependent_repos_count":8084,"rankings":{"downloads":null,"dependent_repos_count":0.09477438486815741,"dependent_packages_count":0.11781678288050011,"stargazers_count":null,"forks_count":null,"docker_downloads_count":0.08034784002564718,"average":0.09764633592476823},"purl":"pkg:maven/org.apache.xmlbeans/xmlbeans","advisories":[{"uuid":"MDE2OlNlY3VyaXR5QWR2aXNvcnlHSFNBLW13M3ItcGZtZy14cDky","url":"https://github.com/advisories/GHSA-mw3r-pfmg-xp92","title":"Improper Restriction of Recursive Entity References in Apache XMLBeans","description":"The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion attacks. Affects XMLBeans up to and including v2.6.0.","origin":"UNSPECIFIED","severity":"CRITICAL","published_at":"2021-06-16T17:37:11.000Z","withdrawn_at":null,"classification":"GENERAL","cvss_score":0.0,"cvss_vector":null,"references":["https://nvd.nist.gov/vuln/detail/CVE-2021-23926","https://issues.apache.org/jira/browse/XMLBEANS-517","https://lists.apache.org/thread.html/r2dc5588009dc9f0310b7382269f932cc96cae4c3901b747dda1a7fed@%3Cjava-dev.axis.apache.org%3E","https://lists.apache.org/thread.html/rbb01d10512098894cd5f22325588197532c64f1c818ea7e4120d40c1@%3Cjava-dev.axis.apache.org%3E","https://poi.apache.org/","https://security.netapp.com/advisory/ntap-20210513-0004/","https://lists.debian.org/debian-lts-announce/2021/06/msg00024.html","https://www.oracle.com/security-alerts/cpuoct2021.html","https://www.oracle.com/security-alerts/cpujul2022.html","https://github.com/advisories/GHSA-mw3r-pfmg-xp92"],"source_kind":"github","identifiers":["GHSA-mw3r-pfmg-xp92","CVE-2021-23926"],"repository_url":null,"blast_radius":0.0,"packages":[{"versions":[{"first_patched_version":"3.0.0","vulnerable_version_range":"\u003c 3.0.0"}],"ecosystem":"maven","package_name":"org.apache.xmlbeans:xmlbeans"}],"created_at":"2022-12-21T16:13:08.442Z","updated_at":"2025-05-13T01:13:41.744Z","epss_percentage":0.00322,"epss_percentile":0.54482}],"docker_usage_url":"https://docker.ecosyste.ms/usage/maven/org.apache.xmlbeans:xmlbeans","docker_dependents_count":3647,"docker_downloads_count":1406334115,"usage_url":"https://repos.ecosyste.ms/usage/maven/org.apache.xmlbeans:xmlbeans","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/maven/org.apache.xmlbeans:xmlbeans/dependencies","status":null,"funding_links":[],"critical":true,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages/org.apache.xmlbeans:xmlbeans/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages/org.apache.xmlbeans:xmlbeans/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages/org.apache.xmlbeans:xmlbeans/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages/org.apache.xmlbeans:xmlbeans/related_packages","maintainers":[],"registry":{"name":"repo1.maven.org","url":"https://repo.maven.apache.org/maven2","ecosystem":"maven","default":true,"packages_count":517936,"maintainers_count":0,"namespaces_count":68848,"keywords_count":32053,"github":"maven-central","metadata":{"funded_packages_count":25044},"icon_url":"https://github.com/maven-central.png","created_at":"2022-07-21T16:40:13.074Z","updated_at":"2025-06-07T05:38:09.526Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/repo1.maven.org/namespaces"}},"unique_repositories_count":7,"unique_repositories_count_past_30_days":1,"recent_issues":[{"uuid":"4620762590","node_id":"PR_kwDORpI3ds7kT5Y4","number":134,"state":"closed","title":"build(deps): bump the all-maven group across 1 directory with 115 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-06-14T02:02:27.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-09T09:33:49.000Z","updated_at":"2026-06-14T02:02:36.000Z","time_to_close":404918,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"all-maven","update_count":115,"packages":[{"name":"org.springframework.boot:spring-boot-starter-parent","old_version":"3.5.14","new_version":"4.0.6","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.ai:spring-ai-bom","old_version":"1.0.0","new_version":"1.1.7","repository_url":"https://github.com/spring-projects/spring-ai"},{"name":"com.squareup.okio:okio-jvm","old_version":"3.6.0","new_version":"3.17.0","repository_url":"https://github.com/square/okio"},{"name":"com.squareup.okio:okio","old_version":"3.4.0","new_version":"3.17.0","repository_url":"https://github.com/square/okio"},{"name":"org.springframework.cloud:spring-cloud-dependencies","old_version":"2025.0.2","new_version":"2025.1.1","repository_url":"https://github.com/spring-cloud/spring-cloud-release"},{"name":"io.opentelemetry.instrumentation:opentelemetry-instrumentation-annotations","old_version":"2.22.0","new_version":"2.28.1","repository_url":"https://github.com/open-telemetry/opentelemetry-java-instrumentation"},{"name":"org.apache.xmlbeans:xmlbeans","old_version":"5.1.1","new_version":"5.3.0"},{"name":"commons-io:commons-io","old_version":"2.19.0","new_version":"2.22.0"},{"name":"org.jsoup:jsoup","old_version":"1.18.1","new_version":"1.22.2","repository_url":"https://github.com/jhy/jsoup"},{"name":"org.jetbrains:annotations","old_version":"24.0.1","new_version":"26.1.0","repository_url":"https://github.com/JetBrains/java-annotations"},{"name":"org.apache.commons:commons-compress","old_version":"1.24.0","new_version":"1.28.0","repository_url":"https://github.com/apache/commons-compress"},{"name":"com.github.pagehelper:pagehelper","old_version":"5.3.3","new_version":"6.1.1","repository_url":"https://github.com/pagehelper/Mybatis-PageHelper"},{"name":"com.iwhaleai.byai:by-framework","old_version":"0.2.6","new_version":"0.2.8"},{"name":"com.fasterxml.woodstox:woodstox-core","old_version":"7.0.0","new_version":"7.2.1","repository_url":"https://github.com/FasterXML/woodstox"},{"name":"org.glassfish.hk2:hk2-api","old_version":"3.1.1","new_version":"4.0.1"},{"name":"org.eclipse.parsson:parsson","old_version":"1.1.7","new_version":"1.1.9","repository_url":"https://github.com/eclipse-ee4j/parsson"},{"name":"com.google.errorprone:error_prone_annotations","old_version":"2.36.0","new_version":"2.49.0"},{"name":"org.opengauss:opengauss-jdbc","old_version":"6.0.0","new_version":"6.0.3"},{"name":"com.alibaba:druid","old_version":"1.2.23","new_version":"1.2.28","repository_url":"https://github.com/alibaba/druid"},{"name":"com.mysql:mysql-connector-j","old_version":"8.4.0","new_version":"9.7.0","repository_url":"https://github.com/mysql/mysql-connector-j"},{"name":"org.mybatis:mybatis","old_version":"3.5.14","new_version":"3.5.19","repository_url":"https://github.com/mybatis/mybatis-3"},{"name":"org.mybatis:mybatis-spring","old_version":"3.0.3","new_version":"4.0.0","repository_url":"https://github.com/mybatis/spring"},{"name":"org.apache.commons:commons-lang3","old_version":"3.13.0","new_version":"3.20.0"},{"name":"org.apache.commons:commons-collections4","old_version":"4.4","new_version":"4.5.0"},{"name":"commons-codec:commons-codec","old_version":"1.16.0","new_version":"1.22.0","repository_url":"https://github.com/apache/commons-codec"},{"name":"jakarta.xml.bind:jakarta.xml.bind-api","old_version":"4.0.0","new_version":"4.0.5","repository_url":"https://github.com/jakartaee/jaxb-api"},{"name":"org.glassfish.jaxb:jaxb-runtime","old_version":"4.0.2","new_version":"4.0.9"},{"name":"jakarta.activation:jakarta.activation-api","old_version":"2.1.1","new_version":"2.1.4","repository_url":"https://github.com/jakartaee/jaf-api"},{"name":"io.github.resilience4j:resilience4j-spring-boot3","old_version":"2.0.2","new_version":"2.4.0"},{"name":"io.github.resilience4j:resilience4j-circuitbreaker","old_version":"2.0.2","new_version":"2.4.0"},{"name":"io.github.resilience4j:resilience4j-ratelimiter","old_version":"2.0.2","new_version":"2.4.0","repository_url":"https://github.com/resilience4j/resilience4j"},{"name":"io.github.resilience4j:resilience4j-retry","old_version":"2.0.2","new_version":"2.4.0","repository_url":"https://github.com/resilience4j/resilience4j"},{"name":"io.github.resilience4j:resilience4j-bulkhead","old_version":"2.0.2","new_version":"2.4.0"},{"name":"io.github.resilience4j:resilience4j-timelimiter","old_version":"2.0.2","new_version":"2.4.0","repository_url":"https://github.com/resilience4j/resilience4j"},{"name":"org.springdoc:springdoc-openapi-starter-webmvc-ui","old_version":"2.8.8","new_version":"3.0.3","repository_url":"https://github.com/springdoc/springdoc-openapi"},{"name":"org.springdoc:springdoc-openapi-starter-common","old_version":"2.8.8","new_version":"3.0.3","repository_url":"https://github.com/springdoc/springdoc-openapi"},{"name":"io.jsonwebtoken:jjwt-api","old_version":"0.11.5","new_version":"0.13.0","repository_url":"https://github.com/jwtk/jjwt"},{"name":"io.jsonwebtoken:jjwt-impl","old_version":"0.11.5","new_version":"0.13.0","repository_url":"https://github.com/jwtk/jjwt"},{"name":"io.jsonwebtoken:jjwt-jackson","old_version":"0.11.5","new_version":"0.13.0"},{"name":"com.alibaba:transmittable-thread-local","old_version":"2.14.2","new_version":"2.14.5","repository_url":"https://github.com/alibaba/transmittable-thread-local"},{"name":"org.junit.jupiter:junit-jupiter","old_version":"5.10.0","new_version":"6.1.0","repository_url":"https://github.com/junit-team/junit-framework"},{"name":"com.alibaba:fastjson","old_version":"2.0.53","new_version":"2.0.62","repository_url":"https://github.com/alibaba/fastjson2"},{"name":"redis.clients:jedis","old_version":"6.0.0","new_version":"7.5.2"},{"name":"com.squareup.okhttp3:okhttp","old_version":"4.12.0","new_version":"5.4.0","repository_url":"https://github.com/square/okhttp"},{"name":"com.squareup.okhttp3:okhttp-sse","old_version":"4.12.0","new_version":"5.4.0","repository_url":"https://github.com/square/okhttp"},{"name":"com.google.protobuf:protobuf-java","old_version":"3.24.4","new_version":"4.35.0"},{"name":"org.apache.poi:poi","old_version":"5.2.4","new_version":"5.5.1"},{"name":"org.apache.poi:poi-ooxml","old_version":"5.2.4","new_version":"5.5.1"},{"name":"org.apache.poi:poi-scratchpad","old_version":"5.2.4","new_version":"5.5.1"},{"name":"fr.opensagres.xdocreport:fr.opensagres.poi.xwpf.converter.pdf","old_version":"2.0.4","new_version":"2.2.0"},{"name":"org.hibernate.validator:hibernate-validator","old_version":"8.0.1.Final","new_version":"9.1.0.Final","repository_url":"https://github.com/hibernate/hibernate-validator"},{"name":"ch.qos.logback:logback-classic","old_version":"1.5.18","new_version":"1.5.34","repository_url":"https://github.com/qos-ch/logback"},{"name":"ch.qos.logback:logback-core","old_version":"1.5.18","new_version":"1.5.34","repository_url":"https://github.com/qos-ch/logback"},{"name":"org.apache.tomcat:tomcat-annotations-api","old_version":"10.1.55","new_version":"11.0.22"},{"name":"org.apache.tomcat.embed:tomcat-embed-el","old_version":"10.1.55","new_version":"11.0.22"},{"name":"com.google.guava:guava","old_version":"33.4.8-jre","new_version":"33.6.0-jre","repository_url":"https://github.com/google/guava"},{"name":"org.springframework.security:spring-security-crypto","old_version":"6.5.9","new_version":"7.0.5","repository_url":"https://github.com/spring-projects/spring-security"},{"name":"org.springframework.security:spring-security-web","old_version":"6.5.9","new_version":"7.0.5","repository_url":"https://github.com/spring-projects/spring-security"},{"name":"org.springframework.security:spring-security-core","old_version":"6.5.9","new_version":"7.0.5","repository_url":"https://github.com/spring-projects/spring-security"},{"name":"org.springframework.security:spring-security-config","old_version":"6.5.9","new_version":"7.0.5","repository_url":"https://github.com/spring-projects/spring-security"},{"name":"org.yaml:snakeyaml","old_version":"2.0","new_version":"2.6"},{"name":"com.itextpdf:itextpdf","old_version":"5.5.13.4","new_version":"5.5.13.5","repository_url":"https://github.com/itext/itextpdf"},{"name":"io.netty:netty-all","old_version":"4.1.133.Final","new_version":"4.2.15.Final","repository_url":"https://github.com/netty/netty"},{"name":"org.apache.kafka:kafka-clients","old_version":"3.9.2","new_version":"4.3.0"},{"name":"com.auth0:java-jwt","old_version":"4.4.0","new_version":"4.5.2"},{"name":"org.apache.httpcomponents:httpclient","old_version":"4.5.13","new_version":"4.5.14"},{"name":"com.alibaba:druid-spring-boot-starter","old_version":"1.1.9","new_version":"1.2.28","repository_url":"https://github.com/alibaba/druid"},{"name":"io.minio:minio","old_version":"8.6.0","new_version":"9.0.1","repository_url":"https://github.com/minio/minio-java"},{"name":"commons-net:commons-net","old_version":"3.9.0","new_version":"3.13.0","repository_url":"https://github.com/apache/commons-net"},{"name":"com.clickhouse:clickhouse-jdbc","old_version":"0.4.6","new_version":"0.9.8","repository_url":"https://github.com/ClickHouse/clickhouse-java"},{"name":"com.vesoft:client","old_version":"3.0.0","new_version":"3.8.4"},{"name":"co.elastic.clients:elasticsearch-java","old_version":"8.15.5","new_version":"9.4.2","repository_url":"https://github.com/elastic/elasticsearch-java"},{"name":"org.elasticsearch.client:elasticsearch-rest-client","old_version":"8.15.5","new_version":"9.4.2","repository_url":"https://github.com/elastic/elasticsearch"},{"name":"org.elasticsearch:elasticsearch","old_version":"8.15.5","new_version":"9.4.2","repository_url":"https://github.com/elastic/elasticsearch"},{"name":"org.elasticsearch:elasticsearch-x-content","old_version":"8.15.5","new_version":"9.4.2","repository_url":"https://github.com/elastic/elasticsearch"},{"name":"com.baomidou:mybatis-plus-extension","old_version":"3.5.5","new_version":"3.5.16","repository_url":"https://github.com/baomidou/mybatis-plus"},{"name":"org.springframework.boot:spring-boot-starter-test","old_version":"3.2.0","new_version":"4.0.6","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"com.baomidou:mybatis-plus-boot-starter","old_version":"3.5.5","new_version":"3.5.16","repository_url":"https://github.com/baomidou/mybatis-plus"},{"name":"com.github.jsqlparser:jsqlparser","old_version":"4.5","new_version":"5.3","repository_url":"https://github.com/JSQLParser/JSqlParser"},{"name":"com.aliyun:tea","old_version":"1.3.1","new_version":"1.4.2","repository_url":"https://github.com/aliyun/tea-java"},{"name":"commons-logging:commons-logging","old_version":"1.2","new_version":"1.3.6","repository_url":"https://github.com/apache/commons-logging"},{"name":"com.aliyun:tea-util","old_version":"0.2.23","new_version":"0.2.27","repository_url":"https://github.com/aliyun/tea-util"},{"name":"org.jacoco:org.jacoco.agent","old_version":"0.8.8","new_version":"0.8.15","repository_url":"https://github.com/jacoco/jacoco"},{"name":"com.aliyun:tea-openapi","old_version":"0.3.8","new_version":"0.3.15","repository_url":"https://github.com/aliyun/darabonba-openapi"},{"name":"com.github.pagehelper:pagehelper-spring-boot-starter","old_version":"1.4.7","new_version":"4.1.0","repository_url":"https://github.com/pagehelper/pagehelper-spring-boot"},{"name":"com.aliyun:dingtalk","old_version":"2.2.17","new_version":"2.2.53","repository_url":"https://github.com/aliyun/alibabacloud-sdk"},{"name":"com.aliyun:dysmsapi20170525","old_version":"2.0.24","new_version":"4.5.1","repository_url":"https://github.com/aliyun/alibabacloud-sdk"},{"name":"com.aliyun:credentials-java","old_version":"1.0.2","new_version":"1.0.3","repository_url":"https://github.com/aliyun/credentials-java"},{"name":"org.mybatis.spring.boot:mybatis-spring-boot-starter","old_version":"3.0.4","new_version":"4.0.1","repository_url":"https://github.com/mybatis/spring-boot-starter"},{"name":"org.xerial.snappy:snappy-java","old_version":"1.1.10.5","new_version":"1.1.10.8","repository_url":"https://github.com/xerial/snappy-java"},{"name":"joda-time:joda-time","old_version":"2.10.10","new_version":"2.14.2","repository_url":"https://github.com/JodaOrg/joda-time"},{"name":"io.swagger:swagger-annotations","old_version":"1.5.24","new_version":"1.6.16"},{"name":"tools.jackson.core:jackson-core","old_version":"3.1.1","new_version":"3.2.0"},{"name":"tools.jackson.core:jackson-databind","old_version":"3.1.1","new_version":"3.2.0"},{"name":"tools.jackson.dataformat:jackson-dataformat-yaml","old_version":"3.1.1","new_version":"3.2.0"},{"name":"org.projectlombok:lombok","old_version":"1.18.38","new_version":"1.18.46","repository_url":"https://github.com/projectlombok/lombok"},{"name":"jakarta.annotation:jakarta.annotation-api","old_version":"2.1.1","new_version":"3.0.0","repository_url":"https://github.com/jakartaee/common-annotations-api"},{"name":"cn.hutool:hutool-all","old_version":"5.8.38","new_version":"5.8.46","repository_url":"https://github.com/looly/hutool"},{"name":"com.aliyun.oss:aliyun-sdk-oss","old_version":"3.17.2","new_version":"3.18.5","repository_url":"https://github.com/aliyun/aliyun-oss-java-sdk"},{"name":"org.xerial:sqlite-jdbc","old_version":"3.46.1.0","new_version":"3.53.2.0","repository_url":"https://github.com/xerial/sqlite-jdbc"},{"name":"com.google.zxing:core","old_version":"3.3.3","new_version":"3.5.4","repository_url":"https://github.com/zxing/zxing"},{"name":"com.dingtalk.open:app-stream-client","old_version":"1.0.5","new_version":"1.3.12"},{"name":"io.modelcontextprotocol.sdk:mcp","old_version":"1.0.0","new_version":"1.1.3","repository_url":"https://github.com/modelcontextprotocol/java-sdk"},{"name":"dev.langchain4j:langchain4j-mcp","old_version":"1.1.0-beta7","new_version":"1.16.1-beta26","repository_url":"https://github.com/langchain4j/langchain4j"},{"name":"dev.langchain4j:langchain4j-core","old_version":"1.1.0","new_version":"1.16.1","repository_url":"https://github.com/langchain4j/langchain4j"},{"name":"dev.langchain4j:langchain4j","old_version":"1.1.0","new_version":"1.16.1","repository_url":"https://github.com/langchain4j/langchain4j"},{"name":"org.apache.pdfbox:pdfbox","old_version":"3.0.3","new_version":"3.0.7"},{"name":"com.github.librepdf:openpdf","old_version":"1.3.30","new_version":"3.0.5"},{"name":"mysql:mysql-connector-java","old_version":"5.1.26","new_version":"8.0.33"},{"name":"org.apache.maven.plugins:maven-dependency-plugin","old_version":"3.6.1","new_version":"3.11.0","repository_url":"https://github.com/apache/maven-dependency-plugin"},{"name":"org.apache.maven.plugins:maven-compiler-plugin","old_version":"3.11.0","new_version":"3.15.0","repository_url":"https://github.com/apache/maven-compiler-plugin"},{"name":"org.apache.maven.plugins:maven-enforcer-plugin","old_version":"3.4.1","new_version":"3.6.3","repository_url":"https://github.com/apache/maven-enforcer"},{"name":"org.apache.maven.plugins:maven-surefire-plugin","old_version":"3.2.5","new_version":"3.5.6","repository_url":"https://github.com/apache/maven-surefire"},{"name":"org.apache.maven.plugins:maven-help-plugin","old_version":"3.4.1","new_version":"3.5.1","repository_url":"https://github.com/apache/maven-help-plugin"},{"name":"org.mybatis.generator:mybatis-generator-maven-plugin","old_version":"1.3.7","new_version":"2.0.0"}],"path":null,"ecosystem":"maven"},"body":"Bumps the all-maven group with 115 updates in the /byclaw-be directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) | `3.5.14` | `4.0.6` |\n| [org.springframework.ai:spring-ai-bom](https://github.com/spring-projects/spring-ai) | `1.0.0` | `1.1.7` |\n| [com.squareup.okio:okio-jvm](https://github.com/square/okio) | `3.6.0` | `3.17.0` |\n| [com.squareup.okio:okio](https://github.com/square/okio) | `3.4.0` | `3.17.0` |\n| [org.springframework.cloud:spring-cloud-dependencies](https://github.com/spring-cloud/spring-cloud-release) | `2025.0.2` | `2025.1.1` |\n| [io.opentelemetry.instrumentation:opentelemetry-instrumentation-annotations](https://github.com/open-telemetry/opentelemetry-java-instrumentation) | `2.22.0` | `2.28.1` |\n| org.apache.xmlbeans:xmlbeans | `5.1.1` | `5.3.0` |\n| commons-io:commons-io | `2.19.0` | `2.22.0` |\n| [org.jsoup:jsoup](https://github.com/jhy/jsoup) | `1.18.1` | `1.22.2` |\n| [org.jetbrains:annotations](https://github.com/JetBrains/java-annotations) | `24.0.1` | `26.1.0` |\n| [org.apache.commons:commons-compress](https://github.com/apache/commons-compress) | `1.24.0` | `1.28.0` |\n| [com.github.pagehelper:pagehelper](https://github.com/pagehelper/Mybatis-PageHelper) | `5.3.3` | `6.1.1` |\n| com.iwhaleai.byai:by-framework | `0.2.6` | `0.2.8` |\n| [com.fasterxml.woodstox:woodstox-core](https://github.com/FasterXML/woodstox) | `7.0.0` | `7.2.1` |\n| org.glassfish.hk2:hk2-api | `3.1.1` | `4.0.1` |\n| [org.eclipse.parsson:parsson](https://github.com/eclipse-ee4j/parsson) | `1.1.7` | `1.1.9` |\n| com.google.errorprone:error_prone_annotations | `2.36.0` | `2.49.0` |\n| org.opengauss:opengauss-jdbc | `6.0.0` | `6.0.3` |\n| [com.alibaba:druid](https://github.com/alibaba/druid) | `1.2.23` | `1.2.28` |\n| [com.mysql:mysql-connector-j](https://github.com/mysql/mysql-connector-j) | `8.4.0` | `9.7.0` |\n| [org.mybatis:mybatis](https://github.com/mybatis/mybatis-3) | `3.5.14` | `3.5.19` |\n| [org.mybatis:mybatis-spring](https://github.com/mybatis/spring) | `3.0.3` | `4.0.0` |\n| org.apache.commons:commons-lang3 | `3.13.0` | `3.20.0` |\n| org.apache.commons:commons-collections4 | `4.4` | `4.5.0` |\n| [commons-codec:commons-codec](https://github.com/apache/commons-codec) | `1.16.0` | `1.22.0` |\n| [jakarta.xml.bind:jakarta.xml.bind-api](https://github.com/jakartaee/jaxb-api) | `4.0.0` | `4.0.5` |\n| org.glassfish.jaxb:jaxb-runtime | `4.0.2` | `4.0.9` |\n| [jakarta.activation:jakarta.activation-api](https://github.com/jakartaee/jaf-api) | `2.1.1` | `2.1.4` |\n| io.github.resilience4j:resilience4j-spring-boot3 | `2.0.2` | `2.4.0` |\n| io.github.resilience4j:resilience4j-circuitbreaker | `2.0.2` | `2.4.0` |\n| [io.github.resilience4j:resilience4j-ratelimiter](https://github.com/resilience4j/resilience4j) | `2.0.2` | `2.4.0` |\n| [io.github.resilience4j:resilience4j-retry](https://github.com/resilience4j/resilience4j) | `2.0.2` | `2.4.0` |\n| io.github.resilience4j:resilience4j-bulkhead | `2.0.2` | `2.4.0` |\n| [io.github.resilience4j:resilience4j-timelimiter](https://github.com/resilience4j/resilience4j) | `2.0.2` | `2.4.0` |\n| [org.springdoc:springdoc-openapi-starter-webmvc-ui](https://github.com/springdoc/springdoc-openapi) | `2.8.8` | `3.0.3` |\n| [org.springdoc:springdoc-openapi-starter-common](https://github.com/springdoc/springdoc-openapi) | `2.8.8` | `3.0.3` |\n| [io.jsonwebtoken:jjwt-api](https://github.com/jwtk/jjwt) | `0.11.5` | `0.13.0` |\n| [io.jsonwebtoken:jjwt-impl](https://github.com/jwtk/jjwt) | `0.11.5` | `0.13.0` |\n| io.jsonwebtoken:jjwt-jackson | `0.11.5` | `0.13.0` |\n| [com.alibaba:transmittable-thread-local](https://github.com/alibaba/transmittable-thread-local) | `2.14.2` | `2.14.5` |\n| [org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit-framework) | `5.10.0` | `6.1.0` |\n| [com.alibaba:fastjson](https://github.com/alibaba/fastjson2) | `2.0.53` | `2.0.62` |\n| redis.clients:jedis | `6.0.0` | `7.5.2` |\n| [com.squareup.okhttp3:okhttp](https://github.com/square/okhttp) | `4.12.0` | `5.4.0` |\n| [com.squareup.okhttp3:okhttp-sse](https://github.com/square/okhttp) | `4.12.0` | `5.4.0` |\n| com.google.protobuf:protobuf-java | `3.24.4` | `4.35.0` |\n| org.apache.poi:poi | `5.2.4` | `5.5.1` |\n| org.apache.poi:poi-ooxml | `5.2.4` | `5.5.1` |\n| org.apache.poi:poi-scratchpad | `5.2.4` | `5.5.1` |\n| fr.opensagres.xdocreport:fr.opensagres.poi.xwpf.converter.pdf | `2.0.4` | `2.2.0` |\n| [org.hibernate.validator:hibernate-validator](https://github.com/hibernate/hibernate-validator) | `8.0.1.Final` | `9.1.0.Final` |\n| [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) | `1.5.18` | `1.5.34` |\n| [ch.qos.logback:logback-core](https://github.com/qos-ch/logback) | `1.5.18` | `1.5.34` |\n| org.apache.tomcat:tomcat-annotations-api | `10.1.55` | `11.0.22` |\n| org.apache.tomcat.embed:tomcat-embed-el | `10.1.55` | `11.0.22` |\n| [com.google.guava:guava](https://github.com/google/guava) | `33.4.8-jre` | `33.6.0-jre` |\n| [org.springframework.security:spring-security-crypto](https://github.com/spring-projects/spring-security) | `6.5.9` | `7.0.5` |\n| [org.springframework.security:spring-security-web](https://github.com/spring-projects/spring-security) | `6.5.9` | `7.0.5` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `6.5.9` | `7.0.5` |\n| [org.springframework.security:spring-security-config](https://github.com/spring-projects/spring-security) | `6.5.9` | `7.0.5` |\n| [org.yaml:snakeyaml](https://bitbucket.org/snakeyaml/snakeyaml) | `2.0` | `2.6` |\n| [com.itextpdf:itextpdf](https://github.com/itext/itextpdf) | `5.5.13.4` | `5.5.13.5` |\n| [io.netty:netty-all](https://github.com/netty/netty) | `4.1.133.Final` | `4.2.15.Final` |\n| org.apache.kafka:kafka-clients | `3.9.2` | `4.3.0` |\n| com.auth0:java-jwt | `4.4.0` | `4.5.2` |\n| org.apache.httpcomponents:httpclient | `4.5.13` | `4.5.14` |\n| [com.alibaba:druid-spring-boot-starter](https://github.com/alibaba/druid) | `1.1.9` | `1.2.28` |\n| [io.minio:minio](https://github.com/minio/minio-java) | `8.6.0` | `9.0.1` |\n| [commons-net:commons-net](https://github.com/apache/commons-net) | `3.9.0` | `3.13.0` |\n| [com.clickhouse:clickhouse-jdbc](https://github.com/ClickHouse/clickhouse-java) | `0.4.6` | `0.9.8` |\n| com.vesoft:client | `3.0.0` | `3.8.4` |\n| [co.elastic.clients:elasticsearch-java](https://github.com/elastic/elasticsearch-java) | `8.15.5` | `9.4.2` |\n| [org.elasticsearch.client:elasticsearch-rest-client](https://github.com/elastic/elasticsearch) | `8.15.5` | `9.4.2` |\n| [org.elasticsearch:elasticsearch](https://github.com/elastic/elasticsearch) | `8.15.5` | `9.4.2` |\n| [org.elasticsearch:elasticsearch-x-content](https://github.com/elastic/elasticsearch) | `8.15.5` | `9.4.2` |\n| [com.baomidou:mybatis-plus-extension](https://github.com/baomidou/mybatis-plus) | `3.5.5` | `3.5.16` |\n| [org.springframework.boot:spring-boot-starter-test](https://github.com/spring-projects/spring-boot) | `3.2.0` | `4.0.6` |\n| [com.baomidou:mybatis-plus-boot-starter](https://github.com/baomidou/mybatis-plus) | `3.5.5` | `3.5.16` |\n| [com.github.jsqlparser:jsqlparser](https://github.com/JSQLParser/JSqlParser) | `4.5` | `5.3` |\n| [com.aliyun:tea](https://github.com/aliyun/tea-java) | `1.3.1` | `1.4.2` |\n| [commons-logging:commons-logging](https://github.com/apache/commons-logging) | `1.2` | `1.3.6` |\n| [com.aliyun:tea-util](https://github.com/aliyun/tea-util) | `0.2.23` | `0.2.27` |\n| [org.jacoco:org.jacoco.agent](https://github.com/jacoco/jacoco) | `0.8.8` | `0.8.15` |\n| [com.aliyun:tea-openapi](https://github.com/aliyun/darabonba-openapi) | `0.3.8` | `0.3.15` |\n| [com.github.pagehelper:pagehelper-spring-boot-starter](https://github.com/pagehelper/pagehelper-spring-boot) | `1.4.7` | `4.1.0` |\n| [com.aliyun:dingtalk](https://github.com/aliyun/alibabacloud-sdk) | `2.2.17` | `2.2.53` |\n| [com.aliyun:dysmsapi20170525](https://github.com/aliyun/alibabacloud-sdk) | `2.0.24` | `4.5.1` |\n| [com.aliyun:credentials-java](https://github.com/aliyun/credentials-java) | `1.0.2` | `1.0.3` |\n| [org.mybatis.spring.boot:mybatis-spring-boot-starter](https://github.com/mybatis/spring-boot-starter) | `3.0.4` | `4.0.1` |\n| [org.xerial.snappy:snappy-java](https://github.com/xerial/snappy-java) | `1.1.10.5` | `1.1.10.8` |\n| [joda-time:joda-time](https://github.com/JodaOrg/joda-time) | `2.10.10` | `2.14.2` |\n| io.swagger:swagger-annotations | `1.5.24` | `1.6.16` |\n| tools.jackson.core:jackson-core | `3.1.1` | `3.2.0` |\n| tools.jackson.core:jackson-databind | `3.1.1` | `3.2.0` |\n| tools.jackson.dataformat:jackson-dataformat-yaml | `3.1.1` | `3.2.0` |\n| [org.projectlombok:lombok](https://github.com/projectlombok/lombok) | `1.18.38` | `1.18.46` |\n| [jakarta.annotation:jakarta.annotation-api](https://github.com/jakartaee/common-annotations-api) | `2.1.1` | `3.0.0` |\n| [cn.hutool:hutool-all](https://github.com/looly/hutool) | `5.8.38` | `5.8.46` |\n| [com.aliyun.oss:aliyun-sdk-oss](https://github.com/aliyun/aliyun-oss-java-sdk) | `3.17.2` | `3.18.5` |\n| [org.xerial:sqlite-jdbc](https://github.com/xerial/sqlite-jdbc) | `3.46.1.0` | `3.53.2.0` |\n| [com.google.zxing:core](https://github.com/zxing/zxing) | `3.3.3` | `3.5.4` |\n| com.dingtalk.open:app-stream-client | `1.0.5` | `1.3.12` |\n| [io.modelcontextprotocol.sdk:mcp](https://github.com/modelcontextprotocol/java-sdk) | `1.0.0` | `1.1.3` |\n| [dev.langchain4j:langchain4j-mcp](https://github.com/langchain4j/langchain4j) | `1.1.0-beta7` | `1.16.1-beta26` |\n| [dev.langchain4j:langchain4j-core](https://github.com/langchain4j/langchain4j) | `1.1.0` | `1.16.1` |\n| [dev.langchain4j:langchain4j](https://github.com/langchain4j/langchain4j) | `1.1.0` | `1.16.1` |\n| org.apache.pdfbox:pdfbox | `3.0.3` | `3.0.7` |\n| com.github.librepdf:openpdf | `1.3.30` | `3.0.5` |\n| mysql:mysql-connector-java | `5.1.26` | `8.0.33` |\n| [org.apache.maven.plugins:maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin) | `3.6.1` | `3.11.0` |\n| [org.apache.maven.plugins:maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) | `3.11.0` | `3.15.0` |\n| [org.apache.maven.plugins:maven-enforcer-plugin](https://github.com/apache/maven-enforcer) | `3.4.1` | `3.6.3` |\n| [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.2.5` | `3.5.6` |\n| [org.apache.maven.plugins:maven-help-plugin](https://github.com/apache/maven-help-plugin) | `3.4.1` | `3.5.1` |\n| org.mybatis.generator:mybatis-generator-maven-plugin | `1.3.7` | `2.0.0` |\n\n\nUpdates `org.springframework.boot:spring-boot-starter-parent` from 3.5.14 to 4.0.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-parent's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.6\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefault security is misconfigured when spring-boot-actuator-autoconfigure is present and spring-boot-health is not \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50188\"\u003e#50188\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eElasticsearch Rest5Client auto-configuration misconfigures underlying HTTP client \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50187\"\u003e#50187\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApplicationPidFileWriter does not handle symlinks correctly \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50185\"\u003e#50185\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRandomValuePropertySource is not suitable for secrets \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50183\"\u003e#50183\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCassandra auto-configuration misconfigures CqlSessionBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50180\"\u003e#50180\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApplicationTemp does not handle symlinks correctly \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50178\"\u003e#50178\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemote DevTools performs comparison incorrectly \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50176\"\u003e#50176\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.rabbitmq.ssl.verify-hostname is applied inconsistently \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50174\"\u003e#50174\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhole number values are ignored when configuring min and max expected values and SLO boundaries for a distribution summary meter \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50077\"\u003e#50077\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClassic starters are missing several modules \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50071\"\u003e#50071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eModule spring-boot-resttestclient is missing from spring-boot-starter-test-classic \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/50069\"\u003e#50069\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAnnotations like \u003ccode\u003e@Ssl\u003c/code\u003e don't work on \u003ccode\u003e@Bean\u003c/code\u003e methods when using \u003ccode\u003e@ServiceConnection\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50064\"\u003e#50064\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnversRevisionRepositoriesRegistrar should reuse \u003ccode\u003e@EnableEnversRepositories\u003c/code\u003e rather than configuring the JPA counterpart \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50039\"\u003e#50039\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWebFlux Cloud Foundry links endpoint includes query string from received request in resolved links \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50017\"\u003e#50017\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImports on a containing test class are ignored when a nested class has imports \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50012\"\u003e#50012\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWith spring.jackson.use-jackson2-defaults set to true, FAIL_ON_UNKNOWN_PROPERTIES is enabled \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49951\"\u003e#49951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e500 response from env endpoint when supplied pattern is invalid \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49946\"\u003e#49946\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReactive MongoDB starter has a transitive dependency on the synchronous MongoDB driver \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49945\"\u003e#49945\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHTTP method is lost when configuring excludes in EndpointRequest \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49943\"\u003e#49943\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHonor HttpMethod for reactive additional endpoint paths \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49880\"\u003e#49880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocker Compose support doesn't work with apache/artemis image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49869\"\u003e#49869\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocker Compose support doesn't work with apache/activemq image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49866\"\u003e#49866\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpring Security's PathPatternRequestMatcher.Builder is not auto-configured when using WebMvcTest and spring-boot-security-test \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49854\"\u003e#49854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAPI versioning path strategy should be applied path last as it is not meant to yield \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49800\"\u003e#49800\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate docs to encourage Java fundamentals for beginners that prefer to learn that way \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50146\"\u003e#50146\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHTTP Service Interface Clients still document that API versioning can be configured via properties \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50126\"\u003e#50126\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLink to the observability section of the Lettuce documentation is broken \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50097\"\u003e#50097\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eJavadoc for StaticResourceLocation.FAVICON doesn't describe icons location \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50085\"\u003e#50085\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMySamlRelyingPartyConfiguration is missing a Kotlin sample \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50024\"\u003e#50024\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncorrect default value for management.httpexchanges.recording.include in configuration metadata \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50019\"\u003e#50019\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLink to the Kubernetes documentation when discussing startup probes \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50015\"\u003e#50015\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTypo in JdbcSessionAutoConfiguration Javadoc \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/49873\"\u003e#49873\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify that configuration property default values are not available through the Environment \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49851\"\u003e#49851\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument the need for Liquibase and Flyway starters \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/49839\"\u003e#49839\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eKafka documentation refers to deprecated JSON serializer and deserializer classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/49826\"\u003e#49826\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Elasticsearch Client 9.2.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50027\"\u003e#50027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Groovy 5.0.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49911\"\u003e#49911\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 7.2.12.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50134\"\u003e#50134\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jackson Bom 3.1.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50051\"\u003e#50051\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to \u003ca href=\"https://github.com/jaxen-xpath/jaxen/releases/tag/v2.0.1\"\u003eJaxen 2.0.1\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50104\"\u003e#50104\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to \u003ca href=\"https://github.com/FirebirdSQL/jaybird/releases/tag/v6.0.5\"\u003eJaybird 6.0.5\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49914\"\u003e#49914\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8821ad2cd381bb4b9615a61479e1de7305a8ba39\"\u003e\u003ccode\u003e8821ad2\u003c/code\u003e\u003c/a\u003e Release v4.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/9e4048a03f17adfe78057a3c4d5b4693305c0ae0\"\u003e\u003ccode\u003e9e4048a\u003c/code\u003e\u003c/a\u003e Merge branch '3.5.x' into 4.0.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/20bb11c3984802990572ddbeae8b66885a8f2462\"\u003e\u003ccode\u003e20bb11c\u003c/code\u003e\u003c/a\u003e Next development version (v3.5.15-SNAPSHOT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/98daa8ea30f39a5b0ca6768b5cbc2dc8698ef4e1\"\u003e\u003ccode\u003e98daa8e\u003c/code\u003e\u003c/a\u003e Merge branch '3.5.x' into 4.0.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/874f6294b91da18367b8b5ab7b2fad3fa23cfba6\"\u003e\u003ccode\u003e874f629\u003c/code\u003e\u003c/a\u003e Fix default security with actuator but without health\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/e41b3bf731d1134bc18ec1f68ac01e0fe1c54923\"\u003e\u003ccode\u003ee41b3bf\u003c/code\u003e\u003c/a\u003e Enable hostname verification for SSL connections to Elasticsearch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ef8527bb0ef8f564f4f9c57a7be99a7aa96c6ab0\"\u003e\u003ccode\u003eef8527b\u003c/code\u003e\u003c/a\u003e Merge branch '3.5.x' into 4.0.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/4a7bd332b6d19fef1aa4cf28434985f2b03a2e0f\"\u003e\u003ccode\u003e4a7bd33\u003c/code\u003e\u003c/a\u003e Merge branch '3.5.x' into 4.0.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3a9d836621605d39cfd88b677f2c6085aa1a1402\"\u003e\u003ccode\u003e3a9d836\u003c/code\u003e\u003c/a\u003e Merge branch '3.5.x' into 4.0.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8e013b6f909c3882ed87ca78111e4a8bfe33ff72\"\u003e\u003ccode\u003e8e013b6\u003c/code\u003e\u003c/a\u003e Merge branch '3.5.x' into 4.0.x\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.14...v4.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.ai:spring-ai-bom` from 1.0.0 to 1.1.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-ai/releases\"\u003eorg.springframework.ai:spring-ai-bom's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSpring AI 1.1.7\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eOllama doesnt work in a graalvm native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-ai/issues/6064\"\u003e#6064\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eOpenAiChatModel streaming drops chunks due to internal switchMap when using buffered concatMap \u003ca href=\"https://redirect.github.com/spring-projects/spring-ai/issues/6122\"\u003e#6122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRedisVectorStore#doDelete\u003c/code\u003e only deletes the 10 first messages \u003ca href=\"https://redirect.github.com/spring-projects/spring-ai/issues/6066\"\u003e#6066\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eSpring AI 1.1.6 Release Notes\u003c/h1\u003e\n\u003ch2\u003e🎯 Highlights\u003c/h2\u003e\n\u003cp\u003eThis release includes 1 new features, 5 bug fixes, 2 documentation improvements, 5 other improvements.\u003c/p\u003e\n\u003ch2\u003e⏪ Breaking Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChat memory advisors now require an explicit conversation ID to be supplied. This is a behavioral change that affects how chat memory is scoped and managed. Applications relying on implicit conversation IDs must be updated to supply an explicit ID. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/13cde419e30042c663706f130dd65b80d92d4667\"\u003e13cde41\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Upgrading Notes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePromptChatMemoryAdvisor is now deprecated and chat memory advisors require an explicit conversation ID. Update your code to: (1) replace PromptChatMemoryAdvisor with the recommended alternative, and (2) ensure an explicit conversation ID is supplied when using any chat memory advisor. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/917f62ebec13cf01027c094dd36d4106b1c8dc47\"\u003e917f62e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⭐ New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMCP auto-configuration now includes the missing \u003ca href=\"https://github.com/ConditionalOnMissingBean\"\u003e\u003ccode\u003e@​ConditionalOnMissingBean\u003c/code\u003e\u003c/a\u003e check, allowing users to provide their own bean definitions and override the auto-configured MCP beans as expected in Spring Boot auto-configuration patterns. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/d4025e5d8ede18158cbd9b53b1cc4a0ad107af3a\"\u003ed4025e5\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🪲 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where the MilvusVectorStore's doDelete method incorrectly escaped strings in the ID list, which could cause deletion operations to fail or behave unexpectedly. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/20206a46408ef8a9609f54afc7c82a0b5fd2e357\"\u003e20206a4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the ChatClientAdvisorTests test suite to supply an explicit conversation ID, aligning tests with the new requirement for explicit conversation IDs in chat memory advisors. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/704e5c6519c150662c7338782639fa84ffe8c9ed\"\u003e704e5c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the MistralAiChatModelObservationIT integration test to ensure observation functionality works correctly with the MistralAI chat model provider. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/a89145db26831f2f8bf22e0f76155ecebd8d7c5c\"\u003ea89145d\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCorrects an issue where configured options were not being properly included in MistralAI API requests, ensuring all user-defined settings are correctly passed through. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/7bcf32aa134b3954ba70bed625de4adcbfe8fab4\"\u003e7bcf32a\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eResolves a regression in how AssistantMessage.ToolCall.id is handled when using the Ollama integration, restoring correct tool call identification behavior. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/bb9d65ea96d3d57cf3c7467fb82e86bc25c9f238\"\u003ebb9d65e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e📓 Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCorrected typographical errors in the MCP (Model Context Protocol) documentation for improved readability and accuracy. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/a1ad7f2a4a784432dde61520723fb80119008320\"\u003ea1ad7f2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed broken xref anchors in the documentation to restore proper cross-reference navigation between documentation sections. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/f03c104234de47a9e91d0a7f312f458ebeb5cbe9\"\u003ef03c104\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔨 Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated MCP SDK from version 0.17.0 to 0.18.2 and MCP annotations from 0.8.0 to 0.9.0, bringing in the latest MCP protocol improvements and bug fixes. \u003ca href=\"https://redirect.github.com/spring-projects/spring-ai/pull/5961\"\u003e#5961\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔩 Build Updates\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated the project build to use JDK 17.0.19, ensuring compatibility and incorporating the latest Java 17 patch release for the build environment. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/27281e62dec4fd0857ab3d0da79cd3b83105b260\"\u003e27281e6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReorganizes the project structure by relocating Spring AI starter modules to a dedicated starters/ directory for better maintainability and clarity. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/22f867673c0d59a4607022d0a5992b5f0c59f6ef\"\u003e22f8676\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🙏 Contributors\u003c/h2\u003e\n\u003cp\u003eThanks to all contributors who made this release possible:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tzolov\"\u003e\u003ccode\u003eChristian Tzolov (@​tzolov)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/emileplas\"\u003e\u003ccode\u003eEmile Plas (@​emileplas)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ilayaperumalg\"\u003e\u003ccode\u003eIlayaperumal Gopinathan (@​ilayaperumalg)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sobychacko\"\u003e\u003ccode\u003eSoby Chacko (@​sobychacko)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ai/commit/d8503868d3e84547db51d8f10379e1a075fe2d99\"\u003e\u003ccode\u003ed850386\u003c/code\u003e\u003c/a\u003e Release version 1.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ai/commit/5b78fe924eb2327f652cbdae1531999a6a98ba81\"\u003e\u003ccode\u003e5b78fe9\u003c/code\u003e\u003c/a\u003e Harden filename handling in AnthropicSkillsResponseHelper\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ai/commit/3fc37483ae6b215efc743f41b303820091b05aee\"\u003e\u003ccode\u003e3fc3748\u003c/code\u003e\u003c/a\u003e Fix deprecated model for OpenAI SDK Image model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ai/commit/b83d3928cd84f547c094a89d23969b256b567f4b\"\u003e\u003ccode\u003eb83d392\u003c/code\u003e\u003c/a\u003e Fix OpenAI ITs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ai/commit/f63fac2a2d968bccd1cbc3c62a7ad78294f16ed5\"\u003e\u003ccode\u003ef63fac2\u003c/code\u003e\u003c/a\u003e Fix deprecated audio models in OpenAI API and OpenAI SDK\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ai/commit/9a5f2154bdda22949091ffd7ae4f532934d0092f\"\u003e\u003ccode\u003e9a5f215\u003c/code\u003e\u003c/a\u003e fix: update OpenAI image API to gpt-image-1-mini, dropping DALL-E support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ai/commit/30c7be9000b8a9afd58e3a580b5424630e6d7509\"\u003e\u003ccode\u003e30c7be9\u003c/code\u003e\u003c/a\u003e fix: Add missing configurations for ChatModel streaming tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ai/commit/42b9cc72e1d665a417403e403828228bcff254d4\"\u003e\u003ccode\u003e42b9cc7\u003c/code\u003e\u003c/a\u003e Replace switchMap with concatMap/map to prevent streaming data loss (\u003ca href=\"https://redirect.github.com/spring-projects/spring-ai/issues/6106\"\u003e#6106\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ai/commit/24a89f5555be3d6db006dfb46930b569a28a51ee\"\u003e\u003ccode\u003e24a89f5\u003c/code\u003e\u003c/a\u003e Fix Redis vector store filter delete to paginate search results\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ai/commit/df99841177c419d09f936d917fb673fb4eecf4ad\"\u003e\u003ccode\u003edf99841\u003c/code\u003e\u003c/a\u003e Add Ollama ThinkOption runtime hints\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-ai/compare/v1.0.0...v1.1.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.squareup.okio:okio-jvm` from 3.6.0 to 3.17.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/square/okio/blob/master/CHANGELOG.md\"\u003ecom.squareup.okio:okio-jvm's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.17.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-03-11\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eNew: Adjust down the Kotlin stdlib dependency to [Kotlin 2.1.21][kotlin_2_1_21]. Okio is built\nwith an up-to-date Kotlin compiler (2.2.21), but depends on an older kotlin-stdlib. We're doing\nthis so you can update Okio and Kotlin independently.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: Return the correct timestamp in \u003ccode\u003eFileMetadata.createdAtMillis\u003c/code\u003e on Kotlin/Native on UNIX\nplatforms. We were incorrectly using the POSIX \u003ccode\u003ectime\u003c/code\u003e (\u003cem\u003echange\u003c/em\u003e time) instead of the\n\u003ccode\u003ebirthtime\u003c/code\u003e. With this fix Okio now prefers \u003ccode\u003estatx()\u003c/code\u003e over \u003ccode\u003estat()\u003c/code\u003e on native platforms. This\nAPI first appeared in Linux in 4.11 (2017) and Android in API 30 (2020).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.16.4\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-11-17\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Don't delay triggering timeouts. In 3.16.0 we introduced a regression that caused timeouts\nto fire later than they were supposed to.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.16.3\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-11-14\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003eThis release is the same as 3.16.2. We forgot to cherry-pick a commit before we released!\u003c/p\u003e\n\u003ch2\u003eVersion 3.16.2\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-10-14\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix: \u003ccode\u003eokio-assetfilesystem\u003c/code\u003e APIs now correctly restored as visible to Kotlin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.16.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-10-09\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Don't crash when calling \u003ccode\u003eSocket.shutdownOutput()\u003c/code\u003e or \u003ccode\u003eshutdownInput()\u003c/code\u003e on an \u003ccode\u003eSSLSocket\u003c/code\u003e on\nAndroid API 21. This method throws an \u003ccode\u003eUnsupportedOperationException\u003c/code\u003e, so we now catch that and\nclose the underlying stream instead.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.16.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-07-29\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Change \u003ccode\u003eSocket.asOkioSocket()\u003c/code\u003e to resolve its source \u003ccode\u003eInputStream\u003c/code\u003e and \u003ccode\u003eOutputStream\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/80a50234e5edb96041a8168c4754ba9e1ff3625a\"\u003e\u003ccode\u003e80a5023\u003c/code\u003e\u003c/a\u003e Prepare for release 3.17.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/65c0c26bb5242b697ffc28f6c666ae0a01197ff6\"\u003e\u003ccode\u003e65c0c26\u003c/code\u003e\u003c/a\u003e Switch to FileMetadata to use statx instead of stat on Linux and Apple platfo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/b11f17b233601af92ae1fabea3fecdeea0608631\"\u003e\u003ccode\u003eb11f17b\u003c/code\u003e\u003c/a\u003e Remove Kotlin/JS IR default parameter workarounds. (\u003ca href=\"https://redirect.github.com/square/okio/issues/1786\"\u003e#1786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/b35f473635db8ad9d5a9b096780e960d1b8f7d4d\"\u003e\u003ccode\u003eb35f473\u003c/code\u003e\u003c/a\u003e Update Gradle to v9.4.0 (\u003ca href=\"https://redirect.github.com/square/okio/issues/1785\"\u003e#1785\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/cbcee31f2bcb7e6f606d8eafc45f4c8ea7228cae\"\u003e\u003ccode\u003ecbcee31\u003c/code\u003e\u003c/a\u003e Update actions/upload-artifact action to v7 (\u003ca href=\"https://redirect.github.com/square/okio/issues/1783\"\u003e#1783\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/fc7aecb7f6f7a123f2024ab6397da04311546bf2\"\u003e\u003ccode\u003efc7aecb\u003c/code\u003e\u003c/a\u003e Update dependency com.android.tools.build:gradle to v9.0.1 (\u003ca href=\"https://redirect.github.com/square/okio/issues/1781\"\u003e#1781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/79aa26755c77df8c4d0233926c7308fd353ad697\"\u003e\u003ccode\u003e79aa267\u003c/code\u003e\u003c/a\u003e Drop \u003ccode\u003eisWasm()\u003c/code\u003e early return workaround for KT-60212. (\u003ca href=\"https://redirect.github.com/square/okio/issues/1777\"\u003e#1777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/45459dca7d40b4c2df1454a0f363e0b8e153beb5\"\u003e\u003ccode\u003e45459dc\u003c/code\u003e\u003c/a\u003e Fix result of an 'errnoToIOException' call is not thrown. inside `PosixFileSy...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/9fbab0f7ab00b525b0ae331c8c3ac3c645afc8c8\"\u003e\u003ccode\u003e9fbab0f\u003c/code\u003e\u003c/a\u003e Decode env variables in WASI tests (\u003ca href=\"https://redirect.github.com/square/okio/issues/1773\"\u003e#1773\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/50abe8900f2e7bd48d4afc77bda0afd74fc790ac\"\u003e\u003ccode\u003e50abe89\u003c/code\u003e\u003c/a\u003e Stop using AssertJ (\u003ca href=\"https://redirect.github.com/square/okio/issues/1771\"\u003e#1771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/square/okio/compare/parent-3.6.0...parent-3.17.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.squareup.okio:okio` from 3.4.0 to 3.17.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/square/okio/blob/master/CHANGELOG.md\"\u003ecom.squareup.okio:okio's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.17.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-03-11\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eNew: Adjust down the Kotlin stdlib dependency to [Kotlin 2.1.21][kotlin_2_1_21]. Okio is built\nwith an up-to-date Kotlin compiler (2.2.21), but depends on an older kotlin-stdlib. We're doing\nthis so you can update Okio and Kotlin independently.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: Return the correct timestamp in \u003ccode\u003eFileMetadata.createdAtMillis\u003c/code\u003e on Kotlin/Native on UNIX\nplatforms. We were incorrectly using the POSIX \u003ccode\u003ectime\u003c/code\u003e (\u003cem\u003echange\u003c/em\u003e time) instead of the\n\u003ccode\u003ebirthtime\u003c/code\u003e. With this fix Okio now prefers \u003ccode\u003estatx()\u003c/code\u003e over \u003ccode\u003estat()\u003c/code\u003e on native platforms. This\nAPI first appeared in Linux in 4.11 (2017) and Android in API 30 (2020).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.16.4\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-11-17\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Don't delay triggering timeouts. In 3.16.0 we introduced a regression that caused timeouts\nto fire later than they were supposed to.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.16.3\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-11-14\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003eThis release is the same as 3.16.2. We forgot to cherry-pick a commit before we released!\u003c/p\u003e\n\u003ch2\u003eVersion 3.16.2\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-10-14\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix: \u003ccode\u003eokio-assetfilesystem\u003c/code\u003e APIs now correctly restored as visible to Kotlin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.16.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-10-09\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Don't crash when calling \u003ccode\u003eSocket.shutdownOutput()\u003c/code\u003e or \u003ccode\u003eshutdownInput()\u003c/code\u003e on an \u003ccode\u003eSSLSocket\u003c/code\u003e on\nAndroid API 21. This method throws an \u003ccode\u003eUnsupportedOperationException\u003c/code\u003e, so we now catch that and\nclose the underlying stream instead.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.16.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-07-29\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Change \u003ccode\u003eSocket.asOkioSocket()\u003c/code\u003e to resolve its source \u003ccode\u003eInputStream\u003c/code\u003e and \u003ccode\u003eOutputStream\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/80a50234e5edb96041a8168c4754ba9e1ff3625a\"\u003e\u003ccode\u003e80a5023\u003c/code\u003e\u003c/a\u003e Prepare for release 3.17.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/65c0c26bb5242b697ffc28f6c666ae0a01197ff6\"\u003e\u003ccode\u003e65c0c26\u003c/code\u003e\u003c/a\u003e Switch to FileMetadata to use statx instead of stat on Linux and Apple platfo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/b11f17b233601af92ae1fabea3fecdeea0608631\"\u003e\u003ccode\u003eb11f17b\u003c/code\u003e\u003c/a\u003e Remove Kotlin/JS IR default parameter workarounds. (\u003ca href=\"https://redirect.github.com/square/okio/issues/1786\"\u003e#1786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/b35f473635db8ad9d5a9b096780e960d1b8f7d4d\"\u003e\u003ccode\u003eb35f473\u003c/code\u003e\u003c/a\u003e Update Gradle to v9.4.0 (\u003ca href=\"https://redirect.github.com/square/okio/issues/1785\"\u003e#1785\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/cbcee31f2bcb7e6f606d8eafc45f4c8ea7228cae\"\u003e\u003ccode\u003ecbcee31\u003c/code\u003e\u003c/a\u003e Update actions/upload-artifact action to v7 (\u003ca href=\"https://redirect.github.com/square/okio/issues/1783\"\u003e#1783\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/fc7aecb7f6f7a123f2024ab6397da04311546bf2\"\u003e\u003ccode\u003efc7aecb\u003c/code\u003e\u003c/a\u003e Update dependency com.android.tools.build:gradle to v9.0.1 (\u003ca href=\"https://redirect.github.com/square/okio/issues/1781\"\u003e#1781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/79aa26755c77df8c4d0233926c7308fd353ad697\"\u003e\u003ccode\u003e79aa267\u003c/code\u003e\u003c/a\u003e Drop \u003ccode\u003eisWasm()\u003c/code\u003e early return workaround for KT-60212. (\u003ca href=\"https://redirect.github.com/square/okio/issues/1777\"\u003e#1777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/45459dca7d40b4c2df1454a0f363e0b8e153beb5\"\u003e\u003ccode\u003e45459dc\u003c/code\u003e\u003c/a\u003e Fix result of an 'errnoToIOException' call is not thrown. inside `PosixFileSy...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/9fbab0f7ab00b525b0ae331c8c3ac3c645afc8c8\"\u003e\u003ccode\u003e9fbab0f\u003c/code\u003e\u003c/a\u003e Decode env variables in WASI tests (\u003ca href=\"https://redirect.github.com/square/okio/issues/1773\"\u003e#1773\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/50abe8900f2e7bd48d4afc77bda0afd74fc790ac\"\u003e\u003ccode\u003e50abe89\u003c/code\u003e\u003c/a\u003e Stop using AssertJ (\u003ca href=\"https://redirect.github.com/square/okio/issues/1771\"\u003e#1771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/square/okio/compare/parent-3.4.0...parent-3.17.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.cloud:spring-cloud-dependencies` from 2025.0.2 to 2025.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/releases\"\u003eorg.springframework.cloud:spring-cloud-dependencies's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2025.1.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump antora from 3.2.0-alpha.10 to 3.2.0-alpha.11 in /docs by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/spring-cloud/spring-cloud-release/pull/447\"\u003espring-cloud/spring-cloud-release#447\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.springframework.cloud:spring-cloud-contract-dependencies from 5.0.1-SNAPSHOT to 5.0.2-SNAPSHOT by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/spring-cloud/spring-cloud-release/pull/454\"\u003espring-cloud/spring-cloud-release#454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.springframework.cloud:spring-cloud-contract-dependencies from 5.0.1-SNAPSHOT to 5.0.2-SNAPSHOT by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/spring-cloud/spring-cloud-release/pull/453\"\u003espring-cloud/spring-cloud-release#453\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/cache from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/spring-cloud/spring-cloud-release/pull/456\"\u003espring-cloud/spring-cloud-release#456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven:maven-model from 3.9.11 to 3.9.12 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/spring-cloud/spring-cloud-release/pull/461\"\u003espring-cloud/spring-cloud-release#461\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven:maven-model from 3.9.11 to 3.9.12 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/spring-cloud/spring-cloud-release/pull/460\"\u003espring-cloud/spring-cloud-release#460\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/compare/v2025.1.0...v2025.1.1\"\u003ehttps://github.com/spring-cloud/spring-cloud-release/compare/v2025.1.0...v2025.1.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/commit/dbb12bfc2b899fb0845fe4b3c6dc07bc3c1828e2\"\u003e\u003ccode\u003edbb12bf\u003c/code\u003e\u003c/a\u003e Update SNAPSHOT to 2025.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/commit/edc8bcb1d195cb0a9fa96efc82ccb3dfdaf2fd39\"\u003e\u003ccode\u003eedc8bcb\u003c/code\u003e\u003c/a\u003e Bumping versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/commit/a9f418316485581438af2fa1db54f7ff5e80b17e\"\u003e\u003ccode\u003ea9f4183\u003c/code\u003e\u003c/a\u003e Use Spring Boot 4.0.2-SNAPSHOT\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/commit/da7ad033005dd53554ad5aea9eeefab9416c1661\"\u003e\u003ccode\u003eda7ad03\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-cloud/spring-cloud-release/issues/460\"\u003e#460\u003c/a\u003e from spring-cloud/dependabot/maven/org.apache.maven-m...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/commit/49b10e643ffdb36873b3abb0bcd0539e0942f0c6\"\u003e\u003ccode\u003e49b10e6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-cloud/spring-cloud-release/issues/461\"\u003e#461\u003c/a\u003e from spring-cloud/dependabot/maven/main/org.apache.ma...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/commit/59782becdf97cb4db3693fc9d3688e85fde493b5\"\u003e\u003ccode\u003e59782be\u003c/code\u003e\u003c/a\u003e Bump org.apache.maven:maven-model from 3.9.11 to 3.9.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/commit/89c8dd1e2610118b12e9d9ccb64945833a0ade22\"\u003e\u003ccode\u003e89c8dd1\u003c/code\u003e\u003c/a\u003e Bump org.apache.maven:maven-model from 3.9.11 to 3.9.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/commit/96a5fb078d5eb2d80baec60004f1cb2518290afe\"\u003e\u003ccode\u003e96a5fb0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-cloud/spring-cloud-release/issues/456\"\u003e#456\u003c/a\u003e from spring-cloud/dependabot/github_actions/main/acti...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/commit/5d22a1d1f65df1f7a8c5bc021f5cc5dc44398072\"\u003e\u003ccode\u003e5d22a1d\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 4 to 5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/commit/ec45c6d4c7d7e49695e3c6c9fa68abd3823a770d\"\u003e\u003ccode\u003eec45c6d\u003c/code\u003e\u003c/a\u003e Bumping versions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/compare/v2025.0.2...v2025.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.opentelemetry.instrumentation:opentelemetry-instrumentation-annotations` from 2.22.0 to 2.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/releases\"\u003eio.opentelemetry.instrumentation:opentelemetry-instrumentation-annotations's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.28.1\u003c/h2\u003e\n\u003cp\u003eThis release targets the OpenTelemetry SDK 1.62.0.\u003c/p\u003e\n\u003cp\u003eNote that many artifacts have the \u003ccode\u003e-alpha\u003c/code\u003e suffix attached to their version number, reflecting that they will continue to have breaking changes. Please see \u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/blob/main/VERSIONING.md#opentelemetry-java-instrumentation-versioning\"\u003eVERSIONING.md\u003c/a\u003e for more details.\u003c/p\u003e\n\u003ch3\u003e🛠️ Bug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix javaagent startup failures when declarative configuration uses bundled contrib components, such as the rule-based routing sampler. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18813\"\u003e#18813\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.28.0\u003c/h2\u003e\n\u003cp\u003eThis release targets the OpenTelemetry SDK 1.62.0.\u003c/p\u003e\n\u003cp\u003eNote that many artifacts have the \u003ccode\u003e-alpha\u003c/code\u003e suffix attached to their version number, reflecting that they will continue to have breaking changes. Please see \u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/blob/main/VERSIONING.md#opentelemetry-java-instrumentation-versioning\"\u003eVERSIONING.md\u003c/a\u003e for more details.\u003c/p\u003e\n\u003ch3\u003e⚠️ Breaking changes to non-stable APIs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved the obsolete internal \u003ccode\u003eClassInjector\u003c/code\u003e/\u003ccode\u003eProxyInjectionBuilder\u003c/code\u003e API used by the old \u003ccode\u003eExperimentalInstrumentationModule.injectClasses(ClassInjector)\u003c/code\u003e path; use \u003ccode\u003eExperimentalInstrumentationModule.exposedClassNames()\u003c/code\u003e instead. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18112\"\u003e#18112\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved previously deprecated non-stable API methods and the deprecated \u003ccode\u003eopentelemetry-runtime-telemetry-java8\u003c/code\u003e and \u003ccode\u003eopentelemetry-runtime-telemetry-java17\u003c/code\u003e library aliases. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18136\"\u003e#18136\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the previously deprecated \u003ccode\u003ecaptureEventName\u003c/code\u003e library builder setting from the logback-appender-1.0 and log4j-appender-2.17 \u003ccode\u003eOpenTelemetryAppender\u003c/code\u003e, and the corresponding \u003ccode\u003eotel.instrumentation.{logback-appender,log4j-appender,jboss-logmanager}.experimental.capture-event-name\u003c/code\u003e javaagent properties. Use the \u003ccode\u003eotel.event.name\u003c/code\u003e key in MDC / context data / key-value pairs / Logstash markers / structured arguments instead. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18223\"\u003e#18223\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved previously deprecated experimental config properties \u003ccode\u003eotel.instrumentation.http.client.experimental.redact-query-parameters\u003c/code\u003e and \u003ccode\u003eotel.instrumentation.common.experimental.db-sqlcommenter.enabled\u003c/code\u003e; use \u003ccode\u003eotel.instrumentation.sanitization.url.experimental.sensitive-query-parameters\u003c/code\u003e and \u003ccode\u003eotel.instrumentation.common.db.experimental.sqlcommenter.enabled\u003c/code\u003e instead. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18229\"\u003e#18229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the deprecated \u003ccode\u003eotel.instrumentation.servlet.experimental.add-trace-id-request-attribute\u003c/code\u003e property; use \u003ccode\u003eotel.instrumentation.servlet.experimental.trace-id-request-attribute.enabled\u003c/code\u003e instead. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18237\"\u003e#18237\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReshaped the ktor \u003ccode\u003eExperimental\u003c/code\u003e helper from a class with a \u003ccode\u003ecompanion object\u003c/code\u003e to a top-level \u003ccode\u003eobject\u003c/code\u003e. Kotlin source callers (\u003ccode\u003eExperimental.emitExperimentalTelemetry(...)\u003c/code\u003e) are unaffected, but pre-compiled consumers must be recompiled against the new artifact. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18343\"\u003e#18343\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🚫 Deprecations\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eotel.instrumentation.jaxws-cxf-3.0.enabled\u003c/code\u003e in favor of \u003ccode\u003eotel.instrumentation.jaxws-2.0-cxf-3.0.enabled\u003c/code\u003e, and \u003ccode\u003eotel.instrumentation.jaxws-metro-2.2.enabled\u003c/code\u003e in favor of \u003ccode\u003eotel.instrumentation.jaxws-2.0-metro-2.2.enabled\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18184\"\u003e#18184\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🌟 New javaagent instrumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Apache Thrift 0.13 instrumentation for RPC client and server spans and metrics. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18405\"\u003e#18405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🌟 New library instrumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Apache Thrift 0.13 library instrumentation for RPC client and server spans and metrics. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18405\"\u003e#18405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e📈 Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCouchbase 3.1 javaagent instrumentation now emits the more conventional instrumentation scope name \u003ccode\u003eio.opentelemetry.couchbase-3.1\u003c/code\u003e instead of \u003ccode\u003eio.opentelemetry.javaagent.couchbase-3.1\u003c/code\u003e when \u003ccode\u003eotel.instrumentation.common.v3-preview\u003c/code\u003e is enabled. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18426\"\u003e#18426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eWicket resource requests now use the resource reference class name in the server span name when \u003ccode\u003eotel.instrumentation.common.v3-preview\u003c/code\u003e is enabled. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18312\"\u003e#18312\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18775\"\u003e#18775\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDecide whether javaagent helper classes are injected into the application class loader or isolated based on the advice classes used by an instrumentation. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/17815\"\u003e#17815\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImprove cgroup v2 container ID detection for Podman by supporting additional \u003ccode\u003emountinfo\u003c/code\u003e layouts and warning when multiple candidate IDs are found. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18272\"\u003e#18272\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🛠️ Bug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Pekko HTTP and Tapir server route tracking so server span names and \u003ccode\u003ehttp.route\u003c/code\u003e preserve the most specific matched route across nested directives, exceptions, and timeouts; this may change span names and \u003ccode\u003ehttp.route\u003c/code\u003e values for affected routes. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/16390\"\u003e#16390\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix context loss in Finagle HTTP instrumentation across Netty-to-Finagle request conversion and \u003ccode\u003etwitter-util\u003c/code\u003e Future/Promise asynchronous boundaries. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/17867\"\u003e#17867\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix virtual-thread pinning caused by weak-map stale-entry cleanup running on virtual threads; cleanup now runs from the background thread instead. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18113\"\u003e#18113\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid linking batch consumer spans to the ambient consumer span when records or messages have no propagation headers. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18154\"\u003e#18154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eresetOnEachOperator()\u003c/code\u003e for Reactor 3.1 so it also removes the scheduler hook when instrumentation is disabled. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18258\"\u003e#18258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnd spans when RxJava 1.0 subscriptions throw synchronously. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18265\"\u003e#18265\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/blob/main/CHANGELOG.md\"\u003eio.opentelemetry.instrumentation:opentelemetry-instrumentation-annotations's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.28.1 (2026-05-20)\u003c/h2\u003e\n\u003cp\u003eThis release targets the OpenTelemetry SDK 1.62.0.\u003c/p\u003e\n\u003cp\u003eNote that many artifacts have the \u003ccode\u003e-alpha\u003c/code\u003e suffix attached to their version\nnumber, reflecting that they will continue to have breaking changes. Please see\n\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/blob/main/VERSIONING.md#opentelemetry-java-instrumentation-versioning\"\u003eVERSIONING.md\u003c/a\u003e\nfor more details.\u003c/p\u003e\n\u003ch3\u003e🛠️ Bug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix javaagent startup failures when declarative configuration uses bundled contrib components,\nsuch as the rule-based routing sampler.\n(\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18813\"\u003e#18813\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.28.0 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eThis release targets the OpenTelemetry SDK 1.62.0.\u003c/p\u003e\n\u003cp\u003eNote that many artifacts have the \u003ccode\u003e-alpha\u003c/code\u003e suffix attached to their version\nnumber, reflecting that they will continue to have breaking changes. Please see\n\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/blob/main/VERSIONING.md#opentelemetry-java-instrumentation-versioning\"\u003eVERSIONING.md\u003c/a\u003e\nfor more details.\u003c/p\u003e\n\u003ch3\u003e⚠️ Breaking changes to non-stable APIs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved the obsolete internal \u003ccode\u003eClassInjector\u003c/code\u003e/\u003ccode\u003eProxyInjectionBuilder\u003c/code\u003e API used by the old\n\u003ccode\u003eExperimentalInstrumentationModule.injectClasses(ClassInjector)\u003c/code\u003e path; use\n\u003ccode\u003eExperimentalInstrumentationModule.exposedClassNames()\u003c/code\u003e instead.\n(\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18112\"\u003e#18112\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved previously deprecated non-stable API methods and the deprecated\n\u003ccode\u003eopentelemetry-runtime-telemetry-java8\u003c/code\u003e and \u003ccode\u003eopentelemetry-runtime-telemetry-java17\u003c/code\u003e library\naliases.\n(\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18136\"\u003e#18136\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the previously deprecated \u003ccode\u003ecaptureEventName\u003c/code\u003e library builder setting from the\nlogback-appender-1.0 and log4j-appender-2.17 \u003ccode\u003eOpenTelemetryAppender\u003c/code\u003e, and the corresponding\n\u003ccode\u003eotel.instrumentation.{logback-appender,log4j-appender,jboss-logmanager}.experimental.capture-event-name\u003c/code\u003e\njavaagent properties. Use the \u003ccode\u003eotel.event.name\u003c/code\u003e key in MDC / context data / key-value pairs /\nLogstash markers / structured arguments instead.\n(\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18223\"\u003e#18223\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved previously deprecated experimental config properties\n\u003ccode\u003eotel.instrumentation.http.client.experimental.redact-query-parameters\u003c/code\u003e and\n\u003ccode\u003eotel.instrumentation.common.experimental.db-sqlcommenter.enabled\u003c/code\u003e; use\n\u003ccode\u003eotel.instrumentation.sanitization.url.experimental.sensitive-query-parameters\u003c/code\u003e and\n\u003ccode\u003eotel.instrumentation.common.db.experimental.sqlcommenter.enabled\u003c/code\u003e instead.\n(\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18229\"\u003e#18229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the deprecated \u003ccode\u003eotel.instrumentation.servlet.experimental.add-trace-id-request-attribute\u003c/code\u003e\nproperty; use \u003ccode\u003eotel.instrumentation.servlet.experimental.trace-id-request-attribute.enabled\u003c/code\u003e\ninstead.\n(\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18237\"\u003e#18237\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/commit/7ad453a58de282ea04fd88f4178d70a65468b93c\"\u003e\u003ccode\u003e7ad453a\u003c/code\u003e\u003c/a\u003e [release/v2.28.x] Prepare release 2.28.1 (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/issues/18818\"\u003e#18818\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/commit/1f0b4b27c6e3c96d3098fa7a4ece9404ba7c55bd\"\u003e\u003ccode\u003e1f0b4b2\u003c/code\u003e\u003c/a\u003e Prepare change log for upcoming patch release (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/issues/18816\"\u003e#18816\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/commit/f4b9d76e1c8425b53bd1f22a1e5f8612e30659fc\"\u003e\u003ccode\u003ef4b9d76\u003c/code\u003e\u003c/a\u003e [release/v2.28.x] fix(deps): update opentelemetry-java-contrib monorepo to v1...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/commit/9ef68e6b114b2d1fc1f6a3fbc576cb37fc71e893\"\u003e\u003ccode\u003e9ef68e6\u003c/code\u003e\u003c/a\u003e [release/v2.28.x] Prepare release 2.28.0 (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/issues/18791\"\u003e#18791\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/commit/5d26f13fa3a9c8d67d336649796620d65733fc09\"\u003e\u003ccode\u003e5d26f13\u003c/code\u003e\u003c/a\u003e Draft release notes (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/issues/18774\"\u003e#18774\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/commit/37540625c9d7928152a4fe3e52ed255255f6d895\"\u003e\u003ccode\u003e3754062\u003c/code\u003e\u003c/a\u003e Gate Wicket resource span names on v3 preview (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/issues/18775\"\u003e#18775\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/commit/f6f123d374986c34b3e2eee412551de7f6aec58b\"\u003e\u003ccode\u003ef6f123d\u003c/code\u003e\u003c/a\u003e Preserve Spring resource provider class names (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/issues/18785\"\u003e#18785\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/commit/4c6155a89b5abe035197a4a87375cbebbcce8d04\"\u003e\u003ccode\u003e4c6155a\u003c/code\u003e\u003c/a\u003e Normalize internal and resource javaagent packages (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/issues/18746\"\u003e#18746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/commit/d7b88cef8d7dcc75745520bff25a3ac38a949c75\"\u003e\u003ccode\u003ed7b88ce\u003c/code\u003e\u003c/a\u003e Rename servlet common root package (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/issues/18778\"\u003e#18778\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/commit/d52a5ff2c5aaeb8e5eb2a7149d05a998c7815fdc\"\u003e\u003ccode\u003ed52a5ff\u003c/code\u003e\u003c/a\u003e Rename servlet common snippet package (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/issues/18777\"\u003e#18777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/compare/v2.22.0...v2.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.xmlbeans:xmlbeans` from 5.1.1 to 5.3.0\n\nUpdates `commons-io:commons-io` from 2.19.0 to 2.22.0\n\nUpdates `org.jsoup:jsoup` from 1.18.1 to 1.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jhy/jsoup/releases\"\u003eorg.jsoup:jsoup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ejsoup Java HTML Parser release 1.22.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ejsoup 1.22.2\u003c/strong\u003e is out now, with fixes and refinements across the library. It makes editing the DOM during traversal more predictable, refreshes the default HTML tag definitions with newer elements and better text boundaries, and improves reliability in parsing and HTTP transport. The release also fixes a number of edge cases in cleaning, stream parsing, XML doctype handling, and Android packaging.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003ejsoup\u003c/strong\u003e is a Java library for working with real-world HTML and XML. It provides a very convenient API for extracting and manipulating data, using the best of HTML5 DOM methods and CSS selectors.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jhy/jsoup/blob/HEAD/download\"\u003e\u003cstrong\u003eDownload\u003c/strong\u003e\u003c/a\u003e jsoup now.\u003c/p\u003e\n\u003ch2\u003eImprovements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eExpanded and clarified \u003ccode\u003eNodeTraversor\u003c/code\u003e support for in-place DOM rewrites during \u003ccode\u003eNodeVisitor.head()\u003c/code\u003e. Current-node edits such as \u003ccode\u003eremove\u003c/code\u003e, \u003ccode\u003ereplace\u003c/code\u003e, and \u003ccode\u003eunwrap\u003c/code\u003e now recover more predictably, while traversal stays within the original root subtree. This makes single-pass tree cleanup and normalization visitors easier to write, for example when unwrapping presentational elements or replacing text nodes as you walk the DOM. \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/2472\"\u003e#2472\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation: clarified that a configured \u003ccode\u003eCleaner\u003c/code\u003e may be reused across concurrent threads, and that shared \u003ccode\u003eSafelist\u003c/code\u003e instances should not be mutated while in use. \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/2473\"\u003e#2473\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eUpdated the default HTML \u003ccode\u003eTagSet\u003c/code\u003e for current HTML elements: added \u003ccode\u003edialog\u003c/code\u003e, \u003ccode\u003esearch\u003c/code\u003e, \u003ccode\u003epicture\u003c/code\u003e, and \u003ccode\u003eslot\u003c/code\u003e; made \u003ccode\u003eins\u003c/code\u003e, \u003ccode\u003edel\u003c/code\u003e, \u003ccode\u003ebutton\u003c/code\u003e, \u003ccode\u003eaudio\u003c/code\u003e, \u003ccode\u003evideo\u003c/code\u003e, and \u003ccode\u003ecanvas\u003c/code\u003e inline by default (\u003ccode\u003eTag#isInline()\u003c/code\u003e, aligned to phrasing content in the spec); and added readable \u003ccode\u003eElement.text()\u003c/code\u003e boundaries for controls and embedded objects via the new \u003ccode\u003eTag.TextBoundary\u003c/code\u003e option. This improves pretty-printing and keeps normalized text from running adjacent words together. \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/pull/2493\"\u003e#2493\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAndroid (R8/ProGuard): added a rule to ignore the optional \u003ccode\u003ere2j\u003c/code\u003e dependency when not present. \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/2459\"\u003e#2459\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eFixed a \u003ccode\u003eNodeTraversor\u003c/code\u003e regression in 1.21.2 where removing or replacing the current node during \u003ccode\u003ehead()\u003c/code\u003e could revisit the replacement node and loop indefinitely. The traversal docs now also clarify which inserted nodes are visited in the current pass. \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/2472\"\u003e#2472\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eParsing during charset sniffing no longer fails if an advisory \u003ccode\u003eavailable()\u003c/code\u003e call throws \u003ccode\u003eIOException\u003c/code\u003e, as seen on JDK 8 \u003ccode\u003eHttpURLConnection\u003c/code\u003e. \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/2474\"\u003e#2474\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCleaner\u003c/code\u003e no longer makes relative URL attributes in the input document absolute when cleaning or validating a \u003ccode\u003eDocument\u003c/code\u003e. URL normalization now applies only to the cleaned output, and \u003ccode\u003eSafelist.isSafeAttribute()\u003c/code\u003e is side effect free. \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/2475\"\u003e#2475\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCleaner\u003c/code\u003e no longer duplicates enforced attributes when the input \u003ccode\u003eDocument\u003c/code\u003e preserves attribute case. A case-variant source attribute is now replaced by the enforced attribute in the cleaned output. \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/2476\"\u003e#2476\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eIf a per-request SOCKS proxy is configured, jsoup now avoids using the JDK \u003ccode\u003eHttpClient\u003c/code\u003e, because the JDK would silently ignore that proxy and attempt to connect directly. Those requests now fall back to the legacy \u003ccode\u003eHttpURLConnection\u003c/code\u003e transport instead, which does support SOCKS. \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/2468\"\u003e#2468\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eConnection.Response.streamParser()\u003c/code\u003e and \u003ccode\u003eDataUtil.streamParser(Path, ...)\u003c/code\u003e could fail on small inputs without a declared charset, if the initial 5 KB charset sniff fully consumed the input and closed it before the stream parse began. \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/2483\"\u003e#2483\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eIn XML mode, doctypes with an internal subset, such as \u003ccode\u003e\u0026lt;!DOCTYPE root [\u0026lt;!ENTITY name \u0026quot;value\u0026quot;\u0026gt;]\u0026gt;\u003c/code\u003e, now round-trip correctly. The subset is preserved as raw text only; entities are not expanded and external DTDs are not loaded. \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/2486\"\u003e#2486\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBuild Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMigrated the integration test server from Jetty to Netty, which actively maintains support for our minimum JDK target (8). \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/pull/2491\"\u003e#2491\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eMy sincere thanks to everyone who contributed to this release!\nIf you have any suggestions for the next release, I would love to hear them; please get in touch via \u003ca href=\"https://github.com/jhy/jsoup/discussions\"\u003ejsoup discussions\u003c/a\u003e, or with me \u003ca href=\"https://jhedley.com/\"\u003edirectly\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eYou can also \u003c!-- raw HTML omitted --\u003efollow me\u003c!-- raw HTML omitted --\u003e (\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e@\u003ca href=\"mailto:jhy@tilde.zone\"\u003ejhy@tilde.zone\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e) on Mastodon / Fediverse to receive occasional notes about jsoup releases.\u003c/p\u003e\n\u003ch2\u003ejsoup Java HTML Parser release 1.22.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ejsoup 1.22.1\u003c/strong\u003e is out now, adding support for the \u003ccode\u003ere2j\u003c/code\u003e regular expression engine for regex-based CSS selectors, a configurable maximum parser depth, and numerous bug fixes and improvements.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003ejsoup\u003c/strong\u003e is a Java library for working with real-world HTML and XML. It provides a very convenient API for extracting and manipulating data, using the best of HTML5 DOM methods and CSS selectors.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://jsoup.org/download\"\u003e\u003cstrong\u003eDownload\u003c/strong\u003e\u003c/a\u003e jsoup now.\u003c/p\u003e\n\u003ch3\u003eImprovements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for using the \u003ccode\u003ere2j\u003c/code\u003e regular expression engine for regex-based CSS selectors (e.g. \u003ccode\u003e[attr~=regex]\u003c/code\u003e, \u003ccode\u003e:matches(regex)\u003c/code\u003e), which ensures linear-time performance for regex evaluation. This allows safer handling of arbitrary user-supplied query regexes. To enable, add the \u003ccode\u003ecom.google.re2j\u003c/code\u003e dependency to your classpath, e.g.:\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"xml\"\u003e\u003ccode\u003e  \u0026lt;dependency\u0026gt;\r\n    \u0026lt;groupId\u0026gt;com.google.re2j\u0026lt;/groupId\u0026gt;\r\n    \u0026lt;artifactId\u0026gt;re2j\u0026lt;/artifactId\u0026gt;\r\n    \u0026lt;version\u0026gt;1.8\u0026lt;/version\u0026gt;\r\n  \u0026lt;/dependency\u0026gt;\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e(If you already have that dependency in your classpath, but you want to keep using the Java regex engine, you can disable re2j via \u003ccode\u003eSystem.setProperty(\u0026quot;jsoup.useRe2j\u0026quot;, \u0026quot;false\u0026quot;)\u003c/code\u003e.) You can confirm that the re2j engine has been enable...\n\n_Description has been truncated_","html_url":"https://github.com/beyonai/ByClaw/pull/134","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/beyonai%2FByClaw/issues/134","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/134/packages"},{"uuid":"3742609019","node_id":"PR_kwDOA1D0Ws65kM_B","number":731,"state":"closed","title":"chore(deps): bump org.apache.xmlbeans:xmlbeans from 5.1.1 to 5.3.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-01-07T18:14:56.000Z","author_association":null,"state_reason":null,"created_at":"2025-12-18T11:04:07.000Z","updated_at":"2026-01-07T18:15:04.000Z","time_to_close":1753849,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"org.apache.xmlbeans:xmlbeans","old_version":"5.1.1","new_version":"5.3.0","repository_url":null}],"path":null,"ecosystem":"maven"},"body":"Bumps org.apache.xmlbeans:xmlbeans from 5.1.1 to 5.3.0.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.xmlbeans:xmlbeans\u0026package-manager=gradle\u0026previous-version=5.1.1\u0026new-version=5.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/imposter-project/imposter/pull/731","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/imposter-project%2Fimposter/issues/731","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/731/packages"},{"uuid":"2771528055","node_id":"PR_kwDOAVwKk86lMil3","number":419,"state":"open","title":"Bump org.apache.xmlbeans:xmlbeans from 5.2.0 to 5.3.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-25T11:42:46.000Z","updated_at":"2025-08-25T11:42:47.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.apache.xmlbeans:xmlbeans","old_version":"5.2.0","new_version":"5.3.0","repository_url":null}],"path":null,"ecosystem":"maven"},"body":"Bumps org.apache.xmlbeans:xmlbeans from 5.2.0 to 5.3.0.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.xmlbeans:xmlbeans\u0026package-manager=maven\u0026previous-version=5.2.0\u0026new-version=5.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mirkosertic/FXDesktopSearch/pull/419","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mirkosertic%2FFXDesktopSearch/issues/419","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/419/packages"},{"uuid":"2676499038","node_id":"PR_kwDOAZ9pa86fiCJe","number":60,"state":"open","title":"Bump org.apache.xmlbeans:xmlbeans from 2.6.0 to 3.0.0 in /typegen","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-07-18T08:34:50.000Z","updated_at":"2025-07-18T08:34:51.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.apache.xmlbeans:xmlbeans","old_version":"2.6.0","new_version":"3.0.0","repository_url":null}],"path":"/typegen","ecosystem":"maven"},"body":"Bumps org.apache.xmlbeans:xmlbeans from 2.6.0 to 3.0.0.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.xmlbeans:xmlbeans\u0026package-manager=maven\u0026previous-version=2.6.0\u0026new-version=3.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/nortal/j-road/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/nortal/j-road/pull/60","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/nortal%2Fj-road/issues/60","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/60/packages"},{"uuid":"2660649379","node_id":"PR_kwDOBDgCVc6elkmj","number":3,"state":"open","title":"Bump the maven group across 3 directories with 7 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-07-12T00:58:04.000Z","updated_at":"2025-07-12T00:58:04.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"maven","update_count":7,"packages":[{"name":"junit:junit","old_version":"4.9","new_version":"4.13.1","repository_url":"https://github.com/junit-team/junit4"},{"name":"xerces:xercesImpl","old_version":"2.10.0","new_version":"2.12.2"},{"name":"org.apache.commons:commons-lang3","old_version":"3.1","new_version":"3.18.0"},{"name":"commons-io:commons-io","old_version":"2.3","new_version":"2.14.0"},{"name":"org.apache.xmlbeans:xmlbeans","old_version":"2.4.0","new_version":"3.0.0"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 3 updates in the /Extender/J2EEScan directory: [junit:junit](https://github.com/junit-team/junit4), commons-collections:commons-collections and [org.jsoup:jsoup](https://github.com/jhy/jsoup).\nBumps the maven group with 1 update in the /Extender/SAMLRaider directory: [junit:junit](https://github.com/junit-team/junit4).\nBumps the maven group with 5 updates in the /Extender/Wsdler directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [junit:junit](https://github.com/junit-team/junit4) | `4.9` | `4.13.1` |\n| xerces:xercesImpl | `2.10.0` | `2.12.2` |\n| org.apache.commons:commons-lang3 | `3.1` | `3.18.0` |\n| commons-io:commons-io | `2.3` | `2.14.0` |\n| org.apache.xmlbeans:xmlbeans | `2.4.0` | `3.0.0` |\n\n\nUpdates `junit:junit` from 3.8.1 to 4.13.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/junit-team/junit4/releases\"\u003ejunit:junit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eJUnit 4.13.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.2.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13.1\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.1.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 RC 2\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 RC 1\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 Beta 3\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 Beta 2\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 Beta 1\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.12.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12 Beta 3\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.12.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12 Beta 2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12 Beta 1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.11\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.13.2.md\"\u003ejunit:junit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSummary of changes in version 4.13.2\u003c/h2\u003e\n\u003ch1\u003eRules\u003c/h1\u003e\n\u003ch3\u003e[Pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1687\"\u003e#1687\u003c/a\u003e:](\u003ca href=\"https://redirect.github.com/junit-team/junit/pull/1687\"\u003ejunit-team/junit#1687\u003c/a\u003e) Mark ThreadGroups created by FailOnTimeout as daemon groups\u003c/h3\u003e\n\u003cp\u003eIn JUnit 4.13 ([pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1517\"\u003e#1517\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/junit-team/junit4/pull/1517\"\u003ejunit-team/junit4#1517\u003c/a\u003e)) an attempt was\nmade to fix leakage of the \u003ccode\u003eThreadGroup\u003c/code\u003e instances created when a test is run with a timeout. That\nchange explicitly destroyed the \u003ccode\u003eThreadGroup\u003c/code\u003e that was created for the time-limited test. Numerous\npeople reported problems that were caused by explicitly destroying the \u003ccode\u003eThreadGroup\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eIn this change, the code was updated to call  \u003ccode\u003eThreadGroup.setDaemon(true)\u003c/code\u003e instead of destroying the\nThreadGroup.\u003c/p\u003e\n\u003ch3\u003e\u003ca href=\"https://redirect.github.com/junit-team/junit/pull/1691\"\u003ePull request $1691:\u003c/a\u003e Only create ThreadGroups if FailOnTimeout.lookForStuckThread is true.\u003c/h3\u003e\n\u003cp\u003eIn JUnit 4.12 ([pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/742\"\u003e#742\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/junit-team/junit4/pull/742\"\u003ejunit-team/junit4#742\u003c/a\u003e)) the \u003ccode\u003eTimeout\u003c/code\u003e\nRule was updated to optionally display the stacktrace of the thread that appears to be stuck\n(enabled on an opt-in basis by passing \u003ccode\u003etrue\u003c/code\u003e to \u003ccode\u003eTimeout.Builder.lookForStuckThread(boolean)\u003c/code\u003e).\nWhen that change was made, time-limited tests were changed to start the new thread in a new\n\u003ccode\u003eThreadGroup\u003c/code\u003e, even if the test did not call \u003ccode\u003elookForStuckThread()\u003c/code\u003e. This subtle change in\nbehavior resulted in visible behavior changes to some tests (for example, tests of code that uses\n\u003ccode\u003ejava.beans.ThreadGroupContext\u003c/code\u003e).\u003c/p\u003e\n\u003cp\u003eIn this change, the code is updated to only create a new \u003ccode\u003eThreadGroup\u003c/code\u003e if the caller calls\n\u003ccode\u003eTimeout.Builder.lookForStuckThread(true)\u003c/code\u003e. Tests with timeouts that do not make this call will\nbehave as they did in JUnit 4.11 (and more similar to tests that do not have a timeout). This\nunfortunately could result in visible changes of tests written or updated since the 4.12\nrelease. If this change adversely affects your tests, you can create the \u003ccode\u003eTimeout\u003c/code\u003e rule via the\nbuilder and call \u003ccode\u003eTimeout.Builder.lookForStuckThread(true)\u003c/code\u003e.\u003c/p\u003e\n\u003ch1\u003eExceptions\u003c/h1\u003e\n\u003ch3\u003e[Pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1654\"\u003e#1654\u003c/a\u003e:](\u003ca href=\"https://redirect.github.com/junit-team/junit/pull/1654\"\u003ejunit-team/junit#1654\u003c/a\u003e) Fix for issue \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1192\"\u003e#1192\u003c/a\u003e: NotSerializableException with AssumptionViolatedException\u003c/h3\u003e\n\u003cp\u003eThis change fixes an issue where \u003ccode\u003eAssumptionViolatedException\u003c/code\u003e instances could not be serialized\nif they were created with a constructor that takes in an \u003ccode\u003eorg.hamcrest.Matcher\u003c/code\u003e instance (these\nconstructors are used if you use one of the \u003ccode\u003eassumeThat()\u003c/code\u003e methods in \u003ccode\u003eorg.junit.Assume\u003c/code\u003e).\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/junit-team/junit4/commits/r4.13.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-collections:commons-collections` from 3.2.1 to 3.2.2\n\nUpdates `org.jsoup:jsoup` from 1.8.1 to 1.15.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jhy/jsoup/releases\"\u003eorg.jsoup:jsoup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ejsoup 1.15.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ejsoup 1.15.3\u003c/strong\u003e is out now, and includes a security fix for potential XSS attacks, along with other bug fixes and improvements, including more descriptive validation error messages.\u003c/p\u003e\n\u003cp\u003eDetails:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369\"\u003eSecurity advisory\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://jsoup.org/news/release-1.15.3\"\u003eRelease notes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://jsoup.org/download\"\u003eDownload\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ejsoup 1.15.2 is out now with a bunch of \u003ca href=\"https://jsoup.org/news/release-1.15.2\"\u003eimprovements and bug fixes\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003ejsoup 1.15.1 is out now with a bunch of \u003ca href=\"https://jsoup.org/news/release-1.15.1\"\u003eimprovements and bug fixes\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ejsoup 1.14.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ejsoup 1.14.3\u003c/strong\u003e is out now, adding native \u003cstrong\u003eXPath\u003c/strong\u003e selector support, improved \u003ccode\u003e\\\u0026lt;template\u0026gt;\u003c/code\u003e support, and also includes a bunch of bug fixes, improvements, and performance enhancements.\u003c/p\u003e\n\u003cp\u003eSee the \u003ca href=\"https://jsoup.org/news/release-1.14.3\"\u003erelease announcement\u003c/a\u003e for the full changelog.\u003c/p\u003e\n\u003ch2\u003ejsoup 1.14.2\u003c/h2\u003e\n\u003cp\u003eCaught by the fuzz! \u003cstrong\u003ejsoup 1.14.2\u003c/strong\u003e is out now, and includes a set of parser bug fixes and improvements for handling rough HTML and XML, as identified by the Jazzer JVM fuzzer. This release also includes other fixes and improvements.\u003c/p\u003e\n\u003cp\u003eSee the \u003ca href=\"https://jsoup.org/news/release-1.14.2\"\u003erelease announcement\u003c/a\u003e for the full changelog.\u003c/p\u003e\n\u003ch2\u003ejsoup 1.14.1\u003c/h2\u003e\n\u003cp\u003ejsoup \u003cstrong\u003e1.14.1\u003c/strong\u003e is out now, with simple request session management, increased parse robustness, and a ton of other improvements, speed-ups, and bug fixes.\u003c/p\u003e\n\u003cp\u003eSee the full \u003ca href=\"https://jsoup.org/news/release-1.14.1\"\u003eannouncement\u003c/a\u003e for all the details on what's changed.\u003c/p\u003e\n\u003cp\u003ejsoup 1.13.1\u003c/p\u003e\n\u003cp\u003eSee the \u003ca href=\"https://jsoup.org/news/release-1.13.1\"\u003erelease notes\u003c/a\u003e.\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\u0026lt;dependency\u0026gt;\n  \u0026lt;!-- jsoup HTML parser library @ https://jsoup.org/ --\u0026gt;\n  \u0026lt;groupId\u0026gt;org.jsoup\u0026lt;/groupId\u0026gt;\n  \u0026lt;artifactId\u0026gt;jsoup\u0026lt;/artifactId\u0026gt;\n  \u0026lt;version\u0026gt;1.13.1\u0026lt;/version\u0026gt;\n\u0026lt;/dependency\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003ejsoup-1.12.2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jhy/jsoup/blob/jsoup-1.15.3/CHANGES\"\u003eorg.jsoup:jsoup's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003ejsoup changelog\u003c/p\u003e\n\u003cp\u003eRelease 1.15.3 [2022-Aug-24]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSecurity: fixed an issue where the jsoup cleaner may incorrectly sanitize crafted XSS attempts if\nSafeList.preserveRelativeLinks is enabled.\n\u003ca href=\"https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369\"\u003ehttps://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: the Cleaner will preserve the source position of cleaned elements, if source tracking is enabled in the\noriginal parse.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: the error messages output from Validate are more descriptive. Exceptions are now ValidationExceptions\n(extending IllegalArgumentException). Stack traces do not include the Validate class, to make it simpler to see\nwhere the exception originated. Common validation errors including malformed URLs and empty selector results have\nmore explicit error messages.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBugfix: the DataUtil would incorrectly read from InputStreams that emitted reads less than the requested size. This\nlead to incorrect results when parsing from chunked server responses, for e.g.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1807\"\u003ejhy/jsoup#1807\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBuild Improvement: added implementation version and related fields to the jar manifest.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1809\"\u003ejhy/jsoup#1809\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e*** Release 1.15.2 [2022-Jul-04]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: added the ability to track the position (line, column, index) in the original input source from where\na given node was parsed. Accessible via Node.sourceRange() and Element.endSourceRange().\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/pull/1790\"\u003ejhy/jsoup#1790\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: added Element.firstElementChild(), Element.lastElementChild(), Node.firstChild(), Node.lastChild(),\nas convenient accessors to those child nodes and elements.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: added Element.expectFirst(cssQuery), which is just like Element.selectFirst(), but instead of returning\na null if there is no match, will throw an IllegalArgumentException. This is useful if you want to simply abort\nprocessing if an expected match is not found.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: when pretty-printing HTML, doctypes are emitted on a newline if there is a preceding comment.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/pull/1664\"\u003ejhy/jsoup#1664\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: when pretty-printing, trim the leading and trailing spaces of textnodes in block tags when possible,\nso that they are indented correctly.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1798\"\u003ejhy/jsoup#1798\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: in Element#selectXpath(), disable namespace awareness. This makes it possible to always select elements\nby their simple local name, regardless of whether an xmlns attribute was set.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1801\"\u003ejhy/jsoup#1801\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBugfix: when using the readToByteBuffer method, such as in Connection.Response.body(), if the document has not\nalready been parsed and must be read fully, and there is any maximum buffer size being applied, only the default\ninternal buffer size is read.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1774\"\u003ejhy/jsoup#1774\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/jhy/jsoup/commits/jsoup-1.15.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `junit:junit` from 4.12 to 4.13.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/junit-team/junit4/releases\"\u003ejunit:junit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eJUnit 4.13.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.2.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13.1\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.1.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 RC 2\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 RC 1\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 Beta 3\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 Beta 2\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 Beta 1\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.12.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12 Beta 3\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.12.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12 Beta 2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12 Beta 1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.11\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.13.2.md\"\u003ejunit:junit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSummary of changes in version 4.13.2\u003c/h2\u003e\n\u003ch1\u003eRules\u003c/h1\u003e\n\u003ch3\u003e[Pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1687\"\u003e#1687\u003c/a\u003e:](\u003ca href=\"https://redirect.github.com/junit-team/junit/pull/1687\"\u003ejunit-team/junit#1687\u003c/a\u003e) Mark ThreadGroups created by FailOnTimeout as daemon groups\u003c/h3\u003e\n\u003cp\u003eIn JUnit 4.13 ([pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1517\"\u003e#1517\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/junit-team/junit4/pull/1517\"\u003ejunit-team/junit4#1517\u003c/a\u003e)) an attempt was\nmade to fix leakage of the \u003ccode\u003eThreadGroup\u003c/code\u003e instances created when a test is run with a timeout. That\nchange explicitly destroyed the \u003ccode\u003eThreadGroup\u003c/code\u003e that was created for the time-limited test. Numerous\npeople reported problems that were caused by explicitly destroying the \u003ccode\u003eThreadGroup\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eIn this change, the code was updated to call  \u003ccode\u003eThreadGroup.setDaemon(true)\u003c/code\u003e instead of destroying the\nThreadGroup.\u003c/p\u003e\n\u003ch3\u003e\u003ca href=\"https://redirect.github.com/junit-team/junit/pull/1691\"\u003ePull request $1691:\u003c/a\u003e Only create ThreadGroups if FailOnTimeout.lookForStuckThread is true.\u003c/h3\u003e\n\u003cp\u003eIn JUnit 4.12 ([pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/742\"\u003e#742\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/junit-team/junit4/pull/742\"\u003ejunit-team/junit4#742\u003c/a\u003e)) the \u003ccode\u003eTimeout\u003c/code\u003e\nRule was updated to optionally display the stacktrace of the thread that appears to be stuck\n(enabled on an opt-in basis by passing \u003ccode\u003etrue\u003c/code\u003e to \u003ccode\u003eTimeout.Builder.lookForStuckThread(boolean)\u003c/code\u003e).\nWhen that change was made, time-limited tests were changed to start the new thread in a new\n\u003ccode\u003eThreadGroup\u003c/code\u003e, even if the test did not call \u003ccode\u003elookForStuckThread()\u003c/code\u003e. This subtle change in\nbehavior resulted in visible behavior changes to some tests (for example, tests of code that uses\n\u003ccode\u003ejava.beans.ThreadGroupContext\u003c/code\u003e).\u003c/p\u003e\n\u003cp\u003eIn this change, the code is updated to only create a new \u003ccode\u003eThreadGroup\u003c/code\u003e if the caller calls\n\u003ccode\u003eTimeout.Builder.lookForStuckThread(true)\u003c/code\u003e. Tests with timeouts that do not make this call will\nbehave as they did in JUnit 4.11 (and more similar to tests that do not have a timeout). This\nunfortunately could result in visible changes of tests written or updated since the 4.12\nrelease. If this change adversely affects your tests, you can create the \u003ccode\u003eTimeout\u003c/code\u003e rule via the\nbuilder and call \u003ccode\u003eTimeout.Builder.lookForStuckThread(true)\u003c/code\u003e.\u003c/p\u003e\n\u003ch1\u003eExceptions\u003c/h1\u003e\n\u003ch3\u003e[Pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1654\"\u003e#1654\u003c/a\u003e:](\u003ca href=\"https://redirect.github.com/junit-team/junit/pull/1654\"\u003ejunit-team/junit#1654\u003c/a\u003e) Fix for issue \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1192\"\u003e#1192\u003c/a\u003e: NotSerializableException with AssumptionViolatedException\u003c/h3\u003e\n\u003cp\u003eThis change fixes an issue where \u003ccode\u003eAssumptionViolatedException\u003c/code\u003e instances could not be serialized\nif they were created with a constructor that takes in an \u003ccode\u003eorg.hamcrest.Matcher\u003c/code\u003e instance (these\nconstructors are used if you use one of the \u003ccode\u003eassumeThat()\u003c/code\u003e methods in \u003ccode\u003eorg.junit.Assume\u003c/code\u003e).\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/junit-team/junit4/commits/r4.13.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `junit:junit` from 4.9 to 4.13.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/junit-team/junit4/releases\"\u003ejunit:junit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eJUnit 4.13.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.2.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13.1\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.1.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 RC 2\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 RC 1\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 Beta 3\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 Beta 2\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 Beta 1\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.12.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12 Beta 3\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.12.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12 Beta 2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12 Beta 1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.11\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.13.2.md\"\u003ejunit:junit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSummary of changes in version 4.13.2\u003c/h2\u003e\n\u003ch1\u003eRules\u003c/h1\u003e\n\u003ch3\u003e[Pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1687\"\u003e#1687\u003c/a\u003e:](\u003ca href=\"https://redirect.github.com/junit-team/junit/pull/1687\"\u003ejunit-team/junit#1687\u003c/a\u003e) Mark ThreadGroups created by FailOnTimeout as daemon groups\u003c/h3\u003e\n\u003cp\u003eIn JUnit 4.13 ([pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1517\"\u003e#1517\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/junit-team/junit4/pull/1517\"\u003ejunit-team/junit4#1517\u003c/a\u003e)) an attempt was\nmade to fix leakage of the \u003ccode\u003eThreadGroup\u003c/code\u003e instances created when a test is run with a timeout. That\nchange explicitly destroyed the \u003ccode\u003eThreadGroup\u003c/code\u003e that was created for the time-limited test. Numerous\npeople reported problems that were caused by explicitly destroying the \u003ccode\u003eThreadGroup\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eIn this change, the code was updated to call  \u003ccode\u003eThreadGroup.setDaemon(true)\u003c/code\u003e instead of destroying the\nThreadGroup.\u003c/p\u003e\n\u003ch3\u003e\u003ca href=\"https://redirect.github.com/junit-team/junit/pull/1691\"\u003ePull request $1691:\u003c/a\u003e Only create ThreadGroups if FailOnTimeout.lookForStuckThread is true.\u003c/h3\u003e\n\u003cp\u003eIn JUnit 4.12 ([pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/742\"\u003e#742\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/junit-team/junit4/pull/742\"\u003ejunit-team/junit4#742\u003c/a\u003e)) the \u003ccode\u003eTimeout\u003c/code\u003e\nRule was updated to optionally display the stacktrace of the thread that appears to be stuck\n(enabled on an opt-in basis by passing \u003ccode\u003etrue\u003c/code\u003e to \u003ccode\u003eTimeout.Builder.lookForStuckThread(boolean)\u003c/code\u003e).\nWhen that change was made, time-limited tests were changed to start the new thread in a new\n\u003ccode\u003eThreadGroup\u003c/code\u003e, even if the test did not call \u003ccode\u003elookForStuckThread()\u003c/code\u003e. This subtle change in\nbehavior resulted in visible behavior changes to some tests (for example, tests of code that uses\n\u003ccode\u003ejava.beans.ThreadGroupContext\u003c/code\u003e).\u003c/p\u003e\n\u003cp\u003eIn this change, the code is updated to only create a new \u003ccode\u003eThreadGroup\u003c/code\u003e if the caller calls\n\u003ccode\u003eTimeout.Builder.lookForStuckThread(true)\u003c/code\u003e. Tests with timeouts that do not make this call will\nbehave as they did in JUnit 4.11 (and more similar to tests that do not have a timeout). This\nunfortunately could result in visible changes of tests written or updated since the 4.12\nrelease. If this change adversely affects your tests, you can create the \u003ccode\u003eTimeout\u003c/code\u003e rule via the\nbuilder and call \u003ccode\u003eTimeout.Builder.lookForStuckThread(true)\u003c/code\u003e.\u003c/p\u003e\n\u003ch1\u003eExceptions\u003c/h1\u003e\n\u003ch3\u003e[Pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1654\"\u003e#1654\u003c/a\u003e:](\u003ca href=\"https://redirect.github.com/junit-team/junit/pull/1654\"\u003ejunit-team/junit#1654\u003c/a\u003e) Fix for issue \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1192\"\u003e#1192\u003c/a\u003e: NotSerializableException with AssumptionViolatedException\u003c/h3\u003e\n\u003cp\u003eThis change fixes an issue where \u003ccode\u003eAssumptionViolatedException\u003c/code\u003e instances could not be serialized\nif they were created with a constructor that takes in an \u003ccode\u003eorg.hamcrest.Matcher\u003c/code\u003e instance (these\nconstructors are used if you use one of the \u003ccode\u003eassumeThat()\u003c/code\u003e methods in \u003ccode\u003eorg.junit.Assume\u003c/code\u003e).\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/junit-team/junit4/commits/r4.13.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `xerces:xercesImpl` from 2.10.0 to 2.12.2\n\nUpdates `org.apache.commons:commons-lang3` from 3.1 to 3.18.0\n\nUpdates `commons-io:commons-io` from 2.3 to 2.14.0\n\nUpdates `org.apache.xmlbeans:xmlbeans` from 2.4.0 to 3.0.0\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/H1d3r/BurpSuite/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/H1d3r/BurpSuite/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/H1d3r%2FBurpSuite/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"},{"uuid":"2527490525","node_id":"PR_kwDOAL-WYc6WpnHd","number":748,"state":"closed","title":"Bump org.apache.xmlbeans:xmlbeans from 3.1.0 to 4.0.0","user":"dependabot[bot]","labels":["dependencies","java","Stale"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-06-24T02:15:10.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-05-19T04:14:34.000Z","updated_at":"2025-06-24T02:15:10.000Z","time_to_close":3103236,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.apache.xmlbeans:xmlbeans","old_version":"3.1.0","new_version":"4.0.0","repository_url":null}],"path":null,"ecosystem":"maven"},"body":"Bumps org.apache.xmlbeans:xmlbeans from 3.1.0 to 4.0.0.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.xmlbeans:xmlbeans\u0026package-manager=maven\u0026previous-version=3.1.0\u0026new-version=4.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/52North/sensorweb-server-helgoland/pull/748","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/52North%2Fsensorweb-server-helgoland/issues/748","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/748/packages"},{"uuid":"2740776657","node_id":"PR_kwDODtIEqc6FRSII","number":832,"state":"closed","title":"Bump org.apache.xmlbeans:xmlbeans from 3.0.1 to 5.3.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":"2025-08-26T10:14:34.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2024-12-15T17:24:50.000Z","updated_at":"2025-08-26T10:14:35.000Z","time_to_close":21919784,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.apache.xmlbeans:xmlbeans","old_version":"3.0.1","new_version":"5.3.0","repository_url":null}],"path":null,"ecosystem":"maven"},"body":"Bumps org.apache.xmlbeans:xmlbeans from 3.0.1 to 5.3.0.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.xmlbeans:xmlbeans\u0026package-manager=maven\u0026previous-version=3.0.1\u0026new-version=5.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\n\u003e **Note**\n\u003e Automatic rebases have been disabled on this pull request as it has been open for over 30 days.","html_url":"https://github.com/apache/axis-axis2-java-core/pull/832","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Faxis-axis2-java-core/issues/832","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/832/packages"}],"issue_packages":[{"old_version":"5.1.1","new_version":"5.3.0","update_type":"minor","path":null,"pr_created_at":"2026-06-09T09:33:49.000Z","version_change":"5.1.1 → 5.3.0","issue":{"uuid":"4620762590","node_id":"PR_kwDORpI3ds7kT5Y4","number":134,"state":"closed","title":"build(deps): bump the all-maven group across 1 directory with 115 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-06-14T02:02:27.000Z","author_association":null,"state_reason":null,"created_at":"2026-06-09T09:33:49.000Z","updated_at":"2026-06-14T02:02:36.000Z","time_to_close":404918,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"all-maven","update_count":115,"packages":[{"name":"org.springframework.boot:spring-boot-starter-parent","old_version":"3.5.14","new_version":"4.0.6","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"org.springframework.ai:spring-ai-bom","old_version":"1.0.0","new_version":"1.1.7","repository_url":"https://github.com/spring-projects/spring-ai"},{"name":"com.squareup.okio:okio-jvm","old_version":"3.6.0","new_version":"3.17.0","repository_url":"https://github.com/square/okio"},{"name":"com.squareup.okio:okio","old_version":"3.4.0","new_version":"3.17.0","repository_url":"https://github.com/square/okio"},{"name":"org.springframework.cloud:spring-cloud-dependencies","old_version":"2025.0.2","new_version":"2025.1.1","repository_url":"https://github.com/spring-cloud/spring-cloud-release"},{"name":"io.opentelemetry.instrumentation:opentelemetry-instrumentation-annotations","old_version":"2.22.0","new_version":"2.28.1","repository_url":"https://github.com/open-telemetry/opentelemetry-java-instrumentation"},{"name":"org.apache.xmlbeans:xmlbeans","old_version":"5.1.1","new_version":"5.3.0"},{"name":"commons-io:commons-io","old_version":"2.19.0","new_version":"2.22.0"},{"name":"org.jsoup:jsoup","old_version":"1.18.1","new_version":"1.22.2","repository_url":"https://github.com/jhy/jsoup"},{"name":"org.jetbrains:annotations","old_version":"24.0.1","new_version":"26.1.0","repository_url":"https://github.com/JetBrains/java-annotations"},{"name":"org.apache.commons:commons-compress","old_version":"1.24.0","new_version":"1.28.0","repository_url":"https://github.com/apache/commons-compress"},{"name":"com.github.pagehelper:pagehelper","old_version":"5.3.3","new_version":"6.1.1","repository_url":"https://github.com/pagehelper/Mybatis-PageHelper"},{"name":"com.iwhaleai.byai:by-framework","old_version":"0.2.6","new_version":"0.2.8"},{"name":"com.fasterxml.woodstox:woodstox-core","old_version":"7.0.0","new_version":"7.2.1","repository_url":"https://github.com/FasterXML/woodstox"},{"name":"org.glassfish.hk2:hk2-api","old_version":"3.1.1","new_version":"4.0.1"},{"name":"org.eclipse.parsson:parsson","old_version":"1.1.7","new_version":"1.1.9","repository_url":"https://github.com/eclipse-ee4j/parsson"},{"name":"com.google.errorprone:error_prone_annotations","old_version":"2.36.0","new_version":"2.49.0"},{"name":"org.opengauss:opengauss-jdbc","old_version":"6.0.0","new_version":"6.0.3"},{"name":"com.alibaba:druid","old_version":"1.2.23","new_version":"1.2.28","repository_url":"https://github.com/alibaba/druid"},{"name":"com.mysql:mysql-connector-j","old_version":"8.4.0","new_version":"9.7.0","repository_url":"https://github.com/mysql/mysql-connector-j"},{"name":"org.mybatis:mybatis","old_version":"3.5.14","new_version":"3.5.19","repository_url":"https://github.com/mybatis/mybatis-3"},{"name":"org.mybatis:mybatis-spring","old_version":"3.0.3","new_version":"4.0.0","repository_url":"https://github.com/mybatis/spring"},{"name":"org.apache.commons:commons-lang3","old_version":"3.13.0","new_version":"3.20.0"},{"name":"org.apache.commons:commons-collections4","old_version":"4.4","new_version":"4.5.0"},{"name":"commons-codec:commons-codec","old_version":"1.16.0","new_version":"1.22.0","repository_url":"https://github.com/apache/commons-codec"},{"name":"jakarta.xml.bind:jakarta.xml.bind-api","old_version":"4.0.0","new_version":"4.0.5","repository_url":"https://github.com/jakartaee/jaxb-api"},{"name":"org.glassfish.jaxb:jaxb-runtime","old_version":"4.0.2","new_version":"4.0.9"},{"name":"jakarta.activation:jakarta.activation-api","old_version":"2.1.1","new_version":"2.1.4","repository_url":"https://github.com/jakartaee/jaf-api"},{"name":"io.github.resilience4j:resilience4j-spring-boot3","old_version":"2.0.2","new_version":"2.4.0"},{"name":"io.github.resilience4j:resilience4j-circuitbreaker","old_version":"2.0.2","new_version":"2.4.0"},{"name":"io.github.resilience4j:resilience4j-ratelimiter","old_version":"2.0.2","new_version":"2.4.0","repository_url":"https://github.com/resilience4j/resilience4j"},{"name":"io.github.resilience4j:resilience4j-retry","old_version":"2.0.2","new_version":"2.4.0","repository_url":"https://github.com/resilience4j/resilience4j"},{"name":"io.github.resilience4j:resilience4j-bulkhead","old_version":"2.0.2","new_version":"2.4.0"},{"name":"io.github.resilience4j:resilience4j-timelimiter","old_version":"2.0.2","new_version":"2.4.0","repository_url":"https://github.com/resilience4j/resilience4j"},{"name":"org.springdoc:springdoc-openapi-starter-webmvc-ui","old_version":"2.8.8","new_version":"3.0.3","repository_url":"https://github.com/springdoc/springdoc-openapi"},{"name":"org.springdoc:springdoc-openapi-starter-common","old_version":"2.8.8","new_version":"3.0.3","repository_url":"https://github.com/springdoc/springdoc-openapi"},{"name":"io.jsonwebtoken:jjwt-api","old_version":"0.11.5","new_version":"0.13.0","repository_url":"https://github.com/jwtk/jjwt"},{"name":"io.jsonwebtoken:jjwt-impl","old_version":"0.11.5","new_version":"0.13.0","repository_url":"https://github.com/jwtk/jjwt"},{"name":"io.jsonwebtoken:jjwt-jackson","old_version":"0.11.5","new_version":"0.13.0"},{"name":"com.alibaba:transmittable-thread-local","old_version":"2.14.2","new_version":"2.14.5","repository_url":"https://github.com/alibaba/transmittable-thread-local"},{"name":"org.junit.jupiter:junit-jupiter","old_version":"5.10.0","new_version":"6.1.0","repository_url":"https://github.com/junit-team/junit-framework"},{"name":"com.alibaba:fastjson","old_version":"2.0.53","new_version":"2.0.62","repository_url":"https://github.com/alibaba/fastjson2"},{"name":"redis.clients:jedis","old_version":"6.0.0","new_version":"7.5.2"},{"name":"com.squareup.okhttp3:okhttp","old_version":"4.12.0","new_version":"5.4.0","repository_url":"https://github.com/square/okhttp"},{"name":"com.squareup.okhttp3:okhttp-sse","old_version":"4.12.0","new_version":"5.4.0","repository_url":"https://github.com/square/okhttp"},{"name":"com.google.protobuf:protobuf-java","old_version":"3.24.4","new_version":"4.35.0"},{"name":"org.apache.poi:poi","old_version":"5.2.4","new_version":"5.5.1"},{"name":"org.apache.poi:poi-ooxml","old_version":"5.2.4","new_version":"5.5.1"},{"name":"org.apache.poi:poi-scratchpad","old_version":"5.2.4","new_version":"5.5.1"},{"name":"fr.opensagres.xdocreport:fr.opensagres.poi.xwpf.converter.pdf","old_version":"2.0.4","new_version":"2.2.0"},{"name":"org.hibernate.validator:hibernate-validator","old_version":"8.0.1.Final","new_version":"9.1.0.Final","repository_url":"https://github.com/hibernate/hibernate-validator"},{"name":"ch.qos.logback:logback-classic","old_version":"1.5.18","new_version":"1.5.34","repository_url":"https://github.com/qos-ch/logback"},{"name":"ch.qos.logback:logback-core","old_version":"1.5.18","new_version":"1.5.34","repository_url":"https://github.com/qos-ch/logback"},{"name":"org.apache.tomcat:tomcat-annotations-api","old_version":"10.1.55","new_version":"11.0.22"},{"name":"org.apache.tomcat.embed:tomcat-embed-el","old_version":"10.1.55","new_version":"11.0.22"},{"name":"com.google.guava:guava","old_version":"33.4.8-jre","new_version":"33.6.0-jre","repository_url":"https://github.com/google/guava"},{"name":"org.springframework.security:spring-security-crypto","old_version":"6.5.9","new_version":"7.0.5","repository_url":"https://github.com/spring-projects/spring-security"},{"name":"org.springframework.security:spring-security-web","old_version":"6.5.9","new_version":"7.0.5","repository_url":"https://github.com/spring-projects/spring-security"},{"name":"org.springframework.security:spring-security-core","old_version":"6.5.9","new_version":"7.0.5","repository_url":"https://github.com/spring-projects/spring-security"},{"name":"org.springframework.security:spring-security-config","old_version":"6.5.9","new_version":"7.0.5","repository_url":"https://github.com/spring-projects/spring-security"},{"name":"org.yaml:snakeyaml","old_version":"2.0","new_version":"2.6"},{"name":"com.itextpdf:itextpdf","old_version":"5.5.13.4","new_version":"5.5.13.5","repository_url":"https://github.com/itext/itextpdf"},{"name":"io.netty:netty-all","old_version":"4.1.133.Final","new_version":"4.2.15.Final","repository_url":"https://github.com/netty/netty"},{"name":"org.apache.kafka:kafka-clients","old_version":"3.9.2","new_version":"4.3.0"},{"name":"com.auth0:java-jwt","old_version":"4.4.0","new_version":"4.5.2"},{"name":"org.apache.httpcomponents:httpclient","old_version":"4.5.13","new_version":"4.5.14"},{"name":"com.alibaba:druid-spring-boot-starter","old_version":"1.1.9","new_version":"1.2.28","repository_url":"https://github.com/alibaba/druid"},{"name":"io.minio:minio","old_version":"8.6.0","new_version":"9.0.1","repository_url":"https://github.com/minio/minio-java"},{"name":"commons-net:commons-net","old_version":"3.9.0","new_version":"3.13.0","repository_url":"https://github.com/apache/commons-net"},{"name":"com.clickhouse:clickhouse-jdbc","old_version":"0.4.6","new_version":"0.9.8","repository_url":"https://github.com/ClickHouse/clickhouse-java"},{"name":"com.vesoft:client","old_version":"3.0.0","new_version":"3.8.4"},{"name":"co.elastic.clients:elasticsearch-java","old_version":"8.15.5","new_version":"9.4.2","repository_url":"https://github.com/elastic/elasticsearch-java"},{"name":"org.elasticsearch.client:elasticsearch-rest-client","old_version":"8.15.5","new_version":"9.4.2","repository_url":"https://github.com/elastic/elasticsearch"},{"name":"org.elasticsearch:elasticsearch","old_version":"8.15.5","new_version":"9.4.2","repository_url":"https://github.com/elastic/elasticsearch"},{"name":"org.elasticsearch:elasticsearch-x-content","old_version":"8.15.5","new_version":"9.4.2","repository_url":"https://github.com/elastic/elasticsearch"},{"name":"com.baomidou:mybatis-plus-extension","old_version":"3.5.5","new_version":"3.5.16","repository_url":"https://github.com/baomidou/mybatis-plus"},{"name":"org.springframework.boot:spring-boot-starter-test","old_version":"3.2.0","new_version":"4.0.6","repository_url":"https://github.com/spring-projects/spring-boot"},{"name":"com.baomidou:mybatis-plus-boot-starter","old_version":"3.5.5","new_version":"3.5.16","repository_url":"https://github.com/baomidou/mybatis-plus"},{"name":"com.github.jsqlparser:jsqlparser","old_version":"4.5","new_version":"5.3","repository_url":"https://github.com/JSQLParser/JSqlParser"},{"name":"com.aliyun:tea","old_version":"1.3.1","new_version":"1.4.2","repository_url":"https://github.com/aliyun/tea-java"},{"name":"commons-logging:commons-logging","old_version":"1.2","new_version":"1.3.6","repository_url":"https://github.com/apache/commons-logging"},{"name":"com.aliyun:tea-util","old_version":"0.2.23","new_version":"0.2.27","repository_url":"https://github.com/aliyun/tea-util"},{"name":"org.jacoco:org.jacoco.agent","old_version":"0.8.8","new_version":"0.8.15","repository_url":"https://github.com/jacoco/jacoco"},{"name":"com.aliyun:tea-openapi","old_version":"0.3.8","new_version":"0.3.15","repository_url":"https://github.com/aliyun/darabonba-openapi"},{"name":"com.github.pagehelper:pagehelper-spring-boot-starter","old_version":"1.4.7","new_version":"4.1.0","repository_url":"https://github.com/pagehelper/pagehelper-spring-boot"},{"name":"com.aliyun:dingtalk","old_version":"2.2.17","new_version":"2.2.53","repository_url":"https://github.com/aliyun/alibabacloud-sdk"},{"name":"com.aliyun:dysmsapi20170525","old_version":"2.0.24","new_version":"4.5.1","repository_url":"https://github.com/aliyun/alibabacloud-sdk"},{"name":"com.aliyun:credentials-java","old_version":"1.0.2","new_version":"1.0.3","repository_url":"https://github.com/aliyun/credentials-java"},{"name":"org.mybatis.spring.boot:mybatis-spring-boot-starter","old_version":"3.0.4","new_version":"4.0.1","repository_url":"https://github.com/mybatis/spring-boot-starter"},{"name":"org.xerial.snappy:snappy-java","old_version":"1.1.10.5","new_version":"1.1.10.8","repository_url":"https://github.com/xerial/snappy-java"},{"name":"joda-time:joda-time","old_version":"2.10.10","new_version":"2.14.2","repository_url":"https://github.com/JodaOrg/joda-time"},{"name":"io.swagger:swagger-annotations","old_version":"1.5.24","new_version":"1.6.16"},{"name":"tools.jackson.core:jackson-core","old_version":"3.1.1","new_version":"3.2.0"},{"name":"tools.jackson.core:jackson-databind","old_version":"3.1.1","new_version":"3.2.0"},{"name":"tools.jackson.dataformat:jackson-dataformat-yaml","old_version":"3.1.1","new_version":"3.2.0"},{"name":"org.projectlombok:lombok","old_version":"1.18.38","new_version":"1.18.46","repository_url":"https://github.com/projectlombok/lombok"},{"name":"jakarta.annotation:jakarta.annotation-api","old_version":"2.1.1","new_version":"3.0.0","repository_url":"https://github.com/jakartaee/common-annotations-api"},{"name":"cn.hutool:hutool-all","old_version":"5.8.38","new_version":"5.8.46","repository_url":"https://github.com/looly/hutool"},{"name":"com.aliyun.oss:aliyun-sdk-oss","old_version":"3.17.2","new_version":"3.18.5","repository_url":"https://github.com/aliyun/aliyun-oss-java-sdk"},{"name":"org.xerial:sqlite-jdbc","old_version":"3.46.1.0","new_version":"3.53.2.0","repository_url":"https://github.com/xerial/sqlite-jdbc"},{"name":"com.google.zxing:core","old_version":"3.3.3","new_version":"3.5.4","repository_url":"https://github.com/zxing/zxing"},{"name":"com.dingtalk.open:app-stream-client","old_version":"1.0.5","new_version":"1.3.12"},{"name":"io.modelcontextprotocol.sdk:mcp","old_version":"1.0.0","new_version":"1.1.3","repository_url":"https://github.com/modelcontextprotocol/java-sdk"},{"name":"dev.langchain4j:langchain4j-mcp","old_version":"1.1.0-beta7","new_version":"1.16.1-beta26","repository_url":"https://github.com/langchain4j/langchain4j"},{"name":"dev.langchain4j:langchain4j-core","old_version":"1.1.0","new_version":"1.16.1","repository_url":"https://github.com/langchain4j/langchain4j"},{"name":"dev.langchain4j:langchain4j","old_version":"1.1.0","new_version":"1.16.1","repository_url":"https://github.com/langchain4j/langchain4j"},{"name":"org.apache.pdfbox:pdfbox","old_version":"3.0.3","new_version":"3.0.7"},{"name":"com.github.librepdf:openpdf","old_version":"1.3.30","new_version":"3.0.5"},{"name":"mysql:mysql-connector-java","old_version":"5.1.26","new_version":"8.0.33"},{"name":"org.apache.maven.plugins:maven-dependency-plugin","old_version":"3.6.1","new_version":"3.11.0","repository_url":"https://github.com/apache/maven-dependency-plugin"},{"name":"org.apache.maven.plugins:maven-compiler-plugin","old_version":"3.11.0","new_version":"3.15.0","repository_url":"https://github.com/apache/maven-compiler-plugin"},{"name":"org.apache.maven.plugins:maven-enforcer-plugin","old_version":"3.4.1","new_version":"3.6.3","repository_url":"https://github.com/apache/maven-enforcer"},{"name":"org.apache.maven.plugins:maven-surefire-plugin","old_version":"3.2.5","new_version":"3.5.6","repository_url":"https://github.com/apache/maven-surefire"},{"name":"org.apache.maven.plugins:maven-help-plugin","old_version":"3.4.1","new_version":"3.5.1","repository_url":"https://github.com/apache/maven-help-plugin"},{"name":"org.mybatis.generator:mybatis-generator-maven-plugin","old_version":"1.3.7","new_version":"2.0.0"}],"path":null,"ecosystem":"maven"},"body":"Bumps the all-maven group with 115 updates in the /byclaw-be directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [org.springframework.boot:spring-boot-starter-parent](https://github.com/spring-projects/spring-boot) | `3.5.14` | `4.0.6` |\n| [org.springframework.ai:spring-ai-bom](https://github.com/spring-projects/spring-ai) | `1.0.0` | `1.1.7` |\n| [com.squareup.okio:okio-jvm](https://github.com/square/okio) | `3.6.0` | `3.17.0` |\n| [com.squareup.okio:okio](https://github.com/square/okio) | `3.4.0` | `3.17.0` |\n| [org.springframework.cloud:spring-cloud-dependencies](https://github.com/spring-cloud/spring-cloud-release) | `2025.0.2` | `2025.1.1` |\n| [io.opentelemetry.instrumentation:opentelemetry-instrumentation-annotations](https://github.com/open-telemetry/opentelemetry-java-instrumentation) | `2.22.0` | `2.28.1` |\n| org.apache.xmlbeans:xmlbeans | `5.1.1` | `5.3.0` |\n| commons-io:commons-io | `2.19.0` | `2.22.0` |\n| [org.jsoup:jsoup](https://github.com/jhy/jsoup) | `1.18.1` | `1.22.2` |\n| [org.jetbrains:annotations](https://github.com/JetBrains/java-annotations) | `24.0.1` | `26.1.0` |\n| [org.apache.commons:commons-compress](https://github.com/apache/commons-compress) | `1.24.0` | `1.28.0` |\n| [com.github.pagehelper:pagehelper](https://github.com/pagehelper/Mybatis-PageHelper) | `5.3.3` | `6.1.1` |\n| com.iwhaleai.byai:by-framework | `0.2.6` | `0.2.8` |\n| [com.fasterxml.woodstox:woodstox-core](https://github.com/FasterXML/woodstox) | `7.0.0` | `7.2.1` |\n| org.glassfish.hk2:hk2-api | `3.1.1` | `4.0.1` |\n| [org.eclipse.parsson:parsson](https://github.com/eclipse-ee4j/parsson) | `1.1.7` | `1.1.9` |\n| com.google.errorprone:error_prone_annotations | `2.36.0` | `2.49.0` |\n| org.opengauss:opengauss-jdbc | `6.0.0` | `6.0.3` |\n| [com.alibaba:druid](https://github.com/alibaba/druid) | `1.2.23` | `1.2.28` |\n| [com.mysql:mysql-connector-j](https://github.com/mysql/mysql-connector-j) | `8.4.0` | `9.7.0` |\n| [org.mybatis:mybatis](https://github.com/mybatis/mybatis-3) | `3.5.14` | `3.5.19` |\n| [org.mybatis:mybatis-spring](https://github.com/mybatis/spring) | `3.0.3` | `4.0.0` |\n| org.apache.commons:commons-lang3 | `3.13.0` | `3.20.0` |\n| org.apache.commons:commons-collections4 | `4.4` | `4.5.0` |\n| [commons-codec:commons-codec](https://github.com/apache/commons-codec) | `1.16.0` | `1.22.0` |\n| [jakarta.xml.bind:jakarta.xml.bind-api](https://github.com/jakartaee/jaxb-api) | `4.0.0` | `4.0.5` |\n| org.glassfish.jaxb:jaxb-runtime | `4.0.2` | `4.0.9` |\n| [jakarta.activation:jakarta.activation-api](https://github.com/jakartaee/jaf-api) | `2.1.1` | `2.1.4` |\n| io.github.resilience4j:resilience4j-spring-boot3 | `2.0.2` | `2.4.0` |\n| io.github.resilience4j:resilience4j-circuitbreaker | `2.0.2` | `2.4.0` |\n| [io.github.resilience4j:resilience4j-ratelimiter](https://github.com/resilience4j/resilience4j) | `2.0.2` | `2.4.0` |\n| [io.github.resilience4j:resilience4j-retry](https://github.com/resilience4j/resilience4j) | `2.0.2` | `2.4.0` |\n| io.github.resilience4j:resilience4j-bulkhead | `2.0.2` | `2.4.0` |\n| [io.github.resilience4j:resilience4j-timelimiter](https://github.com/resilience4j/resilience4j) | `2.0.2` | `2.4.0` |\n| [org.springdoc:springdoc-openapi-starter-webmvc-ui](https://github.com/springdoc/springdoc-openapi) | `2.8.8` | `3.0.3` |\n| [org.springdoc:springdoc-openapi-starter-common](https://github.com/springdoc/springdoc-openapi) | `2.8.8` | `3.0.3` |\n| [io.jsonwebtoken:jjwt-api](https://github.com/jwtk/jjwt) | `0.11.5` | `0.13.0` |\n| [io.jsonwebtoken:jjwt-impl](https://github.com/jwtk/jjwt) | `0.11.5` | `0.13.0` |\n| io.jsonwebtoken:jjwt-jackson | `0.11.5` | `0.13.0` |\n| [com.alibaba:transmittable-thread-local](https://github.com/alibaba/transmittable-thread-local) | `2.14.2` | `2.14.5` |\n| [org.junit.jupiter:junit-jupiter](https://github.com/junit-team/junit-framework) | `5.10.0` | `6.1.0` |\n| [com.alibaba:fastjson](https://github.com/alibaba/fastjson2) | `2.0.53` | `2.0.62` |\n| redis.clients:jedis | `6.0.0` | `7.5.2` |\n| [com.squareup.okhttp3:okhttp](https://github.com/square/okhttp) | `4.12.0` | `5.4.0` |\n| [com.squareup.okhttp3:okhttp-sse](https://github.com/square/okhttp) | `4.12.0` | `5.4.0` |\n| com.google.protobuf:protobuf-java | `3.24.4` | `4.35.0` |\n| org.apache.poi:poi | `5.2.4` | `5.5.1` |\n| org.apache.poi:poi-ooxml | `5.2.4` | `5.5.1` |\n| org.apache.poi:poi-scratchpad | `5.2.4` | `5.5.1` |\n| fr.opensagres.xdocreport:fr.opensagres.poi.xwpf.converter.pdf | `2.0.4` | `2.2.0` |\n| [org.hibernate.validator:hibernate-validator](https://github.com/hibernate/hibernate-validator) | `8.0.1.Final` | `9.1.0.Final` |\n| [ch.qos.logback:logback-classic](https://github.com/qos-ch/logback) | `1.5.18` | `1.5.34` |\n| [ch.qos.logback:logback-core](https://github.com/qos-ch/logback) | `1.5.18` | `1.5.34` |\n| org.apache.tomcat:tomcat-annotations-api | `10.1.55` | `11.0.22` |\n| org.apache.tomcat.embed:tomcat-embed-el | `10.1.55` | `11.0.22` |\n| [com.google.guava:guava](https://github.com/google/guava) | `33.4.8-jre` | `33.6.0-jre` |\n| [org.springframework.security:spring-security-crypto](https://github.com/spring-projects/spring-security) | `6.5.9` | `7.0.5` |\n| [org.springframework.security:spring-security-web](https://github.com/spring-projects/spring-security) | `6.5.9` | `7.0.5` |\n| [org.springframework.security:spring-security-core](https://github.com/spring-projects/spring-security) | `6.5.9` | `7.0.5` |\n| [org.springframework.security:spring-security-config](https://github.com/spring-projects/spring-security) | `6.5.9` | `7.0.5` |\n| [org.yaml:snakeyaml](https://bitbucket.org/snakeyaml/snakeyaml) | `2.0` | `2.6` |\n| [com.itextpdf:itextpdf](https://github.com/itext/itextpdf) | `5.5.13.4` | `5.5.13.5` |\n| [io.netty:netty-all](https://github.com/netty/netty) | `4.1.133.Final` | `4.2.15.Final` |\n| org.apache.kafka:kafka-clients | `3.9.2` | `4.3.0` |\n| com.auth0:java-jwt | `4.4.0` | `4.5.2` |\n| org.apache.httpcomponents:httpclient | `4.5.13` | `4.5.14` |\n| [com.alibaba:druid-spring-boot-starter](https://github.com/alibaba/druid) | `1.1.9` | `1.2.28` |\n| [io.minio:minio](https://github.com/minio/minio-java) | `8.6.0` | `9.0.1` |\n| [commons-net:commons-net](https://github.com/apache/commons-net) | `3.9.0` | `3.13.0` |\n| [com.clickhouse:clickhouse-jdbc](https://github.com/ClickHouse/clickhouse-java) | `0.4.6` | `0.9.8` |\n| com.vesoft:client | `3.0.0` | `3.8.4` |\n| [co.elastic.clients:elasticsearch-java](https://github.com/elastic/elasticsearch-java) | `8.15.5` | `9.4.2` |\n| [org.elasticsearch.client:elasticsearch-rest-client](https://github.com/elastic/elasticsearch) | `8.15.5` | `9.4.2` |\n| [org.elasticsearch:elasticsearch](https://github.com/elastic/elasticsearch) | `8.15.5` | `9.4.2` |\n| [org.elasticsearch:elasticsearch-x-content](https://github.com/elastic/elasticsearch) | `8.15.5` | `9.4.2` |\n| [com.baomidou:mybatis-plus-extension](https://github.com/baomidou/mybatis-plus) | `3.5.5` | `3.5.16` |\n| [org.springframework.boot:spring-boot-starter-test](https://github.com/spring-projects/spring-boot) | `3.2.0` | `4.0.6` |\n| [com.baomidou:mybatis-plus-boot-starter](https://github.com/baomidou/mybatis-plus) | `3.5.5` | `3.5.16` |\n| [com.github.jsqlparser:jsqlparser](https://github.com/JSQLParser/JSqlParser) | `4.5` | `5.3` |\n| [com.aliyun:tea](https://github.com/aliyun/tea-java) | `1.3.1` | `1.4.2` |\n| [commons-logging:commons-logging](https://github.com/apache/commons-logging) | `1.2` | `1.3.6` |\n| [com.aliyun:tea-util](https://github.com/aliyun/tea-util) | `0.2.23` | `0.2.27` |\n| [org.jacoco:org.jacoco.agent](https://github.com/jacoco/jacoco) | `0.8.8` | `0.8.15` |\n| [com.aliyun:tea-openapi](https://github.com/aliyun/darabonba-openapi) | `0.3.8` | `0.3.15` |\n| [com.github.pagehelper:pagehelper-spring-boot-starter](https://github.com/pagehelper/pagehelper-spring-boot) | `1.4.7` | `4.1.0` |\n| [com.aliyun:dingtalk](https://github.com/aliyun/alibabacloud-sdk) | `2.2.17` | `2.2.53` |\n| [com.aliyun:dysmsapi20170525](https://github.com/aliyun/alibabacloud-sdk) | `2.0.24` | `4.5.1` |\n| [com.aliyun:credentials-java](https://github.com/aliyun/credentials-java) | `1.0.2` | `1.0.3` |\n| [org.mybatis.spring.boot:mybatis-spring-boot-starter](https://github.com/mybatis/spring-boot-starter) | `3.0.4` | `4.0.1` |\n| [org.xerial.snappy:snappy-java](https://github.com/xerial/snappy-java) | `1.1.10.5` | `1.1.10.8` |\n| [joda-time:joda-time](https://github.com/JodaOrg/joda-time) | `2.10.10` | `2.14.2` |\n| io.swagger:swagger-annotations | `1.5.24` | `1.6.16` |\n| tools.jackson.core:jackson-core | `3.1.1` | `3.2.0` |\n| tools.jackson.core:jackson-databind | `3.1.1` | `3.2.0` |\n| tools.jackson.dataformat:jackson-dataformat-yaml | `3.1.1` | `3.2.0` |\n| [org.projectlombok:lombok](https://github.com/projectlombok/lombok) | `1.18.38` | `1.18.46` |\n| [jakarta.annotation:jakarta.annotation-api](https://github.com/jakartaee/common-annotations-api) | `2.1.1` | `3.0.0` |\n| [cn.hutool:hutool-all](https://github.com/looly/hutool) | `5.8.38` | `5.8.46` |\n| [com.aliyun.oss:aliyun-sdk-oss](https://github.com/aliyun/aliyun-oss-java-sdk) | `3.17.2` | `3.18.5` |\n| [org.xerial:sqlite-jdbc](https://github.com/xerial/sqlite-jdbc) | `3.46.1.0` | `3.53.2.0` |\n| [com.google.zxing:core](https://github.com/zxing/zxing) | `3.3.3` | `3.5.4` |\n| com.dingtalk.open:app-stream-client | `1.0.5` | `1.3.12` |\n| [io.modelcontextprotocol.sdk:mcp](https://github.com/modelcontextprotocol/java-sdk) | `1.0.0` | `1.1.3` |\n| [dev.langchain4j:langchain4j-mcp](https://github.com/langchain4j/langchain4j) | `1.1.0-beta7` | `1.16.1-beta26` |\n| [dev.langchain4j:langchain4j-core](https://github.com/langchain4j/langchain4j) | `1.1.0` | `1.16.1` |\n| [dev.langchain4j:langchain4j](https://github.com/langchain4j/langchain4j) | `1.1.0` | `1.16.1` |\n| org.apache.pdfbox:pdfbox | `3.0.3` | `3.0.7` |\n| com.github.librepdf:openpdf | `1.3.30` | `3.0.5` |\n| mysql:mysql-connector-java | `5.1.26` | `8.0.33` |\n| [org.apache.maven.plugins:maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin) | `3.6.1` | `3.11.0` |\n| [org.apache.maven.plugins:maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin) | `3.11.0` | `3.15.0` |\n| [org.apache.maven.plugins:maven-enforcer-plugin](https://github.com/apache/maven-enforcer) | `3.4.1` | `3.6.3` |\n| [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.2.5` | `3.5.6` |\n| [org.apache.maven.plugins:maven-help-plugin](https://github.com/apache/maven-help-plugin) | `3.4.1` | `3.5.1` |\n| org.mybatis.generator:mybatis-generator-maven-plugin | `1.3.7` | `2.0.0` |\n\n\nUpdates `org.springframework.boot:spring-boot-starter-parent` from 3.5.14 to 4.0.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-boot/releases\"\u003eorg.springframework.boot:spring-boot-starter-parent's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.6\u003c/h2\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDefault security is misconfigured when spring-boot-actuator-autoconfigure is present and spring-boot-health is not \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50188\"\u003e#50188\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eElasticsearch Rest5Client auto-configuration misconfigures underlying HTTP client \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50187\"\u003e#50187\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApplicationPidFileWriter does not handle symlinks correctly \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50185\"\u003e#50185\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRandomValuePropertySource is not suitable for secrets \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50183\"\u003e#50183\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCassandra auto-configuration misconfigures CqlSessionBuilder \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50180\"\u003e#50180\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eApplicationTemp does not handle symlinks correctly \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50178\"\u003e#50178\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemote DevTools performs comparison incorrectly \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50176\"\u003e#50176\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003espring.rabbitmq.ssl.verify-hostname is applied inconsistently \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50174\"\u003e#50174\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWhole number values are ignored when configuring min and max expected values and SLO boundaries for a distribution summary meter \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50077\"\u003e#50077\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClassic starters are missing several modules \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50071\"\u003e#50071\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eModule spring-boot-resttestclient is missing from spring-boot-starter-test-classic \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/50069\"\u003e#50069\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAnnotations like \u003ccode\u003e@Ssl\u003c/code\u003e don't work on \u003ccode\u003e@Bean\u003c/code\u003e methods when using \u003ccode\u003e@ServiceConnection\u003c/code\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50064\"\u003e#50064\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnversRevisionRepositoriesRegistrar should reuse \u003ccode\u003e@EnableEnversRepositories\u003c/code\u003e rather than configuring the JPA counterpart \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50039\"\u003e#50039\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWebFlux Cloud Foundry links endpoint includes query string from received request in resolved links \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50017\"\u003e#50017\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImports on a containing test class are ignored when a nested class has imports \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50012\"\u003e#50012\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWith spring.jackson.use-jackson2-defaults set to true, FAIL_ON_UNKNOWN_PROPERTIES is enabled \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49951\"\u003e#49951\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e500 response from env endpoint when supplied pattern is invalid \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49946\"\u003e#49946\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReactive MongoDB starter has a transitive dependency on the synchronous MongoDB driver \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49945\"\u003e#49945\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHTTP method is lost when configuring excludes in EndpointRequest \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49943\"\u003e#49943\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHonor HttpMethod for reactive additional endpoint paths \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49880\"\u003e#49880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocker Compose support doesn't work with apache/artemis image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49869\"\u003e#49869\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocker Compose support doesn't work with apache/activemq image \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49866\"\u003e#49866\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpring Security's PathPatternRequestMatcher.Builder is not auto-configured when using WebMvcTest and spring-boot-security-test \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49854\"\u003e#49854\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAPI versioning path strategy should be applied path last as it is not meant to yield \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49800\"\u003e#49800\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:notebook_with_decorative_cover: Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate docs to encourage Java fundamentals for beginners that prefer to learn that way \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50146\"\u003e#50146\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eHTTP Service Interface Clients still document that API versioning can be configured via properties \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50126\"\u003e#50126\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLink to the observability section of the Lettuce documentation is broken \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50097\"\u003e#50097\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eJavadoc for StaticResourceLocation.FAVICON doesn't describe icons location \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50085\"\u003e#50085\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMySamlRelyingPartyConfiguration is missing a Kotlin sample \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50024\"\u003e#50024\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIncorrect default value for management.httpexchanges.recording.include in configuration metadata \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50019\"\u003e#50019\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eLink to the Kubernetes documentation when discussing startup probes \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50015\"\u003e#50015\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eTypo in JdbcSessionAutoConfiguration Javadoc \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/49873\"\u003e#49873\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify that configuration property default values are not available through the Environment \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49851\"\u003e#49851\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument the need for Liquibase and Flyway starters \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/49839\"\u003e#49839\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eKafka documentation refers to deprecated JSON serializer and deserializer classes \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/pull/49826\"\u003e#49826\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:hammer: Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to Elasticsearch Client 9.2.8 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50027\"\u003e#50027\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Groovy 5.0.5 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49911\"\u003e#49911\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Hibernate 7.2.12.Final \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50134\"\u003e#50134\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to Jackson Bom 3.1.2 \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50051\"\u003e#50051\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to \u003ca href=\"https://github.com/jaxen-xpath/jaxen/releases/tag/v2.0.1\"\u003eJaxen 2.0.1\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/50104\"\u003e#50104\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to \u003ca href=\"https://github.com/FirebirdSQL/jaybird/releases/tag/v6.0.5\"\u003eJaybird 6.0.5\u003c/a\u003e \u003ca href=\"https://redirect.github.com/spring-projects/spring-boot/issues/49914\"\u003e#49914\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8821ad2cd381bb4b9615a61479e1de7305a8ba39\"\u003e\u003ccode\u003e8821ad2\u003c/code\u003e\u003c/a\u003e Release v4.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/9e4048a03f17adfe78057a3c4d5b4693305c0ae0\"\u003e\u003ccode\u003e9e4048a\u003c/code\u003e\u003c/a\u003e Merge branch '3.5.x' into 4.0.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/20bb11c3984802990572ddbeae8b66885a8f2462\"\u003e\u003ccode\u003e20bb11c\u003c/code\u003e\u003c/a\u003e Next development version (v3.5.15-SNAPSHOT)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/98daa8ea30f39a5b0ca6768b5cbc2dc8698ef4e1\"\u003e\u003ccode\u003e98daa8e\u003c/code\u003e\u003c/a\u003e Merge branch '3.5.x' into 4.0.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/874f6294b91da18367b8b5ab7b2fad3fa23cfba6\"\u003e\u003ccode\u003e874f629\u003c/code\u003e\u003c/a\u003e Fix default security with actuator but without health\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/e41b3bf731d1134bc18ec1f68ac01e0fe1c54923\"\u003e\u003ccode\u003ee41b3bf\u003c/code\u003e\u003c/a\u003e Enable hostname verification for SSL connections to Elasticsearch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/ef8527bb0ef8f564f4f9c57a7be99a7aa96c6ab0\"\u003e\u003ccode\u003eef8527b\u003c/code\u003e\u003c/a\u003e Merge branch '3.5.x' into 4.0.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/4a7bd332b6d19fef1aa4cf28434985f2b03a2e0f\"\u003e\u003ccode\u003e4a7bd33\u003c/code\u003e\u003c/a\u003e Merge branch '3.5.x' into 4.0.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/3a9d836621605d39cfd88b677f2c6085aa1a1402\"\u003e\u003ccode\u003e3a9d836\u003c/code\u003e\u003c/a\u003e Merge branch '3.5.x' into 4.0.x\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-boot/commit/8e013b6f909c3882ed87ca78111e4a8bfe33ff72\"\u003e\u003ccode\u003e8e013b6\u003c/code\u003e\u003c/a\u003e Merge branch '3.5.x' into 4.0.x\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-boot/compare/v3.5.14...v4.0.6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.ai:spring-ai-bom` from 1.0.0 to 1.1.7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-projects/spring-ai/releases\"\u003eorg.springframework.ai:spring-ai-bom's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSpring AI 1.1.7\u003c/h2\u003e\n\u003ch2\u003e:star: New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eOllama doesnt work in a graalvm native image \u003ca href=\"https://redirect.github.com/spring-projects/spring-ai/issues/6064\"\u003e#6064\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e:lady_beetle: Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eOpenAiChatModel streaming drops chunks due to internal switchMap when using buffered concatMap \u003ca href=\"https://redirect.github.com/spring-projects/spring-ai/issues/6122\"\u003e#6122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eRedisVectorStore#doDelete\u003c/code\u003e only deletes the 10 first messages \u003ca href=\"https://redirect.github.com/spring-projects/spring-ai/issues/6066\"\u003e#6066\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch1\u003eSpring AI 1.1.6 Release Notes\u003c/h1\u003e\n\u003ch2\u003e🎯 Highlights\u003c/h2\u003e\n\u003cp\u003eThis release includes 1 new features, 5 bug fixes, 2 documentation improvements, 5 other improvements.\u003c/p\u003e\n\u003ch2\u003e⏪ Breaking Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eChat memory advisors now require an explicit conversation ID to be supplied. This is a behavioral change that affects how chat memory is scoped and managed. Applications relying on implicit conversation IDs must be updated to supply an explicit ID. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/13cde419e30042c663706f130dd65b80d92d4667\"\u003e13cde41\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Upgrading Notes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePromptChatMemoryAdvisor is now deprecated and chat memory advisors require an explicit conversation ID. Update your code to: (1) replace PromptChatMemoryAdvisor with the recommended alternative, and (2) ensure an explicit conversation ID is supplied when using any chat memory advisor. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/917f62ebec13cf01027c094dd36d4106b1c8dc47\"\u003e917f62e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⭐ New Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMCP auto-configuration now includes the missing \u003ca href=\"https://github.com/ConditionalOnMissingBean\"\u003e\u003ccode\u003e@​ConditionalOnMissingBean\u003c/code\u003e\u003c/a\u003e check, allowing users to provide their own bean definitions and override the auto-configured MCP beans as expected in Spring Boot auto-configuration patterns. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/d4025e5d8ede18158cbd9b53b1cc4a0ad107af3a\"\u003ed4025e5\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🪲 Bug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFixed an issue where the MilvusVectorStore's doDelete method incorrectly escaped strings in the ID list, which could cause deletion operations to fail or behave unexpectedly. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/20206a46408ef8a9609f54afc7c82a0b5fd2e357\"\u003e20206a4\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the ChatClientAdvisorTests test suite to supply an explicit conversation ID, aligning tests with the new requirement for explicit conversation IDs in chat memory advisors. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/704e5c6519c150662c7338782639fa84ffe8c9ed\"\u003e704e5c6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the MistralAiChatModelObservationIT integration test to ensure observation functionality works correctly with the MistralAI chat model provider. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/a89145db26831f2f8bf22e0f76155ecebd8d7c5c\"\u003ea89145d\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCorrects an issue where configured options were not being properly included in MistralAI API requests, ensuring all user-defined settings are correctly passed through. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/7bcf32aa134b3954ba70bed625de4adcbfe8fab4\"\u003e7bcf32a\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eResolves a regression in how AssistantMessage.ToolCall.id is handled when using the Ollama integration, restoring correct tool call identification behavior. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/bb9d65ea96d3d57cf3c7467fb82e86bc25c9f238\"\u003ebb9d65e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e📓 Documentation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCorrected typographical errors in the MCP (Model Context Protocol) documentation for improved readability and accuracy. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/a1ad7f2a4a784432dde61520723fb80119008320\"\u003ea1ad7f2\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed broken xref anchors in the documentation to restore proper cross-reference navigation between documentation sections. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/f03c104234de47a9e91d0a7f312f458ebeb5cbe9\"\u003ef03c104\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔨 Dependency Upgrades\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated MCP SDK from version 0.17.0 to 0.18.2 and MCP annotations from 0.8.0 to 0.9.0, bringing in the latest MCP protocol improvements and bug fixes. \u003ca href=\"https://redirect.github.com/spring-projects/spring-ai/pull/5961\"\u003e#5961\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🔩 Build Updates\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated the project build to use JDK 17.0.19, ensuring compatibility and incorporating the latest Java 17 patch release for the build environment. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/27281e62dec4fd0857ab3d0da79cd3b83105b260\"\u003e27281e6\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReorganizes the project structure by relocating Spring AI starter modules to a dedicated starters/ directory for better maintainability and clarity. \u003ca href=\"https://github.com/spring-projects/spring-ai/commit/22f867673c0d59a4607022d0a5992b5f0c59f6ef\"\u003e22f8676\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e🙏 Contributors\u003c/h2\u003e\n\u003cp\u003eThanks to all contributors who made this release possible:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tzolov\"\u003e\u003ccode\u003eChristian Tzolov (@​tzolov)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/emileplas\"\u003e\u003ccode\u003eEmile Plas (@​emileplas)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ilayaperumalg\"\u003e\u003ccode\u003eIlayaperumal Gopinathan (@​ilayaperumalg)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sobychacko\"\u003e\u003ccode\u003eSoby Chacko (@​sobychacko)\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ai/commit/d8503868d3e84547db51d8f10379e1a075fe2d99\"\u003e\u003ccode\u003ed850386\u003c/code\u003e\u003c/a\u003e Release version 1.1.7\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ai/commit/5b78fe924eb2327f652cbdae1531999a6a98ba81\"\u003e\u003ccode\u003e5b78fe9\u003c/code\u003e\u003c/a\u003e Harden filename handling in AnthropicSkillsResponseHelper\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ai/commit/3fc37483ae6b215efc743f41b303820091b05aee\"\u003e\u003ccode\u003e3fc3748\u003c/code\u003e\u003c/a\u003e Fix deprecated model for OpenAI SDK Image model\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ai/commit/b83d3928cd84f547c094a89d23969b256b567f4b\"\u003e\u003ccode\u003eb83d392\u003c/code\u003e\u003c/a\u003e Fix OpenAI ITs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ai/commit/f63fac2a2d968bccd1cbc3c62a7ad78294f16ed5\"\u003e\u003ccode\u003ef63fac2\u003c/code\u003e\u003c/a\u003e Fix deprecated audio models in OpenAI API and OpenAI SDK\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ai/commit/9a5f2154bdda22949091ffd7ae4f532934d0092f\"\u003e\u003ccode\u003e9a5f215\u003c/code\u003e\u003c/a\u003e fix: update OpenAI image API to gpt-image-1-mini, dropping DALL-E support\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ai/commit/30c7be9000b8a9afd58e3a580b5424630e6d7509\"\u003e\u003ccode\u003e30c7be9\u003c/code\u003e\u003c/a\u003e fix: Add missing configurations for ChatModel streaming tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ai/commit/42b9cc72e1d665a417403e403828228bcff254d4\"\u003e\u003ccode\u003e42b9cc7\u003c/code\u003e\u003c/a\u003e Replace switchMap with concatMap/map to prevent streaming data loss (\u003ca href=\"https://redirect.github.com/spring-projects/spring-ai/issues/6106\"\u003e#6106\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ai/commit/24a89f5555be3d6db006dfb46930b569a28a51ee\"\u003e\u003ccode\u003e24a89f5\u003c/code\u003e\u003c/a\u003e Fix Redis vector store filter delete to paginate search results\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-projects/spring-ai/commit/df99841177c419d09f936d917fb673fb4eecf4ad\"\u003e\u003ccode\u003edf99841\u003c/code\u003e\u003c/a\u003e Add Ollama ThinkOption runtime hints\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-projects/spring-ai/compare/v1.0.0...v1.1.7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.squareup.okio:okio-jvm` from 3.6.0 to 3.17.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/square/okio/blob/master/CHANGELOG.md\"\u003ecom.squareup.okio:okio-jvm's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.17.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-03-11\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eNew: Adjust down the Kotlin stdlib dependency to [Kotlin 2.1.21][kotlin_2_1_21]. Okio is built\nwith an up-to-date Kotlin compiler (2.2.21), but depends on an older kotlin-stdlib. We're doing\nthis so you can update Okio and Kotlin independently.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: Return the correct timestamp in \u003ccode\u003eFileMetadata.createdAtMillis\u003c/code\u003e on Kotlin/Native on UNIX\nplatforms. We were incorrectly using the POSIX \u003ccode\u003ectime\u003c/code\u003e (\u003cem\u003echange\u003c/em\u003e time) instead of the\n\u003ccode\u003ebirthtime\u003c/code\u003e. With this fix Okio now prefers \u003ccode\u003estatx()\u003c/code\u003e over \u003ccode\u003estat()\u003c/code\u003e on native platforms. This\nAPI first appeared in Linux in 4.11 (2017) and Android in API 30 (2020).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.16.4\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-11-17\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Don't delay triggering timeouts. In 3.16.0 we introduced a regression that caused timeouts\nto fire later than they were supposed to.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.16.3\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-11-14\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003eThis release is the same as 3.16.2. We forgot to cherry-pick a commit before we released!\u003c/p\u003e\n\u003ch2\u003eVersion 3.16.2\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-10-14\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix: \u003ccode\u003eokio-assetfilesystem\u003c/code\u003e APIs now correctly restored as visible to Kotlin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.16.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-10-09\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Don't crash when calling \u003ccode\u003eSocket.shutdownOutput()\u003c/code\u003e or \u003ccode\u003eshutdownInput()\u003c/code\u003e on an \u003ccode\u003eSSLSocket\u003c/code\u003e on\nAndroid API 21. This method throws an \u003ccode\u003eUnsupportedOperationException\u003c/code\u003e, so we now catch that and\nclose the underlying stream instead.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.16.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-07-29\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Change \u003ccode\u003eSocket.asOkioSocket()\u003c/code\u003e to resolve its source \u003ccode\u003eInputStream\u003c/code\u003e and \u003ccode\u003eOutputStream\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/80a50234e5edb96041a8168c4754ba9e1ff3625a\"\u003e\u003ccode\u003e80a5023\u003c/code\u003e\u003c/a\u003e Prepare for release 3.17.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/65c0c26bb5242b697ffc28f6c666ae0a01197ff6\"\u003e\u003ccode\u003e65c0c26\u003c/code\u003e\u003c/a\u003e Switch to FileMetadata to use statx instead of stat on Linux and Apple platfo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/b11f17b233601af92ae1fabea3fecdeea0608631\"\u003e\u003ccode\u003eb11f17b\u003c/code\u003e\u003c/a\u003e Remove Kotlin/JS IR default parameter workarounds. (\u003ca href=\"https://redirect.github.com/square/okio/issues/1786\"\u003e#1786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/b35f473635db8ad9d5a9b096780e960d1b8f7d4d\"\u003e\u003ccode\u003eb35f473\u003c/code\u003e\u003c/a\u003e Update Gradle to v9.4.0 (\u003ca href=\"https://redirect.github.com/square/okio/issues/1785\"\u003e#1785\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/cbcee31f2bcb7e6f606d8eafc45f4c8ea7228cae\"\u003e\u003ccode\u003ecbcee31\u003c/code\u003e\u003c/a\u003e Update actions/upload-artifact action to v7 (\u003ca href=\"https://redirect.github.com/square/okio/issues/1783\"\u003e#1783\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/fc7aecb7f6f7a123f2024ab6397da04311546bf2\"\u003e\u003ccode\u003efc7aecb\u003c/code\u003e\u003c/a\u003e Update dependency com.android.tools.build:gradle to v9.0.1 (\u003ca href=\"https://redirect.github.com/square/okio/issues/1781\"\u003e#1781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/79aa26755c77df8c4d0233926c7308fd353ad697\"\u003e\u003ccode\u003e79aa267\u003c/code\u003e\u003c/a\u003e Drop \u003ccode\u003eisWasm()\u003c/code\u003e early return workaround for KT-60212. (\u003ca href=\"https://redirect.github.com/square/okio/issues/1777\"\u003e#1777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/45459dca7d40b4c2df1454a0f363e0b8e153beb5\"\u003e\u003ccode\u003e45459dc\u003c/code\u003e\u003c/a\u003e Fix result of an 'errnoToIOException' call is not thrown. inside `PosixFileSy...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/9fbab0f7ab00b525b0ae331c8c3ac3c645afc8c8\"\u003e\u003ccode\u003e9fbab0f\u003c/code\u003e\u003c/a\u003e Decode env variables in WASI tests (\u003ca href=\"https://redirect.github.com/square/okio/issues/1773\"\u003e#1773\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/50abe8900f2e7bd48d4afc77bda0afd74fc790ac\"\u003e\u003ccode\u003e50abe89\u003c/code\u003e\u003c/a\u003e Stop using AssertJ (\u003ca href=\"https://redirect.github.com/square/okio/issues/1771\"\u003e#1771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/square/okio/compare/parent-3.6.0...parent-3.17.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `com.squareup.okio:okio` from 3.4.0 to 3.17.0\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/square/okio/blob/master/CHANGELOG.md\"\u003ecom.squareup.okio:okio's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 3.17.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2026-03-11\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eNew: Adjust down the Kotlin stdlib dependency to [Kotlin 2.1.21][kotlin_2_1_21]. Okio is built\nwith an up-to-date Kotlin compiler (2.2.21), but depends on an older kotlin-stdlib. We're doing\nthis so you can update Okio and Kotlin independently.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFix: Return the correct timestamp in \u003ccode\u003eFileMetadata.createdAtMillis\u003c/code\u003e on Kotlin/Native on UNIX\nplatforms. We were incorrectly using the POSIX \u003ccode\u003ectime\u003c/code\u003e (\u003cem\u003echange\u003c/em\u003e time) instead of the\n\u003ccode\u003ebirthtime\u003c/code\u003e. With this fix Okio now prefers \u003ccode\u003estatx()\u003c/code\u003e over \u003ccode\u003estat()\u003c/code\u003e on native platforms. This\nAPI first appeared in Linux in 4.11 (2017) and Android in API 30 (2020).\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.16.4\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-11-17\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Don't delay triggering timeouts. In 3.16.0 we introduced a regression that caused timeouts\nto fire later than they were supposed to.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.16.3\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-11-14\u003c/em\u003e\u003c/p\u003e\n\u003cp\u003eThis release is the same as 3.16.2. We forgot to cherry-pick a commit before we released!\u003c/p\u003e\n\u003ch2\u003eVersion 3.16.2\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-10-14\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix: \u003ccode\u003eokio-assetfilesystem\u003c/code\u003e APIs now correctly restored as visible to Kotlin.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.16.1\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-10-09\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Don't crash when calling \u003ccode\u003eSocket.shutdownOutput()\u003c/code\u003e or \u003ccode\u003eshutdownInput()\u003c/code\u003e on an \u003ccode\u003eSSLSocket\u003c/code\u003e on\nAndroid API 21. This method throws an \u003ccode\u003eUnsupportedOperationException\u003c/code\u003e, so we now catch that and\nclose the underlying stream instead.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 3.16.0\u003c/h2\u003e\n\u003cp\u003e\u003cem\u003e2025-07-29\u003c/em\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eFix: Change \u003ccode\u003eSocket.asOkioSocket()\u003c/code\u003e to resolve its source \u003ccode\u003eInputStream\u003c/code\u003e and \u003ccode\u003eOutputStream\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/80a50234e5edb96041a8168c4754ba9e1ff3625a\"\u003e\u003ccode\u003e80a5023\u003c/code\u003e\u003c/a\u003e Prepare for release 3.17.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/65c0c26bb5242b697ffc28f6c666ae0a01197ff6\"\u003e\u003ccode\u003e65c0c26\u003c/code\u003e\u003c/a\u003e Switch to FileMetadata to use statx instead of stat on Linux and Apple platfo...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/b11f17b233601af92ae1fabea3fecdeea0608631\"\u003e\u003ccode\u003eb11f17b\u003c/code\u003e\u003c/a\u003e Remove Kotlin/JS IR default parameter workarounds. (\u003ca href=\"https://redirect.github.com/square/okio/issues/1786\"\u003e#1786\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/b35f473635db8ad9d5a9b096780e960d1b8f7d4d\"\u003e\u003ccode\u003eb35f473\u003c/code\u003e\u003c/a\u003e Update Gradle to v9.4.0 (\u003ca href=\"https://redirect.github.com/square/okio/issues/1785\"\u003e#1785\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/cbcee31f2bcb7e6f606d8eafc45f4c8ea7228cae\"\u003e\u003ccode\u003ecbcee31\u003c/code\u003e\u003c/a\u003e Update actions/upload-artifact action to v7 (\u003ca href=\"https://redirect.github.com/square/okio/issues/1783\"\u003e#1783\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/fc7aecb7f6f7a123f2024ab6397da04311546bf2\"\u003e\u003ccode\u003efc7aecb\u003c/code\u003e\u003c/a\u003e Update dependency com.android.tools.build:gradle to v9.0.1 (\u003ca href=\"https://redirect.github.com/square/okio/issues/1781\"\u003e#1781\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/79aa26755c77df8c4d0233926c7308fd353ad697\"\u003e\u003ccode\u003e79aa267\u003c/code\u003e\u003c/a\u003e Drop \u003ccode\u003eisWasm()\u003c/code\u003e early return workaround for KT-60212. (\u003ca href=\"https://redirect.github.com/square/okio/issues/1777\"\u003e#1777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/45459dca7d40b4c2df1454a0f363e0b8e153beb5\"\u003e\u003ccode\u003e45459dc\u003c/code\u003e\u003c/a\u003e Fix result of an 'errnoToIOException' call is not thrown. inside `PosixFileSy...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/9fbab0f7ab00b525b0ae331c8c3ac3c645afc8c8\"\u003e\u003ccode\u003e9fbab0f\u003c/code\u003e\u003c/a\u003e Decode env variables in WASI tests (\u003ca href=\"https://redirect.github.com/square/okio/issues/1773\"\u003e#1773\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/square/okio/commit/50abe8900f2e7bd48d4afc77bda0afd74fc790ac\"\u003e\u003ccode\u003e50abe89\u003c/code\u003e\u003c/a\u003e Stop using AssertJ (\u003ca href=\"https://redirect.github.com/square/okio/issues/1771\"\u003e#1771\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/square/okio/compare/parent-3.4.0...parent-3.17.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.springframework.cloud:spring-cloud-dependencies` from 2025.0.2 to 2025.1.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/releases\"\u003eorg.springframework.cloud:spring-cloud-dependencies's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2025.1.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump antora from 3.2.0-alpha.10 to 3.2.0-alpha.11 in /docs by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/spring-cloud/spring-cloud-release/pull/447\"\u003espring-cloud/spring-cloud-release#447\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.springframework.cloud:spring-cloud-contract-dependencies from 5.0.1-SNAPSHOT to 5.0.2-SNAPSHOT by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/spring-cloud/spring-cloud-release/pull/454\"\u003espring-cloud/spring-cloud-release#454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.springframework.cloud:spring-cloud-contract-dependencies from 5.0.1-SNAPSHOT to 5.0.2-SNAPSHOT by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/spring-cloud/spring-cloud-release/pull/453\"\u003espring-cloud/spring-cloud-release#453\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/cache from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/spring-cloud/spring-cloud-release/pull/456\"\u003espring-cloud/spring-cloud-release#456\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven:maven-model from 3.9.11 to 3.9.12 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/spring-cloud/spring-cloud-release/pull/461\"\u003espring-cloud/spring-cloud-release#461\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump org.apache.maven:maven-model from 3.9.11 to 3.9.12 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/spring-cloud/spring-cloud-release/pull/460\"\u003espring-cloud/spring-cloud-release#460\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/compare/v2025.1.0...v2025.1.1\"\u003ehttps://github.com/spring-cloud/spring-cloud-release/compare/v2025.1.0...v2025.1.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/commit/dbb12bfc2b899fb0845fe4b3c6dc07bc3c1828e2\"\u003e\u003ccode\u003edbb12bf\u003c/code\u003e\u003c/a\u003e Update SNAPSHOT to 2025.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/commit/edc8bcb1d195cb0a9fa96efc82ccb3dfdaf2fd39\"\u003e\u003ccode\u003eedc8bcb\u003c/code\u003e\u003c/a\u003e Bumping versions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/commit/a9f418316485581438af2fa1db54f7ff5e80b17e\"\u003e\u003ccode\u003ea9f4183\u003c/code\u003e\u003c/a\u003e Use Spring Boot 4.0.2-SNAPSHOT\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/commit/da7ad033005dd53554ad5aea9eeefab9416c1661\"\u003e\u003ccode\u003eda7ad03\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-cloud/spring-cloud-release/issues/460\"\u003e#460\u003c/a\u003e from spring-cloud/dependabot/maven/org.apache.maven-m...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/commit/49b10e643ffdb36873b3abb0bcd0539e0942f0c6\"\u003e\u003ccode\u003e49b10e6\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-cloud/spring-cloud-release/issues/461\"\u003e#461\u003c/a\u003e from spring-cloud/dependabot/maven/main/org.apache.ma...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/commit/59782becdf97cb4db3693fc9d3688e85fde493b5\"\u003e\u003ccode\u003e59782be\u003c/code\u003e\u003c/a\u003e Bump org.apache.maven:maven-model from 3.9.11 to 3.9.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/commit/89c8dd1e2610118b12e9d9ccb64945833a0ade22\"\u003e\u003ccode\u003e89c8dd1\u003c/code\u003e\u003c/a\u003e Bump org.apache.maven:maven-model from 3.9.11 to 3.9.12\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/commit/96a5fb078d5eb2d80baec60004f1cb2518290afe\"\u003e\u003ccode\u003e96a5fb0\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/spring-cloud/spring-cloud-release/issues/456\"\u003e#456\u003c/a\u003e from spring-cloud/dependabot/github_actions/main/acti...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/commit/5d22a1d1f65df1f7a8c5bc021f5cc5dc44398072\"\u003e\u003ccode\u003e5d22a1d\u003c/code\u003e\u003c/a\u003e Bump actions/cache from 4 to 5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/commit/ec45c6d4c7d7e49695e3c6c9fa68abd3823a770d\"\u003e\u003ccode\u003eec45c6d\u003c/code\u003e\u003c/a\u003e Bumping versions\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/spring-cloud/spring-cloud-release/compare/v2025.0.2...v2025.1.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `io.opentelemetry.instrumentation:opentelemetry-instrumentation-annotations` from 2.22.0 to 2.28.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/releases\"\u003eio.opentelemetry.instrumentation:opentelemetry-instrumentation-annotations's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.28.1\u003c/h2\u003e\n\u003cp\u003eThis release targets the OpenTelemetry SDK 1.62.0.\u003c/p\u003e\n\u003cp\u003eNote that many artifacts have the \u003ccode\u003e-alpha\u003c/code\u003e suffix attached to their version number, reflecting that they will continue to have breaking changes. Please see \u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/blob/main/VERSIONING.md#opentelemetry-java-instrumentation-versioning\"\u003eVERSIONING.md\u003c/a\u003e for more details.\u003c/p\u003e\n\u003ch3\u003e🛠️ Bug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix javaagent startup failures when declarative configuration uses bundled contrib components, such as the rule-based routing sampler. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18813\"\u003e#18813\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.28.0\u003c/h2\u003e\n\u003cp\u003eThis release targets the OpenTelemetry SDK 1.62.0.\u003c/p\u003e\n\u003cp\u003eNote that many artifacts have the \u003ccode\u003e-alpha\u003c/code\u003e suffix attached to their version number, reflecting that they will continue to have breaking changes. Please see \u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/blob/main/VERSIONING.md#opentelemetry-java-instrumentation-versioning\"\u003eVERSIONING.md\u003c/a\u003e for more details.\u003c/p\u003e\n\u003ch3\u003e⚠️ Breaking changes to non-stable APIs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved the obsolete internal \u003ccode\u003eClassInjector\u003c/code\u003e/\u003ccode\u003eProxyInjectionBuilder\u003c/code\u003e API used by the old \u003ccode\u003eExperimentalInstrumentationModule.injectClasses(ClassInjector)\u003c/code\u003e path; use \u003ccode\u003eExperimentalInstrumentationModule.exposedClassNames()\u003c/code\u003e instead. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18112\"\u003e#18112\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved previously deprecated non-stable API methods and the deprecated \u003ccode\u003eopentelemetry-runtime-telemetry-java8\u003c/code\u003e and \u003ccode\u003eopentelemetry-runtime-telemetry-java17\u003c/code\u003e library aliases. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18136\"\u003e#18136\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the previously deprecated \u003ccode\u003ecaptureEventName\u003c/code\u003e library builder setting from the logback-appender-1.0 and log4j-appender-2.17 \u003ccode\u003eOpenTelemetryAppender\u003c/code\u003e, and the corresponding \u003ccode\u003eotel.instrumentation.{logback-appender,log4j-appender,jboss-logmanager}.experimental.capture-event-name\u003c/code\u003e javaagent properties. Use the \u003ccode\u003eotel.event.name\u003c/code\u003e key in MDC / context data / key-value pairs / Logstash markers / structured arguments instead. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18223\"\u003e#18223\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved previously deprecated experimental config properties \u003ccode\u003eotel.instrumentation.http.client.experimental.redact-query-parameters\u003c/code\u003e and \u003ccode\u003eotel.instrumentation.common.experimental.db-sqlcommenter.enabled\u003c/code\u003e; use \u003ccode\u003eotel.instrumentation.sanitization.url.experimental.sensitive-query-parameters\u003c/code\u003e and \u003ccode\u003eotel.instrumentation.common.db.experimental.sqlcommenter.enabled\u003c/code\u003e instead. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18229\"\u003e#18229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the deprecated \u003ccode\u003eotel.instrumentation.servlet.experimental.add-trace-id-request-attribute\u003c/code\u003e property; use \u003ccode\u003eotel.instrumentation.servlet.experimental.trace-id-request-attribute.enabled\u003c/code\u003e instead. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18237\"\u003e#18237\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eReshaped the ktor \u003ccode\u003eExperimental\u003c/code\u003e helper from a class with a \u003ccode\u003ecompanion object\u003c/code\u003e to a top-level \u003ccode\u003eobject\u003c/code\u003e. Kotlin source callers (\u003ccode\u003eExperimental.emitExperimentalTelemetry(...)\u003c/code\u003e) are unaffected, but pre-compiled consumers must be recompiled against the new artifact. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18343\"\u003e#18343\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🚫 Deprecations\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003eotel.instrumentation.jaxws-cxf-3.0.enabled\u003c/code\u003e in favor of \u003ccode\u003eotel.instrumentation.jaxws-2.0-cxf-3.0.enabled\u003c/code\u003e, and \u003ccode\u003eotel.instrumentation.jaxws-metro-2.2.enabled\u003c/code\u003e in favor of \u003ccode\u003eotel.instrumentation.jaxws-2.0-metro-2.2.enabled\u003c/code\u003e. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18184\"\u003e#18184\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🌟 New javaagent instrumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Apache Thrift 0.13 instrumentation for RPC client and server spans and metrics. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18405\"\u003e#18405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🌟 New library instrumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Apache Thrift 0.13 library instrumentation for RPC client and server spans and metrics. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18405\"\u003e#18405\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e📈 Enhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCouchbase 3.1 javaagent instrumentation now emits the more conventional instrumentation scope name \u003ccode\u003eio.opentelemetry.couchbase-3.1\u003c/code\u003e instead of \u003ccode\u003eio.opentelemetry.javaagent.couchbase-3.1\u003c/code\u003e when \u003ccode\u003eotel.instrumentation.common.v3-preview\u003c/code\u003e is enabled. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18426\"\u003e#18426\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eWicket resource requests now use the resource reference class name in the server span name when \u003ccode\u003eotel.instrumentation.common.v3-preview\u003c/code\u003e is enabled. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18312\"\u003e#18312\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18775\"\u003e#18775\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eDecide whether javaagent helper classes are injected into the application class loader or isolated based on the advice classes used by an instrumentation. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/17815\"\u003e#17815\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImprove cgroup v2 container ID detection for Podman by supporting additional \u003ccode\u003emountinfo\u003c/code\u003e layouts and warning when multiple candidate IDs are found. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18272\"\u003e#18272\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🛠️ Bug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix Pekko HTTP and Tapir server route tracking so server span names and \u003ccode\u003ehttp.route\u003c/code\u003e preserve the most specific matched route across nested directives, exceptions, and timeouts; this may change span names and \u003ccode\u003ehttp.route\u003c/code\u003e values for affected routes. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/16390\"\u003e#16390\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix context loss in Finagle HTTP instrumentation across Netty-to-Finagle request conversion and \u003ccode\u003etwitter-util\u003c/code\u003e Future/Promise asynchronous boundaries. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/17867\"\u003e#17867\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix virtual-thread pinning caused by weak-map stale-entry cleanup running on virtual threads; cleanup now runs from the background thread instead. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18113\"\u003e#18113\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAvoid linking batch consumer spans to the ambient consumer span when records or messages have no propagation headers. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18154\"\u003e#18154\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eFix \u003ccode\u003eresetOnEachOperator()\u003c/code\u003e for Reactor 3.1 so it also removes the scheduler hook when instrumentation is disabled. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18258\"\u003e#18258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eEnd spans when RxJava 1.0 subscriptions throw synchronously. (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18265\"\u003e#18265\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/blob/main/CHANGELOG.md\"\u003eio.opentelemetry.instrumentation:opentelemetry-instrumentation-annotations's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eVersion 2.28.1 (2026-05-20)\u003c/h2\u003e\n\u003cp\u003eThis release targets the OpenTelemetry SDK 1.62.0.\u003c/p\u003e\n\u003cp\u003eNote that many artifacts have the \u003ccode\u003e-alpha\u003c/code\u003e suffix attached to their version\nnumber, reflecting that they will continue to have breaking changes. Please see\n\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/blob/main/VERSIONING.md#opentelemetry-java-instrumentation-versioning\"\u003eVERSIONING.md\u003c/a\u003e\nfor more details.\u003c/p\u003e\n\u003ch3\u003e🛠️ Bug fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix javaagent startup failures when declarative configuration uses bundled contrib components,\nsuch as the rule-based routing sampler.\n(\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18813\"\u003e#18813\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eVersion 2.28.0 (2026-05-19)\u003c/h2\u003e\n\u003cp\u003eThis release targets the OpenTelemetry SDK 1.62.0.\u003c/p\u003e\n\u003cp\u003eNote that many artifacts have the \u003ccode\u003e-alpha\u003c/code\u003e suffix attached to their version\nnumber, reflecting that they will continue to have breaking changes. Please see\n\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/blob/main/VERSIONING.md#opentelemetry-java-instrumentation-versioning\"\u003eVERSIONING.md\u003c/a\u003e\nfor more details.\u003c/p\u003e\n\u003ch3\u003e⚠️ Breaking changes to non-stable APIs\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemoved the obsolete internal \u003ccode\u003eClassInjector\u003c/code\u003e/\u003ccode\u003eProxyInjectionBuilder\u003c/code\u003e API used by the old\n\u003ccode\u003eExperimentalInstrumentationModule.injectClasses(ClassInjector)\u003c/code\u003e path; use\n\u003ccode\u003eExperimentalInstrumentationModule.exposedClassNames()\u003c/code\u003e instead.\n(\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18112\"\u003e#18112\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved previously deprecated non-stable API methods and the deprecated\n\u003ccode\u003eopentelemetry-runtime-telemetry-java8\u003c/code\u003e and \u003ccode\u003eopentelemetry-runtime-telemetry-java17\u003c/code\u003e library\naliases.\n(\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18136\"\u003e#18136\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the previously deprecated \u003ccode\u003ecaptureEventName\u003c/code\u003e library builder setting from the\nlogback-appender-1.0 and log4j-appender-2.17 \u003ccode\u003eOpenTelemetryAppender\u003c/code\u003e, and the corresponding\n\u003ccode\u003eotel.instrumentation.{logback-appender,log4j-appender,jboss-logmanager}.experimental.capture-event-name\u003c/code\u003e\njavaagent properties. Use the \u003ccode\u003eotel.event.name\u003c/code\u003e key in MDC / context data / key-value pairs /\nLogstash markers / structured arguments instead.\n(\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18223\"\u003e#18223\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved previously deprecated experimental config properties\n\u003ccode\u003eotel.instrumentation.http.client.experimental.redact-query-parameters\u003c/code\u003e and\n\u003ccode\u003eotel.instrumentation.common.experimental.db-sqlcommenter.enabled\u003c/code\u003e; use\n\u003ccode\u003eotel.instrumentation.sanitization.url.experimental.sensitive-query-parameters\u003c/code\u003e and\n\u003ccode\u003eotel.instrumentation.common.db.experimental.sqlcommenter.enabled\u003c/code\u003e instead.\n(\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18229\"\u003e#18229\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eRemoved the deprecated \u003ccode\u003eotel.instrumentation.servlet.experimental.add-trace-id-request-attribute\u003c/code\u003e\nproperty; use \u003ccode\u003eotel.instrumentation.servlet.experimental.trace-id-request-attribute.enabled\u003c/code\u003e\ninstead.\n(\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/pull/18237\"\u003e#18237\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/commit/7ad453a58de282ea04fd88f4178d70a65468b93c\"\u003e\u003ccode\u003e7ad453a\u003c/code\u003e\u003c/a\u003e [release/v2.28.x] Prepare release 2.28.1 (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/issues/18818\"\u003e#18818\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/commit/1f0b4b27c6e3c96d3098fa7a4ece9404ba7c55bd\"\u003e\u003ccode\u003e1f0b4b2\u003c/code\u003e\u003c/a\u003e Prepare change log for upcoming patch release (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/issues/18816\"\u003e#18816\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/commit/f4b9d76e1c8425b53bd1f22a1e5f8612e30659fc\"\u003e\u003ccode\u003ef4b9d76\u003c/code\u003e\u003c/a\u003e [release/v2.28.x] fix(deps): update opentelemetry-java-contrib monorepo to v1...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/commit/9ef68e6b114b2d1fc1f6a3fbc576cb37fc71e893\"\u003e\u003ccode\u003e9ef68e6\u003c/code\u003e\u003c/a\u003e [release/v2.28.x] Prepare release 2.28.0 (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/issues/18791\"\u003e#18791\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/commit/5d26f13fa3a9c8d67d336649796620d65733fc09\"\u003e\u003ccode\u003e5d26f13\u003c/code\u003e\u003c/a\u003e Draft release notes (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/issues/18774\"\u003e#18774\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/commit/37540625c9d7928152a4fe3e52ed255255f6d895\"\u003e\u003ccode\u003e3754062\u003c/code\u003e\u003c/a\u003e Gate Wicket resource span names on v3 preview (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/issues/18775\"\u003e#18775\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/commit/f6f123d374986c34b3e2eee412551de7f6aec58b\"\u003e\u003ccode\u003ef6f123d\u003c/code\u003e\u003c/a\u003e Preserve Spring resource provider class names (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/issues/18785\"\u003e#18785\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/commit/4c6155a89b5abe035197a4a87375cbebbcce8d04\"\u003e\u003ccode\u003e4c6155a\u003c/code\u003e\u003c/a\u003e Normalize internal and resource javaagent packages (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/issues/18746\"\u003e#18746\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/commit/d7b88cef8d7dcc75745520bff25a3ac38a949c75\"\u003e\u003ccode\u003ed7b88ce\u003c/code\u003e\u003c/a\u003e Rename servlet common root package (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/issues/18778\"\u003e#18778\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/commit/d52a5ff2c5aaeb8e5eb2a7149d05a998c7815fdc\"\u003e\u003ccode\u003ed52a5ff\u003c/code\u003e\u003c/a\u003e Rename servlet common snippet package (\u003ca href=\"https://redirect.github.com/open-telemetry/opentelemetry-java-instrumentation/issues/18777\"\u003e#18777\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/open-telemetry/opentelemetry-java-instrumentation/compare/v2.22.0...v2.28.1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `org.apache.xmlbeans:xmlbeans` from 5.1.1 to 5.3.0\n\nUpdates `commons-io:commons-io` from 2.19.0 to 2.22.0\n\nUpdates `org.jsoup:jsoup` from 1.18.1 to 1.22.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jhy/jsoup/releases\"\u003eorg.jsoup:jsoup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ejsoup Java HTML Parser release 1.22.2\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ejsoup 1.22.2\u003c/strong\u003e is out now, with fixes and refinements across the library. It makes editing the DOM during traversal more predictable, refreshes the default HTML tag definitions with newer elements and better text boundaries, and improves reliability in parsing and HTTP transport. The release also fixes a number of edge cases in cleaning, stream parsing, XML doctype handling, and Android packaging.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003ejsoup\u003c/strong\u003e is a Java library for working with real-world HTML and XML. It provides a very convenient API for extracting and manipulating data, using the best of HTML5 DOM methods and CSS selectors.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://github.com/jhy/jsoup/blob/HEAD/download\"\u003e\u003cstrong\u003eDownload\u003c/strong\u003e\u003c/a\u003e jsoup now.\u003c/p\u003e\n\u003ch2\u003eImprovements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eExpanded and clarified \u003ccode\u003eNodeTraversor\u003c/code\u003e support for in-place DOM rewrites during \u003ccode\u003eNodeVisitor.head()\u003c/code\u003e. Current-node edits such as \u003ccode\u003eremove\u003c/code\u003e, \u003ccode\u003ereplace\u003c/code\u003e, and \u003ccode\u003eunwrap\u003c/code\u003e now recover more predictably, while traversal stays within the original root subtree. This makes single-pass tree cleanup and normalization visitors easier to write, for example when unwrapping presentational elements or replacing text nodes as you walk the DOM. \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/2472\"\u003e#2472\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation: clarified that a configured \u003ccode\u003eCleaner\u003c/code\u003e may be reused across concurrent threads, and that shared \u003ccode\u003eSafelist\u003c/code\u003e instances should not be mutated while in use. \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/2473\"\u003e#2473\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eUpdated the default HTML \u003ccode\u003eTagSet\u003c/code\u003e for current HTML elements: added \u003ccode\u003edialog\u003c/code\u003e, \u003ccode\u003esearch\u003c/code\u003e, \u003ccode\u003epicture\u003c/code\u003e, and \u003ccode\u003eslot\u003c/code\u003e; made \u003ccode\u003eins\u003c/code\u003e, \u003ccode\u003edel\u003c/code\u003e, \u003ccode\u003ebutton\u003c/code\u003e, \u003ccode\u003eaudio\u003c/code\u003e, \u003ccode\u003evideo\u003c/code\u003e, and \u003ccode\u003ecanvas\u003c/code\u003e inline by default (\u003ccode\u003eTag#isInline()\u003c/code\u003e, aligned to phrasing content in the spec); and added readable \u003ccode\u003eElement.text()\u003c/code\u003e boundaries for controls and embedded objects via the new \u003ccode\u003eTag.TextBoundary\u003c/code\u003e option. This improves pretty-printing and keeps normalized text from running adjacent words together. \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/pull/2493\"\u003e#2493\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAndroid (R8/ProGuard): added a rule to ignore the optional \u003ccode\u003ere2j\u003c/code\u003e dependency when not present. \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/2459\"\u003e#2459\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eFixed a \u003ccode\u003eNodeTraversor\u003c/code\u003e regression in 1.21.2 where removing or replacing the current node during \u003ccode\u003ehead()\u003c/code\u003e could revisit the replacement node and loop indefinitely. The traversal docs now also clarify which inserted nodes are visited in the current pass. \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/2472\"\u003e#2472\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eParsing during charset sniffing no longer fails if an advisory \u003ccode\u003eavailable()\u003c/code\u003e call throws \u003ccode\u003eIOException\u003c/code\u003e, as seen on JDK 8 \u003ccode\u003eHttpURLConnection\u003c/code\u003e. \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/2474\"\u003e#2474\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCleaner\u003c/code\u003e no longer makes relative URL attributes in the input document absolute when cleaning or validating a \u003ccode\u003eDocument\u003c/code\u003e. URL normalization now applies only to the cleaned output, and \u003ccode\u003eSafelist.isSafeAttribute()\u003c/code\u003e is side effect free. \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/2475\"\u003e#2475\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eCleaner\u003c/code\u003e no longer duplicates enforced attributes when the input \u003ccode\u003eDocument\u003c/code\u003e preserves attribute case. A case-variant source attribute is now replaced by the enforced attribute in the cleaned output. \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/2476\"\u003e#2476\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eIf a per-request SOCKS proxy is configured, jsoup now avoids using the JDK \u003ccode\u003eHttpClient\u003c/code\u003e, because the JDK would silently ignore that proxy and attempt to connect directly. Those requests now fall back to the legacy \u003ccode\u003eHttpURLConnection\u003c/code\u003e transport instead, which does support SOCKS. \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/2468\"\u003e#2468\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eConnection.Response.streamParser()\u003c/code\u003e and \u003ccode\u003eDataUtil.streamParser(Path, ...)\u003c/code\u003e could fail on small inputs without a declared charset, if the initial 5 KB charset sniff fully consumed the input and closed it before the stream parse began. \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/2483\"\u003e#2483\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003cli\u003eIn XML mode, doctypes with an internal subset, such as \u003ccode\u003e\u0026lt;!DOCTYPE root [\u0026lt;!ENTITY name \u0026quot;value\u0026quot;\u0026gt;]\u0026gt;\u003c/code\u003e, now round-trip correctly. The subset is preserved as raw text only; entities are not expanded and external DTDs are not loaded. \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/2486\"\u003e#2486\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBuild Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMigrated the integration test server from Jetty to Netty, which actively maintains support for our minimum JDK target (8). \u003c!-- raw HTML omitted --\u003e\u003ca href=\"https://redirect.github.com/jhy/jsoup/pull/2491\"\u003e#2491\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003cp\u003eMy sincere thanks to everyone who contributed to this release!\nIf you have any suggestions for the next release, I would love to hear them; please get in touch via \u003ca href=\"https://github.com/jhy/jsoup/discussions\"\u003ejsoup discussions\u003c/a\u003e, or with me \u003ca href=\"https://jhedley.com/\"\u003edirectly\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003eYou can also \u003c!-- raw HTML omitted --\u003efollow me\u003c!-- raw HTML omitted --\u003e (\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e@\u003ca href=\"mailto:jhy@tilde.zone\"\u003ejhy@tilde.zone\u003c/a\u003e\u003c!-- raw HTML omitted --\u003e\u003c!-- raw HTML omitted --\u003e) on Mastodon / Fediverse to receive occasional notes about jsoup releases.\u003c/p\u003e\n\u003ch2\u003ejsoup Java HTML Parser release 1.22.1\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ejsoup 1.22.1\u003c/strong\u003e is out now, adding support for the \u003ccode\u003ere2j\u003c/code\u003e regular expression engine for regex-based CSS selectors, a configurable maximum parser depth, and numerous bug fixes and improvements.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003ejsoup\u003c/strong\u003e is a Java library for working with real-world HTML and XML. It provides a very convenient API for extracting and manipulating data, using the best of HTML5 DOM methods and CSS selectors.\u003c/p\u003e\n\u003cp\u003e\u003ca href=\"https://jsoup.org/download\"\u003e\u003cstrong\u003eDownload\u003c/strong\u003e\u003c/a\u003e jsoup now.\u003c/p\u003e\n\u003ch3\u003eImprovements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdded support for using the \u003ccode\u003ere2j\u003c/code\u003e regular expression engine for regex-based CSS selectors (e.g. \u003ccode\u003e[attr~=regex]\u003c/code\u003e, \u003ccode\u003e:matches(regex)\u003c/code\u003e), which ensures linear-time performance for regex evaluation. This allows safer handling of arbitrary user-supplied query regexes. To enable, add the \u003ccode\u003ecom.google.re2j\u003c/code\u003e dependency to your classpath, e.g.:\u003c/li\u003e\n\u003c/ul\u003e\n\u003cpre lang=\"xml\"\u003e\u003ccode\u003e  \u0026lt;dependency\u0026gt;\r\n    \u0026lt;groupId\u0026gt;com.google.re2j\u0026lt;/groupId\u0026gt;\r\n    \u0026lt;artifactId\u0026gt;re2j\u0026lt;/artifactId\u0026gt;\r\n    \u0026lt;version\u0026gt;1.8\u0026lt;/version\u0026gt;\r\n  \u0026lt;/dependency\u0026gt;\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003e(If you already have that dependency in your classpath, but you want to keep using the Java regex engine, you can disable re2j via \u003ccode\u003eSystem.setProperty(\u0026quot;jsoup.useRe2j\u0026quot;, \u0026quot;false\u0026quot;)\u003c/code\u003e.) You can confirm that the re2j engine has been enable...\n\n_Description has been truncated_","html_url":"https://github.com/beyonai/ByClaw/pull/134","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/beyonai%2FByClaw/issues/134","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/134/packages"}},{"old_version":"5.1.1","new_version":"5.3.0","update_type":"minor","path":null,"pr_created_at":"2025-12-18T11:04:07.000Z","version_change":"5.1.1 → 5.3.0","issue":{"uuid":"3742609019","node_id":"PR_kwDOA1D0Ws65kM_B","number":731,"state":"closed","title":"chore(deps): bump org.apache.xmlbeans:xmlbeans from 5.1.1 to 5.3.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-01-07T18:14:56.000Z","author_association":null,"state_reason":null,"created_at":"2025-12-18T11:04:07.000Z","updated_at":"2026-01-07T18:15:04.000Z","time_to_close":1753849,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"org.apache.xmlbeans:xmlbeans","old_version":"5.1.1","new_version":"5.3.0","repository_url":null}],"path":null,"ecosystem":"maven"},"body":"Bumps org.apache.xmlbeans:xmlbeans from 5.1.1 to 5.3.0.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.xmlbeans:xmlbeans\u0026package-manager=gradle\u0026previous-version=5.1.1\u0026new-version=5.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/imposter-project/imposter/pull/731","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/imposter-project%2Fimposter/issues/731","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/731/packages"}},{"old_version":"5.2.0","new_version":"5.3.0","update_type":"minor","path":null,"pr_created_at":"2025-08-25T11:42:46.000Z","version_change":"5.2.0 → 5.3.0","issue":{"uuid":"2771528055","node_id":"PR_kwDOAVwKk86lMil3","number":419,"state":"open","title":"Bump org.apache.xmlbeans:xmlbeans from 5.2.0 to 5.3.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-08-25T11:42:46.000Z","updated_at":"2025-08-25T11:42:47.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.apache.xmlbeans:xmlbeans","old_version":"5.2.0","new_version":"5.3.0","repository_url":null}],"path":null,"ecosystem":"maven"},"body":"Bumps org.apache.xmlbeans:xmlbeans from 5.2.0 to 5.3.0.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.xmlbeans:xmlbeans\u0026package-manager=maven\u0026previous-version=5.2.0\u0026new-version=5.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/mirkosertic/FXDesktopSearch/pull/419","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mirkosertic%2FFXDesktopSearch/issues/419","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/419/packages"}},{"old_version":"2.6.0","new_version":"3.0.0","update_type":"major","path":"/typegen","pr_created_at":"2025-07-18T08:34:50.000Z","version_change":"2.6.0 → 3.0.0","issue":{"uuid":"2676499038","node_id":"PR_kwDOAZ9pa86fiCJe","number":60,"state":"open","title":"Bump org.apache.xmlbeans:xmlbeans from 2.6.0 to 3.0.0 in /typegen","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-07-18T08:34:50.000Z","updated_at":"2025-07-18T08:34:51.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.apache.xmlbeans:xmlbeans","old_version":"2.6.0","new_version":"3.0.0","repository_url":null}],"path":"/typegen","ecosystem":"maven"},"body":"Bumps org.apache.xmlbeans:xmlbeans from 2.6.0 to 3.0.0.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.xmlbeans:xmlbeans\u0026package-manager=maven\u0026previous-version=2.6.0\u0026new-version=3.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/nortal/j-road/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/nortal/j-road/pull/60","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/nortal%2Fj-road/issues/60","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/60/packages"}},{"old_version":"2.4.0","new_version":"3.0.0","update_type":"major","path":null,"pr_created_at":"2025-07-12T00:58:04.000Z","version_change":"2.4.0 → 3.0.0","issue":{"uuid":"2660649379","node_id":"PR_kwDOBDgCVc6elkmj","number":3,"state":"open","title":"Bump the maven group across 3 directories with 7 updates","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":null,"author_association":"NONE","state_reason":null,"created_at":"2025-07-12T00:58:04.000Z","updated_at":"2025-07-12T00:58:04.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"maven","update_count":7,"packages":[{"name":"junit:junit","old_version":"4.9","new_version":"4.13.1","repository_url":"https://github.com/junit-team/junit4"},{"name":"xerces:xercesImpl","old_version":"2.10.0","new_version":"2.12.2"},{"name":"org.apache.commons:commons-lang3","old_version":"3.1","new_version":"3.18.0"},{"name":"commons-io:commons-io","old_version":"2.3","new_version":"2.14.0"},{"name":"org.apache.xmlbeans:xmlbeans","old_version":"2.4.0","new_version":"3.0.0"}],"path":null,"ecosystem":"maven"},"body":"Bumps the maven group with 3 updates in the /Extender/J2EEScan directory: [junit:junit](https://github.com/junit-team/junit4), commons-collections:commons-collections and [org.jsoup:jsoup](https://github.com/jhy/jsoup).\nBumps the maven group with 1 update in the /Extender/SAMLRaider directory: [junit:junit](https://github.com/junit-team/junit4).\nBumps the maven group with 5 updates in the /Extender/Wsdler directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [junit:junit](https://github.com/junit-team/junit4) | `4.9` | `4.13.1` |\n| xerces:xercesImpl | `2.10.0` | `2.12.2` |\n| org.apache.commons:commons-lang3 | `3.1` | `3.18.0` |\n| commons-io:commons-io | `2.3` | `2.14.0` |\n| org.apache.xmlbeans:xmlbeans | `2.4.0` | `3.0.0` |\n\n\nUpdates `junit:junit` from 3.8.1 to 4.13.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/junit-team/junit4/releases\"\u003ejunit:junit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eJUnit 4.13.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.2.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13.1\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.1.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 RC 2\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 RC 1\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 Beta 3\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 Beta 2\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 Beta 1\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.12.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12 Beta 3\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.12.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12 Beta 2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12 Beta 1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.11\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.13.2.md\"\u003ejunit:junit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSummary of changes in version 4.13.2\u003c/h2\u003e\n\u003ch1\u003eRules\u003c/h1\u003e\n\u003ch3\u003e[Pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1687\"\u003e#1687\u003c/a\u003e:](\u003ca href=\"https://redirect.github.com/junit-team/junit/pull/1687\"\u003ejunit-team/junit#1687\u003c/a\u003e) Mark ThreadGroups created by FailOnTimeout as daemon groups\u003c/h3\u003e\n\u003cp\u003eIn JUnit 4.13 ([pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1517\"\u003e#1517\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/junit-team/junit4/pull/1517\"\u003ejunit-team/junit4#1517\u003c/a\u003e)) an attempt was\nmade to fix leakage of the \u003ccode\u003eThreadGroup\u003c/code\u003e instances created when a test is run with a timeout. That\nchange explicitly destroyed the \u003ccode\u003eThreadGroup\u003c/code\u003e that was created for the time-limited test. Numerous\npeople reported problems that were caused by explicitly destroying the \u003ccode\u003eThreadGroup\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eIn this change, the code was updated to call  \u003ccode\u003eThreadGroup.setDaemon(true)\u003c/code\u003e instead of destroying the\nThreadGroup.\u003c/p\u003e\n\u003ch3\u003e\u003ca href=\"https://redirect.github.com/junit-team/junit/pull/1691\"\u003ePull request $1691:\u003c/a\u003e Only create ThreadGroups if FailOnTimeout.lookForStuckThread is true.\u003c/h3\u003e\n\u003cp\u003eIn JUnit 4.12 ([pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/742\"\u003e#742\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/junit-team/junit4/pull/742\"\u003ejunit-team/junit4#742\u003c/a\u003e)) the \u003ccode\u003eTimeout\u003c/code\u003e\nRule was updated to optionally display the stacktrace of the thread that appears to be stuck\n(enabled on an opt-in basis by passing \u003ccode\u003etrue\u003c/code\u003e to \u003ccode\u003eTimeout.Builder.lookForStuckThread(boolean)\u003c/code\u003e).\nWhen that change was made, time-limited tests were changed to start the new thread in a new\n\u003ccode\u003eThreadGroup\u003c/code\u003e, even if the test did not call \u003ccode\u003elookForStuckThread()\u003c/code\u003e. This subtle change in\nbehavior resulted in visible behavior changes to some tests (for example, tests of code that uses\n\u003ccode\u003ejava.beans.ThreadGroupContext\u003c/code\u003e).\u003c/p\u003e\n\u003cp\u003eIn this change, the code is updated to only create a new \u003ccode\u003eThreadGroup\u003c/code\u003e if the caller calls\n\u003ccode\u003eTimeout.Builder.lookForStuckThread(true)\u003c/code\u003e. Tests with timeouts that do not make this call will\nbehave as they did in JUnit 4.11 (and more similar to tests that do not have a timeout). This\nunfortunately could result in visible changes of tests written or updated since the 4.12\nrelease. If this change adversely affects your tests, you can create the \u003ccode\u003eTimeout\u003c/code\u003e rule via the\nbuilder and call \u003ccode\u003eTimeout.Builder.lookForStuckThread(true)\u003c/code\u003e.\u003c/p\u003e\n\u003ch1\u003eExceptions\u003c/h1\u003e\n\u003ch3\u003e[Pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1654\"\u003e#1654\u003c/a\u003e:](\u003ca href=\"https://redirect.github.com/junit-team/junit/pull/1654\"\u003ejunit-team/junit#1654\u003c/a\u003e) Fix for issue \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1192\"\u003e#1192\u003c/a\u003e: NotSerializableException with AssumptionViolatedException\u003c/h3\u003e\n\u003cp\u003eThis change fixes an issue where \u003ccode\u003eAssumptionViolatedException\u003c/code\u003e instances could not be serialized\nif they were created with a constructor that takes in an \u003ccode\u003eorg.hamcrest.Matcher\u003c/code\u003e instance (these\nconstructors are used if you use one of the \u003ccode\u003eassumeThat()\u003c/code\u003e methods in \u003ccode\u003eorg.junit.Assume\u003c/code\u003e).\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/junit-team/junit4/commits/r4.13.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `commons-collections:commons-collections` from 3.2.1 to 3.2.2\n\nUpdates `org.jsoup:jsoup` from 1.8.1 to 1.15.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jhy/jsoup/releases\"\u003eorg.jsoup:jsoup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ejsoup 1.15.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ejsoup 1.15.3\u003c/strong\u003e is out now, and includes a security fix for potential XSS attacks, along with other bug fixes and improvements, including more descriptive validation error messages.\u003c/p\u003e\n\u003cp\u003eDetails:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369\"\u003eSecurity advisory\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://jsoup.org/news/release-1.15.3\"\u003eRelease notes\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://jsoup.org/download\"\u003eDownload\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ejsoup 1.15.2 is out now with a bunch of \u003ca href=\"https://jsoup.org/news/release-1.15.2\"\u003eimprovements and bug fixes\u003c/a\u003e.\u003c/p\u003e\n\u003cp\u003ejsoup 1.15.1 is out now with a bunch of \u003ca href=\"https://jsoup.org/news/release-1.15.1\"\u003eimprovements and bug fixes\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003ejsoup 1.14.3\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ejsoup 1.14.3\u003c/strong\u003e is out now, adding native \u003cstrong\u003eXPath\u003c/strong\u003e selector support, improved \u003ccode\u003e\\\u0026lt;template\u0026gt;\u003c/code\u003e support, and also includes a bunch of bug fixes, improvements, and performance enhancements.\u003c/p\u003e\n\u003cp\u003eSee the \u003ca href=\"https://jsoup.org/news/release-1.14.3\"\u003erelease announcement\u003c/a\u003e for the full changelog.\u003c/p\u003e\n\u003ch2\u003ejsoup 1.14.2\u003c/h2\u003e\n\u003cp\u003eCaught by the fuzz! \u003cstrong\u003ejsoup 1.14.2\u003c/strong\u003e is out now, and includes a set of parser bug fixes and improvements for handling rough HTML and XML, as identified by the Jazzer JVM fuzzer. This release also includes other fixes and improvements.\u003c/p\u003e\n\u003cp\u003eSee the \u003ca href=\"https://jsoup.org/news/release-1.14.2\"\u003erelease announcement\u003c/a\u003e for the full changelog.\u003c/p\u003e\n\u003ch2\u003ejsoup 1.14.1\u003c/h2\u003e\n\u003cp\u003ejsoup \u003cstrong\u003e1.14.1\u003c/strong\u003e is out now, with simple request session management, increased parse robustness, and a ton of other improvements, speed-ups, and bug fixes.\u003c/p\u003e\n\u003cp\u003eSee the full \u003ca href=\"https://jsoup.org/news/release-1.14.1\"\u003eannouncement\u003c/a\u003e for all the details on what's changed.\u003c/p\u003e\n\u003cp\u003ejsoup 1.13.1\u003c/p\u003e\n\u003cp\u003eSee the \u003ca href=\"https://jsoup.org/news/release-1.13.1\"\u003erelease notes\u003c/a\u003e.\u003c/p\u003e\n\u003cpre\u003e\u003ccode\u003e\u0026lt;dependency\u0026gt;\n  \u0026lt;!-- jsoup HTML parser library @ https://jsoup.org/ --\u0026gt;\n  \u0026lt;groupId\u0026gt;org.jsoup\u0026lt;/groupId\u0026gt;\n  \u0026lt;artifactId\u0026gt;jsoup\u0026lt;/artifactId\u0026gt;\n  \u0026lt;version\u0026gt;1.13.1\u0026lt;/version\u0026gt;\n\u0026lt;/dependency\u0026gt;\n\u003c/code\u003e\u003c/pre\u003e\n\u003ch2\u003ejsoup-1.12.2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jhy/jsoup/blob/jsoup-1.15.3/CHANGES\"\u003eorg.jsoup:jsoup's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003cp\u003ejsoup changelog\u003c/p\u003e\n\u003cp\u003eRelease 1.15.3 [2022-Aug-24]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eSecurity: fixed an issue where the jsoup cleaner may incorrectly sanitize crafted XSS attempts if\nSafeList.preserveRelativeLinks is enabled.\n\u003ca href=\"https://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369\"\u003ehttps://github.com/jhy/jsoup/security/advisories/GHSA-gp7f-rwcx-9369\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: the Cleaner will preserve the source position of cleaned elements, if source tracking is enabled in the\noriginal parse.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: the error messages output from Validate are more descriptive. Exceptions are now ValidationExceptions\n(extending IllegalArgumentException). Stack traces do not include the Validate class, to make it simpler to see\nwhere the exception originated. Common validation errors including malformed URLs and empty selector results have\nmore explicit error messages.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBugfix: the DataUtil would incorrectly read from InputStreams that emitted reads less than the requested size. This\nlead to incorrect results when parsing from chunked server responses, for e.g.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1807\"\u003ejhy/jsoup#1807\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBuild Improvement: added implementation version and related fields to the jar manifest.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1809\"\u003ejhy/jsoup#1809\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e*** Release 1.15.2 [2022-Jul-04]\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: added the ability to track the position (line, column, index) in the original input source from where\na given node was parsed. Accessible via Node.sourceRange() and Element.endSourceRange().\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/pull/1790\"\u003ejhy/jsoup#1790\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: added Element.firstElementChild(), Element.lastElementChild(), Node.firstChild(), Node.lastChild(),\nas convenient accessors to those child nodes and elements.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: added Element.expectFirst(cssQuery), which is just like Element.selectFirst(), but instead of returning\na null if there is no match, will throw an IllegalArgumentException. This is useful if you want to simply abort\nprocessing if an expected match is not found.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: when pretty-printing HTML, doctypes are emitted on a newline if there is a preceding comment.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/pull/1664\"\u003ejhy/jsoup#1664\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: when pretty-printing, trim the leading and trailing spaces of textnodes in block tags when possible,\nso that they are indented correctly.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1798\"\u003ejhy/jsoup#1798\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eImprovement: in Element#selectXpath(), disable namespace awareness. This makes it possible to always select elements\nby their simple local name, regardless of whether an xmlns attribute was set.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1801\"\u003ejhy/jsoup#1801\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eBugfix: when using the readToByteBuffer method, such as in Connection.Response.body(), if the document has not\nalready been parsed and must be read fully, and there is any maximum buffer size being applied, only the default\ninternal buffer size is read.\n\u003ca href=\"https://redirect.github.com/jhy/jsoup/issues/1774\"\u003ejhy/jsoup#1774\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/jhy/jsoup/commits/jsoup-1.15.3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `junit:junit` from 4.12 to 4.13.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/junit-team/junit4/releases\"\u003ejunit:junit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eJUnit 4.13.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.2.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13.1\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.1.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 RC 2\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 RC 1\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 Beta 3\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 Beta 2\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 Beta 1\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.12.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12 Beta 3\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.12.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12 Beta 2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12 Beta 1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.11\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.13.2.md\"\u003ejunit:junit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSummary of changes in version 4.13.2\u003c/h2\u003e\n\u003ch1\u003eRules\u003c/h1\u003e\n\u003ch3\u003e[Pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1687\"\u003e#1687\u003c/a\u003e:](\u003ca href=\"https://redirect.github.com/junit-team/junit/pull/1687\"\u003ejunit-team/junit#1687\u003c/a\u003e) Mark ThreadGroups created by FailOnTimeout as daemon groups\u003c/h3\u003e\n\u003cp\u003eIn JUnit 4.13 ([pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1517\"\u003e#1517\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/junit-team/junit4/pull/1517\"\u003ejunit-team/junit4#1517\u003c/a\u003e)) an attempt was\nmade to fix leakage of the \u003ccode\u003eThreadGroup\u003c/code\u003e instances created when a test is run with a timeout. That\nchange explicitly destroyed the \u003ccode\u003eThreadGroup\u003c/code\u003e that was created for the time-limited test. Numerous\npeople reported problems that were caused by explicitly destroying the \u003ccode\u003eThreadGroup\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eIn this change, the code was updated to call  \u003ccode\u003eThreadGroup.setDaemon(true)\u003c/code\u003e instead of destroying the\nThreadGroup.\u003c/p\u003e\n\u003ch3\u003e\u003ca href=\"https://redirect.github.com/junit-team/junit/pull/1691\"\u003ePull request $1691:\u003c/a\u003e Only create ThreadGroups if FailOnTimeout.lookForStuckThread is true.\u003c/h3\u003e\n\u003cp\u003eIn JUnit 4.12 ([pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/742\"\u003e#742\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/junit-team/junit4/pull/742\"\u003ejunit-team/junit4#742\u003c/a\u003e)) the \u003ccode\u003eTimeout\u003c/code\u003e\nRule was updated to optionally display the stacktrace of the thread that appears to be stuck\n(enabled on an opt-in basis by passing \u003ccode\u003etrue\u003c/code\u003e to \u003ccode\u003eTimeout.Builder.lookForStuckThread(boolean)\u003c/code\u003e).\nWhen that change was made, time-limited tests were changed to start the new thread in a new\n\u003ccode\u003eThreadGroup\u003c/code\u003e, even if the test did not call \u003ccode\u003elookForStuckThread()\u003c/code\u003e. This subtle change in\nbehavior resulted in visible behavior changes to some tests (for example, tests of code that uses\n\u003ccode\u003ejava.beans.ThreadGroupContext\u003c/code\u003e).\u003c/p\u003e\n\u003cp\u003eIn this change, the code is updated to only create a new \u003ccode\u003eThreadGroup\u003c/code\u003e if the caller calls\n\u003ccode\u003eTimeout.Builder.lookForStuckThread(true)\u003c/code\u003e. Tests with timeouts that do not make this call will\nbehave as they did in JUnit 4.11 (and more similar to tests that do not have a timeout). This\nunfortunately could result in visible changes of tests written or updated since the 4.12\nrelease. If this change adversely affects your tests, you can create the \u003ccode\u003eTimeout\u003c/code\u003e rule via the\nbuilder and call \u003ccode\u003eTimeout.Builder.lookForStuckThread(true)\u003c/code\u003e.\u003c/p\u003e\n\u003ch1\u003eExceptions\u003c/h1\u003e\n\u003ch3\u003e[Pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1654\"\u003e#1654\u003c/a\u003e:](\u003ca href=\"https://redirect.github.com/junit-team/junit/pull/1654\"\u003ejunit-team/junit#1654\u003c/a\u003e) Fix for issue \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1192\"\u003e#1192\u003c/a\u003e: NotSerializableException with AssumptionViolatedException\u003c/h3\u003e\n\u003cp\u003eThis change fixes an issue where \u003ccode\u003eAssumptionViolatedException\u003c/code\u003e instances could not be serialized\nif they were created with a constructor that takes in an \u003ccode\u003eorg.hamcrest.Matcher\u003c/code\u003e instance (these\nconstructors are used if you use one of the \u003ccode\u003eassumeThat()\u003c/code\u003e methods in \u003ccode\u003eorg.junit.Assume\u003c/code\u003e).\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/junit-team/junit4/commits/r4.13.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `junit:junit` from 4.9 to 4.13.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/junit-team/junit4/releases\"\u003ejunit:junit's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eJUnit 4.13.2\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.2.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13.1\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.1.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.13.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 RC 2\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 RC 1\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 Beta 3\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 Beta 2\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.13 Beta 1\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit4/wiki/4.13-Release-Notes\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.12.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12 Beta 3\u003c/h2\u003e\n\u003cp\u003ePlease refer to the \u003ca href=\"https://github.com/junit-team/junit/blob/HEAD/doc/ReleaseNotes4.12.md\"\u003erelease notes\u003c/a\u003e for details.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12 Beta 2\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.12 Beta 1\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eJUnit 4.11\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/junit-team/junit4/blob/main/doc/ReleaseNotes4.13.2.md\"\u003ejunit:junit's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSummary of changes in version 4.13.2\u003c/h2\u003e\n\u003ch1\u003eRules\u003c/h1\u003e\n\u003ch3\u003e[Pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1687\"\u003e#1687\u003c/a\u003e:](\u003ca href=\"https://redirect.github.com/junit-team/junit/pull/1687\"\u003ejunit-team/junit#1687\u003c/a\u003e) Mark ThreadGroups created by FailOnTimeout as daemon groups\u003c/h3\u003e\n\u003cp\u003eIn JUnit 4.13 ([pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1517\"\u003e#1517\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/junit-team/junit4/pull/1517\"\u003ejunit-team/junit4#1517\u003c/a\u003e)) an attempt was\nmade to fix leakage of the \u003ccode\u003eThreadGroup\u003c/code\u003e instances created when a test is run with a timeout. That\nchange explicitly destroyed the \u003ccode\u003eThreadGroup\u003c/code\u003e that was created for the time-limited test. Numerous\npeople reported problems that were caused by explicitly destroying the \u003ccode\u003eThreadGroup\u003c/code\u003e.\u003c/p\u003e\n\u003cp\u003eIn this change, the code was updated to call  \u003ccode\u003eThreadGroup.setDaemon(true)\u003c/code\u003e instead of destroying the\nThreadGroup.\u003c/p\u003e\n\u003ch3\u003e\u003ca href=\"https://redirect.github.com/junit-team/junit/pull/1691\"\u003ePull request $1691:\u003c/a\u003e Only create ThreadGroups if FailOnTimeout.lookForStuckThread is true.\u003c/h3\u003e\n\u003cp\u003eIn JUnit 4.12 ([pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/742\"\u003e#742\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/junit-team/junit4/pull/742\"\u003ejunit-team/junit4#742\u003c/a\u003e)) the \u003ccode\u003eTimeout\u003c/code\u003e\nRule was updated to optionally display the stacktrace of the thread that appears to be stuck\n(enabled on an opt-in basis by passing \u003ccode\u003etrue\u003c/code\u003e to \u003ccode\u003eTimeout.Builder.lookForStuckThread(boolean)\u003c/code\u003e).\nWhen that change was made, time-limited tests were changed to start the new thread in a new\n\u003ccode\u003eThreadGroup\u003c/code\u003e, even if the test did not call \u003ccode\u003elookForStuckThread()\u003c/code\u003e. This subtle change in\nbehavior resulted in visible behavior changes to some tests (for example, tests of code that uses\n\u003ccode\u003ejava.beans.ThreadGroupContext\u003c/code\u003e).\u003c/p\u003e\n\u003cp\u003eIn this change, the code is updated to only create a new \u003ccode\u003eThreadGroup\u003c/code\u003e if the caller calls\n\u003ccode\u003eTimeout.Builder.lookForStuckThread(true)\u003c/code\u003e. Tests with timeouts that do not make this call will\nbehave as they did in JUnit 4.11 (and more similar to tests that do not have a timeout). This\nunfortunately could result in visible changes of tests written or updated since the 4.12\nrelease. If this change adversely affects your tests, you can create the \u003ccode\u003eTimeout\u003c/code\u003e rule via the\nbuilder and call \u003ccode\u003eTimeout.Builder.lookForStuckThread(true)\u003c/code\u003e.\u003c/p\u003e\n\u003ch1\u003eExceptions\u003c/h1\u003e\n\u003ch3\u003e[Pull request \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1654\"\u003e#1654\u003c/a\u003e:](\u003ca href=\"https://redirect.github.com/junit-team/junit/pull/1654\"\u003ejunit-team/junit#1654\u003c/a\u003e) Fix for issue \u003ca href=\"https://redirect.github.com/junit-team/junit4/issues/1192\"\u003e#1192\u003c/a\u003e: NotSerializableException with AssumptionViolatedException\u003c/h3\u003e\n\u003cp\u003eThis change fixes an issue where \u003ccode\u003eAssumptionViolatedException\u003c/code\u003e instances could not be serialized\nif they were created with a constructor that takes in an \u003ccode\u003eorg.hamcrest.Matcher\u003c/code\u003e instance (these\nconstructors are used if you use one of the \u003ccode\u003eassumeThat()\u003c/code\u003e methods in \u003ccode\u003eorg.junit.Assume\u003c/code\u003e).\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/junit-team/junit4/commits/r4.13.2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `xerces:xercesImpl` from 2.10.0 to 2.12.2\n\nUpdates `org.apache.commons:commons-lang3` from 3.1 to 3.18.0\n\nUpdates `commons-io:commons-io` from 2.3 to 2.14.0\n\nUpdates `org.apache.xmlbeans:xmlbeans` from 2.4.0 to 3.0.0\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\nYou can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/H1d3r/BurpSuite/network/alerts).\n\n\u003c/details\u003e","html_url":"https://github.com/H1d3r/BurpSuite/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/H1d3r%2FBurpSuite/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"}},{"old_version":"3.1.0","new_version":"4.0.0","update_type":"major","path":null,"pr_created_at":"2025-05-19T04:14:34.000Z","version_change":"3.1.0 → 4.0.0","issue":{"uuid":"2527490525","node_id":"PR_kwDOAL-WYc6WpnHd","number":748,"state":"closed","title":"Bump org.apache.xmlbeans:xmlbeans from 3.1.0 to 4.0.0","user":"dependabot[bot]","labels":["dependencies","java","Stale"],"assignees":[],"locked":false,"comments_count":0,"pull_request":true,"closed_at":"2025-06-24T02:15:10.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2025-05-19T04:14:34.000Z","updated_at":"2025-06-24T02:15:10.000Z","time_to_close":3103236,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.apache.xmlbeans:xmlbeans","old_version":"3.1.0","new_version":"4.0.0","repository_url":null}],"path":null,"ecosystem":"maven"},"body":"Bumps org.apache.xmlbeans:xmlbeans from 3.1.0 to 4.0.0.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.xmlbeans:xmlbeans\u0026package-manager=maven\u0026previous-version=3.1.0\u0026new-version=4.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/52North/sensorweb-server-helgoland/pull/748","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/52North%2Fsensorweb-server-helgoland/issues/748","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/748/packages"}},{"old_version":"3.0.1","new_version":"5.3.0","update_type":"major","path":null,"pr_created_at":"2024-12-15T17:24:50.000Z","version_change":"3.0.1 → 5.3.0","issue":{"uuid":"2740776657","node_id":"PR_kwDODtIEqc6FRSII","number":832,"state":"closed","title":"Bump org.apache.xmlbeans:xmlbeans from 3.0.1 to 5.3.0","user":"dependabot[bot]","labels":["dependencies","java"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":"2025-08-26T10:14:34.000Z","author_association":"CONTRIBUTOR","state_reason":null,"created_at":"2024-12-15T17:24:50.000Z","updated_at":"2025-08-26T10:14:35.000Z","time_to_close":21919784,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"org.apache.xmlbeans:xmlbeans","old_version":"3.0.1","new_version":"5.3.0","repository_url":null}],"path":null,"ecosystem":"maven"},"body":"Bumps org.apache.xmlbeans:xmlbeans from 3.0.1 to 5.3.0.\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.xmlbeans:xmlbeans\u0026package-manager=maven\u0026previous-version=3.0.1\u0026new-version=5.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\n\u003e **Note**\n\u003e Automatic rebases have been disabled on this pull request as it has been open for over 30 days.","html_url":"https://github.com/apache/axis-axis2-java-core/pull/832","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/apache%2Faxis-axis2-java-core/issues/832","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/832/packages"}}]}